This PR was merged into the 2.5-dev branch.
Discussion
----------
WebTestCase: Assume relative KERNEL_DIR is relative to phpunit.xml[.dist]?
When using the `KERNEL_DIR` setting in phpunit.xml[.dist] files for the `WebTestCase`, a relative path seems to be interpreted relative to the cwd.
That makes no difference in the probably most common case of having the phpunit config in the project's top level directory and just running `phpunit`. It makes a difference however when running it from a lower level dir and referencing the config with `-c ../../phpunit.xml`.
A conservative change would be to interpret the `KERNEL_DIR` as relative to cwd and only try it as relative to the phpunit.xml[.dist] file if the first path does not exist.
A more consistent approach would be to always have it (in case of relative paths) being relative to the config file. That might break things for folks who intentionally start phpunit from different directories to use different kernels.
The docs seem not to say anything about how it is supposed to used, the example values provided suggest using an absolute path.
Opinions?
Commits
-------
05dc0e1 Consider KERNEL_DIR setting as relative to the PhpUnit XML file if it does not point to a directory (relative to the current cwd)
* 2.4:
fixed CS
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
avoid tables to have apparently long blank line breaks and be too far appart for long nested array params
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
* 2.3:
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/ContainerAwareHttpKernelTest.php
* 2.4: (44 commits)
[FrameworkBundle] Add missing license headers
Fix parent serialization of user object
[DependencyInjection] fixed typo
added condition to avoid skipping tests on JSON_PRETTY support
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[FrameworkBundle] Added extra details in XMLDescriptor to improve container description
fixed CS
Crawler default namespace fix
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
fix deprecated usage and clarify constructor defaults for number formatter
Bumping dependency to ProxyManager to allow testing against the new 0.5.x branch changes
Do normalization on tag options
bumped Symfony version to 2.3.9
...
* 2.3: (31 commits)
Fix parent serialization of user object
[DependencyInjection] fixed typo
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
Do normalization on tag options
bumped Symfony version to 2.3.9
updated VERSION for 2.3.8
update CONTRIBUTORS for 2.3.8
updated CHANGELOG for 2.3.8
[Filesystem] Changed the mode for a target file in copy() to be write only.
[Console] fixed CS
fixed TableHelper when cell value has new line
Improved and fixed grammar mistakes. Added pluralized messages
...
Conflicts:
src/Symfony/Component/BrowserKit/Cookie.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Matcher/UrlMatcher.php
This PR was merged into the 2.4 branch.
Discussion
----------
[Form] Improved debugger icon
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Changes the form icon in the toolbar to be pixel perfect.
| before | after |
| ---------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
|  |  |
Commits
-------
74e59fe Changes the form icon in the toolbar to be pixel perfect.
Instead correctly use the array of schemes from the Route.
Also adjusted the dumpers to dump the correct data.
I extended the tests to not only test the deprecated behavior, but also
the new schemes-requirement.
* 2.4:
[Debug] fixed tests
ErrorHandlerTest: restore_error_handler() on assertion failure
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
bumped Symfony version to 2.4.1
updated VERSION for 2.4.0
updated CHANGELOG for 2.4.0
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
* 2.4:
updated Composer suggested packages
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Default form.csrf_protection.enabled to csrf_protection.enabled
Handled the scenario when no entity manager is passed with closure query builder.
Enabled csrf_protection by default if form.csrf_protection is enabled
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
* 2.3:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Handled the scenario when no entity manager is passed with closure query builder.
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
* 2.2:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/time.html.twig
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.4 branch.
Discussion
----------
Fixed BC break in csrf protection
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9429
| License | MIT
| Doc PR | n/a
Commits
-------
d00954a Default form.csrf_protection.enabled to csrf_protection.enabled
* 2.4:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
fixed lexing expression ending with spaces
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
[HttpKernel] Fix profiler event-listener usage outside request stack context
When getting the session's id, check if the session is not closed
Fix undefined offset when formatting namespace suggestions
Adjusting CacheClear Warmup method to namespaced kernels
* 2.3:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
When getting the session's id, check if the session is not closed
Adjusting CacheClear Warmup method to namespaced kernels
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/CacheClearCommand.php
* 2.2:
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
When getting the session's id, check if the session is not closed
This PR was merged into the 2.3 branch.
Discussion
----------
Adjusting CacheClear Warmup method to namespaced kernels
Backported the patch in #9525 to the 2.3 branch.
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | have not tried yet
| License | MIT
| Fixed tickets | further fixes#1431
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this? If this sounds reasonable i'll do further enhancements and check tests.
