* 3.4: (22 commits)
use Precise on Travis to keep PHP LDAP support
Fix case sensitive sameSite cookie
[PropertyInfo] Use rawurlencode to escape PSR-6 keys
fix(security): ensure the 'route' index is set before attempting to use it
Fix registering lazy command services with autoconfigure enabled
Fix the design of the profiler exceptions when there is no message
[Config] Minor fix
document the TwigRenderer class deprecation
[Security] added more tests
[Security] fixed default target path when referer contains a query string
[Security] simplified tests
[Security] refactored tests
[WebProfilerBundle][TwigBundle] Fix infinite js loop on exception pages
[FrameworkBundle] fix ValidatorCacheWarmer: use serializing ArrayAdapter
Change "this" to "that" to avoid confusion
[VarDumper] Move locale sniffing to dump() time
[VarDumper] Use "C" locale when using "comma" flags
[Config] Make ClassExistenceResource throw on invalid parents
[DebugBundle] Added min_depth to Configuration
[Console] Add a factory command loader for standalone application with lazy-loading needs
...
This PR was merged into the 4.0-dev branch.
Discussion
----------
[Console] Make SymfonyQuestionHelper::ask optional by default
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes (nothing in core depends on it)
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
i noticed when writing commands i always keep doing
```php
$io = new SymfonyStyle($input, $output);
$answer = $io->ask('...', null, function ($value) { return $value; });
// instead of just
$answer = $io->ask('...');
```
only to bypass a built-in validation, of which im not sure why it's there. Note the base question helper doesnt make this assumption...
Commits
-------
2da429cd0a [Console] Make SymfonyQuestionHelper::ask optional by default
* 3.4: (22 commits)
Fix lazy commands registration
[TwigBridge] deprecate TwigRenderer
[FrameworkBundle] Set default public directory on install assets
[Security] Fix wrong term in UserProviderInterface
[HttpFoundation] Set meta refresh time to 0 in RedirectResponse content
disable inlining deprecated services
[Stopwatch] Fix precision for root section
[Cache] add constructor docblocks for clarity
[WebServerBundle] allowed public/ root directory to be auto-discovered along side web/
[WebServerBundle] remove duplicate code
[SecurityBundle] Clarify deprecation in UserPasswordEncoderCommand::getContainer
[Profiler][Validator] ValidatorDataCollector: use new DataCollector::getCasters() method
[Profiler] Fix data collector getCasters() call
[VarDumper] Added setMinDepth to VarCloner
remove symfony/process suggestion
[DI] Remove unused dynamic property
[Cache] add constructor docblocks for clarity
[Security] validate empty passwords again
[Process] Fixed issue between process builder and exec
non-conflicting anonymous service ids across files
...
* 3.3:
[FrameworkBundle] Set default public directory on install assets
[Security] Fix wrong term in UserProviderInterface
[HttpFoundation] Set meta refresh time to 0 in RedirectResponse content
disable inlining deprecated services
[Cache] add constructor docblocks for clarity
[WebServerBundle] allowed public/ root directory to be auto-discovered along side web/
[WebServerBundle] remove duplicate code
[SecurityBundle] Clarify deprecation in UserPasswordEncoderCommand::getContainer
[Cache] add constructor docblocks for clarity
[Security] validate empty passwords again
[DI] Remove irrelevant comment from container
[TwigBridge] cleaner implementation of the TwigRenderer
* 3.4: (23 commits)
Don't display the Symfony debug toolbar when printing the page
[Routing] also add matched params for redirect due to trailing slash
do not wire namespaces for the ArrayAdapter
check _controller attribute is a string before parsing it
[Cache] Added test for ApcuAdapter when using in CLI
[Validator] sync upgrade file with latest code changes
allow to configure custom formats in XML configs
[HttpKernel] fix DumpDataCollector tests
[FrameworkBundle] fix changelog
[WebProfilerBundle] Cleanup profiler leftover
[Routing] Add matched and default parameters to redirect responses
[DotEnv] Fix variable substitution
require the XML PHP extension
Fix phpdoc for serializer normalizers exceptions
Fixed absolute url generation for query strings and hash urls
bumped Symfony version to 2.8.25
updated VERSION for 2.8.24
updated CHANGELOG for 2.8.24
bumped Symfony version to 2.7.32
[Filesystem] Dont copy perms when origin is remote
...
