This PR was squashed before being merged into the 4.3-dev branch (closes#27738).
Discussion
----------
[Validator] Add a HaveIBeenPwned password validator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo
This PR adds a new `Pwned` validation constraint to prevent users to choose passwords that have been leaked in public data breaches.
The validator uses the https://haveibeenpwned.com/ API. The implementation is similar to the one used by [Firefox Monitor](https://blog.mozilla.org/futurereleases/2018/06/25/testing-firefox-monitor-a-new-security-tool/). It allows to not expose the password hash using a k-anonymity model. The specific implementation for HaveIBeenPwned has been [described in depth by Cloudflare](https://blog.cloudflare.com/validating-leaked-passwords-with-k-anonymity/).
Usage:
```php
// Rejects the password if is present in any number of times in any data breach
class User
{
/** @Pwned */
public $plainPassword;
}
// Rejects the password if is present more than 5 times in data breaches
class User
{
/** @Pwned(maxCount=5) */
public $plainPassword;
}
// Customize the error message
class User
{
/** @Pwned(message='Please select another password, this one has already been hacked.') */
public $plainPassword;
}
```
Commits
-------
ec1ded898a [Validator] Add a HaveIBeenPwned password validator
This PR was merged into the 4.2 branch.
Discussion
----------
fix testIgnoredAttributesInContext
| Q | A
| ------------- | ---
| Branch? | fix/test_serializer
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | fix CI
| License | MIT
<!--
fix test GetSetMethodNormalizerTest::testIgnoredAttributesInContext
method setIgnoredAttributes is deprecated since 4.2
key "ignored_attributes" is use in the context
-->
Commits
-------
61547a291d fix testIgnoredAttributesInContext
This PR was merged into the 4.3-dev branch.
Discussion
----------
Changing messenger bus id from 'message_bus' to 'messenger.default_bus'
Changing messenger bus tag from 'message_bus' to 'messenger.message_bus'
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | Maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30670
| License | MIT
| Doc PR |
All is in the title.
This PR change the tag of the default bus from 'message_bus' to 'messenger.message_bus'.
Commits
-------
3cee1cac12#30690 - Changing messenger bus id from 'message_bus' to 'messenger.default_bus'
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] bug fixes in Doctrine Transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Just tested the new Doctrine transport and I've see 3 bugs so far :
- [x] The message is not return by the transport
- [x] The headers column must be of type TEXT and not just STRING
- [ ] When using the PhpSerializer the message is truncated (PR: https://github.com/symfony/symfony/pull/30814)
The body in database looks like this :
```
O:36:"Symfony\Component\Messenger\Envelope":2:{s:44:"
```
The body given by the serializer is the following :
```
O:36:"Symfony\Component\Messenger\Envelope":2:{s:44:"Symfony\Component\Messenger\Envelopestamps";a:3:{s:49:"Symfony\Component\Messenger\Stamp\SerializerStamp";a:1:{i:0;O:49:"Symfony\Component\Messenger\Stamp\SerializerStamp":1:{s:58:"Symfony\Component\Messenger\Stamp\SerializerStampcontext";a:0:{}}}s:46:"Symfony\Component\Messenger\Stamp\BusNameStamp";a:1:{i:0;O:46:"Symfony\Component\Messenger\Stamp\BusNameStamp":1:{s:55:"Symfony\Component\Messenger\Stamp\BusNameStampbusName";s:21:"messenger.bus.default";}}s:43:"Symfony\Component\Messenger\Stamp\SentStamp";a:1:{i:0;O:43:"Symfony\Component\Messenger\Stamp\SentStamp":2:{s:56:"Symfony\Component\Messenger\Stamp\SentStampsenderClass";s:64:"Symfony\Component\Messenger\Transport\Doctrine\DoctrineTransport";s:56:"Symfony\Component\Messenger\Stamp\SentStampsenderAlias";s:16:"environment.stop";}}}s:45:"Symfony\Component\Messenger\Envelopemessage";O:34:"App\Message\EnvironmentStopMessage":1:{s:51:"App\Message\AbstractEnvironmentMessageenvironment";O:22:"App\Entity\Environment":5:{s:26:"App\Entity\Environmentid";s:36:"3bade252-b7a9-4188-82bd-3e68129e0da7";s:37:"App\Entity\EnvironmentrepositoryUrl";s:6:"string";s:30:"App\Entity\Environmentbranch";s:6:"string";s:33:"App\Entity\EnvironmenthostNames";a:1:{i:0;N;}s:27:"App\Entity\Environmentenv";a:2:{s:7:"APP_ENV";s:4:"prod";s:7:"APP_VAR";s:13:"example value";}}}}
```
Commits
-------
27466498d0 [Messenger] Fix get in Doctrine Transport
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] base64_encoding inside PhpSerializer to avoid null characters
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30805
| License | MIT
| Doc PR | not needed
Hi!