Commits
-------
00d79d5 Adjusting CacheClear Warmup method to namespaced kernels
* 2.4:
[HttpKernel] fixed regression introduced in 2.4 in the base DataCollector class. Added more unit tests coverage for the RequestDataCollector object.
Fixed mistake in upgrade docu
bumped Symfony version to 2.4.0
updated VERSION for 2.4.0-RC1
updated CHANGELOG for 2.4.0-RC1
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
Fix an issue when overriding Client::setServerParameters() and using the getContainer() method in it.
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3:
Fixed mistake in upgrade docu
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3: (24 commits)
Add german translation for several validators (Greater/Equal/Less)
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Removed useless check if self::$trustProxies is set
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
[Intl] fixed datetime test as described in #9455
bumped Symfony version to 2.3.8
updated VERSION for 2.3.7
updated CHANGELOG for 2.3.7
re-factor Propel1 ModelChoiceList
[Form] Added method Form::getClickedButton() to remove memory leak in FormValidator
[Locale] fixed the failing test described in #9455
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php
src/Symfony/Bridge/Propel1/Tests/Form/ChoiceList/ModelChoiceListTest.php
src/Symfony/Bridge/Propel1/Tests/Propel1TestCase.php
src/Symfony/Component/Form/Tests/CompoundFormTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/Process.php
* 2.2:
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
re-factor Propel1 ModelChoiceList
[Locale] fixed the failing test described in #9455
[Process] fix phpdoc and timeout of 0
bug #9445 [BrowserKit] fixed protocol-relative url redirection
Conflicts:
src/Symfony/Component/BrowserKit/Tests/ClientTest.php
src/Symfony/Component/Locale/Tests/Stub/StubIntlDateFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
[SecurityBundle] Added csrf_token_generator and csrf_token_id as new
names for csrf_provider and intention options
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #9176
| License | MIT
| Doc PR | n/a
Commits
-------
f2f15f5 [SecurityBundle] Added csrf_token_generator and csrf_token_id as new names for csrf_provider and intention options
This PR was merged into the master branch.
Discussion
----------
Cache Warmup Breaks Namespaced Kernel
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | have not tried yet
| License | MIT
| Fixed tickets | further fixes#1431
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this? If this sounds reasonable i'll do further enhancements and check tests.
Commits
-------
9e7788e Cache Warmup Breaks Namespaced Kernel
This PR was merged into the master branch.
Discussion
----------
unify constructor initialization style throughout symfony
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
In almost all classes symfony uses property initialization when the value is static. Constructor initialization is only used for things that actually have logic, like passed parameters or dynamic values. IMHO it makes the code much more readable because property definition, phpdoc and default value is in one place. Also one can easily see what the constructor implements for logic like overridden default value of a parent class. Otherwise the real deal is just hidden behind 10 property initializations. One more advantage is that it requires less code. As you can see, the code was almost cut in half (210 additions and 395 deletions).
I unified it accordingly across symfony. Sometimes it was [not even consistent within one class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Config/Definition/BaseNode.php#L32). At the same time I recognized some errors like missing parent constructor call, or undefined properties or private properties that are not even used.
I then realized that a few Kernel tests were not passing because they were deeply implementation specific like modifying booted flag with a custom `KernelForTest->setIsBooted();`. I improved and refactored the kernel tests in the __second commit__.
__Third commit__ unifies short ternary operator, e.g. `$foo ?: new Foo()`. __Forth commit__ unifies missing parentheses, e.g. `new Foo()`.
Commits
-------
077a089 unify missing parentheses
2888594 unify short ternary operator
2a9daff [HttpKernel] better written kernel tests
111ac18 unify constructor initialization style throughout symfony
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] use the new request_stack service in the GlobalVariables object
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
9c2ce49 [FrameworkBundle] use the new request_stack object in the GlobalVariables object
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2e07338 [FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
This PR was merged into the 2.2 branch.
Discussion
----------
CS fix
I hope this is not BC break though handler_id checking should be done with identical comparison operator I believe.
Commits
-------
1b6b1e9 if handler_id is identical to null fix
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this?
* 2.3: (25 commits)
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
Fixed bug with lazy services
[Translation] fixed the error in the dumper test as described in #9475
deleted mixing string concatenation inside a sprintf
"__call()" should be displayed only if $this->magicCall is true
[Console] fix phpdoc and constructor default value
Add media-query for printing: Do not print the toolbar.
Fix ProgressHelper redraw when redrawFreq is greater than 1
Update toolbar.css.twig
slovenian translations fixed
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
[Form] fix and unify phpdoc
...
