This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] fix redis multi host dsn not recognized
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34477
| License | MIT
#34177 added support configurating session handlers with DSNs. It was no possible to pass a redis-DSN like
`redis:?host[localhost]&host[localhost:6379]&host[/var/run/redis.sock:]&auth=my-password&redis_cluster=1'`
since the check was
`case 0 === strpos($connection, 'redis://'):`
Commits
-------
81ba07aa26 fix redis multi host dsn not recognized
When a Mandrill API request is succesful, it returns an array of
results, one for each recipient. To get rid of the undefined index
error, we grab the message ID from the first recipient in the array.
* 4.3:
Fix merge
[DoctrineBridge] try to fix deprecations from doctrine/persistence
[DI] Add support for immutable setters in CallTrait
[Cache] Propagate expiry when syncing items in ChainAdapter
[Routing] fix memoryleak when loading compiled routes
[Translation] fix memoryleak in PhpFileLoader
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] Fix support for immutable setters in CallTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | N/A
Commits
-------
90ace51328 [DI] Add support for immutable setters in CallTrait
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBundle] fix broken FilesystemLoader::exists() with Twig 3
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34877
| License | MIT
| Doc PR |
This fix adapts the declaration of Twig 3 `\Twig\Loader\FilesystemLoader::findTemplate()` which expects to return `string|null` and returns `null` instead of `false`.
Returning `false` breaks `\Twig\Loader\FilesystemLoader::exists()` which returns `true` if `findTemplate()` does not return `null`.
Twig 2 should not be affected by this patch. The `exists()` method expects `null` or `false` for not found templates: <fdb691a424/src/Loader/FilesystemLoader.php (L169)>
Commits
-------
ff1d77e155 bug #34877 [TwigBundle] fix findTemplate() to return `null`
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] Removed "Content-Type" from the preferred format guessing mechanism
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34906, Fix#34857
| License | MIT
| Doc PR | -
Confirmed, inferring the `Content-Type` of the response using the `Content-Type` provided for the request body is NOT a good idea. The HTTP RFC explicitly states that `Accept` must be used to hint a preferred response format (`Content-Type` on the request indicates the type of associated its the body).
Use `Accept` if provided (a best practice anyway), and fallback to the default value (HTML by default) otherwise.
Commits
-------
776523e56a Removed request header "Content-Type" from the preferred format guessing mechanism
This PR was merged into the 3.4 branch.
Discussion
----------
[Translation] fix memoryleak in PhpFileLoader
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This happens when running the test suite with opcache disabled (as it is the case by default since `opcache.enable_cli=0`).
Doing this "require" in a loop (for each test case) compiles the file at each iteration and doesn't reclaim memory (there is no garbage collector for opcodes).
Commits
-------
5c9e3bac96 [Translation] fix memoryleak in PhpFileLoader
This PR was merged into the 4.3 branch.
Discussion
----------
[Routing] fix memoryleak when loading compiled routes
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Same as #34918 for Routing. That's the last significant memory hog I've identified.
Commits
-------
85371a174e [Routing] fix memoryleak when loading compiled routes
Twig3 FilesystemLoader::findTemplate() should return `string|null`
instead of Twig2 `string|null|false`: see
<https://github.com/twigphp/Twig/blob/3.x/src/Loader/FilesystemLoader.php#L167>
Returning `null` fixes `exists()` of Twig 3 FilesystemLoader without
breaking Twig 2 (which expected `null` or `false` for not found
templates).
Change the test to assert `null` instead of `false`.
This PR was merged into the 4.4 branch.
Discussion
----------
[Debug] Updated the README to deprecate the component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | https://github.com/symfony/symfony-docs/issues/12775
| License | MIT
| Doc PR | -
Commits
-------
ab9e0eb2f5 [Debug] Updated the README to deprecate the component
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Validator] Fix auto-mapping constraints should not be validated
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #34672 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
As for `Traverse`, I don't think we should add these "constraints" to the list.
I'm also wondering if it really makes sense to have these annotations as constraints. I think it should rather behave like the `GroupSequence` annotation to add the info the generic metadata at loading time, but we don't need to rely on the constraints behavior at all.
Commits
-------
bc53e4bca0 [Validator] Fix auto-mapping constraints should not be validated
This PR was merged into the 4.4 branch.
