This PR was squashed before being merged into the 4.3-dev branch (closes#30901).
Discussion
----------
Renamed NotPwned to NotCompromisedPassword
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | -
| License | MIT
| Doc PR | -
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
2f648b04ae Renamed NotPwned to NotCompromisedPassword
* 4.2: (45 commits)
[Form] various minor fixes
Ensure the parent process is always killed
bugfix: the terminal state was wrong and not reseted
[Console] Fix inconsistent result for choice questions in non-interactive mode
Define null return type for Constraint::getDefaultOption()
[Routing] Fix: annotation loader ignores method's default values
[HttpKernel] Fix DebugHandlersListener constructor docblock
Skip Glob brace test when GLOB_BRACE is unavailable
bumped Symfony version to 4.2.6
updated VERSION for 4.2.5
updated CHANGELOG for 4.2.5
bumped Symfony version to 3.4.25
updated VERSION for 3.4.24
update CONTRIBUTORS for 3.4.24
updated CHANGELOG for 3.4.24
[EventDispatcher] cleanup
fix testIgnoredAttributesInContext
Re-generate icu 64.1 data
Improve PHPdoc / IDE autocomplete for config tree builder
[Bridge][Twig] DebugCommand - fix escaping and filter
...
* 3.4:
[Form] various minor fixes
bugfix: the terminal state was wrong and not reseted
[Console] Fix inconsistent result for choice questions in non-interactive mode
Define null return type for Constraint::getDefaultOption()
[HttpKernel] Fix DebugHandlersListener constructor docblock
Skip Glob brace test when GLOB_BRACE is unavailable
bumped Symfony version to 3.4.25
updated VERSION for 3.4.24
update CONTRIBUTORS for 3.4.24
updated CHANGELOG for 3.4.24
[EventDispatcher] cleanup
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Php doc fixes and cs + optimizations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Some micro optimizations may target master with some profiling but I would like some reviews first. Thanks!
Commits
-------
56429a6f08 [Form] various minor fixes
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Ensure message is handled only once per handler
Add check to ensure that a message is only handled once per handler
Add try...catch to run all handlers before throwing exception
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? |no
| Tests pass? | yes
| Fixed tickets | #27215
| License | MIT
| Doc PR | Todo
This would make error handling and retrying of messages much more easier. As statet here https://github.com/symfony/symfony/pull/27008#issuecomment-384677065 there is currently no way to retry a for all failed handlers if there are mutliple handlers and just some throw an exception.
Also if an Exception in an handler occurs the execution chain is disrupted and the other handlers are never invoked.
With this change it is easily possible to create an userland middleware that catches the `ChainedHandlerFailedException` and does some custom retry logic. If you ensure that the `HandledStamps` on the `Envelope` are preserved the message will be handled just by the failed handlers
Commits
-------
2e5e910229 Rename exception, add change log and a few other things
e6e4cde5fc Ensure message is handled only once per handler
This PR was merged into the 4.3-dev branch.
Discussion
----------
[messenger] Adds a stamp to provide a routing key on message publishing
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29950
| License | MIT
| Doc PR | symfony/symfony-docs#11236
Adds a stamp allowing to set a `routing_key` at `MessageBus::dispatch()` level.
```php
$message = (new Envelope('message'))->with(new RoutingKeyStamp('routing_key'));
$bus->dispatch($message);
```
Commits
-------
a515635f18 Simply code and rename "configuration" to "options"
3151b54b7a [messenger] AMQP configurable routing key & multiple queues
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Workflow] Fixed initial places when no places are configured
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? |
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
EUFOSSA
I introduced a BC break in #30468 and this PR fix it.
With the full stack framework, when one does not configure the
initial_place(s) the DIC set `[]` for the initial values.
So it removes the initials values guessed in `Definition::addPlace()`
Commits
-------
76fd9c35b7 [Workflow] Fixed initial places when no places are configured
I introduced a BC break in #30468 and this PR fix it.
With the full stack framework, when one does not configure the
initial_place(s) the DIC set `[]` for the initial values.
So it removes the initials values guessed in `Definition::addPlace()`
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Make MessengerPass less strict when auto-register handlers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | not needed
This allows you to auto-register handlers that have more than one argument, which is useful when having custom middleware to pass more parameters.