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
adjust doctrine dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9384, #9385
| License | MIT
| Doc PR | -
I went through all components/bundles/bridges in symfony and searched for doctrine dependencies. Then looked if it only requires a subset (annotations instead of common for example).
Commits
-------
7366901 adjust doctrine dependencies
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfilerBundle] Small bugfix in CSS: don't make links bold.
If the CSS in your application has something like `a { font-weight: bold; }` to make links bold by default, they will also show up **bold** in the profilers toolbar, which doesn't look right. This patch explicitly sets the font-weight to 'normal', as it should be.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
984566d Add media-query for printing: Do not print the toolbar.
cf1b7cf Update toolbar.css.twig
b6738b6 Set the font-weight for links to 'normal', to prevent ugly bold links.
* 2.2:
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
update CONTRIBUTORS
added content length header to BinaryFileResponse
[Routing] added working test case for issue #5135
This PR was merged into the master branch.
Discussion
----------
Add X-Debug-Url profiler url header
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | None
Hey, working with rest APIs I find it way more convenient to have the profiler url directly in the header ... We human are used to deal with hypermedia!
A little bit of hateoas in symfony :)
Commits
-------
2f09754 Add X-Debug-Url profiler url header
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] Update deprecation message
Small addition to (doc string only):
https://github.com/symfony/symfony/pull/9252
Commits
-------
b057fab [FrameworkBundle] Update deprecation message
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
The removal of the Profiler dependency on the TraceableEventDispatcher (#9170) allows to remerge the patch from #9068 that fixes#6686.
This PR also cleans up how profiles are stored. A Profile is now always stored only once.
The fix will only be available on 2.4+ as the changes are too deep to be backported to 2.2 and 2.3.
Commits
-------
1e1835e [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was squashed before being merged into the master branch (closes#9252).
Discussion
----------
[FrameworkBundle] Only enable CSRF protection when enabled in config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe?
| Deprecations? | no
| Tests pass? | I hope, master was already broken here
| License | MIT
bf85e8365a introduced new service configuration for CSRF protection in the frameworkbundle. It is always enabled even if you don't use it. Since it also depends on enabling the session that's not so nice.
Commits
-------
60dce14 [FrameworkBundle] Only enable CSRF protection when enabled in config
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
Added missing "@throws" PHPdoc comments in controllers
Updated deprecated reference to Symfony\Component\HttpKernel\Debug\ExceptionHandler to use Symfony\Component\Debug\ExceptionHandler instead
* 2.3:
bumped Symfony version to 2.3.7
updated VERSION for 2.3.6
updated CHANGELOG for 2.3.6
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
[HttpKernel] Fixed a test (compiler pass class name has been changed).
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/Pbkdf2PasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
src/Symfony/Component/Security/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
* 2.2:
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
* 2.3:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
remove MinCount and MaxCount contraints. It has been replaced by Count constraints.
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Bridge/Propel1/Tests/Form/PropelTypeGuesserTest.php
* 2.2:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
[Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9210
| License | MIT
| Doc PR | -
This is a follow-up PR of #6554 that splits the CsrfTokenGenerator into two separate classes for generating and managing CSRF tokens. As a consequence, it is now possible to explicitly remove or refresh CSRF tokens if they should be used only once. See #9210 for more information.
Commits
-------
d4bb5f4 [Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
Commits
-------
31c6c62 [FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
* 2.3:
Fix: duplicate usage of Symfony\Component\HttpFoundation\Response
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
Revert "merged branch Tobion/flattenexception (PR #9111)"
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
This PR was squashed before being merged into the master branch (closes#7887).
Discussion
----------
[FrameworkBundle] adds routing/container descriptors
The goal of this PR is to add descriptors (as in #7454) for routing and container. This will permit add a `--format` option to `router:debug` and `container:debug` commands (with `txt`, `json`, `xml` and `md` formats).
Commits
-------
22f9bc8 [FrameworkBundle] adds routing/container descriptors
This PR was squashed before being merged into the master branch (closes#8927).
Discussion
----------
[Templating] fix logic regarding template references and many phpdocs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
this clarifies the expected types and exceptions by much. and it fixes some logic flaws.
- missing info/methods in interfaces
- respecting Twig_LoaderInterface only accepting strings, not objects
related to fabpot/Twig#1183 but does not depend on it
Commits
-------
f6c12bd [Templating] fix logic regarding template references and many phpdocs
This PR was merged into the master branch.
