This PR was submitted for the 5.x branch but it was squashed and merged into the 4.4 branch instead.
Discussion
----------
Symfony Armenian Translations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38724
| License | MIT
| Doc PR | -
Commits
-------
93fe4a213e Symfony Armenian Translations
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Framework] Add tag assets.package to register asset packages
Replaces #38366
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#14962
To configure asset packages in an application, we have to declare it in the `framework` configuration ([doc for assets config](https://symfony.com/doc/current/reference/configuration/framework.html#assets)). In some case we cannot use this configuration:
- To use a custom class as package
- To register an asset package in a shared bundle (my use-case).
This PR adds the `assets.package` tag. This tag is use to collect and inject package services into the `assets.packages` service, that is the registry for all packages. Since every package needs a name, the `package` attribute of the tag is used (same naming convention that the `console.command` tag).
Main changes:
- the packages defined in the `framework.assets` configuration are injected into the `assets.packages` using the tag instead of being directly injected in service declaration.
- changed signature of `Symfony\Components\Assets\Packages` constructor to accept an iterator (backward compatible).
- a new alias `assets._default_package` is defined even if assets are not configured.
### Example in `symfony/demo` ([commit](e5e5a8fff0...GromNaN:assets-package-tag)):
In `config/services.yaml`:
```yaml
avatar.strategy:
class: Symfony\Component\Asset\VersionStrategy\JsonManifestVersionStrategy
arguments:
- '%kernel.project_dir%/public/build/manifest.json'
avatar.package:
class: Symfony\Component\Asset\Package
arguments:
- '@avatar.strategy'
- '@assets.context'
tags:
- { name: assets.package, package: avatars }
```
Then we can use the package anywhere
```twig
<img src="{{ asset('anna.jpg', 'avatars') }}">
```
### Alternative using autoconfiguration with a custom class:
With a custom class implementing the `PackageInterface`, the package name can be provided by a the static method `getDefaultPackageName`. Autowiring and autoconfiguration will import the package.
```php
namespace App\Asset;
use Symfony\Component\Asset\PackageInterface;
class AvatarPackage implements PackageInterface
{
public static function getDefaultPackageName(): string
{
return 'avatars';
}
// ... Implements the interface
}
```
Commits
-------
6217ff7b6f [Asset] Add tag assets.package to register asset packages
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Serializer] Allow to provide (de)normalization context in mapping
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39039 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | TODO <!-- required for new features -->
As explained in the linked feature request, this brings the ability to configure context on a per-property basis, using Serializer mapping.
Considering:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' })
*/
public \DateTime $date;
public \DateTime $anotherDate;
}
```
`$date` will be formatted with a specific format, while `$anotherDate` will use the default configured one (or the one provided in the context while calling `->serialize()` / `->normalize()`).
It can also differentiate normalization and denormalization contexts:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context(
* normalizationContext = { DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' },
* denormalizationContext = { DateTimeNormalizer::FORMAT_KEY = \DateTime::COOKIE },
* )
*/
public \DateTime $date;
}
```
As well as act differently depending on groups:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Groups({ "extended" })
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339 })
* @Serializer\Context(
* context = { DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339_EXTENDED },
* groups = {"extended"},
* )
*/
public \DateTime $date;
}
```
The annotation can be repeated as much as you want to handle the different cases.
Context without groups is always applied first, then context for groups are merged in the provided order.
Context provided when calling `->serialize()` / `->normalize()` acts as the defaults for the properties without context provided in the metadata.
XML mapping (see tests) is a lot verbose due to the required structure to handle groups.
Such metadata contexts are also forwarded to name converters, max depth handlers, callbacks, ...
Of course, PHP 8 attributes are also supported:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
#[Serializer\Groups(["extended"])]
#[Serializer\Context([DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339])]
#[Serializer\Context(
context: [DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339_EXTENDED],
groups: ["extended"],
)]
public \DateTime $date;
}
```
The PR should be ready for first batch of reviews / discussions.
- [x] Make Fabbot happy in 5.2
- [x] Missing `@Context` unit tests
- [x] rework xml & phpize values
- [x] Fix lowest build issue with annotations => bumped doctrine annotations to 1.7, as for other components
Commits
-------
7229fa1d8f [Serializer] Allow to provide (de)normalization context in mapping
This PR was merged into the 4.4 branch.
Discussion
----------
[PropertyInfo] use the right context for properties defined in traits
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28732, #34191
| License | MIT
| Doc PR |
Commits
-------
1572491a8a use the right context for properties defined in traits
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Translation] Allow using dashes in locale when linting Xliff files
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fixes#40170
| License | MIT
| Doc PR | n/a
This pull request
* [x] asserts that the `XliffLintCommand` succeeds linting an Xliff file where both the the target language and the locale in the file name use dashes as separators
* [x] adjusts the `XliffLintCommand` to allow using the same value for target language and locale in the corresponding file name
Commits
-------
d106aa3f2d [Translation] Allow using dashes in locale when linting Xliff files
* 5.2:
[Workflow] Re-add InvalidTokenConfigurationException for BC
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
[HttpFoundation] Fix typo in exception message
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
[Worflow] Fixed GuardListener when using the new Security system
keep valid submitted choices when additional choices are submitted
* 4.4:
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
keep valid submitted choices when additional choices are submitted
This PR was merged into the 5.2 branch.
Discussion
----------
[Workflow] Re-add InvalidTokenConfigurationException for BC
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Reverts the BC breaking part of #39671
Commits
-------
b596568db9 [Workflow] Re-add InvalidTokenConfigurationException for BC
This PR was merged into the 5.2 branch.