* 3.4:
Deprecate support for stacked errors
fixed tests
[HttpFoundation] Find the original request protocol version
fixed CS
Add support for microseconds in Stopwatch
Preserve HttpOnly value when deserializing a header
add minimum and maximum amount of pixels to Image validator
fixed CHANGELOG
[DX] [TwigBundle] Enhance the new exception page design
[BrowserKit] Emulate back/forward browser navigation
Fix deprecated message
[Component][Serializer][Normalizer] : Deal it with Has Method for the Normalizer/Denormalizer
[Validator] improve the changelog
[FrameworkBundle] Wire inner translator
[FrameworkBundle][HttpKernel] Move addcachearmer, addcacheclearer compiler pass
[FrameworkBundle][Translation] Move translation compiler pass
* 3.3: (33 commits)
Preserve HttpOnly value when deserializing a header
[DX] [TwigBundle] Enhance the new exception page design
Fix deprecated message
[DI][Security] Prevent unwanted deprecation notices when using Expression Languages
bumped Symfony version to 3.3.5
updated VERSION for 3.3.4
updated CHANGELOG for 3.3.4
[VarDumper] Reduce size of serialized Data objects
bumped Symfony version to 3.2.12
updated VERSION for 3.2.11
updated CHANGELOG for 3.2.11
fixed bad merge
Fix indent of methods
[Cache] Handle APCu failures gracefully
[DoctrineBridge] Use normalizedIds for resetting entity manager services
[FrameworkBundle] Do not remove files from assets dir
[FrameworkBundle] 3.3: Don't get() private services from debug:router
bumped Symfony version to 3.3.4
updated VERSION for 3.3.3
updated CHANGELOG for 3.3.3
...
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] Deprecate support for stacked errors
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #22804
| License | MIT
| Doc PR | n/a
Per discussion in #22804 this deprecates support for error stacking. // @nicolas-grekas
Commits
-------
04b8b80 Deprecate support for stacked errors
* 3.4:
[Console] Fix descriptor tests
Change wording from object to subject
add changelog entry for Stopwatch::reset()
Add DateCaster
[Dotenv] parse concatenated variable values
[Yaml] deprecate the !str tag
Add filter in VarDumperTestTrait
Support for parsing PHP constants in yaml loader
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Add filter in VarDumperTestTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | /
| License | MIT
| Doc PR | /
Many casters uses ``EXCLUDE_*`` flags in their cast method. It would be usefull to use this flags directly with ``VarDumperTestTrait`` to tests many cases.
Commits
-------
1da8e71 Add filter in VarDumperTestTrait
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] Deprecate using the non-specific tag
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Values tagged with the non-specific tag must not be transformed in an integer, this tag means that they must not be evaluated (see [the spec](http://www.yaml.org/spec/1.2/spec.html#tag/non-specific/)).
I applied this change in https://github.com/symfony/symfony/pull/22762 to comply with the spec.
Commits
-------
60f5046661 [Yaml] Deprecate using the non-specific tag
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] KernelTestCase: deprecate not using KERNEL_CLASS
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/22668#issuecomment-299875161
| License | MIT
| Doc PR | N/A
Commits
-------
d102fc08e4 [FrameworkBundle] KernelTestCase: deprecate not using KERNEL_CLASS
* 3.3:
Fix optional cache warmers are always instantiated whereas they should be lazy-loaded
add some \ on PHP_VERSION_ID for 2.8
[Di] Remove closure-proxy arguments
[PropertyInfo][DoctrineBridge] The bigint Doctrine's type must be converted to string
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Deprecate XML services without ID
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no, confusing though
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
On slack someone had a issue with class named services;
> So, probably should have done this sooner, I stepped through with a debugger and it looks like \Symfony\Component\DependencyInjection\Loader\XmlFileLoader::processAnonymousServices assigns a sha256 to services that don't have any IDs
> When my manually wired service is registered, it has an ID that looks like 1_344b468f6069ffe8c32092409d99c59abc218f41071ce4c4230c198876129bc0, so it doesn't override the auto-loaded one
> I swear I read that IDs default to the class name now...
The fix was easy; doing `<service id="ClassName"/>` instead of `<service class="ClassName"/>`. However the thing is... i made the exact same mistake trying to reproduce 😅
I think given the recent developments (dropping type based autowiring and class named services) it makes sense to force XML service to specify an ID attribute (the top level ones). This would be consistent with YAML and PHP as well.
Fixing deprecations is also easy, just change `class` attribute to `id` like i've done for the frameworkbundle in this PR.
Any thoughts?
Commits
-------
b8c68da010 [DI] Deprecate XML services without ID
* 3.3:
[DI] prepare for signature change in 4.0
[DI] Add missing deprecation on Extension::getClassesToCompile
[Routing] remove an unused routing fixture
[Yaml] fix multiline block handling
[WebProfilerBundle] Fix sub-requests display in time profiler panel
[FrameworkBundle] Handle project dir in cache:clear command
[WebServerBundle] Mark ServerCommand as internal
[DI] Fix autowire error for inlined services
Close PHP code in phpt file
[Profiler][VarDumper] Fix searchbar css when in toolbar
Prevent auto-registration of UserPasswordEncoderCommand
[Process] Fixed incorrectly escaping arguments on Windows when inheritEnvironmentVariables is set to false
avoid double blanks while rendering form attributes
use getProjectDir() when possible
[PhpUnitBridge] add a changelog file
[FrameworkBundle][Validator] Deprecate passing validator instances/aliases over using the service locator
This PR was merged into the 3.3-dev branch.