Discussion
----------
Decoupled TraceableEventDispatcher from the Profiler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR removes the Profiler dependency on the TraceableEventDispatcher. That makes things more decoupled and cleaner. This PR also cleans up how profiles are stored; a Profile is now always stored only once.
I've created a `LateDataCollectorInterface` that is implemented for data collector that needs to get information from data that are available very late in the request process (when the request and the response are not even available anymore). The `lateCollect()` method is called just before the profile is stored.
We have 3 data collectors that implement that interface:
* Time: As the traceable event dipsatcher gets inject timing information via the stopwatch about all events (including the `terminate` one), we need to get events from the stopwatch as late as possible.
* Event: The traceable event dispatcher gathers all called listeners to determine non-called ones. To be able to accurately do that for all events (including the `terminate` one), we need to get the data as late as possible.
* Memory: We want to get the memory as late as possible to get the most accurate number as possible
I'm not very happy with the name and as always, better suggestions would be much appreciated.
This is an extract from #9168
Commits
-------
5cedea2 [HttpKernel] added LateDataCollectorInterface
9c4bc9a [HttpKernel] decoupled TraceableEventDispatcher and Profiler
This PR was merged into the master branch.
Discussion
----------
[Security] Added Security\Csrf sub-component with better token generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
**Update September 27, 2013**
This PR simplifies the CSRF mechanism to generate completely random tokens. A random token is generated once per ~~intention~~ token ID and then stored in the session. Tokens are valid until the session expires.
Since the CSRF token generator depends on `StringUtils` and `SecureRandom` from Security\Core, and since Security\Http currently depends on the Form component for token generation, I decided to add a new Security\Csrf sub-component that contains the improved CSRF token generator. Consequences:
* Security\Http now depends on Security\Csrf instead of Form
* Form now optionally depends on Security\Csrf
* The configuration for the "security.secure_random" service and the "security.csrf.*" services was moved to FrameworkBundle to guarantee BC
In the new Security\Csrf sub-component, I tried to improve the naming where I could do so without breaking BC:
* CSRF "providers" are now called "token generators"
* CSRF "intentions" are now called "token IDs", because that's really what they are
##### TODO
- [ ] The documentation needs to be checked for references to the configuration of the application secret. Remarks that the secret is used for CSRF protection need to be removed.
- [ ] Add aliases "csrf_token_generator" and "csrf_token_id" for "csrf_provider" and "intention" in the SecurityBundle configuration
- [x] Make sure `SecureRandom` never blocks for `CsrfTokenGenerator`
Commits
-------
7f02304 [Security] Added missing PHPDoc tag
2e04e32 Updated Composer dependencies to require the Security\Csrf component where necessary
bf85e83 [FrameworkBundle][SecurityBundle] Added service configuration for the new Security CSRF sub-component
2048cf6 [Form] Deprecated the CSRF implementation and added an optional dependency to the Security CSRF sub-component instead
85d4959 [Security] Changed Security HTTP sub-component to depend on CSRF sub-component instead of Form
1bf1640 [Security] Added CSRF sub-component
This PR was merged into the master branch.
Discussion
----------
[Form] Rewrite boolean attributes to match HTML spec
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #7856
> 'The presence of a boolean attribute on an element represents the true value, and the absence of the attribute represents the false value.' - http://www.w3.org/html/wg/drafts/html/master/infrastructure.html#boolean-attribute
This commit modifies widget_container_attributes and widget_attributes so that:
* `true` values render as the attribute name with the attribute name repeated as the value
* `false` values are not rendered
The comparison is strict using sames() in twig.
Previously `false` values would have been rendered as `some-attribute=""` which according to the spec would actually make them a boolean attribute and therefore equal to true.
Commits
-------
b85577b [Form] Improved test coverage of widget_attributes and widget_container_attributes blocks
8e4c2a7 [Form] Rewrite boolean attributes to match HTML spec
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
This PR was merged into the master branch.
Discussion
----------
[Translation] Added support for JSON format (both loader and dumper).
Based on `IniFileLoader\Dumper`.
Q | A
--- | ---
Bug fix? |no
New feature? | yes
BC breaks?| no
Deprecations? |no
Tests pass? | yes
Fixed tickets | -
License | MIT
Doc | this component don't have docs
Commits
-------
fcef021 [Translation] Added support for JSON format (both loader and dumper).
* 2.3:
Run all tests in parallel.
Fixed an entity class name.
