* 2.8:
[Security] Fix wrong term in UserProviderInterface
[HttpFoundation] Set meta refresh time to 0 in RedirectResponse content
disable inlining deprecated services
[Security] validate empty passwords again
[DI] Remove irrelevant comment from container
[TwigBridge] cleaner implementation of the TwigRenderer
* 2.7:
[Security] Fix wrong term in UserProviderInterface
[HttpFoundation] Set meta refresh time to 0 in RedirectResponse content
[Security] validate empty passwords again
[DI] Remove irrelevant comment from container
[TwigBridge] cleaner implementation of the TwigRenderer
This PR was squashed before being merged into the 3.3 branch (closes#23513).
Discussion
----------
[FrameworkBundle] Set default public directory on install assets
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
After https://github.com/symfony/flex/pull/122 and https://github.com/symfony/recipes/pull/106 the default directory to install assets is `public`.
Commits
-------
1bdfe0b39b [FrameworkBundle] Set default public directory on install assets
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] validate empty passwords again
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23341#issuecomment-315341226
| License | MIT
| Doc PR |
It looks like this part of #23341 causes serious security issues for some users who rely on the validator to also compare the empty string with their user's password (see for example https://github.com/symfony/symfony/pull/23341#issuecomment-315341226). Thus I suggest to revert this part of #23341.
Commits
-------
878198cefa [Security] validate empty passwords again
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Remove irrelevant comment from container
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Spotted in #22811
Commits
-------
595a225a0f [DI] Remove irrelevant comment from container
This PR was squashed before being merged into the 3.3 branch (closes#23535).
Discussion
----------
Make server:* commands work out of the box with the public/ root dir
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The first commit removes code that is not needed as the WebserverConfig class already throws the exact same error and the display is exactly the same in that case.
The second commit adds support for `public/` along side `web/`.
Commits
-------
34c8566be1 [WebServerBundle] allowed public/ root directory to be auto-discovered along side web/
bc6b57c208 [WebServerBundle] remove duplicate code
This PR was merged into the 3.3 branch.
Discussion
----------
[SecurityBundle] Clarify deprecation in UserPasswordEncoderCommand::getContainer
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
@ogizanagi in 4.0 it will simply extend `Command` right.. wdyt?
Also we dont deprecate `setContainer` is that intentional?
Commits
-------
7ea2d0437a [SecurityBundle] Clarify deprecation in UserPasswordEncoderCommand::getContainer
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] cleaner implementation of the TwigRenderer
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23432#discussion_r125880092
| License | MIT
| Doc PR |
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the 3.4,
legacy code removals go to the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
c7c5ba8 [TwigBridge] cleaner implementation of the TwigRenderer
This PR was merged into the 3.2 branch.
Discussion
----------
[FrameworkBundle] Fix tests
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Related to the changes introduced in #23440.
Commits
-------
2e0c6bc [FrameworkBundle] Fix tests
* 3.2:
[DI] Handle root namespace in service definitions
Use rawurlencode() to transform the Cookie into a string
[Security] Fix authentication.failure event not dispatched on AccountStatusException
* 2.8:
[DI] Handle root namespace in service definitions
Use rawurlencode() to transform the Cookie into a string
[Security] Fix authentication.failure event not dispatched on AccountStatusException
* 2.7:
[DI] Handle root namespace in service definitions
Use rawurlencode() to transform the Cookie into a string
[Security] Fix authentication.failure event not dispatched on AccountStatusException
This PR was squashed before being merged into the 2.7 branch (closes#23468).
Discussion
----------
[DI] Handle root namespace in service definitions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Fixes
```
Cannot dump definition because of invalid class name ('\\stdClass')
```
for
```yaml
services:
foo: {class: '\stdClass' }
```
`ContainerBuilder` allows it, so `PhpDumper` should as well.
Commits
-------
05170c8 [DI] Handle root namespace in service definitions
This PR was merged into the 3.3 branch.
Discussion
----------
[Process] Fix parsing args on Windows
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23455
| License | MIT
| Doc PR | -
Commits
-------
8826da1 [Process] Fix parsing args on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix authentication.failure event not dispatched on AccountStatusException
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/18807
| License | MIT
| Doc PR | n/a
Authentication fails if the user exists but its account is disabled/expired/locked, the failure event should be dispatched in this case, so that you can hook into as for any authentication exception.
