This PR was merged into the 5.1 branch.
Discussion
----------
[Validator] allow passing a validator to Validation::createCallable()
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/pull/31466#issuecomment-630054227
Commits
-------
1357cbf8ed [Validator] allow passing a validator to Validation::createCallable()
This PR was merged into the 5.1 branch.
Discussion
----------
[DI][Preload] Remove preload primitive types
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no, but it could be for the future
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
After bump my project to 5.1.x-dev I saw the generated file of `*.preload.php` contains classes that are primitive types like int, string, bool.
```
composer create-project symfony/website-skeleton preload "5.1.x-dev"
cat preload/var/cache/dev/App_KernelDevDebugContainer.preload.php | grep "bool\|string\|int"
```
```
$ cat test/var/cache/dev/App_KernelDevDebugContainer.preload.php | grep "bool\|string\|int"
$classes[] = 'int';
$classes[] = 'string';
$classes[] = 'Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntityValidator';
$classes[] = 'Symfony\Component\Security\Http\EntryPoint\RetryAuthenticationEntryPoint';
$classes[] = 'Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator';
$classes[] = 'Symfony\Component\Serializer\Normalizer\ConstraintViolationListNormalizer';
$classes[] = 'bool';
$classes[] = 'Symfony\Component\Validator\ContainerConstraintValidatorFactory';
$classes[] = 'Symfony\Component\Validator\Constraints\EmailValidator';
$classes[] = 'Symfony\Component\Validator\Constraints\ExpressionValidator';
$classes[] = 'Symfony\Component\Validator\Constraints\NotCompromisedPasswordValidator';
$classes[] = 'Symfony\\Component\\Form\\Extension\\Validator\\Constraints\\Form';
```
I don't know if it is expected behaviour, but if not - then PR fix it.
~~In addition, classes are sorted for better reading.~~
Commits
-------
4d05dbbfb5 [DI] Remove preload primitive types
* 5.0:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
* 4.4:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
* 3.4:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing translations of nn locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30178
| License | MIT
Added missing translations to validator with locale nn
Commits
-------
040d01e53b [Validator] Add missing translations of nn locale
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Responses fetched from upstream sources might have a `X-Content-Digest` header, for example if the Symfony Cache is used upstream. This currently prevents the `Store` from saving such responses. In general, the value of this header should not be trusted.
As I consider this header an implementation detail of the `Store`, the fix tries to be local to that class; we should not rely on the `HttpCache` or other classes to remove untrustworthy headers for us.
This fixes the issue that when using the `HttpCache` in combination with the Symfony HttpClient, responses that have also been cached upstream in an instance of `HttpCache` are not cached locally. It adds the overhead of re-computing the content digest every time the `HttpCache` successfully re-validated a response.
Commits
-------
d8964fb8b7 [HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Intl] bump icu 67.1
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
mainly some new locales+scripts (see 3a3a9ba)
Commits
-------
29eb271184 [Intl] bump icu 67.1
Before this fix it was unavailable to create Connection with access_key and secret_key in options, because they were added to $clientConfiguration var, and check for extra options was against $configuration var. Which lead to exception.
The idea is to check input options against self::DEFAULT_OPTIONS (which contains all available options)
* 5.1:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 5.0:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 4.4:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Security] Unserialize $parentData, if needed, to avoid errors
Check that the $parentData is an array. If it's a string, the variable is unserialized.
Useful to not break the compatibility with the older versions.
Bug reproduced when upgrading from 3.4 to 4.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36813
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
b447433b67 [Security] Unserialize $parentData, if needed, to avoid errors
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix error logger when stderr is redirected to /dev/null
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
The HttpKernel Logger is meant to be used as a last resort logging mechanism when no logger has been explicitly configured (Monolog is not a dependency for instance).
For small apps, that can be more than enough.
But under some circumstances, it does not work. When you are using PHP-FPM, `stderr` is ignored by default (`catch_workers_output` is `false`) and so, logs are ignored as well. There is no issue with the official PHP Docker image as the setting has been explicitly set to `true`. Not an issue with Symfony CLI as well, as we also change the setting. Not a problem either with the PHP built-in server as it does not use PHP FPM anyway.
