* 4.2: (26 commits)
Apply php-cs-fixer rule for array_key_exists()
[Cache] fix warming up cache.system and apcu
[Security] Change FormAuthenticator if condition
handles multi-byte characters in autocomplete
speed up tests running them without debug flag
[Translations] added missing Croatian validators
Fix getItems() performance issue with RedisCluster (php-redis)
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
IntegerType: reject submitted non-integer numbers
be keen to newcomers
[HttpKernel] Fix possible infinite loop of exceptions
fixed CS
[Validator] Added missing translations for Afrikaans
do not validate non-submitted form fields in PATCH requests
Update usage example in ArrayInput doc block.
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
[Validator] Fixed duplicate UUID
fixed CS
[EventDispatcher] Fix unknown priority
Avoid mutating the Finder when building the iterator
...
* 3.4: (24 commits)
Apply php-cs-fixer rule for array_key_exists()
[Security] Change FormAuthenticator if condition
handles multi-byte characters in autocomplete
speed up tests running them without debug flag
[Translations] added missing Croatian validators
Fix getItems() performance issue with RedisCluster (php-redis)
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
IntegerType: reject submitted non-integer numbers
be keen to newcomers
[HttpKernel] Fix possible infinite loop of exceptions
fixed CS
[Validator] Added missing translations for Afrikaans
do not validate non-submitted form fields in PATCH requests
Update usage example in ArrayInput doc block.
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
[Validator] Fixed duplicate UUID
fixed CS
[EventDispatcher] Fix unknown priority
Avoid mutating the Finder when building the iterator
[Validator] Add the missing translations for the Greek (el) locale
...
This PR was squashed before being merged into the 3.4 branch (closes#30347).
Discussion
----------
[Security] Change FormAuthenticator if condition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30341
| License | MIT
| Doc PR | -
I changed the if condition in `SimpleFormAuthenticationListener` and `UsernamePasswordFormAuthenticationListener` based on the solution provided by @nikic in issue #30341
#OpenSourceFriday
Commits
-------
67ae121b2e [Security] Change FormAuthenticator if condition
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] handles multi-byte characters in autocomplete
fixes#29966
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #29966 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
I used the `mb_ord` to detect whether the amount of bytes read is valid before proceeding. I limit the number of bytes read to 4 before giving up because characters can use at most 4 bytes.
The test passes with or without the fix though.
Commits
-------
47320a63e2 handles multi-byte characters in autocomplete
This PR was merged into the 3.4 branch.
Discussion
----------
Fix getItems() performance issue with RedisCluster (php-redis)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | TBD
| License | MIT
On any kind of multi loads, including tags loading where it's always the case, current code leads to an explosion of Redis lookups affecting performance on RedisCluster _(as it does not support pipeline)_.
This backports the code for mget() usage from 4.x in order to fix it.
It's done with one small improvment which would also be relevant for 4.x, only using pipeline on cluster on predis as mget is more efficient (ref redis doc).
Commits
-------
178506e72c Fix getItems() performance issue with RedisCluster (php-redis)
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fixes the root issue that led to https://github.com/symfony/symfony/pull/30311#issuecomment-466457434
Commits
-------
29a0683107 [VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
On any kind of multi loads, including tags loading, current code leads to
an explosion of Redis lookups slowing down performance.
This backports the code for mget() usage from 4.x in order to fix it.
It's done with one small improvment which would also be relevant for 4.x,
only using pipeline on cluster on predis as mget is more efficient.
This PR was merged into the 4.3-dev branch.
Discussion
----------
[VarDumper] Implement DsCaster
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When dumping the data structures from [Ds extension](http://php.net/manual/en/book.ds.php) Symfony only shows the class name but not the actual data. So in this PR I tried to write a Caster for these data structures.
Map can't be simply casted to array because it can contain objects as keys so I dump the pairs instead.
Commits
-------
eab631fc45 [VarDumper] Implement DsCaster
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix possible infinite loop of exceptions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I ran into an [issue](https://github.com/php-enqueue/enqueue-dev/issues/774) in the enqueue library which copied this part of code from Symfony. I'm now starting to understand what the problem is and it should most likely be fixed in Symfony as well.