#symfonyconhackday2018
Commits
-------
49ab2cd9d9 Make MessengerPass less strict when auto-register handlers
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix stty not reset when aborting in QuestionHelper::autocomplete()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #30861 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | none
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
f54389b95c bugfix: the terminal state was wrong and not reseted
If you try to run the test suite but do not have a redis instance
running, the parent process that was supposed to be killed will never be
as the thing being thrown is not an exception.
This results in the test suite hanging forever at the end.
In this patch, the exception is thrown again, and then caught in the trait, and
the parent gets killed as it should.
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] test DoctrineTransport on travis and appveyor
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes ? WIP
| Fixed tickets |
| License | MIT
| Doc PR |
Currently tests on the `Symfony\Component\Messenger\Tests\Transport\Doctrine\DoctrineIntegrationTest` are skipped because there is no `MESSENGER_DOCTRINE_DSN` environment variable is not defined.
This PR update the travis and AppVeyor configuration to run these tests.
This is a WIP. I'm not a Travis/AppVeyor user so this clearly need more work
Commits
-------
8f81f55a46 [Messenger] test DoctrineTransport on travis and appveyor
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Fixed DIC config when the messenger is not installed
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
EUFOSSA
---
Fix:
```
In getConsole_Command_MessengerStopWorkersService.php line 9:
Attempted to load class "StopWorkersCommand" from namespace "Symfony\Component\Messenger\Command".
Did you forget a "use" statement for another namespace?
```
Commits
-------
292021b146 [Messenger] Fixed DIC config when the messenger is not installed
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Add a "in-memory://" transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29040
| License | MIT
| Doc PR | Todo
Add a new `InMemoryTransport` for test purpose, usable by starting your DSN by `in-memory://`
Commits
-------
8f8c82e009 Make the in-memory transport resettable
fe759205c5 Add a "null://" transport
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpClient] logger integration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #30502 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
Commits
-------
26d15c8bbe [HttpClient] log requests, responses and pushes when they happen
fc6ba7efad [HttpClient] logger integration
This PR was squashed before being merged into the 4.3-dev branch (closes#30757).
Discussion
----------
[Messenger] Adding MessageCountAwareInterface to get transport message count
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | symfony/symfony-docs#11236
This adds a new optional interface that receivers should implement to give an approximate number of the messages "waiting" to be handled. Why? Because, with this, you could design a system that dynamically adds/removes worker processes if a specific transport is getting slammed and needs help. Creating that system could be something we discuss for core later, but this at least makes it possible - and means it could be implemented by the user or in a bundle... which I might do if we don't get it in core ;).
Commits
-------
fc5b0cf570 [Messenger] Adding MessageCountAwareInterface to get transport message count
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpKernel][Framework] Locale aware services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Added a `LocaleAwareInterface` (and also a new service tag `kernel.locale_aware`) to be implemented on services that require the current locale at request time.
Also, refactored the actual Translator service to implement the overmentioned interface
Todo :
* [ ] Documention PR (will be written after some feedback)
Commits
-------
b9ac645d8b Locale aware service registration
This PR was squashed before being merged into the 4.3-dev branch (closes#29306).
Discussion
----------
[DomCrawler] Optionally use html5-php to parse HTML
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | WIP
| Fixed tickets | https://github.com/symfony/symfony/issues/29280, https://github.com/symfony/symfony/issues/28596
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/10700
This PR introduces the possibility to parse HTML content in the Crawler using the html5-php library (https://github.com/Masterminds/html5-php). This allows for better support of HTML5 and fix many unexpected behaviors and inconsistencies of the native DOM extension.
Commits
-------
4050ec4257 [DomCrawler] Optionally use html5-php to parse HTML
This PR was squashed before being merged into the 4.3-dev branch (closes#30255).
Discussion
----------
[DependencyInjection] Invokable Factory Services
| Q | A
| ------------- | ---
| Branch? | `master`
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#11014
> Failing test is in the Twig bridge, and outside of the the scope of this PR.
Allow referencing invokable factory services, just as route definitions reference invokable controllers.
This functionality was also added for service configurators for consistency.