Commits
-------
64c2efd [Security] Fix authentication.failure event not dispatched on AccountStatusException
This PR was squashed before being merged into the 2.7 branch (closes#23461).
Discussion
----------
Use rawurlencode() to transform the Cookie into a string
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23255
| License | MIT
| Doc PR | -
Commits
-------
025dfff Use rawurlencode() to transform the Cookie into a string
* 3.2:
Don't display the Symfony debug toolbar when printing the page
do not wire namespaces for the ArrayAdapter
[Cache] Added test for ApcuAdapter when using in CLI
allow to configure custom formats in XML configs
[HttpKernel] fix DumpDataCollector tests
[FrameworkBundle] fix changelog
[WebProfilerBundle] Cleanup profiler leftover
require the XML PHP extension
Fix phpdoc for serializer normalizers exceptions
Fixed absolute url generation for query strings and hash urls
bumped Symfony version to 2.8.25
updated VERSION for 2.8.24
updated CHANGELOG for 2.8.24
bumped Symfony version to 2.7.32
[Filesystem] Dont copy perms when origin is remote
updated VERSION for 2.7.31
update CONTRIBUTORS for 2.7.31
updated CHANGELOG for 2.7.31
* 2.8:
Don't display the Symfony debug toolbar when printing the page
allow to configure custom formats in XML configs
require the XML PHP extension
Fixed absolute url generation for query strings and hash urls
bumped Symfony version to 2.8.25
updated VERSION for 2.8.24
updated CHANGELOG for 2.8.24
bumped Symfony version to 2.7.32
[Filesystem] Dont copy perms when origin is remote
updated VERSION for 2.7.31
update CONTRIBUTORS for 2.7.31
updated CHANGELOG for 2.7.31
* 2.7:
allow to configure custom formats in XML configs
require the XML PHP extension
Fixed absolute url generation for query strings and hash urls
bumped Symfony version to 2.7.32
[Filesystem] Dont copy perms when origin is remote
updated VERSION for 2.7.31
update CONTRIBUTORS for 2.7.31
updated CHANGELOG for 2.7.31
This PR was merged into the 3.2 branch.
Discussion
----------
[FrameworkBundle] do not wire namespaces for the ArrayAdapter
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23214
| License | MIT
| Doc PR |
Commits
-------
9380614 do not wire namespaces for the ArrayAdapter
The `framework.serializer.cache` option was also deprecated in Symfony
3.1. This was documented in the upgrade file, but was not reflected in
the bundle's changelog.
This PR was merged into the 3.3 branch.
Discussion
----------
[Ldap] Fix deprecated message
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/20390https://github.com/symfony/symfony/pull/23402
| License | MIT
| Doc PR | /
``RenameEntryInterface`` is **deprecated** in 3.3 and **removed/merged** in 4.0.
Commits
-------
bbd0c7f69f Fix deprecated message
The normalizers throw exceptions. They need to be documented for DX
in the normalizer/denormalizer interfaces.
[Serializer] fit Symfony phpdoc standard
It also adds meaning of each exception throw.
Fix grammary in phpdoc
This PR was squashed before being merged into the 3.3 branch (closes#22439).
Discussion
----------
[DX] [TwigBundle] Enhance the new exception page design
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
- [x] Fix the problem with wrapping wide lines (https://github.com/symfony/symfony/pull/20951#issuecomment-292201983)
I got motivated by recent PR https://github.com/symfony/symfony/pull/20951 and redesigned the exception page even more.
Compare before: ![before](https://cloud.githubusercontent.com/assets/885946/25052220/0756b74e-2151-11e7-98b6-c99fd9eaabec.png)
with after: ![after](https://cloud.githubusercontent.com/assets/885946/25052225/0c76581a-2151-11e7-96ff-eb502ee8e97b.png)
(Ignore the the "sf" toolbar icon in the middle of the page. This is how Firefox does full-page screenshots.)