Discussion
----------
[SecurityBundle] Enhance FirewallContext::getListeners()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/20417#discussion_r91704023, https://github.com/symfony/symfony/pull/20417#discussion_r91704145
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I think @stof is right.. and the fact we can do this on master currently without the hassle.
cc @chalasr
Commits
-------
ba650783f5 [SecurityBundle] Enhance FirewallContext::getListeners()
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle][Workflow] Deprecate the default type of a workflow
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
Before this patch, the default type is "workflow". Most of the time a
"state_machine" is better because it's simpler and it involves less
knowledge to be able to use it.
So this patch deprecate a missing type in Symfony 3.3. And In Symfony
4.0 the default value will become "state_machine".
Commits
-------
004751c [FrameworkBundle][Workflow] Deprecate the default type of a workflow
Before this patch, the default type is "workflow". Most of the time a
"state_machine" is better because it's simpler and it involves less
knowledge to be able to use it.
So this patch deprecate a missing type in Symfony 3.3. And In Symfony
4.0 the default value will become "state_machine".
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Form] Deprecated usage of "choices" option in sub types
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | ~
Follows #21880 and the discussion in #20771.
Commits
-------
b5b56fcbac [Form] Deprecated usage of "choices" option in sub types
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Add console.ERROR event and deprecate console.EXCEPTION
| Q | A |
| --- | --- |
| Branch | master |
| Bug fix? | yes |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | - |
| License | MIT |
| Doc PR | todo |
## The Problem
The current `console.EXCEPTION` event is only dispatched for exceptions during the execution of `Command#execute()`. All other exceptions (e.g. the ones thrown by listeners to events) are catched by the `try ... catch` loop in `Application#doRunCommand()`. This means that there is _no way to override exception handling_.
## The Solution
This PR adds a `console.ERROR` event which has the same scope as the default `try ... catch` loop. This allows to customize all exception handling.
In order to keep BC, a new event was created and `console.EXCEPTION` was deprecated.
Commits
-------
c02a4c9857 Added a console.ERROR event
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security][SecurityBundle] Enhance automatic logout url generation
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This should help whenever:
- [the token does not implement the `getProviderKey` method](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Logout/LogoutUrlGenerator.php#L89-L99)
- you've got multiple firewalls sharing a same context but a logout listener only define on one of them.
##### Behavior:
> When not providing the firewall key:
>
>- Try to find the key from the token (unless it's an anonymous token)
>- If found, try to get the listener from the key. If the listener is found, stop there.
>- Try from the injected firewall key. If the listener is found, stop there.
>- Try from the injected firewall context. If the listener is found, stop there.
>
>The behavior remains unchanged when providing explicitly the firewall key. No fallback.
Commits
-------
5b7fe852aa [Security][SecurityBundle] Enhance automatic logout url generation
* 3.2:
[Serializer] Xml encoder throws exception for valid data
[Form] Hardened form type tests
fixed CS
Added setInputStream deprecation to UPGRADE guides
fixed CS
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel] Deprecate X-Status-Code for better alternative
| Q | A |
| --- | --- |
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | #12343 |
| License | MIT |
| Doc PR | https://github.com/symfony/symfony-docs/pull/6948 |
This marks the X-Status-Code header method of setting a custom response status
code in exception listeners for a better alternative. There is now a new method
on the `GetResponseForExceptionEvent` that allows successful status codes in
the response sent to the client.
The old method of setting the X-Status-Code header will now throw a deprecation warning.
Instead, in your exception listener you simply call `GetResponseForExceptionEvent::allowCustomResponseCode()` which will tell the Kernel not to override the status code of the event's response object.
Currenty the `X-Status-Code` header will still be removed, so as not to change the existing behaviour, but this is something we can remove in 4.0.
TODO:
- [x] Replace usage of X-Status-Code in `FormAuthenticationEntryPoint`
- [x] Open Silex issue
- [x] Rename method on the response
- [x] Ensure correct response code is set in `AuthenticationEntryPointInterface` implementations
- [x] Ensure the exception listeners are marking `GetResponseForExceptionEvent` as allowing a custom response code
- [x] In the Security component we should only use the new method of setting a custom response code if it is available, and fall back to the `X-Status-Code` method
Commits
-------
cc0ef282cd [HttpKernel] Deprecate X-Status-Code for better alternative
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle][Config] Move ConfigCachePass from FrameworkBundle to Config
| Q | A
| ------------- | ---
| Branch? | master<!--see comment below-->
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes/no
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
This MR is part of the #21284 todo list
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
bce445f452 Move ConfigCachePass from FrameworkBundle to Config
This PR was squashed before being merged into the 3.3-dev branch (closes#21792).
Discussion
----------
[Security] deprecate multiple providers in context listener
Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
Commits
-------
53df0de7fc [Security] deprecate multiple providers in context listener
fbd9f88e31 [SecurityBundle] only pass relevant user provider
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
This marks the X-Status-Code header method of setting a custom response
status code in exception listeners as deprecated. Instead there is now
a new method on the GetResponseForExceptionEvent that allows successful
status codes in the response sent to the client.