* 2.7:
[Console] Add missing `@require` annotation in test
Fix merge
[appveyor] Fix failure reporting
[#17634] move DebugBundle license file
backport GlobTest from 2.7 branch
Move licenses according to new best practices
[FrameworkBundle] Remove unused code in test
[2.3] Fixed an undefined variable in Glob::toRegex
simplified a test
fix container cache key generation
[Form] fix option name in changelog
[Translation] Add resources from fallback locale
[DependencyInjection] enforce tags to have a name
[YAML] Refine the return value of Yaml::parse()
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/Loader/YamlFileLoaderTest.php
Commit 05be5da1710ab681a04334d58126f8c3d431e3cb added the ability to
configure a user checker on a per firewall basis. However, that commit seems to
have missed updating the HttpDigestFactory.
* 2.7:
Ability to set empty version strategy in packages
CLI: use request context to generate absolute URLs
[SecurityBundle] Optimize dependency injection tests
Sort bundles in config commands
[HttpFoundation] Do not overwrite the Authorization header if it is already set
tag for dumped PHP objects must be a local one
* 2.3:
[SecurityBundle] Optimize dependency injection tests
[HttpFoundation] Do not overwrite the Authorization header if it is already set
tag for dumped PHP objects must be a local one
* 2.3:
Fixed correct class name in thrown exception
Add gc_mem_caches() call for PHP7 after itoken_get_all() as new memory manager will not release small buckets to OS automatically
Removed a duplicated test in CardSchemeValidatorTest
Fix perf and mem issue when using token_get_all
[SecurityBundle] fix SecureRandom service constructor args
Normalize params only when used.
* 2.7:
Fix max width for multibyte keys in choice question
[Console] Display console application name even when no version set
Remove empty statements.
* 2.7:
[travis] timeout the sigchild tests at 60s
CS: Single line comments should use double slashes (//) and not hash (#).
Do not use HttpKernel Extension when not needed for 2.7
Do not use HttpKernel Extension when not needed
bumped Symfony version to 2.7.9
updated VERSION for 2.7.8
updated CHANGELOG for 2.7.8
bumped Symfony version to 2.3.37
updated VERSION for 2.3.36
update CONTRIBUTORS for 2.3.36
updated CHANGELOG for 2.3.36
Revert "Revert "bug #17052 [2.7] Fixed flatten exception recursion with errors (GrahamCampbell)""
Revert "bug #17052 [2.7] Fixed flatten exception recursion with errors (GrahamCampbell)"
use nowdoc instead of heredoc
Conflicts:
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Acl/Dbal/AclProvider.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
* 2.3:
[travis] timeout the sigchild tests at 60s
CS: Single line comments should use double slashes (//) and not hash (#).
Do not use HttpKernel Extension when not needed
bumped Symfony version to 2.3.37
updated VERSION for 2.3.36
update CONTRIBUTORS for 2.3.36
updated CHANGELOG for 2.3.36
use nowdoc instead of heredoc
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ConfigDumpReferenceCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterMatchCommand.php
src/Symfony/Bundle/FrameworkBundle/Translation/Translator.php
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Config/Tests/Definition/Dumper/YamlReferenceDumperTest.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Generator/Dumper/PhpGeneratorDumper.php
This PR was merged into the 2.3 branch.
Discussion
----------
CS: use nowdoc instead of heredoc
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
if this is accepted, we could add the fixer to symfony level of php-cs-fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1580
Commits
-------
3dca549 use nowdoc instead of heredoc
* 2.7:
[2.7] Fixed flatten exception recursion with errors
Embedded identifier support
Also transform inline mappings to objects
Change the ExtensionInterface load method definition to bo identical to the documentation.
add and correct armenian translations
[Config] Fix array sort on normalization in edge case
[Security] Run tests on all PHP versions
[Serializer] Make metadata interfaces internal
[Yaml] fix indented line handling in folded blocks
improve BrowserKit test coverage p1
* 2.3:
[2.7] Fixed flatten exception recursion with errors
Embedded identifier support
Change the ExtensionInterface load method definition to bo identical to the documentation.