As pointed out in #30805, the `PhpSerializer` creates strings with null bytes. This apparently causes problems on at least some database systems (I didn't notice, but @vincenttouzet did). I also read that, for example, SQS doesn't like null characters. And, in general, because we're sending this data over a transport, `base64_encoding` data is pretty standard.
Does anyone see any downsides?
Cheers!
Commits
-------
fe7ad812c7 base64_encoding inside PhpSerializer to avoid null characters
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Process] Added more detail to the exception when the CWD is invalid
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
When using panther with "special" directory structure, the message is
not really usefull. Let's add the CWD to the exception
Commits
-------
d27858f77b [Process] Added more detail to the exception when the CWD is invalid
This PR was merged into the 4.2 branch.
Discussion
----------
[Config] Improve PHPdoc / IDE autocomplete for config tree builder
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
follow up of #27476 and #21047
Commits
-------
21f797714e Improve PHPdoc / IDE autocomplete for config tree builder
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Inflector] remove "internal" marker from the component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/26903
| License | MIT
| Doc PR | -
This code works: making it non-internal won't increase the maintenance burden and can help others build on it.
Commits
-------
164b45b79c [Inflector] remove "internal" marker from the component
This PR was merged into the 4.2 branch.
Discussion
----------
[Bridge][Twig] DebugCommand - fix escaping and filter
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
cherry-pick on 4.2, conflicts resolved, original PR https://github.com/symfony/symfony/pull/30660#issuecomment-478468584
Commits
-------
b7120c5e49 [Bridge][Twig] DebugCommand - fix escaping and filter
This PR was merged into the 3.4 branch.
Discussion
----------
SCA: minor code tweaks
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- minor code tweaks
- drop private properties, which used as local variables
Commits
-------
cc4529db51 SCA: minor code tweaks
This PR was squashed before being merged into the 4.3-dev branch (closes#30807).
Discussion
----------
[Messenger] Various minor fixes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Found while playing with the new Doctrine transport.
Commits
-------
96dee1ee20 [Messenger] fixed missing use statement
1044dfb93d [Messenger] simplified code
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Remove unused option in the Doctrine transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR remove the unused option `loop_sleep` in the Messenger Doctrine transport
Commits
-------
4811400372 [Messenger] Remove unused option in the Doctrine transport
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Inflector] Support pluralization in the inflector
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | N/A
| License | MIT
| Doc PR | Not Yet
At present the inflector only supports singularizing plural words, this PR adds the capability to pluralize singular words.
Commits
-------
06920a79c4 Support pluralization in the inflector
This PR was squashed before being merged into the 4.3-dev branch (closes#28637).
Discussion
----------
[Validator] add number constraints
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28608
| License | MIT
| Doc PR | tbd.
I added the following constraints:
* `Positive`
* `PositiveOrZero`
* `Negative`
* `NegativeOrZero`
Commits
-------
01870398eb [Validator] add number constraints
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Fix the Doctrine transport to use the new interface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29007
| License | MIT
| Doc PR | ø
Commits
-------
75e3355da5 Fix the Doctrine transport to use the new interface
This PR was squashed before being merged into the 3.4 branch (closes#30781).
Discussion
----------
[Intl] Update the ICU data to 64.1
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes, including the intl-data group
| Fixed tickets | -
| License | MIT
| Doc PR | -
http://site.icu-project.org/download/64
Commits
-------
ae2cb6f5c5 [Intl] Update the ICU data to 64.1
This PR was squashed before being merged into the 4.3-dev branch (closes#30754).
Discussion
----------
[Messenger] New messenger:stop-workers Command
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Kinda of #29451
| License | MIT
| Doc PR | symfony/symfony-docs#11236
o/ me again.
This requires and is built on top of #30708
When you deploy, all workers need to be stopped and restarted. That's not currently possible, unless you manually track the pids and send a SIGTERM signal. We can make that much easier :).
Now run:
```
bin/console messenger:stop-workers
```
And it will signal to all workers (even if they're distributed on other servers) that they should stop, once they finish processing their current message. This is done via a key in `cache.app`.
Cheers!
Commits
-------
58971627f5 [Messenger] New messenger:stop-workers Command
This PR was merged into the 4.3-dev branch.
Discussion
----------
[EventDispatcher] Fix BC/FC layer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes
> TypeError: Argument 3 passed to Symfony\Component\EventDispatcher\EventDispatcher::doDispatch() must be an instance of Symfony\Component\EventDispatcher\Event
Spotted in https://github.com/lexik/LexikJWTAuthenticationBundle/pull/637
Commits
-------
caa0aded89 [EventDispatcher] Fix BC layer