Discussion
----------
[Process] change the syntax of portable command lines
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34838
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12772
An alternative to #34845
Right now, portable command lines use `"$FOO"` for placeholders.
But because we validate that a corresponding variable exists before running the command, this fails with `Command line is missing a value for key "$FOO"` when `FOO` is not defined.
This PR proposes to use `"${:FOO}"` instead. The difference with the previous syntax is that this cannot collide with existing shell scripts as it is invalid for them.
When this is merged, we'll have to update https://symfony.com/blog/new-in-symfony-4-1-prepared-commands too.
Commits
-------
3c7b775b3e [Process] change the syntax of portable prepared command lines
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Some bundles extensions are "instances dependents", eg they cache service registrations (eg: 70dec3c8a3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php (L743)).
Launching the lint command loads all bundles a first time, just to be able to run the command.
Then, when we build the container again for the lint command, it loads all bundles a second time. But since it's the same bundles instances, some services are not registered, leading to missing services in `CheckExceptionOnInvalidReferenceBehaviorPass`.
Commits
-------
31975e4981 [FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
* 4.3:
[Cache] fix memory leak when using PhpFilesAdapter
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[MonologBridge] Fix debug processor datetime type
* 3.4:
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[MonologBridge] Fix debug processor datetime type
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] fix memory leak when using PhpFilesAdapter
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34687
| License | MIT
| Doc PR | -
Similar to #34839 but for `PhpFilesAdapter`, as the "appendOnly" mode is a v4-only feature.
Commits
-------
0b46226648 [Cache] fix memory leak when using PhpFilesAdapter
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This is really nit-picking: The conservative, safe default for `Cache-Control` is `private, no-cache` which means the response must not be served from cache unless it has been validated.
If `Last-Modified` or `Expires` are present, we can relax `no-cache` to be `must-revalidate`, which means that _once the response has become stale_, it must be revalidated.
An `ETag` alone does not give the response a lifetime, so IMO sticking with `no-cache` in this case would be more consistent.
Commits
-------
1b1002b426 [HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Yaml] Implement multiline string as scalar block for tagged values
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
At the moment you can parse a tagged value defined as a scalar block. But you can't actually dump a multiline string as scalar block when using a tagged value.
This PR implements the multiline string as scalar block for tagged values as well.
Commits
-------
84241d4e62 [Yaml] Implement multiline string as scalar block for tagged values
This PR was merged into the 3.4 branch.
Discussion
----------
[MonologBridge] Fix debug processor datetime type
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |n/a
| License | MIT
| Doc PR | n/a
This PR fixes an eventual `Call to a member function getTimestamp() on string` if any Processor transforms the `datetime` value, and uses the same record conditions as in the [ConsoleFormatter](https://github.com/symfony/monolog-bridge/blob/master/Formatter/ConsoleFormatter.php#L118 )
Commits
-------
ffe3f10780 [MonologBridge] Fix debug processor datetime type
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Use UserInterface to @return in getUser method
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
9f1ebd7fb9 [FrameworkBundle] Use UserInterface to @return in getUser method
This PR was merged into the 3.4 branch.
Discussion
----------
[ExpressionLanguage] Process division by zero
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
To be able to catch the error in expression like ` 1 / 0`
**Before PR:**
```
try {
1 / 0;
} catch (\Throwable $e) {
// It won't be caught anyway
// PHP Warning: Division by zero in...
}
try {
1 % 0;
} catch (\Throwable $e) {
// It will be caught since PHP7
// \DivisionByZeroError with message `Modulo by zero`
}
```
**After PR:**
```
try {
1 / 0;
} catch (\Throwable $e) {
// It will be caught
// \DivisionByZeroError with message `Division by zero`
}
try {
1 % 0;
} catch (\Throwable $e) {
// It will be caught
// \DivisionByZeroError with message `Modulo by zero`
}
```
Commits
-------
02ab72ab30 [ExpressionLanguage][Node][BinaryNode] Process division by zero
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since we format the \DateTimeImmutable with the "e" character, it uses this timezone identifier and do not consider the passed one. See https://www.php.net/manual/en/datetime.construct.php:
> The $timezone parameter and the current timezone are ignored when the $time parameter either is a UNIX timestamp (e.g. @946684800) or specifies a timezone (e.g. 2010-01-28T15:00:00+02:00).