The most noticeable changes:
- removed double line spacing (it just does not feel natural)
- file context increased from 3 to 10 lines (it helps me to better orientate in the code)
- added horizontal scrollbar for the cases when the code is wider
- the highlighted line color is more saturated in order to be noticed easily
Commits
-------
43212b9a90 [DX] [TwigBundle] Enhance the new exception page design
* 3.2:
[DI][Security] Prevent unwanted deprecation notices when using Expression Languages
bumped Symfony version to 3.2.12
updated VERSION for 3.2.11
updated CHANGELOG for 3.2.11
This PR was squashed before being merged into the 2.7 branch (closes#23261).
Discussion
----------
Fixed absolute url generation for query strings and hash urls
| Q | A
| ------------- | ---
| Branch? | 2.7, ...
| Bug fix? | yes
| New feature? |no
| BC breaks? | yes? absolute_url will change its output but the old was incorrect
| Deprecations? |no
| Tests pass? | yes?
| Fixed tickets | fixes#23260
| License | MIT
Fixed absolute url generation for query strings
Commits
-------
89ad27d544 Fixed absolute url generation for query strings and hash urls
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Dont copy perms when origin is remote
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23312
| License | MIT
| Doc PR | -
Commits
-------
7b442211dc [Filesystem] Dont copy perms when origin is remote
This PR was merged into the 3.3 branch.
Discussion
----------
[DoctrineBridge] Fix resetting entity managers with case sensitive id
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
9737bcc024 [DoctrineBridge] Use normalizedIds for resetting entity manager services
* 3.2:
fixed bad merge
[Cache] Handle APCu failures gracefully
[FrameworkBundle] Do not remove files from assets dir
bumped Symfony version to 3.2.11
updated VERSION for 3.2.10
updated CHANGELOG for 3.2.10
bumped Symfony version to 2.8.24
updated VERSION for 2.8.23
updated CHANGELOG for 2.8.23
bumped Symfony version to 2.7.31
updated VERSION for 2.7.30
update CONTRIBUTORS for 2.7.30
updated CHANGELOG for 2.7.30
* 2.8:
[FrameworkBundle] Do not remove files from assets dir
bumped Symfony version to 2.8.24
updated VERSION for 2.8.23
updated CHANGELOG for 2.8.23
bumped Symfony version to 2.7.31
updated VERSION for 2.7.30
update CONTRIBUTORS for 2.7.30
updated CHANGELOG for 2.7.30
* 2.7:
[FrameworkBundle] Do not remove files from assets dir
bumped Symfony version to 2.7.31
updated VERSION for 2.7.30
update CONTRIBUTORS for 2.7.30
updated CHANGELOG for 2.7.30
This PR was merged into the 3.3 branch.
Discussion
----------
[FrameworkBundle] call setContainer() for autowired controllers
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23200, FriendsOfSymfony/FOSRestBundle#1719
| License | MIT
| Doc PR |
Previously, you either did not use controllers as services or you explicitly wired everything yourself. In case of a non-service controller the FrameworkBundle took care of calling `setContainer()` inside the `instantiateController()` method:
```php
protected function instantiateController($class)
{
$controller = parent::instantiateController($class);
if ($controller instanceof ContainerAwareInterface) {
$controller->setContainer($this->container);
}
if ($controller instanceof AbstractController && null !== $previousContainer = $controller->setContainer($this->container)) {
$controller->setContainer($previousContainer);
}
return $controller;
}
```
With the new autowired controllers as services this is no longer happening as controllers do not need to be instantiated anymore (the container already returns fully built objects).
Commits
-------
1d07a28 call setContainer() for autowired controllers
* 3.2:
Misspelled word
Display a better error design when the toolbar cannot be displayed
do not validate empty values
[Cache] fix cleanup of expired items for PdoAdapter
[Console] fix description of INF default values
[PropertyAccess] Fix TypeError discard
[Validator] Throw exception on Comparison constraints null options
Identify tty tests in Component/Process
[Workflow] Added more events to the announce function
[Validator] Remove property path suggestion for using the Expression validator
[WebProfilerBundle] Fix css trick used for offsetting html anchor from fixed header
[Security] Fix annotation
* 2.8:
Misspelled word
Display a better error design when the toolbar cannot be displayed
do not validate empty values
[Console] fix description of INF default values
[PropertyAccess] Fix TypeError discard
[Validator] Throw exception on Comparison constraints null options
Identify tty tests in Component/Process
[Security] Fix annotation
* 2.7:
Misspelled word
Display a better error design when the toolbar cannot be displayed
do not validate empty values
[Console] fix description of INF default values
[PropertyAccess] Fix TypeError discard
[Validator] Throw exception on Comparison constraints null options
Identify tty tests in Component/Process
[Security] Fix annotation
This PR was merged into the 2.7 branch.
