This PR was squashed before being merged into the 3.4 branch (closes#27626).
Discussion
----------
[TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While adding https://github.com/elifesciences/journal/pull/990 I was a bit confused why the `preload()` Twig function didn't work initially. Turns out the WebLink component is disabled by default if using the full stack, but the Twig extension is always enabled.
This only adds the Twig extension if the component is enabled, and shows a friendly error message if it's not.
Commits
-------
cccb66f4c6 [TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled
This PR was squashed before being merged into the 3.4 branch (closes#27623).
Discussion
----------
[minor] SCA
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
New findings: language level, greedy regex, array_column usages
Commits
-------
5922507dc5 [minor] SCA
This PR was squashed before being merged into the 3.4 branch (closes#27596).
Discussion
----------
[Framework][Workflow] Added support for interfaces
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I consider this to be a bugfix in config, because `ClassInstanceSupportStrategy` (`InstanceOfSupportStrategy`) actually works with interfaces. Therefore propose to 3.4.
Commits
-------
6104c28c08 [Framework][Workflow] Added support for interfaces
This PR was squashed before being merged into the 3.4 branch (closes#27556).
Discussion
----------
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is the sister PR to #27452, which covered all the other authentication listeners.
Commits
-------
c06f3229de Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
This PR was squashed before being merged into the 2.8 branch (closes#27452).
Discussion
----------
Avoid migration on stateless firewalls
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is a proof-of-concept. Once we agree / are happy, I need to add this to all of the other authentication mechanisms that recently got the session migration code & add tests.
Basically, this avoids migrating the session if the firewall is stateless. There were 2 options to do this:
A) Make the `SessionAuthenticationStrategy` aware of all stateless firewalls. **This is the current approach**
or
B) Make each individual authentication listener aware whether or not *its* firewall is stateless.
Commits
-------
cca73bb564 Avoid migration on stateless firewalls
This PR was merged into the 3.4 branch.
Discussion
----------
Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27212
| License | MIT
| Doc PR | -
This reverts commit b213c5a758, reversing
changes made to 61af0e3a25.
This breaks BC and is more like a new feature, let's move this on master.
Commits
-------
c6acad719d Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27259
| License | MIT
| Doc PR | no
Hello!
There is fix for #27259 issue. It changes priority of `AddConsoleCommandPass` to `TYPE_BEFORE_REMOVING` as @chalasr advised. I'm not sure about side effects by that.
Commits
-------
e36099503f [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
* 2.8:
do not mock the session in token storage tests
Add Occitan plural rule
Fix security/* cross-dependencies
Disallow illegal characters like "." in session.name
fix rounding from string
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 2.7 branch.
Discussion
----------
Disallow invalid characters in session.name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27023
| License | MIT
| Doc PR |
PHP saves cookie with correct name, but upon deserialization to
`$_COOKIE`, it replaces "." characters with "_".
This is probably also reason why \SessionHandler is not able to find
a session.
https://harrybailey.com/2009/04/dots-arent-allowed-in-php-cookie-names/https://bugs.php.net/bug.php?id=75883
Commits
-------
16ebb43bd4 Disallow illegal characters like "." in session.name