Commits
-------
03dbcf8794 [Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
This PR was merged into the 4.4 branch.
Discussion
----------
[Mailer] Fix SMTP Authentication when using STARTTLS
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34522
| License | MIT
When the mail server uses STARTTLS, the SMTP Authentication is not performed because the AUTH capabilities are not send during the first EHLO call, but during the second one.
Example of problematic exchange solved by this PR:
```
< 220 mydomain.tld ESMTP Postcow
> EHLO [127.0.0.1]
< 250-mydomain.tld
< 250-PIPELINING
< 250-SIZE 104857600
< 250-ETRN
< 250-STARTTLS
< 250-ENHANCEDSTATUSCODES
< 250-8BITMIME
< 250-DSN
< 250 CHUNKING
> STARTTLS
< 220 2.0.0 Ready to start TLS
> EHLO [127.0.0.1]
< 250-mydomain.tld
< 250-PIPELINING
< 250-SIZE 104857600
< 250-ETRN
< 250-AUTH PLAIN LOGIN
< 250-AUTH=PLAIN LOGIN
< 250-ENHANCEDSTATUSCODES
< 250-8BITMIME
< 250-DSN
< 250 CHUNKING
> MAIL FROM:<noreply@XXX>
< 250 2.1.0 Ok
> RCPT TO:<XXX>
< 554 5.7.1 <XXX>: Client host rejected: Access denied
```
Commits
-------
75b54542ab [Mailer] Fix SMTP Authentication when using STARTTLS
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Handle env var placeholders in CheckTypeDeclarationsPass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A case we forgot to handle.
Commits
-------
c3574858b5 [DependencyInjection] Handle env var placeholders in CheckTypeDeclarationsPass
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fix memory leak when using PhpArrayAdapter
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34687
| License | MIT
| Doc PR | -
Thanks to @adrienfr, I've been able to understand what causes this massive memory leak when using `PhpArrayAdapter`:
When tests run, a new kernel is booted for each test case. This means a new instance of `PhpArrayAdapter` is created, which means it loads its state again and again using `include` for e.g. `annotations.php` in this example.
The first obvious thing is that we see this doing `compile::*`: this means PHP is parsing the same file again and again. But shouldn't opcache prevent this? Well, it's disabled by default because `opcache.enable_cli=0`. To prove the point, here is a comparison with the same tests run with `php -dopcache.enable_cli=1`. The comparison is swapped, but you'll get it:
But that's not over: because of https://bugs.php.net/76982 (see #32236 also), we still have a memory leak when the included file contains closures. And this one does.
This PR fixes the issue by storing the return value of the include statement into a static property. This fits the caching model of `PhpArrayAdapter`: it's a read-only storage for system caches - i.e. its content is immutable.
Commits
-------
4194c4c56d [Cache] fix memory leak when using PhpArrayAdapter
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34774
| License | MIT
| Doc PR | -
`%s` should be escaped, so it is dumped as `%%s` (it ends up being properly unescaped at load time, so the passed value to the service is the same).