Discussion
----------
[DoctrineBridge][Security][Validator] do not validate empty values
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23319
| License | MIT
| Doc PR |
Nearly all validators operating on scalar values (except for some special constraints) do ignore empty values. If you want to forbid them, you have to use the `NotBlank` constraint instead.
Commits
-------
fd7ad234bc do not validate empty values
This PR was squashed before being merged into the 2.7 branch (closes#23274).
Discussion
----------
Display a better error design when the toolbar cannot be displayed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes (failure unrelated)
| Fixed tickets | https://github.com/symfony/symfony/pull/23266
| License | MIT
| Doc PR | n/a
Fixing the left position of the bar (tested in app without style) and escaping the literal newline (ES5) as some IDEs fails with previous syntax (and Github diff too). Btw, I have added the Symfony icon to make clear that this message comes from Symfony ;)
**Before:**
![current_toolbar_error](https://user-images.githubusercontent.com/2028198/27466735-cd5f0da8-57aa-11e7-8431-3025c41557e6.png)
**After:**
![after_toolbar_27](https://user-images.githubusercontent.com/2028198/27467928-75e45d4e-57b4-11e7-9e1f-e252d9085596.png)
Commits
-------
ed3e403b4b Display a better error design when the toolbar cannot be displayed
This PR was merged into the 3.3 branch.
Discussion
----------
[Security] Fix Firewall ExceptionListener priority
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23253
| License | MIT
| Doc PR | n/a
When making EventDispatcher able to lazy load listeners, we stopped using `ContainerAwareEventDispatcher::addListenerService/addSubcriberService`, we use `EventDispatcher::addListener()` instead. This change makes that the order of listeners is different than before, because `ContainerAwareEventDispatcher` calls `addListener()` tardily so that factories are never stored in `EventDispatcher::$listeners`.
Example diff due to the behavior change in 3.3 (registering an `AppBundle\ExceptionListener::doCatch()` exception listener in the fullstack):
3.2
----
```php
array:5
0 => "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException"
1 => "AppBundle\ExceptionListener::doCatch"
2 => "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException"
3 => "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onException"
4 => "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException"
]
```
3.3
----
```php
array:5 [
0 => "AppBundle\ExceptionListener::doCatch"
1 => "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException"
2 => "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onException"
3 => "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException"
4 => "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException"
]
```
(that is what breaks #23253, the lazy listener is called before the runtime firewall exception listener on dispatch).
This fixes the order by increasing the security exception listener priority.
Commits
-------
8014b38055 [Security] Fix Firewall ExceptionListener priority
This PR was merged into the 3.2 branch.
Discussion
----------
[Validator] Remove property path suggestion for using the Expression validator
| Q | A
| ------------- | ---
| Branch? | 3.2 <!-- see comment below -->
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
This suggestion is erroneous since #17398 removed any usage of the PropertyAccess component within the Validator one, so it's not even required anymore by the ExpressionValidator.
Commits
-------
e9e1534cde [Validator] Remove property path suggestion for using the Expression validator
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Throw exception on Comparison constraints null options
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | no. There is no bug, but the constraint can be silently created in an invalid state.
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes (failure unrelated)
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
Commits
-------
2de59a7381 [Validator] Throw exception on Comparison constraints null options
* 3.2:
fixed tests
swiftmailer bridge is gone
[TwigBundle] add back exception check
Dont call count on non countable object
Fix undefined variable $filesystem
This PR was merged into the 2.7 branch.
Discussion
----------
Don't call count on non countable object
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR |
From PHP 7.2, calling `count` on a non-countable object will emit a warning (https://wiki.php.net/rfc/counting_non_countables).