Discussion
----------
[Worflow] Fixed GuardListener when using the new Security system
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39505
| License | MIT
| Doc PR |
Commits
-------
bd26a79461 [Worflow] Fixed GuardListener when using the new Security system
This PR was merged into the 4.4 branch.
Discussion
----------
Fix: Article
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] fixes usages of the indefinite article `a` where `an` should be used instead
Commits
-------
34b320ba97 Fix: Article
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix PHP 8.1 null error for preg_match flag
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since PHP 8.1, `null` is no longer accepted as `$flags` in `preg_match`, default integer `0` value should be used instead.
Commits
-------
52f02e529a [Console] Fix PHP 8.1 null error for preg_match flag
This PR was merged into the 5.3-dev branch.
Discussion
----------
Fix package name
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Fix Package name as the Bridge is named `SpotHit` and not `Spothit`.
Commits
-------
5f8c736303 Fix package name
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PasswordHasher] Fix: Use algorithm instead of algo
| Q | A
| ------------- | ---
| Branch? | 5.5
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] renames fields, variables, and parameters using `algos` or `algo` (which appear to be entirely made-up words) to `algorithms` and `algorithm` respectively
Commits
-------
a4dd14b478 Fix: Use algorithm instead of algo
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PasswordHasher] Fix: Run 'php-cs-fixer fix'
| Q | A
| ------------- | ---
| Branch? | 5.5
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] runs `php-cs-fixer fix` in `src/Symfony/Component/PasswordHasher`
💁♂️ I do not know who or what enforces coding standard issues in this repository, but after opening a few pull requests in this repository, I noticed that `fabbot.io` repeatedly reports coding standard violations that are unrelated to the proposed changes. As an experiment I ran
```
$ php-cs-fixer fix
```
on the entire repository and found a lot of issues. Not sure, would you not prefer to have these fixed?
Since the `PasswordHasher` component was only recently extracted, I assume it is safe to propose to run `php-cs-fixer fix` at least on this newly introduced component.
Commits
-------
2102170e43 Fix: Run 'php-cs-fixer fix'
This PR was submitted for the 5.x branch but it was merged into the 4.4 branch instead.
Discussion
----------
[DependencyInjection] Definition::removeMethodCall should remove all matching calls
It would only remove the first match, leaving the other method call(s) there to exist. This leads to unexpected situations.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR |
I found out that `Definition::removeMethodCall` only removes the first method call and stops. It should remove all method calls named `$method`.
Commits
-------
944ba23b58 Definition::removeMethodCall should remove all matching calls
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Deprecate session.storage service
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | TODO
Following the deprecation of `session` service, this PR deprecate other services that contains state: `session.storage`
- `session.storage`
- `session.storage.native`, `session.storage.php_bridge` and `session.storage.mock_file`
- `session.storage.metadata_bag`
Because people can inject / decorate override all these services, providing a migration path like I did with `session` would have been very hard. That's why, I added a new `opt-in` flag:
When people use `framework.session: true` or `framework.session.storage_id` the previous behavior is kept and deprecation are triggered when accessing the services.
But when people use the new `framework.session.storage_factory_id` configuration, the previous services (`session.storage.*`) are deleted (in case people would try to inject the legacy `session.storage*` services and would have expect to manipulate the same objects as the object injected in the session)
Commits
-------
37c591516a Deprecate session.storage
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Negated (not:) env var processor
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? |no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | symfony/symfony-docs#14976
This little PR suggests a `not:` env var processor (in a perfect world, I would name it `!:` but only words are accepted as prefixes 🙃)
Goal is to _negate_ a boolean env variable.
Example usage:
```bash
FOO=yes
BAR=off
```
```yaml
# config/services.yaml
parameters:
not_foo: '%env(not:FOO)%' # false
not_bar: '%env(not:BAR)%' # true
```
I'm thinking of this for this kind of usages:
- `some_prod_related_stuff: '%env(not:APP_DEBUG)%'`
- `enabled: '%env(not:bool:key:disabled:query_string:SOME_DSN)%'`
~~Processor raises an exception when preceding resolved value is not a boolean.~~
This processor allows any truthy/falsy values, like `bool:`.
Thank you,
Ben
Commits
-------
56545fd270 [DependencyInjection] Negated (not:) env var processor
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Extract password hashing from security-core - with proper wording
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#39698
| License | MIT
| Doc PR | todo
This PR renames password "encoders" to password _hashers_ (naming widely used, see e.g. django or laravel).
This also takes the opportunity to extract the logic related to password hashing from security-core, moving it to a new password-hasher component.
Nowadays, many modern web apps and APIs don't deal with passwords at all, that's why splitting makes sense as a step towards making security-core not tied to the password concept.
For upgrading, applications will have to use `passwords_hashers` instead of `encoders` in their security configuration, and type-hint against `PasswordHasherInterface` (and related) instead of `PasswordEncoderInterface`.
The proposed API is not much different from the encoder one regarding behavior and signatures, and it is slightly more close to the PHP built-in password hashing API:
```php
namespace Symfony\Component\PasswordHasher;
interface PasswordHasherInterface
{
public function hash(string $plainPassword): string;
public function verify(string $hashedPassword, string $plainPassword): bool;
public function needsRehash(string $hashedPassword): bool;
}
```
Commits
-------
c5c981c559 [Security] Extract password hashing from security-core - using the right naming
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] mark the LazyIterator class as internal
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/40040#discussion_r575127254
| License | MIT
| Doc PR |
Commits
-------
4a2c996b95 mark the LazyIterator class as internal
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[HttpFoundation] Fix typo in exception message
| Q | A
| ------------- | ---
| Branch? | 5.2 for bug fixes
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Commits
-------
2248af5857 [HttpFoundation] Fix typo in exception message
* 5.2:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used
* 4.4:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used