add and correct armenian translations
[Config] Fix array sort on normalization in edge case
[Yaml] fix indented line handling in folded blocks
improve BrowserKit test coverage p1
* 2.7:
[SecurityBundle] Removing test insulations for a huge perf win
[Validator] Use the new interface in the README
[Filesystem] fix tests on 2.3
[Filesystem] Recursivly widen non-executable directories
[Form] fix#15544 when a collection type attribute "required" is false, "prototype" should too
updated validators.bg.xlf
[Security] Enable bcrypt validation and result length tests on all PHP versions
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
[Console] Avoid extra blank lines when rendering exceptions
[Console][Table] fixed render row with multiple cells.
[Yaml] do not remove "comments" in scalar blocks
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception2.txt
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception4.txt
src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php
src/Symfony/Component/Yaml/Tests/ParserTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[SecurityBundle] Removing test insulations for a huge perf win
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b8fa471 [SecurityBundle] Removing test insulations for a huge perf win
* 2.7:
Fixed the wrong source name and the ja translation
[Debug] fix readme: DebugClassLoader moved to debug itself
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
[Form] Disabled view data validation if "data_class" is set to null
[HttpFoundation] Workaround HHVM rewriting HTTP response line
* 2.3:
Fixed the wrong source name and the ja translation
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
* 2.7:
Fix undefined array $server
Fix bug in windows detection
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
[Serializer] ObjectNormalizer: don't serialize static methods and props
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Component/Security/phpunit.xml.dist
* 2.3:
Fix undefined array $server
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Bundle/DebugBundle/phpunit.xml.dist
src/Symfony/Component/Security/phpunit.xml.dist
* 2.7:
added the new Composer exclude-from-classmap option
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
* 2.3:
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
This PR was merged into the 2.3 branch.
Discussion
----------
added the new Composer exclude-from-classmap option
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65bef75 added the new Composer exclude-from-classmap option
* 2.7:
fixed YAML files missing quotes when a string starts with @
[VarDumper] Fix anonymous class dumping
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
* 2.3:
fixed YAML files missing quotes when a string starts with @
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.8 branch.
Discussion
----------
[EventDispatcher] added EventDispatcher::getListenerPriority()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14563, #15825
| License | MIT
| Doc PR | n/a
In #14563, we added a way to get the priorities of listeners, but as noted by @Tobion in #15825, the implementation is sub-optimal because of two main reasons: the change is not part of the interface but more importantly, the added boolean changes the return value of `getListeners()`.
This PR reverts most of #14563 to add a `getListenerPriority()` method. This method is quite slow, but as it should only be used for debugging purposes (on the CLI or the WDT), I think it's not really a problem.
In 3.0, this method should probably be added to `EventDispatcherInterface`.
ping @Tobion
Commits
-------
068e955 [EventDispatcher] added EventDispatcher::getListenerPriority()
This PR was merged into the 2.8 branch.
Discussion
----------
Fix the BC layer for the key->secret renaming for remember_me
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/5765
| License | MIT
| Doc PR | n/a
There was a mistake in https://github.com/symfony/symfony/pull/15141 removing the configuration entirely.
Commits
-------
f52b3a0 Fix the BC layer for the key->secret renaming for remember_me
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
This PR was squashed before being merged into the 2.8 branch (closes#14721).
Discussion
----------
[Security] Configuring a user checker per firewall
_Changed my base branch to avoid issues, closed old PR_
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed ticket | #11090 and helps #14673
| License | MIT
| Doc PR | symfony/symfony-docs/pull/5530
This pull request adds support for a configurable user checker per firewall. An example could be:
```yml
services:
app.user_checker:
class: App\Security\UserChecker
arguments:
- "@request_stack"
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
basic_auth: ~
user_checker: app.user_checker
```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.
I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.
Commits
-------
76bc662 [Security] Configuring a user checker per firewall
This PR was squashed before being merged into the 2.8 branch (closes#16023).