Based on the current test suit, this is the only place where I found this warning
Commits
-------
635bccdf8f Dont call count on non countable object
* 3.2: (42 commits)
Show exception is checked twice in ExceptionController of twig
allow SSI fragments configuration in XML files
Display a better error message when the toolbar cannot be displayed
render hidden _method field in form_rest()
Add Doctrine Cache to dev dependencies to fix failing unit tests.
return fallback locales whenever possible
[Console] Fix catching exception type in QuestionHelper
[WebProfilerBundle] Eliminate line wrap on count columnt (routing)
[Routing] Fix XmlFileLoader exception message
[Translation] Fix FileLoader::loadResource() php doc
Sessions: configurable "use_strict_mode" option for NativeSessionStorage
[FrameworkBundle] [Command] Clean bundle directory, fixes#23177
Reset redirectCount when throwing exception
[TwigBundle] Remove template.xml services when templating is disabled
add content-type header on exception response
Embedding a response that combines expiration and validation, that should not defeat expiration on the combined response
fixed bad merge
Fix two edge cases in ResponseCacheStrategy
[Routing] Expose request in route conditions, if needed and possible
[Routing] Expose request in route conditions, if needed and possible
...
* 2.8: (40 commits)
Show exception is checked twice in ExceptionController of twig
allow SSI fragments configuration in XML files
Display a better error message when the toolbar cannot be displayed
render hidden _method field in form_rest()
return fallback locales whenever possible
[Console] Fix catching exception type in QuestionHelper
[WebProfilerBundle] Eliminate line wrap on count columnt (routing)
[Routing] Fix XmlFileLoader exception message
[Translation] Fix FileLoader::loadResource() php doc
Sessions: configurable "use_strict_mode" option for NativeSessionStorage
[FrameworkBundle] [Command] Clean bundle directory, fixes#23177
Reset redirectCount when throwing exception
[TwigBundle] Remove template.xml services when templating is disabled
add content-type header on exception response
Embedding a response that combines expiration and validation, that should not defeat expiration on the combined response
Fix two edge cases in ResponseCacheStrategy
[Routing] Expose request in route conditions, if needed and possible
[Routing] Expose request in route conditions, if needed and possible
[Translation][FrameworkBundle] Fix resource loading order inconsistency reported in #23034
[Filesystem] added workaround in Filesystem::rename for PHP bug
...
* 2.7:
Show exception is checked twice in ExceptionController of twig
allow SSI fragments configuration in XML files
Display a better error message when the toolbar cannot be displayed
render hidden _method field in form_rest()
return fallback locales whenever possible
This PR was merged into the 2.7 branch.
Discussion
----------
Display a better error message when the toolbar cannot be displayed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23264
| License | MIT
| Doc PR | -
In action:
![profiler-error](https://user-images.githubusercontent.com/73419/27444352-5d0a1d60-5776-11e7-89c3-430cd6f38454.png)
Commits
-------
cc7275bccc Display a better error message when the toolbar cannot be displayed
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] Fix catching exception type in QuestionHelper
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
When generic exceptions were replaced by domain exceptions in dd17dc00ee one catch statement was missed. The existing code works fine because a `RuntimeException` extends a `\RuntimeException`.
Commits
-------
1c091eb703 [Console] Fix catching exception type in QuestionHelper
* 2.7:
[Routing] Fix XmlFileLoader exception message
Sessions: configurable "use_strict_mode" option for NativeSessionStorage
[FrameworkBundle] [Command] Clean bundle directory, fixes#23177
Reset redirectCount when throwing exception
[TwigBundle] Remove template.xml services when templating is disabled
add content-type header on exception response
Embedding a response that combines expiration and validation, that should not defeat expiration on the combined response
Fix two edge cases in ResponseCacheStrategy
[Routing] Expose request in route conditions, if needed and possible
[Routing] Expose request in route conditions, if needed and possible
[Translation][FrameworkBundle] Fix resource loading order inconsistency reported in #23034
[Filesystem] added workaround in Filesystem::rename for PHP bug
Add tests for ResponseCacheStrategy to document some more edge cases
[HttpFoundation] added missing docs
fixes#21606
[VarDumper] fixes
[Security] fix switch user _exit without having current token
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] fix switch user _exit without having current token
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22729
| License | MIT
| Doc PR | -
Attempting to `_exit` from a switched user caused an error when not having any token in the storage (for example happens when not logged in + disallowing anonymous users on that firewall):
`[1] Symfony\Component\Debug\Exception\FatalThrowableError: Type error: Argument 1 passed to Symfony\Component\Security\Http\Firewall\SwitchUserListener::getOriginalToken()
must be an instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface, null given, called in
symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php on line 164`
Commits
-------
16da6861be [Security] fix switch user _exit without having current token
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Fix XmlFileLoader exception message
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
When an `XmlFileLoader` encounters an unknown tag it throws an exception with message like `Unknown tag "foo" used in file "bar". Expected "default", "requirement" or "option".`. A proper message should be `Unknown tag "foo" used in file "bar". Expected "default", "requirement", "option" or "condition".`
Commits
-------
f6a94cb56f [Routing] Fix XmlFileLoader exception message
This PR was squashed before being merged into the 2.7 branch (closes#23195).
