* 5.1:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
[DI] Fix call to sprintf in ServicesConfigurator::stack()
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
Resolve event bubbling logic in a compiler pass
update cookie test
* 5.0:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
update cookie test
* 4.4:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
* 3.4:
Fixed typo in test name
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#36068 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | no
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
`.mp3` files are more common than `.mpga` files.
Commits
-------
76a744ad91 [HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
This PR was merged into the 5.0 branch.
Discussion
----------
[BrowserKit] update cookie test for cookie values with double quotes
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | noâ
| Deprecations? | no
| Tickets | Fix#37161
| License | MIT
| Doc PR | symfony/symfony-docs#
Provide a test for cookie values with double quotes
Commits
-------
a50c660823 update cookie test
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Notifier] Return SentMessage from the Notifier message handler
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | see https://github.com/symfony/symfony/pull/36611#issuecomment-648448026 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR |
Commits
-------
5855d112b7 [Notifier] Return SentMessage from the Notifier message handler
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Support for cURL handler objects
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #37378
| License | MIT
| Doc PR | N/A
Commits
-------
39c1a6373b [VarDumper] Support for cURL handler objects.
This PR was merged into the 4.4 branch.
Discussion
----------
add .body wrapper element
This change makes the notification email responsive.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
There was a wrapper missing from the foundation template.
This wrapper applies all `table.body table.container` styles from the foundation stylesheet
including font's and the responsive rules that were missing.
Commits
-------
5b74bbd288 add .body wrapper element
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Add Notifier SentMessage
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13624
Like Mailer, Notifier returns now a SentMessage that contains the messageId (returned by the provider in the response). It contains also the body of the response as array to have more info about price, number of sms sent, status and so on.
- [x] apply to bridges
Commits
-------
5a6f0537ec Add Notifier SentMessage
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] allow configuring trusted proxies using semantic configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | -
| Tickets | -
| License | MIT
| Doc PR | -
On top of the improved DX this should provide, this PR (and #37351) will allow [removing the corresponding lines](https://github.com/symfony/recipes/pull/790) from `index.php` & recipes.
Using values:
```yaml
framework:
trusted_proxies: '127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
#or
trusted_proxies: '%env(TRUSTED_PROXIES)%'
```
`trusted_headers` is similar but is an array of headers to trust.
```yaml
framework:
# that's the defaults already
trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']
```
Commits
-------
af9dd52752 [FrameworkBundle] allow configuring trusted proxies using semantic configuration
This PR was merged into the 5.1 branch.
Discussion
----------
[Security] Resolve event bubbling of logout + new events in a compiler pass
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37292
| License | MIT
| Doc PR | -
This PR proposes to create a compiler pass that registers listeners on the main `event_dispatcher` on the firewall-specific event dispatcher during compile time. This allows to still specify listener priorities while listening on a bubbled-up event (instead of a fix moment where the event bubbling occurs). It probably also improves performance, as it doesn't use duplicated event dispatching logic to provide event bubbling.
Nothing changes on the user side. I proposed this as a bugfix, as it fixes the bug mentioned in #37292 (not being able to use listener priorities). I did remove a class, which was introduced in 5.1 and is very internal. I think it's safe, but we can also keep it and remove in master.
Commits
-------
f962c26061 Resolve event bubbling logic in a compiler pass
This PR was merged into the 5.2-dev branch.
Discussion
----------
[DI] deprecate Definition/Alias::setPrivate()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
Right now, there is a very subtle difference between `setPublic()` and `setPrivate()` that dates back to the FC/BC layer we created to turn services private by default.
We kept this difference to help third party bundles provide support for a wide range of versions of Symfony, but since 5.2 will be released at the same time as 3.4 will enter EOM, we should remove this behavior and deprecate `setPrivate()` to signal the change.
This is what this PR does.
Commits
-------
1bea690f4d [DI] deprecate Definition/Alias::setPrivate()
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] allow enabling the HTTP cache using semantic configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, using the HTTP cache requires tweaking the `public/index.php` file [as explained in the doc](https://symfony.com/doc/current/http_cache.html).
This PR removes this requirement by allowing one to do this instead:
```yaml
framework:
http_cache: true
```
Commits
-------
56b993ac2e [FrameworkBundle] allow enabling the HTTP cache using semantic configuration
This PR was merged into the 3.4 branch.
Discussion
----------
Avoid accessibility errors on symfony web debug toolbar
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#...
When for example using the [axe](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd) to test the website for accessibility. Axe will fail because a div element without a role or a parent [landmark](https://www.w3.org/TR/wai-aria-practices/examples/landmarks/HTML5.html) is rendered. To avoid this errors I think we should define it as a specific region.