[HttpKernel] fix usage of deprecated FlattenException
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
* 2.3:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
* 2.2:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
Conflicts:
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/Locale/Stub/StubNumberFormatter.php
src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
[ExpressionLanguage] made minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9087
| License | MIT
| Doc PR | n/a
* made ExpressionLanguage::parse return an ParsedExpression instance
* optimized the size of the serialization of expressions
Commits
-------
e869136 [ExpressionLanguage] renamed addFunction() to register()
5076ec7 [ExpressionLanguage] optimized serialization of nodes and expressions
60b9f85 [ExpressionLanguage] made ExpressionLanguage::parse return an ParsedExpression instance
This PR was merged into the master branch.
Discussion
----------
New Component: Expression Language
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8850, #7352
| License | MIT
| Doc PR | not yet
TODO:
- [ ] write documentation
- [x] add tests for the new component
- [x] implement expression support for access rules in the security component
- [x] find a better character/convention for expressions in the YAML format
- [x] check the performance of the evaluation mode
- [x] better error messages in the evaluation mode
- [x] add support in the Routing
- [x] add support in the Validator
The ExpressionLanguage component provides an engine that can compile and
evaluate expressions.
An expression is a one-liner that returns a value (mostly, but not limited to, Booleans).
It is a strip-down version of Twig (only the expression part of it is
implemented.) Like Twig, the expression is lexed, parsed, and
compiled/evaluated. So, it is immune to external injections by design.
If we compare it to Twig, here are the main big differences:
* only support for Twig expressions
* no ambiguity for calls (foo.bar is only valid for properties, foo['bar'] is only valid for array calls, and foo.bar() is required for method calls)
* no support for naming conventions in method calls (if the method is named getFoo(), you must use getFoo() and not foo())
* no notion of a line for errors, but a cursor (we are mostly talking about one-liners here)
* removed everything specific to the templating engine (like output escaping or filters)
* no support for named arguments in method calls
* only one extension point with functions (no possibility to define new operators, ...)
* and probably even more I don't remember right now
* there is no need for a runtime environment, the compiled PHP string is self-sufficient
An open question is whether we keep the difference betweens arrays and hashes.
The other big difference with Twig is that it can work in two modes (possible
because of the restrictions described above):
* compilation: the expression is compiled to PHP and is self-sufficient
* evaluation: the expression is evaluated without being compiled to PHP (the node tree produced by the parser can be serialized and evaluated afterwards -- so it can be saved on disk or in a database to speed up things when needed)
Let's see a simple example:
```php
$language = new ExpressionLanguage();
echo $language->evaluate('1 + 1');
// will echo 2
echo $language->compile('1 + 2');
// will echo "(1 + 2)"
```
The language supports:
* all basic math operators (with precedence rules):
* unary: not, !, -, +
* binary: or, ||, and, &&, b-or, b-xor, b-and, ==, ===, !=, !==, <, >, >=, <=, not in, in, .., +, -, ~, *, /, %, **
* all literals supported by Twig: strings, numbers, arrays (`[1, 2]`), hashes
(`{a: "b"}`), Booleans, and null.
* simple variables (`foo`), array accesses (`foo[1]`), property accesses
(`foo.bar`), and method calls (`foo.bar(1, 2)`).
* the ternary operator: `true ? true : false` (and all the shortcuts
implemented in Twig).
* function calls (`constant('FOO')` -- `constant` is the only built-in
functions).
* and of course, any combination of the above.
The compilation is better for performances as the end result is just a plain PHP string without any runtime. For the evaluation, we need to tokenize, parse, and evaluate the nodes on the fly. This can be optimized by using a `ParsedExpression` or a `SerializedParsedExpression` instead:
```php
$nodes = $language->parse($expr, $names);
$expression = new SerializedParsedExpression($expr, serialize($nodes));
// You can now store the expression in a DB for later reuse
// a SerializedParsedExpression can be evaluated like any other expressions,
// but under the hood, the lexer and the parser won't be used at all, so it''s much faster.
$language->evaluate($expression);
```
That's all folks!
I can see many use cases for this new component, and we have two use cases in
Symfony that we can implement right away.