Discussion
----------
[FrameworkBundle] [Command] Clean bundle directory, fixes#23177
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | #23177
| License | MIT
This PR fix#23177
when running an assets:install, it will remove directorys who do not have anymore a valid Bundle
Commits
-------
180f178f43 [FrameworkBundle] [Command] Clean bundle directory, fixes#23177
This PR was merged into the 3.3 branch.
Discussion
----------
Fixed composer resources between web/cli
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no (reverts one)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23212
| License | MIT
| Doc PR | ~
This is a possible fix for the flawed module check for the composer resource. As this is the easiest fix, I've created a PR ready to be merged.
Commits
-------
9e047122f1 Fixed composer resources between web/cli
This PR was squashed before being merged into the 3.3 branch (closes#23160).
Discussion
----------
[WebProfilerBundle] Fix the icon for the Cache panel
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23159
| License | MIT
| Doc PR | -
Commits
-------
50c1d478ce [WebProfilerBundle] Fix the icon for the Cache panel
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Add Content-Type header for exception response
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR comes after I was looking to customize the way exceptions are served for a JSON API (grabbed the info at http://symfony.com/doc/current/controller/error_pages.html#overriding-the-default-exceptioncontroller).
I noticed that even when changing the request format to 'json' so that the right json.twig template is served:
```php
// in my override of the ExceptionController
public function showAction(Request $request, FlattenException $exception, DebugLoggerInterface $logger = null)
{
$request->setRequestFormat('json');
return parent::showAction($request, $exception, $logger);
}
```
the response Content-Type header was still 'text/html'.
By now, the response Content-Type should be corresponding to the given request format.
I also feel there's some room for improvement with the general "displaying error for a JSON API" chapter as it feels strange that there's no configuration option to just say "serve me anything as json", but that's another issue.
Commits
-------
9e2b408f25 add content-type header on exception response
This PR was merged into the 3.3 branch.
Discussion
----------
[WebServerBundle] Fix router script option BC
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23206
| License | MIT
| Doc PR | -
Server commands does not work with router script given by a relative path eg.:
```
bin/console server:run -r router.php
```
but, this was working before and was removed (by accident I guess) in https://github.com/symfony/symfony/pull/21039/files#diff-b915f83f99a4166eb34eab581a92501bL187
Commits
-------
aeab2fe1f7 [WebServerBundle] Fix router script path and check existence
This PR was merged into the 2.7 branch.
Discussion
----------
Reset redirectCount when throwing exception
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23197
| License | MIT
When catching the exception throw when exceeding the redirect limit, all new request which results in a redirect fail. By resetting the redirectCount we can still use the same client instance.
Commits
-------
83fd578f96 Reset redirectCount when throwing exception
This PR was merged into the 3.3 branch.
Discussion
----------
[FrameworkBundle] Expose the AbstractController's container to its subclasses
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This is useful if an application provides their own base Controller that
references items in the container. It also makes it simpler for that
base controller to add additional optional dependencies by only overriding
getSubscribedServices instead of having to reimplement setContainer and
use ControllerTrait.
Commits
-------
ee17131fca Expose the AbstractController's container to its subclasses
Useful if an application provides their own base Controller that
references items in the container. It also makes it simpler for that
base controller to add additional optional dependencies by only overriding
getSubscribedServices instead of having to reimplement setContainer and
use ControllerTrait.
This PR was squashed before being merged into the 2.7 branch (closes#23129).