Discussion
----------
Minor fixes for the profiler and toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | partially #15439
| License | MIT
| Doc PR | -
Changes:
* Fixed a misaligned icon
* Changed the priorities of the collectors to better control their position and to leave a "gap" between priorities so custom panels can be displayed between the default panels. This idea came from @stof.
By the way, @stof do you know how can I set the priority of the SwiftMailer collector? Its definition is the only one that doesn't use the `<tag name="data_collector" />`:
```xml
<service id="swiftmailer.data_collector" class="%swiftmailer.data_collector.class%">
<argument type="service" id="service_container" />
</service>
```
https://github.com/symfony/swiftmailer-bundle/blob/master/Resources/config/swiftmailer.xml#L90-L92
Commits
-------
bff4098 Minor fixes for the profiler and toolbar
* 2.7:
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
* 2.3:
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
This PR was merged into the 2.8 branch.
Discussion
----------
Guard minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Various completely minor things, most from suggestions on #14673
Commits
-------
869d5a7 tweaking message related to configuration edge case that we want to be helpful with
da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
* 2.7:
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Fix with_minutes option in time widget
Fixed properties not explicitily declared
This PR was merged into the 2.8 branch.
Discussion
----------
New Guard Authentication System (e.g. putting the joy back into security)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more
| License | MIT
| Doc PR | symfony/symfony-docs#5265
Hi guys!
Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot.
### How it works
With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of.
For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple.
This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45
I've also tested with "remember me" and "switch user" - no problems with either.
I hope you like it :).
### What's Needed
1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases.
2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky.
### Deprecations?
This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication.
Thanks!
Commits
-------
a01ed35 Adding the necessary files so that Guard can be its own installable component
d763134 Removing unnecessary override
e353833 fabbot
dd485f4 Adding a new exception and throwing it when the User changes
302235e Fixing a bug where having an authentication failure would log you out.
396a162 Tweaks thanks to Wouter
c9d9430 Adding logging on this step and switching the order - not for any huge reason
31f9cae Adding a base class to assist with form login authentication
0501761 Allowing for other authenticators to be checked
293c8a1 meaningless author and license changes
81432f9 Adding missing factory registration
7a94994 Thanks again fabbot!
7de05be A few more changes thanks to @iltar
ffdbc66 Splitting the getting of the user and checking credentials into two steps
6edb9e1 Tweaking docblock on interface thanks to @iltar
d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant
c73c32e Thanks fabbot!
6c180c7 Adding an edge case - this should not happen anyways
180e2c7 Properly handles "post auth" tokens that have become not authenticated
873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
a0bceb4 adding Guard tests
05af97c Initial commit (but after some polished work) of the new Guard authentication system
330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
This PR was squashed before being merged into the 2.8 branch (closes#14378).
Discussion
----------
[DX] Added a logout link in the security panel of the web debug toolbar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While developing applications, it's common to login/logout users continuously to test security features. I usually type `/logout` in the URL, but this is boring and, depending on the application, not always works.
This PR adds a small *Logout* link in the security panel when you are logged in the application:
Anonymous users won't see anything:
Commits
-------
192523a [DX] Added a logout link in the security panel of the web debug toolbar
This PR was merged into the 2.8 branch.
Discussion
----------
[SecurityBundle] allow more versions of the ACL package
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This actually is the version that is required when using the Symfony SE
(`symfony/symfony` requires `symfony/security-acl` in version `~2.7`).
Commits
-------
3a15921 allow more versions of the ACL package
* 2.7:
[VarDumper] Fix missing support for dumping PHP7 return type
[travis] disable symfony_debug ext when deps!=no
Do not normalize the kernel root directory path (see symfony/symfony#15474).
Don't trigger deprecation on interfaces
[Debug] Ignore silencing for deprecations
[ci] Run minimal versions on appveyor only
Fix appveyor file
consistently use str_replace to unify directory separators (remaining)
This PR was merged into the 2.7 branch.