Commits
-------
de03cee846 [SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
* 4.3:
[DotEnv] Remove `usePutEnv` property default value
Set up typo fix
[Validator] Allow underscore character "_" in URL username and password
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
do not validate passwords when the hash is null
[DI] fix resolving bindings for named TypedReference
[DI] Fix making the container path-independent when the app is in /app
Allow copy instead of symlink for ./link script
[FrameworkBundle] resolve service locators in `debug:*` commands
bumped Symfony version to 4.3.10
updated VERSION for 4.3.9
updated CHANGELOG for 4.3.9
bumped Symfony version to 3.4.37
updated VERSION for 3.4.36
update CONTRIBUTORS for 3.4.36
updated CHANGELOG for 3.4.36
Add test on ServerLogHandler
* 3.4:
[Validator] Allow underscore character "_" in URL username and password
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
do not validate passwords when the hash is null
[DI] Fix making the container path-independent when the app is in /app
Allow copy instead of symlink for ./link script
[FrameworkBundle] resolve service locators in `debug:*` commands
bumped Symfony version to 3.4.37
updated VERSION for 3.4.36
update CONTRIBUTORS for 3.4.36
updated CHANGELOG for 3.4.36
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] resolve service locators in `debug:*` commands
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34470
| License | MIT
| Doc PR | -
Because of the way ServiceClosureArgument are dumped, we need to resolve locators after loading the xml dump of the container:
https://github.com/symfony/symfony/blob/3.4/src/Symfony/Component/DependencyInjection/Dumper/XmlDumper.php#L273
Commits
-------
820da66346 [FrameworkBundle] resolve service locators in `debug:*` commands
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] fix resolving bindings for named TypedReference
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted in https://github.com/symfony/symfony/pull/34769#issuecomment-561064156
Commits
-------
62c227e368 [DI] fix resolving bindings for named TypedReference
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34752
| License | MIT
| Doc PR | -
One more case we forgot 😅
Commits
-------
b6c5a54cfd [DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Use config variable in AnonymousFactory
| Q | A
| ------------- | ---
| Branch? | 4.4 and 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
It looks like the `AnonymousFactory` was copied incorrectly in https://github.com/symfony/symfony/pull/33503 as it uses the old `$firewall` variable available in `SecurityExtension.php`. Changing this to `$config` yields the desired results
Commits
-------
8d850d2da4 When set, get secret from config variable
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Set the parameter bag as resolved in ContainerLintCommand
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/34526, Closes#34767
| License | MIT
| Doc PR | -
Alternative to https://github.com/symfony/symfony/pull/34767, idea by @nicolas-grekas.
Commits
-------
e8d3c2b969 [FrameworkBundle] Set the parameter bag as resolved in ContainerLintCommand
This PR was merged into the 4.3 branch.
Discussion
----------
[MonologBridge] Add test on ServerLogHandler
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
After writing https://github.com/symfony/symfony/pull/34697#issuecomment-559840469 I realized that ServerLogHandler wasn't tested.
Tell me if it's a BugFix and should be rebased on 4.3
Commits
-------
8c7947f827 Add test on ServerLogHandler
* 4.3:
[Messenger] add tests to FailedMessagesShowCommand
Fix the translation commands when a template contains a syntax error
[Security] Fix clearing remember-me cookie after deauthentication
[Validator] Update Slovenian translations
[Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
fix dumping number-like string parameters
Fix CI
[Console] Fix autocomplete multibyte input support
[Config] don't break on virtual stack frames in ClassExistenceResource
more robust initialization from request
This PR was merged into the 3.4 branch.
Discussion
----------
more robust initialization from request
Request::getPort is declared as int|string but can actually return null.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I discovered this problem with a functional test where i dispatch the RequestEvent with a `new Request()`. This used to work in symfony 4 and now triggers an error `Argument 1 passed to Symfony\Component\Routing\RequestContext::setHttpPort() must be of the type int, null given`
In regular web requests, this should probably never happen, but it seems to me if Request is not robust, the RequestContext should be robust about it.
Commits
-------
c6ed0f0208 more robust initialization from request
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBundle] remove service when base class is missing
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
c3a658ac0f remove service when base class is missing
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Http] call auth listeners/guards eagerly when they "support" the request
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34614, Fix#34679
| License | MIT
| Doc PR | -
This fixes the form authenticator linked to #34614.
Since laziness is here to provide compatibility with HTTP caching, it should be disabled when the request cannot be cached.
Tests don't pass yet, but I'm on the path to something here.
The PR now introduces a new `AbstractListener` that splits the handling logic in two:
- `supports(Request): ?bool` is always called eagerly and tells whether the listener matches the request for an earger call or a lazy call
- `authenticate(RequestEvent)` does the rest of the job when `supports()` allows so - lazily or not depending on the return value of `supports()`.
Of course, this remains compatible with non-lazy logics, see `AbstractListener::__invoke()`.
Commits
-------
b20ebe6b90 [Security/Http] call auth listeners/guards eagerly when they "support" the request
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix clearing remember-me cookie after deauthentication
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#26379
| License | MIT
| Doc PR | -
If you are using the `remember_me` listener and the refreshed user is deauthenticated, you are still logged in because the remember-me cookie does not get cleared.
This fixes it.
Commits
-------
d625a73705 [Security] Fix clearing remember-me cookie after deauthentication
