* 3.4:
[Bridge\Doctrine][FrameworkBundle] Deprecate some remaining uses of ContainerAwareTrait
[FrameworkBundle] Fix bad interface hint in AbstractController
[VarDumper] deprecate MongoCaster
[HttpFoundation] deprecate using with the legacy mongo extension; use it with the mongodb/mongodb package and ext-mongodb instead
Fix BC layer
Reset profiler.
[DI] Improve some deprecation messages
[DI] remove inheritdoc from dumped container
[Config] Fix dumped files invalidation by OPCache
[Security] Add Guard authenticator <supports> method
[Cache] Fix race condition in TagAwareAdapter
[DI] Allow setting any public non-initialized services
[Yaml] parse references on merge keys
treat trailing backslashes in multi-line strings
[FrameworkBundle] Expose dotenv in bin/console about
fix refreshing line numbers for the inline parser
fix version in changelog
[FrameworkBundle] Make Controller helpers final
[DoctrineBridge] Deprecate DbalSessionHandler
This PR was squashed before being merged into the 3.4 branch (closes#24438).
Discussion
----------
[Session][VarDumper] Deprecate accepting legacy mongo extension
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The old ext-mongo is deprecated and does not work with PHP 7. See http://php.net/manual/en/mongo.setup.php
People should use mongodb/mongodb and ext-mongodb instead. This deprecates functionality using the old ext-mongo classes.
Commits
-------
d535ff60c2 [VarDumper] deprecate MongoCaster
6651af07c2 [HttpFoundation] deprecate using with the legacy mongo extension; use it with the mongodb/mongodb package and ext-mongodb instead
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Add Guard authenticator <supports> method
This method will be called before starting an authentication against a guard authenticator.
The authentication will be tried only if the supports method returned `true`
This improves understanding of code, increase consistency and removes responsability for `getCredentials` method to decide if the current request should be supported or not.
| Q | A |
| --- | --- |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | yes |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | none |
| License | MIT |
| Doc PR | |
Commits
-------
78eecba780 Fix BC layer
a7a6f8a678 [Security] Add Guard authenticator <supports> method
This method will be called before starting an authentication against a guard authhenticator.
The authentication will be tried only if the supports method returned <true>
This improves understanding of code, increase consistency and removes responsability for <getCredentials> method
To decide if the current request should be supported or not.
* 3.4:
[FrameworkBundle] Register a NullLogger from test kernels
[SecurityBundle] Deprecate auto picking the first provider
[Security] Add user impersonation support for stateless authentication
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Deprecate auto picking the first provider
when no provider is explicitly configured on a firewall
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see comment below -->
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | yes <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | https://symfony-devs.slack.com/archives/C3A2XAQ20/p1506626210000345 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
From @Pierstoval on Slack:
> Hey, guys, I learnt a few days ago that if you don't specify a user provider in a firewall configuration, the security will use the first one in the list. Don't anyone think specifying the user provider should be mandatory ? Or at least mandatory if we have more than one provider registered?
- [x] UPGRADE files
- [x] CHANGELOG
- [x] Fix other tests
- [x] Removal PR #24380
Commits
-------
2d1e3347a6 [SecurityBundle] Deprecate auto picking the first provider
* 3.4:
Moved PhpExtractor and PhpStringTokenParser to Translation component
[Asset] Provide default context
[HttpKernel] Deprecate some compiler passes in favor of tagged iterator args
Add exclusive Twig namespace for bundles path
Share connection factories between cache and lock
* 3.4:
[PhpUnitBridge] Added a CoverageListener to enhance the code coverage report
Add a method to check if any results were found
[SecurityBundle] Deprecate ACL related code
[FrameworkBundle] Enable assets with templates only if the Asset component is installed
* 3.4:
Passing the newly generated security token to the event during user switching.
Fix changelog and minor tweak for #23485
[Config] extracted the xml parsing from XmlUtils::loadFile into XmlUtils::parse
[Security][SecurityBundle] Deprecate the HTTP digest auth
add ability to configure catching exceptions
Extract method refactoring for ResourceCheckerConfigCache
This PR was squashed before being merged into the 3.4 branch (closes#24239).
Discussion
----------
[HttpFoundation] Deprecate compatibility with PHP <5.4 sessions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR removes functionality added in Symfony 2.1 as a compatibility layer with sessions from PHP <5.4.
- [x] Fix tests
Commits
-------
3deb3940ab [HttpFoundation] Deprecate compatibility with PHP <5.4 sessions
* 3.4:
[DI] Turn services and aliases private by default, with BC layer
[WebProfiler] Fix z-index for pinned AJAX block
Require v3.4+ of the var-dumper component
* 3.4:
Do not display short exception trace for built-in console exceptions
Deprecated the web_profiler.position option
[DI] rename ResolveDefinitionTemplatesPass to ResolveChildDefinitionsPass
Throw a meaningful exception when an undefined user provider is used inside a firewall
[DI] Allow processing env vars
* 3.4:
[3.4][DI] Inline trivial services
sync upgrade file for Symfony 4.0 between branches
Fix ability to deprecate a config node
[DI] Minor fix in dumped code
[Console] Display file and line on Exception
Fix deprecations regarding core commands registered as services
#24046 added check for ext-dom to XmlUtil::loadFile
This PR was merged into the 3.4 branch.
Discussion
----------
sync upgrade file for Symfony 4.0 between branches
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
5c030dd240 sync upgrade file for Symfony 4.0 between branches
This PR was merged into the 3.4 branch.
Discussion
----------
Fix deprecations regarding core commands registered as services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23624#discussion_r131979501
| License | MIT
| Doc PR | n/a
Current deprecation messages can be confusing (see fixed ticket), this improves them and adds a bunch of missing CHANGELOG/UPGRADE entries on the same topic
Commits
-------
4659975944 Fix deprecations regarding core commands registered as services
* 3.4:
[HttpKernel] Deprecate EnvParametersResource
[Lock] Check TTL expiration in lock acquisition
Fix race condition in tests between cache and lock
Improved how links are displayed in exception messages