Discussion
----------
consistently use str_replace to unify directory separators (2.7)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
Remaining ones from #15614
Commits
-------
17ce649 consistently use str_replace to unify directory separators (remaining)
* 2.7:
Various fixes esp. on Windows
Fix the validation of form resources to register the default theme
Fix the retrieval of the value with property path when using a loader
[appveyor] minor enhancements
[Process] Disable failing tests on Windows
[Translation] Fix the string casting in the XliffFileLoader
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[VarDumper] fixed HtmlDumper to target specific the head tag
[travis] merge php: nightly and deps=high test-matrix lines
consistently use str_replace to unify directory separators
Support omitting the <target> node in an .xlf file.
Fix the handling of values for multiple choice types
moved PHP nightly to PHP 7.0
[Security] Add missing docblock in PreAuthenticatedToken
Conflicts:
.travis.yml
* 2.7:
[Form] fixed BC-break on grouped choice lists
[WebProfilerBundle] add import for Twig macro
made Symfony compatible with both Twig 1.x and 2.x
[Debug/VarDumper] minor cleanups
[Form] only use PropertyPath if not already callable
[Form] fix reworked choice list phpdoc
[DoctrineBridge][Form] Add old tests to legacy group
Fixed warning when command alias is longer than command name
removed _self usage when not needed
Implement the support of timezone objects in the stub IntlDateFormatter
typofix - https://github.com/vlajos/misspell_fixer
make doctrine mappings compiler pass exception message more understandable
fix debug-ext 003.phpt
[Yaml] Nested merge keys
[FrameworkBundle] [Command] removed unused variable.
[Debug] Enhance DebugClassLoader performance on MacOSX
Add support for variadic arguments in the GetSetNormalizer
[DoctrineBridge][Form] Fix IdReader when indexing by primary foreign key
[DoctrineBridge][Form] Fix EntityChoiceList when indexing by primary foreign key
* 2.7:
[Locale] Add missing @group legacy annotations
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
fix issue #15377
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/TimeTypeTest.php
* 2.3:
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/Config/Tests/Definition/ScalarNodeTest.php
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/containers/container9.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php
src/Symfony/Component/Validator/Tests/Constraints/CountryValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/CurrencyValidatorTest.php
This PR was squashed before being merged into the 2.8 branch (closes#15013).
Discussion
----------
[Security] Removed security-acl from the core
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | part of #14718
| License | MIT
| Doc PR | ~
The `Security\Acl` is removed from the core and is loaded from its own repository. All tests were passing and this is fully backwards compatible. I have removed all but the Test files in the first step and added the dependency to verify the Test were still working with the package dependency. The second step was to remove the remaining test files and tests are still running for both the Bundle and the Framework. Once the Read-Only repository is a full standalone repository, this PR can be merged.
- [x] Remove component from the core
- [ ] Remove read-only from https://github.com/symfony/security-acl
Once this PR is merged, I can start working on splitting the SecurityBundle and extracting the ACL part to the AclBundle.
/cc @fabpot
Commits
-------
b26a449 [Security] Removed security-acl from the core
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Deprecated FormTypeInterface::getName() and passing of type instances
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #5321, #15008
| License | MIT
| Doc PR | TODO
#### Type Names
This PR deprecates the definition of the `getName()` method of form types. See #15008 for a more detailed description.
Before:
```php
class MyType extends AbstractType
{
public function getName()
{
return 'mytype';
}
// ...
}
```
After:
```php
class MyType extends AbstractType
{
// ...
}
```
You should always reference other types by their fully-qualified class names. Thanks to PHP 5.5, that's easy:
Before:
```php
$form = $this->createFormBuilder()
->add('name', 'text')
->add('age', 'integer')
->getForm();
```
After:
```php
$form = $this->createFormBuilder()
->add('name', TextType::class)
->add('age', IntegerType::class)
->getForm();
```
#### Type Instances
Furthermore, passing of type instances is deprecated.