## Using Expressions in the Service Container
The first one is expression support in the service container (it would replace
#8850) -- anywhere you can pass an argument in the service container, you can
use an expression:
```php
$c->register('foo', 'Foo')->addArgument(new Expression('bar.getvalue()'));
```
You have access to the service container via `this`:
container.get("bar").getvalue(container.getParameter("value"))
The implementation comes with two functions that simplifies expressions
(`service()` to get a service, and `parameter` to get a parameter value). The
previous example can be simplified to:
service("bar").getvalue(parameter("value"))
Here is how to use it in XML:
```xml
<parameters>
<parameter key="value">foobar</parameter>
</parameters>
<services>
<service id="foo" class="Foo">
<argument type="expression">service('bar').getvalue(parameter('value'))</argument>
</service>
<service id="bar" class="Bar" />
</services>
```
and in YAML (I chose the syntax randomly ;)):
```yaml
parameters:
value: foobar
services:
bar:
class: Bar
foo:
class: Foo
arguments: [@=service("bar").getvalue(parameter("value"))]
```
When using the container builder, Symfony uses the evaluator, but with the PHP
dumper, the compiler is used, and there is no overhead as the expression
engine is not needed at runtime. The expression above would be compiled to:
```php
$this->get("bar")->getvalue($this->getParameter("value"))
```
## Using Expression for Security Access Control Rules
The second use case in Symfony is for access rules.
As we all know, the way to configure the security access control rules is confusing, which might lead to insecure applications (see http://symfony.com/blog/security-access-control-documentation-issue for more information).
Here is how the new `allow_if` works:
```yaml
access_control:
- { path: ^/_internal/secure, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" }
```
This one restricts the URLs starting with `/_internal/secure` to people browsing from the localhost. Here, `request` is the current Request instance. In the expression, there is access to the following variables:
* `request`
* `token`
* `user`
And to the following functions:
* `is_anonymous`
* `is_authenticated`
* `is_fully_authenticated`
* `is_rememberme`
* `has_role`
You can also use expressions in Twig, which works well with the `is_granted` function:
```jinja
{% if is_granted(expression('has_role("FOO")')) %}
...
{% endif %}
```
## Using Expressions in the Routing
Out of the box, Symfony can only match an incoming request based on some pre-determined variables (like the path info, the method, the scheme, ...). But some people want to be able to match on more complex logic, based on other information of the Request object. That's why we introduced `RequestMatcherInterface` recently (but we no default implementation in Symfony itself).
The first change I've made (not related to expression support) is implement this interface for the default `UrlMatcher`. It was simple enough.
Then, I've added a new `condition` configuration for Route objects, which allow you to add any valid expression. An expression has access to the `request` and to the routing `context`.
Here is how one would configure it in a YAML file:
```yaml
hello:
path: /hello/{name}
condition: "context.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
Why do I keep the context as all the data are also available in the request? Because you can also use the condition without using the RequestMatcherInterface, in which case, you don't have access to the request. So, the previous example is equivalent to:
```yaml
hello:
path: /hello/{name}
condition: "request.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
When using the PHP dumper, there is no overhead as the condition is compiled. Here is how it looks like:
```php
// hello
if (0 === strpos($pathinfo, '/hello') && preg_match('#^/hello/(?P<name>[^/]++)$#s', $pathinfo, $matches) && (in_array($context->getMethod(), array(0 => "GET", 1 => "HEAD")) && preg_match("/firefox/i", $request->headers->get("User-Agent")))) {
return $this->mergeDefaults(array_replace($matches, array('_route' => 'hello')), array ());
}
```
Be warned that conditions are not taken into account when generating a URL.
## Using Expressions in the Validator
There is a new Expression constraint that you can put on a class. The expression is then evaluated for validation:
```php
use Symfony\Component\Validator\Constraints as Assert;
/**
* @Assert\Condition(condition="this.getFoo() == 'fo'", message="Not good!")
*/
class Obj
{
public function getFoo()
{
return 'foo';
}
}
```
In the expression, you get access to the current object via the `this` variable.
## Dynamic annotations
The expression language component is also very useful in annotations. the SensoLabs FrameworkExtraBundle leverages this possibility to implement HTTP validation caching in the `@Cache` annotation and to add a new `@Security` annotation (see sensiolabs/SensioFrameworkExtraBundle#238.)
Commits
-------
d4ebbfd [Validator] Renamed Condition to Expression and added possibility to set it onto properties
a3b3a78 [Validator] added a constraint that runs an expression
1bcfb40 added optimized versions of expressions
984bd38 mades things more consistent for the end user
d477f15 [Routing] added support for expression conditions in routes
86ac8d7 [ExpressionLanguage] improved performance
e369d14 added a Twig extension to create Expression instances
38b7fde added support for expression in control access rules
2777ac7 [HttpFoundation] added ExpressionRequestMatcher
c25abd9 [DependencyInjection] added support for expressions in the service container
3a41781 [ExpressionLanguage] added support for regexes
9d98fa2 [ExpressionLanguage] added the component
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fix typo and remove unused logger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a33cc51 [Security] remove unused logger
62de9c1 [Security] fix typo
* 2.3:
fixed phpdoc
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
* 2.2:
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Command/Command.php
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/README.md
src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
This PR was squashed before being merged into the 2.2 branch (closes#9067).