Commits
-------
223b405168 Avoid accessibility errors on debug toolbar
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] changed configuration file for messenger from xml to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37186
| License | MIT
Use `messenger.php` instead of `messenger.xml` and `messenger_debug.php` instead of `messenger_debug.php`
Commits
-------
571a49873e [FrameworkBundle] changed configuration file for messenger from xml to php
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] convert config/serializer.xml to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Part of #37186
| License | MIT
Hello!
This PR contains a new configuration file `serializer.php` instead of `serializer.xml`.
Commits
-------
62e9788599 make priority integers & fix test checking definition to be private
25df2de0a6 [FrameworkBundle] convert config/serializer.xml to php
* This removes duplicate event dispatching logic on event bubbling, which
probably improves performance.
* It allows to still specify listener priorities while listening on a
bubbled-up event (instead of a fix moment where the event bubbling occurs)
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Let security factories add firewall listeners
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | n/a
Hello there, I'm the author of `scheb/two-factor-bundle`, which extends Symfony's security layer with two-factor authentication. I've been closely following the recent changes by @wouterj to rework the security layer with "authenticators" (great work!). While I managed to make my bundle work with authenticators, I see some limitations in the security layer that I'd like to address to make such extensions easier to implement.
With the new authenticator-based security system, it is no longer possible to add a authentication listener to the firewall. The only way to do it is a dirty compiler pass, which extends the argument on the `security.firewall.map.context.[firewallName]` service (like I do in: ed2ce9804b/src/bundle/DependencyInjection/Compiler/AccessListenerCompilerPass.php). This is quite ugly and hacky, so I believe there should be an easier and clean way to add firewall-level listeners. This PR adds an interface, which may be implemented by security factories and lets them add additional listeners to the firewall.
Why would you want to do that? There are certain use-cases that require extra logic to handle a request within the firewall. For example in my bundle, I need to handle the intermediate state between login and the completion of two-factor authentication. So ideally, I'm able to execute some code from the firewall right before `Symfony\Component\Security\Http\Firewall\AccessListener`. In the old security system, I could handle this in my authentication listener, which I had to implement anyways. With the new authenticator-based system this option is gone. In the ideal world, I could add a firewall listener and tell it to execute between `LogoutListener` and `AccessListener`.
This is a draft, so I'd like to hear your opinion on this :)
There's another issue, regarding the order of execution, which I'm addressing with #37337.
Commits
-------
0a4fcea8db Add interface to let security factories add their own firewall listeners
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Add attributes on Passport
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | not yet
see https://github.com/symfonycorp/connect/pull/95
/cc @wouterj
Commits
-------
440ada3c5f [Security] Add attributes on Passport
This PR was merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Fix UserCheckerListener registration with custom user checker
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37365
| License | MIT
| Doc PR | -
The user checker listener was wrongly registered on the global event dispatcher, as it can be customized per firewall. This PR fixes that + correctly uses the configured user checker instead of always trying to use `UserCheckerInterface`.
Commits
-------
d63f59036c Fix UserCheckerListener registration with custom user checkers
* 5.1:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
* 5.0:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
* 4.4:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Part pf #37186
| License | MIT
| Doc PR | -
Commits
-------
1132d404b0 Move configuration to PHP
This PR was merged into the 3.4 branch.
Discussion
----------
Added Unit tests for php 8 union types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
The missing test cases for #37340.
Commits
-------
2ca8ecdb74 Added Unit tests for php 8 union types.
* 5.1: (28 commits)
[DI] fix
Use "composer/package-versions-deprecated" when possible
Fix
Small update in our internal terminology
Fix support for PHP8 union types
[VarDumper] fix typo
[Lock][Messenger] Fix precedence of DSN options for 5.1
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
Remove unnecessary null check
[HttpFoundation] Allow `null` in InputBag@set
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
Fix package rename when releasing
bumped Symfony version to 5.1.3
updated VERSION for 5.1.2
updated CHANGELOG for 5.1.2
...
This PR was merged into the 5.1 branch.
Discussion
----------
[5.1] Fix support for PHP8 union types
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Same as #37340 for 5.1
Commits
-------
dd1b61703f Fix support for PHP8 union types
* 5.0:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
* 4.4:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fix precedence of DSN options for 4.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/37218#discussion_r438779225
| License | MIT
| Doc PR | N/A
This PR fix précédence of DSN options over constructor options in all component on branch 4.4
Commits
-------
992205a759 Fix precendence in 4.4
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Lock][Messenger] Fix precedence of DSN options for 5.1
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/37218#discussion_r438779225
| License | MIT
| Doc PR | N/A
This PR fix précédence of DSN options over constructor options in all component on branch 5.1
Commits
-------
9670e9ff06 [Lock][Messenger] Fix precedence of DSN options for 5.1