* 3.4:
[Security\Http] detect bad redirect targets using backslashes
[Form] Filter file uploads out of regular form types
Fix CI
minor #28258 [travis] fix composer.lock invalidation for deps=low (nicolas-grekas)
[travis] fix composer.lock invalidation for PRs patching several components
[travis] fix composer.lock invalidation for deps=low
minor #28199 [travis][appveyor] use symfony/flex to accelerate builds (nicolas-grekas)
[travis] ignore ordering when validating composer.lock files for deps=low
minor #28146 [travis] cache composer.lock files for deps=low (nicolas-grekas)
fix ci
[travis] fix requiring mongodb/mongodb before composer up
minor #28114 [travis] merge "same Symfony version" jobs in one (nicolas-grekas)
[2.7] Make CI green
updated VERSION for 2.7.49
updated CHANGELOG for 2.7.49
[HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer
[HttpFoundation] Remove support for legacy and risky HTTP headers
updated VERSION for 2.7.48
update CONTRIBUTORS for 2.7.48
updated CHANGELOG for 2.7.48
* 2.8:
[Security\Http] detect bad redirect targets using backslashes
[Form] Filter file uploads out of regular form types
Fix CI
minor #28258 [travis] fix composer.lock invalidation for deps=low (nicolas-grekas)
[travis] fix composer.lock invalidation for PRs patching several components
[travis] fix composer.lock invalidation for deps=low
minor #28199 [travis][appveyor] use symfony/flex to accelerate builds (nicolas-grekas)
[travis] ignore ordering when validating composer.lock files for deps=low
minor #28146 [travis] cache composer.lock files for deps=low (nicolas-grekas)
fix ci
[travis] fix requiring mongodb/mongodb before composer up
minor #28114 [travis] merge "same Symfony version" jobs in one (nicolas-grekas)
[2.7] Make CI green
updated VERSION for 2.7.49
updated CHANGELOG for 2.7.49
[HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer
[HttpFoundation] Remove support for legacy and risky HTTP headers
updated VERSION for 2.7.48
update CONTRIBUTORS for 2.7.48
updated CHANGELOG for 2.7.48
* 2.7:
[Security\Http] detect bad redirect targets using backslashes
[Form] Filter file uploads out of regular form types
Fix CI
minor #28258 [travis] fix composer.lock invalidation for deps=low (nicolas-grekas)
[travis] fix composer.lock invalidation for PRs patching several components
[travis] fix composer.lock invalidation for deps=low
minor #28199 [travis][appveyor] use symfony/flex to accelerate builds (nicolas-grekas)
[travis] ignore ordering when validating composer.lock files for deps=low
minor #28146 [travis] cache composer.lock files for deps=low (nicolas-grekas)
fix ci
[travis] fix requiring mongodb/mongodb before composer up
minor #28114 [travis] merge "same Symfony version" jobs in one (nicolas-grekas)
[2.7] Make CI green
updated VERSION for 2.7.49
updated CHANGELOG for 2.7.49
[HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer
[HttpFoundation] Remove support for legacy and risky HTTP headers
updated VERSION for 2.7.48
update CONTRIBUTORS for 2.7.48
updated CHANGELOG for 2.7.48
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Filter file uploads out of regular form types
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR filters uploaded files out of the data processed by any form type except `FileType`.
Commits
-------
205a44ea7d [Form] Filter file uploads out of regular form types
This PR was submitted for the master branch but it was squashed and merged into the 3.4 branch instead (closes#29436).
Discussion
----------
[Cache] Fixed Memcached adapter doClear()to call flush()
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29435
| License | MIT
| Doc PR | symfony/symfony-docs
MemcachedTrait now calls Memcached::flush via its client instead of just returning false.
Commits
-------
447baacbad [Cache] Fixed Memcached adapter doClear()to call flush()
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] ignore trailing slash for non-GET requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29410
| License | MIT
| Doc PR | -
Another test case provided by @peterrehm in the linked issue - the dumped matcher already passes this test - but the non-dumped one doesn't (neither does the dumped one in 4.1 - I'll fix while merging up)
Commits
-------
7521af7ea0 [Routing] ignore trailing slash for non-GET requests
This PR was merged into the 4.1 branch.
Discussion
----------
[Workflow] Fixed BC break for Workflow metadata
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29427
| License | MIT
| Doc PR |
I used SplObjectStorage to store the transition metadata.
So we need to use the exact same PHP Object.
Commits
-------
5691818397 [Workflow] Fixed BC break for Workflow metadata
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] dont inline when lazy edges are found
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29412, #29391
| License | MIT
| Doc PR | -
I'm not able to create a reproducer to hit this situation, but on 4.2, this check makes the difference.
I'm merging to fix the issue as that's still the proper fix.