Discussion
----------
Fix some annotates
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
send those fixes in branch 2.2
This pr includes #9065
Commits
-------
de39bd5 Fix some annotates
This PR was merged into the 2.2 branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
Commits
-------
f65a526 [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was merged into the master branch.
Discussion
----------
[Security] Split the component into 3 sub-components Core, ACL, HTTP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9047, #8848
| License | MIT
| Doc PR | -
The rationale behind this PR is to be able to use any of the sub components without requiring all the dependencies of the other sub components. Specifically, I'd like to use the core utils for an improved CSRF protection mechanism (#6554).
Commits
-------
14e9f46 [Security] removed unneeded hard dependencies in Core
5dbec8a [Security] fixed README files
62bda79 [Security] copied the Resources/ directory to Core/Resources/
7826781 [Security] Split the component into 3 sub-components Core, ACL, HTTP
This PR was squashed before being merged into the master branch (closes#8635).
Discussion
----------
[Config] Create XML Reference Dumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Only Yaml was supported. This PR adds support for XML. This makes it easier to test XML schema's (see symfony-cmf/MenuBundle#114 ), helps us at the docs with our configuration reference and helps others using XML with symfony.
## Todo
- [x] Prototyped arrays don't work properly
- [x] Add comments (see Yaml dumper)
- [x] Add namespaces support
## Side effects
I've moved the reference dumpers to their own namespace and renamed the original reference dumper to `YamlReferenceDumper`. The old one is kept for BC, but deprecated.
/cc @dantleech
Commits
-------
05e9ca7 [Config] Create XML Reference Dumper
* 2.3:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[DomCrawler] fixed HTML5 form attribute handling
Making tests pass on mac os x without this change tests would fail under mac os x at least in 10.8.2
[BrowserKit] Fixed the handling of parameters when redirecting
[Process] Properly close pipes after a Process::stop call
fixed bytes conversion when used on 32-bits systems
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Form] Fixed: "required" attribute is not added to <select> tag if no empty value
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.2:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[BrowserKit] Fixed the handling of parameters when redirecting
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/BrowserKit/Client.php
src/Symfony/Component/DomCrawler/Crawler.php
* 2.3:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
* 2.2:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
* 2.3:
[WebProfilerBundle] fixed toolbar for IE8 (refs #8380)
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
* 2.3:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
[Process] Fix process merge in 2.3
[Intl] made RegionBundle and LanguageBundle merge fallback data when using a country-specific locale
* 2.2:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
Conflicts:
src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/Process/Process.php
This PR was merged into the 2.2 branch.
Discussion
----------
Fixed registration of private event listeners/subscribers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6541
| License | MIT
| Doc PR | n/a
When registering a private event subscriber/listener, the listener was just ignored.
This PR does two things to fix the problem:
* the event listener pass is done earlier to get access to the private services
* when a private service is identified, a proper exception is thrown
Commits
-------
8444339 [HttpKernel] added a check for private event listeners/subscribers
427ee19 [FrameworkBundle] fixed registration of the register listener pass
* 2.3:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
Removed duplicate annotation
[HttpKernel] made code more reliable
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/GenericEntityChoiceListTest.php
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypeTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
This PR was squashed before being merged into the master branch (closes#8657).
Discussion
----------
Added option to show controllers optionally in the router:debug command
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Added option to show controllers in the router debug command as a convenience function.
app/console router:debug --show-controllers
Commits
-------
6fd32f3 Added option to show controllers optionally in the router:debug command
* 2.2:
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
* 2.3:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
removed unused variable
[Form] fix iterator typehint
typos
Button missing getErrorsAsString() fixes#8084 Debug: Not calling undefined method anymore. If the form contained a submit button the call would fail and the debug of the form wasn't possible. Now it will work in all cases. This fixes#8084
Use isset() instead of array_key_exists() in DIC
Fixed annotation
[BrowserKit] fixed method/files/content when redirecting a request
[BrowserKit] removed some headers when redirecting a request
[BrowserKit] fixed headers when redirecting if history is set to false (refs #8697)
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
[BrowserKit] Pass headers when `followRedirect()` is called
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
* 2.2:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
typos
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Console/Application.php
set logger in extension , so its only done in debug mode
add psr/log to suggest of templating
add test for setLogger and refactor tests to not depend that much an
deprecated functionality
* 2.3:
Clear lazy loading initializer after the service is successfully initialized
[FrameworkBundle] added support for double-quoted strings in the extractor (closes#8797)
[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
bumped Symfony version to 2.3.5-DEV
updated VERSION for 2.3.4
updated CHANGELOG for 2.3.4
bumped Symfony version to 2.2.7
updated VERSION for 2.2.6
update CONTRIBUTORS for 2.2.6
updated CHANGELOG for 2.2.6
clearToken exception is thrown at wrong place.