But, in many other places, where the setting has its default value, logs are lost (as you can imagine, it happened to me). As this feature is meant to be a fallback, I think it should always work, or at least, we need to make everything possible to make it work out of the box; that's why I've considered it a bug and hence a PR on 3.4.
This PR changes the default value for the output to `null`, which uses `error_log()` instead of `stderr` to log errors. Why is it better? The output of `error_log()` is controllable by the `error_logs` PHP ini setting and it is well understood by everyone (the default configuration should always work well); so it should work in most/more cases.
The other change (to be discussed) is to also log messages at the `ERROR` level and not just the `CRITICAL` ones.
/cc @dunglas
Commits
-------
5f829bdaeb [HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 5.1:
Revert "Change priority of KernelEvents::RESPONSE subscriber"
bumped Symfony version to 5.1.0
updated VERSION for 5.1.0-RC1
updated CHANGELOG for 5.1.0-RC1
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Bring back the debug toolbar
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36836
| License | MIT
| Doc PR | N/A
This PR effectively reverts #36789 in order to fix a regression caused by that PR.
Commits
-------
9f8d225aa1 Revert "Change priority of KernelEvents::RESPONSE subscriber"
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Improved upgrade path for custom remember me services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | -
| Deprecations? | -
| Tickets | https://github.com/symfony/symfony/pull/36806#issuecomment-628592543
| License | MIT
| Doc PR |
This improves the upgrade path for custom remember me services now `LogoutHandlerInterface` has been deprecated.
As suggested in https://github.com/symfony/symfony/pull/36806#issuecomment-628592543, the `logout()` method should be added to the `RememberMeServicesInterface` in Symfony 6.
This patch allows developers to write a custom class implementing only `RememberMeServicesInterface` with a `logout()` method. Requiring them to implement `LogoutHandlerInterface` will mean they have to maintain 2 version of the class to support both Symfony 5.1+ and 6.0.
Commits
-------
c49d00f984 Added deprecation for RememberMe services without logout() method
* 5.0:
[VarDumper] fix for change in PHP 7.4.6 (bis)
[VarExporter] fix for change in PHP 7.4.6
[BrowserKit] Allow Referer set by history to be overridden (3.4)
* 4.4:
[VarDumper] fix for change in PHP 7.4.6 (bis)
[VarExporter] fix for change in PHP 7.4.6
[BrowserKit] Allow Referer set by history to be overridden (3.4)
This PR was merged into the 3.4 branch.
Discussion
----------
[BrowserKit] Allow Referer set by history to be overridden
| Q | A
| ------------- | ---
| Branch? | 3.4, see https://github.com/symfony/symfony/pull/36591 for 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
4774946fbd [BrowserKit] Allow Referer set by history to be overridden (3.4)
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[DI] Renamed some PHP-DSL functions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As discussed in #36778, Symfony wants to move from XML to PHP for its own configuration. I propose these function renames to make the PHP-DSL a bit easier to understand:
```php
<?php
// Before
$services->set(Foo::class)
->args([ref(Bar::class), service('stdClass')]);
// After
$services->set(Foo::class)
->args([service(Bar::class), inline_service('stdClass')]);
```
Commits
-------
366405b93d [DI] Renamed some PHP-DSL functions
This PR was merged into the 5.1-dev branch.
Discussion
----------
RememberMeLogoutListener should depend on LogoutHandlerInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
`RememberMeLogoutListener`, which was introduced together with the new authenticator security in Symfony 5.1, depends on `AbstractRememberMeServices`. This forces people to always extend from `AbstractRememberMeServices`, even when they're implementing the correct interface.
I'd suggest to depend on the minimum interface, which is `LogoutHandlerInterface`, instead.
Example of the type errors you'd get otherwise:
`
Argument 1 passed to Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener::__construct() must be an instance of Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices, instance of Scheb\TwoFactorBundle\Security\Authentication\RememberMe\RememberMeServicesDecorator given, called in var/cache/dev/Container3IpOCEd/getSecurity_Logout_Listener_RememberMe_MainService.php on line 22
`
with
```php
class RememberMeServicesDecorator implements RememberMeServicesInterface, LogoutHandlerInterface
[...]
```
Commits
-------
994700fbae Depend on LogoutHandlerInterface