I didn't actually run into it in Symfony itself but it seems at least hypothetically possible. Imagine if [here](8c3dc8254a/src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php (L77)) `$e` is somehow the same (===) as `$exception`. The code [below](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php#L82-L92) will then find the last exception in the `getPrevious()` chain and assigns `$exception` as the previous. However in the off chance that `$exception` is actually `$e` (the first exception in the chain) then it creates an infinite loop of exceptions which is not good for monolog and exception handlers.
What do you think?
Commits
-------
3447222b68 [HttpKernel] Fix possible infinite loop of exceptions
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] fix URL generation with look-around requirements
| Q | A
| ------------- | ---
| Branch? | 2.8 up to 4.1 for bug fixes
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10548
| License | MIT
| Doc PR |
If you have a non-catchable pattern in requirements like f.e. a positive lookahead (.+(?=/foo/)), the generator will not accept the parameter as the parameter itself cannot fulfil the requirement, but only matches in the context of the entire path.
This fix looks for lookAround in the path and ignores checking the requirements if any lookAround exists.
Commits
-------
c474451176 [Routing] fix URL generation with look-around requirements
This PR was squashed before being merged into the 4.3-dev branch (closes#28919).
Discussion
----------
[DX][WebProfilerBundle] Add Pretty Print functionality for Request Content
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a ?
## Why?
Quite often when attempting to debug issues with JSON requests sent to a Symfony API, I use the Web Profiler to check the request content. More often than not the request content isn't easily readable (99% of the time it's all stuck on a single line and impossible to read). I always find myself copying + pasting the content into a random online tool to have it "pretty-print" the JSON.
Usually this isn't an issue, but can be annoying when offline. There's also the security issue of sending entire JSON payloads to a third-party server just for formatting 😳. Alternatively, maybe developers copy+paste into their chosen editors and this PR is all a waste of time — I hope not 😛.
## How?
This PR adds "Pretty-Print" JSON functionality straight into the profiler.
We can use `collector.requestheaders` to detect if the request was JSON and conditionally show the Pretty Print button.
When the button is clicked, we format the JSON from the "Request Content" card.
## What does it look like?
Before:
![without-pretty-print](https://user-images.githubusercontent.com/573318/47180751-36b0ce00-d319-11e8-86ed-eb0d78ebcbe3.png)
After:
![pretty](https://user-images.githubusercontent.com/573318/47180763-3c0e1880-d319-11e8-995d-eba565aad827.png)
Non-JSON Requests (unchanged):
![non-json-request](https://user-images.githubusercontent.com/573318/47181080-03227380-d31a-11e8-8cf2-e8b2e8c1a21d.png)
## Things to consider
- Is `JSON.stringify(JSON.parse(content));` the safest, most efficient way to do this?
- Should the "Pretty Print" button be in-line next to the "Request Content" header? I couldn't find a pattern for this sort of thing elsewhere in the profiler.
- Do people want JSON formatted with 4 spaces, would 2 spaces be preferred? Should this be a configuration option stored in localStorage (such as the light/dark theme configuration)?
- Should this be a toggle? E.g. click to pretty print, then click to undo
## Future Improvements
Depending on how this is received it could be extended to support formatting different request content-types (e.g. XML formatting) — I assume.
## Progress
- [x] Gather feedback and decide where to perform the pretty-print: [server-side, or client-side](https://github.com/symfony/symfony/pull/28919#issuecomment-431508361).
*It was decided server-side would be better.*
Commits
-------
9f85103151 [DX][WebProfilerBundle] Add Pretty Print functionality for Request Content
This PR was merged into the 4.3-dev branch.
Discussion
----------
Additional addons for the ghost
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Following #30236 I've prepared two additional addons for the ghost.
The first one will display a plus on February 29, to indicate it's a leap year.
![ghost-plus](https://user-images.githubusercontent.com/35422131/53133091-3730ce00-3572-11e9-89f7-44568d796f7e.png)
The second one will display a gift on October 18, to indicate it's Symfony's birthday.