## Example
```php
<?php
namespace App\Factory;
class ServiceFactory
{
public function __invoke(bool $debug)
{
return new Service($debug);
}
}
```
```yaml
services:
App\Service:
# Prepend with "@" to differentiate between service and function.
factory: '@App\Factory\ServiceFactory'
arguments: [ '%kernel.debug%' ]
```
```xml
<?xml version="1.0" encoding="UTF-8" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/serviceshttp://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
<!-- ... -->
<service id="App\Service"
class="App\Service">
<factory service="App\Factory\ServiceFactory" />
</service>
</services>
</container>
```
```php
<?php
use App\Service;
use App\Factory\ServiceFactory;
use Symfony\Component\DependencyInjection\Reference;
$container->register(Service::class, Service::class)
->setFactory(new Reference(ServiceFactory::class));
```
Commits
-------
23cb83f726 [DependencyInjection] Invokable Factory Services
This PR was merged into the 4.3-dev branch.
Discussion
----------
[PropertyInfo] Use a single cache item per method
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29977
| License | MIT
| Doc PR | none
Replaces https://github.com/symfony/symfony/pull/30523 with a rebase to master.
This PR changes how property metadata is cached, significantly reducing the number of calls made between PHP and the backend cache. Instead of storing one cache item per method and set of arguments, a single cache item is stored per method. This matches well with real-world use, where most properties in an object will need to be inspected.
Note that the absolute numbers in the above PR are best case. In production environments where memcache is on a remote server, we were seeing multiple seconds consumed by memcache calls.
Commits
-------
2a4f8a11d4 [PropertyInfo] Use a single cache item per method
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpClient] Add ScopingHttpClient::forBaseUri() + tweak MockHttpClient
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This allows creating scoped HTTP clients in one line:
```php
$client = ScopingHttpClient::forBaseUri($client, 'http://example.com');
```
`$client` now resolves relative URLs using the provided base URI.
If one also adds default options as 3rd argument, these will be applied conditionally when a URL matching the base URI is requested.
This PR also tweaks `MockHttpClient` to make it return `MockResponse` on its own when no constructor argument is provided, easing tests a bit.
Commits
-------
2b9b8e5707 [HttpClient] Add ScopingHttpClient::forBaseUri() + tweak MockHttpClient
This PR was merged into the 4.3-dev branch.
Discussion
----------
[FrameworkBundle] fix HttpClient integration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
HttpClient should be an optional dep.
Fixes compat of SecurityBundle 4.2 with FrameworkBundle 4.3 as spotted by the CI.
Commits
-------
3e7a47c0bf [FrameworkBundle] fix HttpClient integration
This PR was merged into the 4.3-dev branch.
Discussion
----------
[RouterDebugCommand] add link to Controllers
| Q | A
| ------------- | ---
| Branch? | master for features
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Adds a link to the controller method on your IDE from dev's terminal:
<img width="734" alt="pr-debug-router" src="https://user-images.githubusercontent.com/29813575/54141007-1f3bc400-4425-11e9-82d0-1b37498d4953.png">
Configuration in your `services.yaml`:
```yaml
parameters:
debug.file_link_format: phpstorm://open?file=%%f&line=%%l
```
Commits
-------
e9fca21d6b [RouterDebugCommand] add link to Controllers
This PR was merged into the 4.3-dev branch.
Discussion
----------
[DI] Add support for "wither" methods - for greater immutable services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/10991
Let's say we want to define an immutable service while still using traits for composing its optional features. A nice way to do so without hitting [the downsides of setters](https://symfony.com/doc/current/service_container/injection_types.html#setter-injection) is to use withers. Here would be an example:
```php
class MyService
{
use LoggerAwareTrait;
}
trait LoggerAwareTrait
{
private $logger;
/**
* @required
* @return static
*/
public function withLogger(LoggerInterface $logger)
{
$new = clone $this;
$new->logger = $logger;
return $new;
}
}
$service = new MyService();
$service = $service->withLogger($logger);
```
As you can see, this nicely solves the setter issues.
BUT how do you make the service container create such a service? Right now, you need to resort to complex gymnastic using the "factory" setting - manageable for only one wither, but definitely not when more are involved and not compatible with autowiring.
So here we are: this PR allows configuring such services seamlessly.