Discussion
----------
Fix two edge cases in ResponseCacheStrategy
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While reviewing how `ResponseCacheStrategy` calculates the caching-related headers for responses that embed subrequests, I came across two cases that I think are currently implemented incorrectly.
a) When the main response is public and cacheable with an expiration time, but it embeds (via ESI) a controller that does not set any caching-related headers, this embedded response is more constrained. So, the resulting (combined) response must not be cacheable, especially it may not keep the s-maxage.
b) When the main response is public and cacheable with an expiration time, but it embeds (via ESI) a controller that explicitly creates a "private" response, the resulting (combined) response must be private as well.
Commits
-------
c6e8c07e4d Fix two edge cases in ResponseCacheStrategy
* 3.2:
[SecurityBundle] Move cache of the firewall context into the request parameters
Fix Usage with anonymous classes
[Workflow] Added more keywords in the composer.json
[Cache] APCu isSupported() should return true when apc.enable_cli=Off
[PropertyAccess] Do not silence TypeErrors from client code.
This PR was squashed before being merged into the 3.2 branch (closes#22943).
Discussion
----------
[SecurityBundle] Move cache of the firewall context into the request parameters
Following [this proposal](https://github.com/symfony/symfony/pull/22605#issuecomment-301276639). Since the matching context relates to the request, this information should have been cached inside the request parameters.
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22605
| License | MIT
| Doc PR | n/a
* Avoid memory leak when handling multiple requests
* Adding the new request parameter `_firewall_context` might be considered as a breaking change. That adds a new "public" property that could be used by end developers.
Commits
-------
b3203cb8ab [SecurityBundle] Move cache of the firewall context into the request parameters
This PR was squashed before being merged into the 3.3 branch (closes#23088).
Discussion
----------
[FrameworkBundle] Dont set pre-defined esi/ssi services
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | not sure
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #23080
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
It fixes the issue, but im not sure what's expected if you dont use http cache (solely enabled ssi/esi in config). Before the services were initialized, now they are synthetic as http cache sets them, but thats optional =/
Commits
-------
8c26aab0fe [FrameworkBundle] Dont set pre-defined esi/ssi services
This PR was squashed before being merged into the 2.7 branch (closes#23057).
Discussion
----------
[Translation][FrameworkBundle] Fix resource loading order inconsistency reported in #23034
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23034
| License | MIT
| Doc PR |
Fixes the bug reported in #23034:
When mixing `addResource()` calls and providing the `resource_files` option, the order in which resources are loaded depends on the `kernel.debug` setting and whether a cache is used.
In particular, when several loaders provide translations for the same message, the one that "wins" may change between development and production mode.
Commits
-------
2a9e65dea9 [Translation][FrameworkBundle] Fix resource loading order inconsistency reported in #23034
This PR was squashed before being merged into the 2.7 branch (closes#23092).
Discussion
----------
[Filesystem] added workaround in Filesystem::rename for PHP bug
[Filesystem] added workaround in Filesystem::rename for https://bugs.php.net/bug.php?id=54097
Standard PHP rename() of dirs across devices/mounted filesystems produces confusing copy error & throws IOException in Filesystem::rename. I got it during console cache:clear in the Docker environment. This PR possible fixes https://github.com/symfony/symfony/issues/19851 and other environment related issues.
Workaround is on \rename() fails try to Filesystem::mirror & Filesystem::remove if $origin is directory
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
3ccbc479da [Filesystem] added workaround in Filesystem::rename for PHP bug
This PR was squashed before being merged into the 2.7 branch (closes#23123).
Discussion
----------
Add tests for ResponseCacheStrategy to document some more edge cases
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Adds some test cases for possible combinations of master/subrequest responses to better document behaviour in edge cases. Should now cover the entire `ResponseCacheStrategy`.
I hope 2.7 is the right target branch because having more tests for all releases should be a good thing™️.
Commits
-------
69e84633dd Add tests for ResponseCacheStrategy to document some more edge cases
This PR was merged into the 3.3 branch.
Discussion
----------
[HttpFoundation] add back support for legacy constant values
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Due to the data type change of the `Request::HEADER_` constants in Symfony 3.3 #23067 introduced a small BC break if someone used the old constant values statically instead of referring to the constants themselves.