![ghost-gift](https://user-images.githubusercontent.com/35422131/53133127-5596c980-3572-11e9-8901-704785e235a8.png)
I would just like to point out that the addons are purely for fun, to amuse every hardcoding Symfony developer and offer a chance to smile on these few selected occasions.
Commits
-------
51ed942ef5 Additional addons for the ghost
This PR was squashed before being merged into the 3.4 branch (closes#30243).
Discussion
----------
[Validator] Added missing translations for Afrikaans
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30148
| License | MIT
Added missing translations for Afrikaans
Commits
-------
8a931576d2 [Validator] Added missing translations for Afrikaans
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23343
| License | MIT
| Doc PR | n/a
Fixes the case where the passed input string contains no command name but one or more global (i.e. application-defined) options accepting values.
Commits
-------
46461e91f9 [Console] Prevent ArgvInput::getFirstArgument() from returning an option value
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Complain about an empty decision strategy
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When an empty string is passed (or objects with a similarly behaving `__toString()` method) to the constructor, the call to `decide` causes infinite recursion.
Commits
-------
3a22cad29b Fix infinite recursion when passed an empty string
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Routing] deprecate some router options
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | https://github.com/symfony/symfony/pull/28865#issuecomment-463480970
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
bf4cd6164d [Routing] deprecate some router options
This PR was merged into the 3.4 branch.
Discussion
----------
[EventDispatcher] Fix unknown priority
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Somehow, after #29411 the profiler actually shows the security firewall `ContextListener`.
This listener removes itself at call time, but at this point it's wrapped reference is already in the call stack; to be displayed in the profiler.
Because the wrapped listener lazily collects its priority - it asks it from the dispatcher - we get null; the listener was already removed.
This causes the profiler to render `-` by default:
![image](https://user-images.githubusercontent.com/1047696/50850320-d5c5ee80-1379-11e9-8516-0c6bc54512ce.png)
This fixes it by always passing the expected priority at call time.
Commits
-------
9fb619ac62 [EventDispatcher] Fix unknown priority
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Doc Block: More intuitive usage example in ArrayInput.
Make the ArrayInput doc block example more self-explanatory and less misleading. Show the common use case of having `command`, and replace the confusing `name` argument with something more arbitrary.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The current doc block example for `ArrayInput` seems to imply that the command name goes in as `name`, but this is actually just a random argument, named "name", in this case.
```php
new ArrayInput(['name' => 'foo', '--bar' => 'foobar']);
```
It might be more helpful to provide an example that works with Symfony's `Console` component out of the box, as that is a common use case:
```php
new ArrayInput(['command' => 'foo:bar', 'foo' => 'bar', '--bar' => 'foobar']);
```
Commits
-------
0c8d311657 Update usage example in ArrayInput doc block.
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Form] deprecate using invalid names for buttons
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #28964
| License | MIT
| Doc PR |
Commits
-------
405aa548eb deprecate using invalid names for buttons
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fixed duplicate UUID
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30285
| License | MIT
| Doc PR | N/A
Fixes the `TOO_HIGH_ERROR` constant had the same value in two different constraints: `LessThan` and `LessThanOrEqual`.
Commits
-------
0bd5dd84ef [Validator] Fixed duplicate UUID
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] do not validate non-submitted form fields in PATCH requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11493, #19788, #20805, #24453, #30011
| License | MIT
| Doc PR |
When a form field is not embedded as part of a HTTP PATCH requests, its
validation constraints configured through the `constraints` option must
not be evaluated. The fix from #10567 achieved this by not mapping their
violations to the underlying form field. This however also means that
constraint violations caused by validating the whole underlying data
object will never cause the form to be invalid. This breaks use cases
where some constraints may, for example, depend on the value of other
properties that were changed by the submitted data.
Commits
-------
a60d802619 do not validate non-submitted form fields in PATCH requests
Make the ArrayInput doc block example more self-explanatory and less misleading. Show the common use case of having `command`, and replace the confusing `name` argument with something more arbitrary.