Using explicit configuration, it adds a 3rd parameter to method calls configuration: after the method name and its parameters, you can pass `true` and done, you just declared a wither:
```yaml
services:
MyService:
calls:
- [withLogger, ['@logger'], true]
```
In XML, you could use the new `returns-clone` attribute on the `<call>` tag.
And when using autowiring, the code looks for the `@return static` annotation and turns the flag on if found.
There is only one limitation: unlike services with regular setters, services with withers cannot be part of circular loops that involve calls to wither methods (unless they're declared lazy of course).
Commits
-------
f455d1bd97 [DI] Add support for "wither" methods - for greater immutable services
This PR was merged into the 4.3-dev branch.
Discussion
----------
[FrameworkBundle] change the way http clients are configured by leveraging ScopingHttpClient
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR allows configuring scoped HTTP clients ("scoped_clients" replaces the previous "clients" options):
```yaml
framework:
http_client:
max_host_connections: 4
default_options:
# ...
scoped_clients:
github_client:
base_uri: https://api.github.com
headers:
Authorization: token abc123
# ...
```
The base URI is turned into a scoping regular expression so that the token will be sent only when the `github_client` service is requesting the corresponding URLs.
When the base URI is too restrictive, the `scope` option can be used explicitly to define the regexp that URLs must match before any other options are applied.
~All defined scopes are passed to a new `scoping_http_client` service, that can be used to hit endpoints with authentication pre-configured for several hosts. Its named autowiring alias is `HttpClientInterface $scopingClient` (this cannot be done with `http_client` as we want safe defaults, e.g. credentials should not be used implicitly when writing webhooks/crawlers.)~
Commits
-------
f1a26b9aea [FrameworkBundle] change the way http clients are configured by leveraging ScopingHttpClient
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpClient][Contracts] rename "raw_headers" to "response_headers"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
A preliminary step before adding the `request_headers` info on responses to ease debugging.
Commits
-------
0b21268bf5 [HttpClient][Contracts] rename "raw_headers" to "response_headers"
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Form] Add file links for described classes in debug:form command
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
![debug_form_file_link](https://user-images.githubusercontent.com/2028198/55357775-d1eac980-549b-11e9-8aa8-500aee629753.png)
Commits
-------
dcba01d212 Add file links for described classes
This PR was merged into the 4.3-dev branch.
Discussion
----------
New PHPUnit assertions for the WebTestCase
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | replaces #29990
| License | MIT
| Doc PR | n/a
While reviewing #29990, and working on some tests, I realized that we could do better by adding PHPUnit constraint classes in various components that are then used in WebTextCase.
**Before**
```php
<?php
namespace App\Tests;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
class DefaultControllerTest extends WebTestCase
{
public function testSomething()
{
$client = static::createClient();
$crawler = $client->request('GET', '/test');
$this->assertSame(200, $client->getResponse()->getStatusCode());
$this->assertContains('Hello World', $crawler->filter('h1')->text());
}
}
```
**After**
```php
<?php
namespace App\Tests;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
class DefaultControllerTest extends WebTestCase
{
public function testSomething()
{
$client = static::createClient();
$client->request('GET', '/test');
$this->assertResponseIsSuccessful();
$this->assertSelectorTextContains('h1', 'Hello World');
}
}
```
Commits
-------
4f91020c8d added PHPUnit assertions in various components
2f8040ee84 Create new PHPUnit assertions for the WebTestCase
This PR was squashed before being merged into the 4.3-dev branch (closes#27738).
Discussion
----------
[Validator] Add a HaveIBeenPwned password validator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo
This PR adds a new `Pwned` validation constraint to prevent users to choose passwords that have been leaked in public data breaches.
The validator uses the https://haveibeenpwned.com/ API. The implementation is similar to the one used by [Firefox Monitor](https://blog.mozilla.org/futurereleases/2018/06/25/testing-firefox-monitor-a-new-security-tool/). It allows to not expose the password hash using a k-anonymity model. The specific implementation for HaveIBeenPwned has been [described in depth by Cloudflare](https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/).