Commits
-------
484c49edb3 [DI] dont inline when lazy edges are found
* 3.4:
[Serializer] fixed DateTimeNormalizer to maintain microseconds when a different timezone required
[Routing] fix taking verb into account when redirecting
[WebProfilerBundle] Split form field heading
This PR was squashed before being merged into the 3.4 branch (closes#29413).
Discussion
----------
[Serializer] fixed DateTimeNormalizer to maintain microseconds when a different timezone required
| Q | A
| ------------- | ---
| Branch? | 3.4 up to 4.2 for bug fixes
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #
| License | MIT
| Doc PR | none
fixed `DateTimeNormalizer::normalizer()` when `$object` is mutated internally to change timezone we lost microseconds of origina `$object`
Commits
-------
2bf8a1cae6 [Serializer] fixed DateTimeNormalizer to maintain microseconds when a different timezone required
* 3.4:
fix cs
[Validator] Allow `ConstraintViolation::__toString()` to expose codes that are not null or emtpy strings
fix type for $value in DocBlock
Fix wrapped loop of event listener
Update HttpKernel.php
This PR was merged into the 3.4 branch.
Discussion
----------
Update HttpKernel.php
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This update adds a docblock to varToString method in HttpKernel Class
Commits
-------
3324e2a2a6 Update HttpKernel.php
This PR was squashed before being merged into the 3.4 branch (closes#29375).
Discussion
----------
[Validator] Allow `ConstraintViolation::__toString()` to expose codes that are not null or emtpy strings
|Q |A |
|--- |---|
|Branch |2.8|
|Bug fix? |yes|
|New feature? |no |
|BC breaks? |no |
|Deprecations?|no |
|Tests pass? |yes|
|Fixed tickets|n/a|
|License |MIT|
|Doc PR |n/a|
Allow to expose `0` or `"0"` validation codes.
Commits
-------
7bb0fb5cc3 [Validator] Allow `ConstraintViolation::__toString()` to expose codes that are not null or emtpy strings
This PR was merged into the 3.4 branch.
Discussion
----------
[EventDispatcher] Fix eventListener wrapper loop in TraceableEventDispatcher
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | na
The `TracableEventDispatcher` wrap decorate (in the method `preProcess`) each listeners in a `WrappedListener` before delegating the dispatch to the real dispatcher, then remove the wrapper (in the method `postProcess`.
But, if a listener triggers an exception, the `postProcess` method is not called, and the wrapper in not removed.
If the same event is triggered a second time, the listeners will be decorated twice, etc, etc..
This is an issue with php-pm where the same event is triggered hundred of times within the same process.
This PR moves the `postProcess` in a finally block in order to be called even if an exception in thrown.
Commits
-------
3830a9e376 Fix wrapped loop of event listener
This PR was merged into the 4.1 branch.
Discussion
----------
undeprecate the single-colon notation for controllers
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This is the same as https://github.com/symfony/symfony/pull/29218 but for `Symfony\Bundle\FrameworkBundle\Routing\DelegatingLoader`.
Commits
-------
09371ad6f1 undeprecate the single-colon notation for controllers
This PR was merged into the 4.1 branch.
Discussion
----------
[DI] fix edge case in InlineServiceDefinitionsPass
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Looks like this can happen - dunno how
https://stackoverflow.com/questions/53558247/autowire-services-test-yaml-there-is-no-node-with-id-service-a
Commits
-------
8bd2bbfb1c [DI] fix edge case in InlineServiceDefinitionsPass
This PR was merged into the 4.1 branch.
Discussion
----------
[WebProfilerBundle] Fix title case
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Split from #29312 for 4.1 👼
Commits
-------
3e16e25252 [WebProfilerBundle] Fix title case
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#29396).
Discussion
----------
fix type for $value in DocBlock
`$value` is supposed to be a string, not an int, according to [`NumberFormatter::setTextAttribute()` documentation](https://secure.php.net/manual/en/numberformatter.settextattribute.php)
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4 up to 4.2 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
ff2431a512 fix type for $value in DocBlock
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Handle all case variants of "nan" when parsing a number
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29321
| License | MIT
| Doc PR | n/a
NumberToLocalizedStringTransformer::reverseTransform now special cases all case variants of "NaN", not just "NaN" specifically to insulate itself from changing behaviour in ICU.
Commits
-------
85af682834 add a test case
d903dcbac5 [Form] Handle all case variants of "nan" when parsing a number
This PR was merged into the 3.4 branch.
Discussion
----------
typo
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
977a007e3a typo
Nicolas Grekas
Raito Akehanareru
Grégoire Pineau
Vitaliy Ryaboy
Robin Chalas
Roland Franssen
Javier Spagnoletti
Ryan Rud
Jérémy Derussé
Fabien Bourigault
Christian Flothmann