Before:
```php
$form = $this->createForm(new AuthorType());
```
After:
```php
$form = $this->createForm(AuthorType::class);
```
#### DIC Aliases
When registering a type in the DIC, you should omit the "alias" attribute now.
Before:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" alias="mytype" />
<argument type="service" id="some.service.id" />
</service>
```
After:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" />
<argument type="service" id="some.service.id" />
</service>
```
Types without dependencies don't need to be registered in the DIC as they can be instantiated right away.
#### Template Block Prefixes
By default, the class name of the type in underscore notation minus "Type" suffix is used as Twig template block prefix (e.g. `UserProfileType` => `user_profile_*`). If you want to customize that, overwrite the new `getBlockPrefix()` method in your type:
```php
class UserProfileType extends AbstractType
{
public function getBlockPrefix()
{
return 'profile';
}
// ...
}
```
Commits
-------
3d9e5de [Form] Deprecated FormTypeInterface::getName() and passing of type instances
* 2.7:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
Fix calls to HttpCache#getSurrogate triggering E_USER_DEPRECATED errors.
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.3:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
* 2.7:
Added 'default' color
[HttpFoundation] Reload the session after regenerating its id
[HttpFoundation] Add a test case to confirm a bug in session migration
[Serializer] Fix ClassMetadata::sleep()
[2.6] Static Code Analysis for Components and Bundles
[Finder] Command::addAtIndex() fails with Command instance argument
[DependencyInjection] Freeze also FrozenParameterBag::remove
[Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig
fix CS
fixed CS
Add a way to reset the singleton
[Security] allow to use `method` in XML configs
[Serializer] Fix Groups tests.
Remove duplicate example
Remove var not used due to returning early (introduced in 8982c32)
[Serializer] Fix Groups PHPDoc
Enhance hhvm test skip message
fix for legacy asset() with EmptyVersionStrategy
[Form] Added upgrade notes for #15061
* 2.6:
Added 'default' color
[HttpFoundation] Reload the session after regenerating its id
[HttpFoundation] Add a test case to confirm a bug in session migration
[2.6] Static Code Analysis for Components and Bundles
[Finder] Command::addAtIndex() fails with Command instance argument
[DependencyInjection] Freeze also FrozenParameterBag::remove
[Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig
fix CS
fixed CS
Add a way to reset the singleton
[Security] allow to use `method` in XML configs
Remove duplicate example
Remove var not used due to returning early (introduced in 8982c32)
Enhance hhvm test skip message
* 2.3:
Added 'default' color
[HttpFoundation] Reload the session after regenerating its id
[HttpFoundation] Add a test case to confirm a bug in session migration
[Finder] Command::addAtIndex() fails with Command instance argument
[DependencyInjection] Freeze also FrozenParameterBag::remove
fix CS
fixed CS
Add a way to reset the singleton
[Security] allow to use `method` in XML configs
Remove var not used due to returning early (introduced in 8982c32)
Enhance hhvm test skip message
Before this change, you always had to use the `methods` key which is
inconsistent compared to other options like `roles` and `ips` for which
it was possible to use their singular versions.
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] Fix lowest deps
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Looks like that by testing the lowest deps on 5.3, we missed some constraints in our test suite.
Commits
-------
a036a77 [2.8] Fix lowest deps
* 2.7:
[FrameworkBundle] Reuse PropertyAccessor service for ObjectNormalizer
[VarDumper] Fix dump output for better readability
[PhpUnitBridge] Enforce @-silencing of deprecation notices according to new policy
* 2.7:
Fix test name
fixed CS
Allow new lines in Messages translated with transchoice() (replacement for #14867)
[Form] Swap new ChoiceView constructor arguments to ease migrating from the deprecated one
[2.3] Fix tests on Windows
[Yaml] remove partial deprecation annotation
Silence invasive deprecation warnings, opt-in for warnings
Documenting how to keep option value BC - see #14377
Conflicts:
src/Symfony/Bridge/Doctrine/composer.json
src/Symfony/Bridge/Twig/composer.json