fix typo in test skipped message
[Form] Fixed Form::all() signature for PHP 5.3.3
[Form] Fixed Form::all() signature for PHP 5.3.3
[Locale] Fixed: Locale::setDefault() throws no exception when "en" is passed
[Locale] Fixed: StubLocale::setDefault() throws no exception when "en" is passed
[Translation] Grammar fix
[Yaml] fixed embedded folded string parsing
[Validator] fixed Boolean handling in XML constraint mappings (closes#5603)
[Translation] Fixed regression: When only one rule is passed to transChoice(), this rule should be used
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
[FrameworkBundle] added support for double-quoted strings in the extractor (closes#8797)
[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
Conflicts:
src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
* 2.3:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Tests/Fragment/RoutableFragmentRendererTest.php
* 2.2:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
This PR was merged into the 2.2 branch.
Discussion
----------
fixed request format when forwarding a request
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6932
| License | MIT
| Doc PR | n/a
When calling forward() in a controller, the format is not the same as for the master request.
Commits
-------
7e87eb1 fixed request format when forwarding a request
This PR was merged into the master branch.
Discussion
----------
removed deps checks in unit tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As Composer is now widely used in the PHP world, having to run composer install before running the test suite is expected. This also has the nice benefit of removing a bunch of code, making things easier to maintain (there is only one place to declare a dev dependency), and probably more.
see fabpot/Silex#626 where we did the same a while ago for Silex.
Commits
-------
de50621 removed deps checks in unit tests
* 2.3:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Include untrusted host in the exception message
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
* 2.2:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Conflicts:
UPGRADE-3.0.md
src/Symfony/Component/Locale/Resources/data/build-data.php
This PR was merged into the 2.2 branch.
Discussion
----------
Sets _format attribute only if it wasn't set previously by the user
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8787, #8791
| License | MIT
| Doc PR |
Commits
-------
9bb7a3d fixed request format of sub-requests when explicitely set by the developer (closes#8787)
fa35597 Sets _format attribute only if it wasn't set previously by the user.
As Composer is now widely used in the PHP world, having to run composer
install before running the test suite is expected. This also has the
nice benefit of removing a bunch of code, making things easier to
maintain (there is only one place to declare a dev dependency), and
probably more.
* 2.3:
[Process] Revert change
[Process] Fix#8746 : slowness added in unit tests since #8741
[Process] Fix#8742 : Signal-terminated processes are not successful
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
[TwigBridge] removed superflous ; when rendering form_enctype() (closes#8660)
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Fix internal sub-request creation
[FrameworkBundle] made code more generic
[Form] Moved auto_initialize option to the BaseType
Use strstr instead of strpos
Make sure ContextErrorException is loaded during compile time errors
Fix empty process argument escaping on Windows
Ignore null value in comparison validators
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
src/Symfony/Component/Process/Process.php
* 2.2:
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Use strstr instead of strpos
Conflicts:
src/Symfony/Component/Finder/Shell/Command.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
changed the ESI fragment renderer to be always registered
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This is an alternative implementation for #8427
Commits
-------
09f727b changed the ESI fragment renderer to be always registered
* 2.3:
added missing support for the new output API in PHP 5.4+
Fixed bug introduced in #8675
made the filesystem loader compatible with Twig 2.0
bumped Symfony version to 2.3.4-DEV
updated VERSION for 2.3.3
updated CHANGELOG for 2.3.3
bumped Symfony version to 2.2.6
updated VERSION for 2.2.5
update CONTRIBUTORS for 2.2.5
updated CHANGELOG for 2.2.5
[Intl] Updated stubs to reflect ICU 51.2
replaced deprecated Twig features
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
added missing support for the new output API in PHP 5.4+
Fixed bug introduced in #8675
made the filesystem loader compatible with Twig 2.0
bumped Symfony version to 2.2.6
updated VERSION for 2.2.5
update CONTRIBUTORS for 2.2.5
updated CHANGELOG for 2.2.5
replaced deprecated Twig features
Conflicts:
src/Symfony/Bridge/Twig/Extension/FormExtension.php
src/Symfony/Bridge/Twig/Extension/RoutingExtension.php
src/Symfony/Component/HttpKernel/Kernel.php