Commits
-------
fddd754c0a add back support for legacy constant values
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] fix for Support for new 7.1 session options
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21606
| License | MIT
| Doc PR | n/a
Commits
-------
71c1b6f5bffixes#21606
This PR was merged into the 3.2 branch.
Discussion
----------
[PropertyAccess] Do not silence TypeErrors from client code.
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes TypeError silencing in `setValue()` when said error is thrown inside setter/adder/etc.
An example is given in the included test, but more real-life story is botched accessors for a many-to-one association on a Doctrine entity:
```php
class B {
function setA(A $a) { ... } // forgotten "= null" here
}
class A {
function removeB(B $b) {
if ($this->bs->contains($b)) {
$this->bs->removeElement($b);
$b->setA(null); // TypeError thrown
}
return $this;
}
}
```
No error is shown to the user, even though removing doesn't work.
This bug is not present in 2.7 & 2.8.
Commits
-------
45b961de2e [PropertyAccess] Do not silence TypeErrors from client code.
This PR was merged into the 3.2 branch.
Discussion
----------
[PropertyAccess] Fix Usage with anonymous classes
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23136
| License | MIT
Replace forbidden characters in the the class names of Anonymous Classes in form of
"class@anonymous /symfony/src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php0x7f3f5f267ad5"
Wrapped in eval to avoid PHP parsing errors < 7 and using `rawurlenceode` for perf reasons
Thanks @nicolas-grekas for the help and patience. Let me know if anything is missing.
Commits
-------
3f7fd432df Fix Usage with anonymous classes
This PR was merged into the 3.3 branch.
Discussion
----------
[Config] Fix ** GlobResource on Windows
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23103
| License | MIT
| Doc PR | -
We cannot tell Finder to use RecursiveDirectoryIterator::UNIX_PATHS so we have to fix paths on Windows.
Commits
-------
44955bea53 [Config] Fix ** GlobResource on Windows
This PR was merged into the 3.3 branch.
Discussion
----------
Fix AutowiringTypesTest transient tests
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
In 3.3, we have a race condition because FrameworkBundle and SecurityBundle use the same test folder for their respective AutowiringTypesTest.
Commits
-------
408e56e404 Fix AutowiringTypesTest transient tests
Replace forbidden characters in the the class names of Anonymous Classes in form of
"class@anonymous /symfony/src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php0x7f3f5f267ad5"
Wrapped in eval to avoid PHP parsing errors < 7
This PR was merged into the 2.7 branch.
Discussion
----------
[FormBuilderInterface] Fixed PHPdoc return references
| Q | A
| ------------- | ---
| Branch? | 2.7 and higher
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | N/A (phpdoc)
| License | MIT
In a case where the method `createFormBuilder()` was used where the methods `add()` and `getForm()` were chained onto it, the final resulting object was no longer a FormBuilder object as the `add()` and `remove()` methods was using a return variable that didn't work.
Should reference `self` as interfaces do not have a `$this` object.
Commits
-------
2f350d1d38 Fixed PHPdoc return references in FormBuilderInterface
This PR was merged into the 3.3 branch.
Discussion
----------
[DI] Fix keys resolution in ResolveParameterPlaceHoldersPass
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Keys are resolved in 3.2, but we broke that when moving to AbstractRecursivePass.
Commits
-------
9251a2143d [DI] Fix keys resolution in ResolveParameterPlaceHoldersPass
This PR was squashed before being merged into the 2.7 branch (closes#22931).
Discussion
----------
SCA with Php Inspections (EA Extended): 2.7
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended): dead code and control flow tweaks.
Commits
-------
598ae56cc9 SCA with Php Inspections (EA Extended): 2.7
This PR was squashed before being merged into the 2.7 branch (closes#23120).
Discussion
----------
Remove deprecated each function
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR |
Replace the `each()` function which is deprecated in PHP 7.2 (https://wiki.php.net/rfc/deprecations_php_7_2#each)
Commits
-------
232caad876 Remove deprecated each function
This PR was merged into the 3.3 branch.
Discussion
----------
[EventDispatcher] Remove dead code in WrappedListener
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The static `$cloner` property is unused since ab716c64de
Commits
-------
8b7de02413 [EventDispatcher] Remove dead code in WrappedListener