Usage:
```php
// Rejects the password if is present in any number of times in any data breach
class User
{
/** @Pwned */
public $plainPassword;
}
// Rejects the password if is present more than 5 times in data breaches
class User
{
/** @Pwned(maxCount=5) */
public $plainPassword;
}
// Customize the error message
class User
{
/** @Pwned(message='Please select another password, this one has already been hacked.') */
public $plainPassword;
}
```
Commits
-------
ec1ded898a [Validator] Add a HaveIBeenPwned password validator
This PR was merged into the 4.3-dev branch.
Discussion
----------
Changing messenger bus id from 'message_bus' to 'messenger.default_bus'
Changing messenger bus tag from 'message_bus' to 'messenger.message_bus'
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | Maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30670
| License | MIT
| Doc PR |
All is in the title.
This PR change the tag of the default bus from 'message_bus' to 'messenger.message_bus'.
Commits
-------
3cee1cac12#30690 - Changing messenger bus id from 'message_bus' to 'messenger.default_bus'
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] bug fixes in Doctrine Transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Just tested the new Doctrine transport and I've see 3 bugs so far :
- [x] The message is not return by the transport
- [x] The headers column must be of type TEXT and not just STRING
- [ ] When using the PhpSerializer the message is truncated (PR: https://github.com/symfony/symfony/pull/30814)
The body in database looks like this :
```
O:36:"Symfony\Component\Messenger\Envelope":2:{s:44:"
```
The body given by the serializer is the following :
```
O:36:"Symfony\Component\Messenger\Envelope":2:{s:44:"Symfony\Component\Messenger\Envelopestamps";a:3:{s:49:"Symfony\Component\Messenger\Stamp\SerializerStamp";a:1:{i:0;O:49:"Symfony\Component\Messenger\Stamp\SerializerStamp":1:{s:58:"Symfony\Component\Messenger\Stamp\SerializerStampcontext";a:0:{}}}s:46:"Symfony\Component\Messenger\Stamp\BusNameStamp";a:1:{i:0;O:46:"Symfony\Component\Messenger\Stamp\BusNameStamp":1:{s:55:"Symfony\Component\Messenger\Stamp\BusNameStampbusName";s:21:"messenger.bus.default";}}s:43:"Symfony\Component\Messenger\Stamp\SentStamp";a:1:{i:0;O:43:"Symfony\Component\Messenger\Stamp\SentStamp":2:{s:56:"Symfony\Component\Messenger\Stamp\SentStampsenderClass";s:64:"Symfony\Component\Messenger\Transport\Doctrine\DoctrineTransport";s:56:"Symfony\Component\Messenger\Stamp\SentStampsenderAlias";s:16:"environment.stop";}}}s:45:"Symfony\Component\Messenger\Envelopemessage";O:34:"App\Message\EnvironmentStopMessage":1:{s:51:"App\Message\AbstractEnvironmentMessageenvironment";O:22:"App\Entity\Environment":5:{s:26:"App\Entity\Environmentid";s:36:"3bade252-b7a9-4188-82bd-3e68129e0da7";s:37:"App\Entity\EnvironmentrepositoryUrl";s:6:"string";s:30:"App\Entity\Environmentbranch";s:6:"string";s:33:"App\Entity\EnvironmenthostNames";a:1:{i:0;N;}s:27:"App\Entity\Environmentenv";a:2:{s:7:"APP_ENV";s:4:"prod";s:7:"APP_VAR";s:13:"example value";}}}}
```
Commits
-------
27466498d0 [Messenger] Fix get in Doctrine Transport
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] base64_encoding inside PhpSerializer to avoid null characters
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30805
| License | MIT
| Doc PR | not needed
Hi!
As pointed out in #30805, the `PhpSerializer` creates strings with null bytes. This apparently causes problems on at least some database systems (I didn't notice, but @vincenttouzet did). I also read that, for example, SQS doesn't like null characters. And, in general, because we're sending this data over a transport, `base64_encoding` data is pretty standard.
Does anyone see any downsides?
Cheers!
Commits
-------
fe7ad812c7 base64_encoding inside PhpSerializer to avoid null characters
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Process] Added more detail to the exception when the CWD is invalid
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
When using panther with "special" directory structure, the message is
not really usefull. Let's add the CWD to the exception
Commits
-------
d27858f77b [Process] Added more detail to the exception when the CWD is invalid