This PR was merged into the 3.3 branch.
Discussion
----------
[Yaml] fix some edge cases with indented blocks
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25329, #25341
| License | MIT
| Doc PR |
Now that comment-like lines are no longer ignored when subparsers are
created, we need to ignore them in some functions (e.g. when detecting
the indentation depth of the next block).
Commits
-------
b201c22 fix some edge cases with indented blocks
This PR was merged into the 3.3 branch.
Discussion
----------
[appveyor] disable memory limit on composer up
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Let's see if this makes appveyor happy.
Commits
-------
362f9bc [appveyor] disable memory limit on composer up
* 2.8:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.8.33
updated VERSION for 2.8.32
updated CHANGELOG for 2.8.32
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
This PR was merged into the 3.3 branch.
Discussion
----------
Remove some unused variables and properties
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
Analyzing symfony/symfony using https://insight.sensiolabs.com, I found several chunks of dead code. This PR removes them in the 3.3 branch.
Commits
-------
8bc2fbb Remove some unused variables and properties
* 2.7:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Remove some unused variables, properties and methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | kind of
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
Analyzing symfony/symfony using https://insight.sensiolabs.com, I found several chunks of dead code. This PR removes them in the 2.7 branch.
fabbot failure is unrelated.
Commits
-------
30e2273 Remove some unused variables, properties and methods
Now that comment-like lines are no longer ignored when subparsers are
created, we need to ignore them in some functions (e.g. when detecting
the indentation depth of the next block).
This PR was merged into the 3.3 branch.
Discussion
----------
[Serializer] Unset attributes when creating child context
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
In some cases, the `attributes` key isn't overrode when creating the context passed to nested normalizers.
It's definitely a bug, but an attacker cannot access to non public data (ignored attributes are checked before the `attributes` key). However some data that must be public may be missing as highlighted by the test.
I've introduced the initial bug here: https://github.com/symfony/symfony/pull/18834
Commits
-------
4ff9d99f23 [Serializer] Unset attributes when creating child context
This PR was merged into the 2.7 branch.
Discussion
----------
[ExpressionLanguage] throw an SyntaxError instead of an undefined index notice
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25214
| License | MIT
| Doc PR | none
I think this is a bug when the components throws a notice instead of an exception.
it's too early and too dark to see something outside so here is my couch :
![img_2915-2](https://user-images.githubusercontent.com/3451634/33592448-6b514050-d98b-11e7-8086-bc6e6b6e6e82.jpg)
Commits
-------
78abc89648 [ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
This PR was merged into the 3.3 branch.
Discussion
----------
[DependencyInjection] Prevent a loop in aliases within the `findDefinition` method
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25338
| License | MIT
| Doc PR | ø
This prevents an infinite loop going when aliases reference themselves. This is based on 3.3 as the "normalized ID" changed to allow non-lowercase names. Fixing this in 2.7 would mean a merge conflict that IMO is not worth it.
Commits
-------
22f35239a4 Prevent a loop in aliases within the `findDefinition` method
This PR was submitted for the master branch but it was squashed and merged into the 3.3 branch instead (closes#25304).
Discussion
----------
[Bridge/PhpUnit] Prefer $_SERVER['argv'] over $argv
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This makes the script usable even if it is wrapped into another script, which is what some IDEs like PHPStorm do.
Commits
-------
1ff22e6acc [Bridge/PhpUnit] Prefer ['argv'] over
This PR was merged into the 3.3 branch.
Discussion
----------
[FrameworkBundle] Fix a bug where a color tag will be shown when passing an antislash
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25193
| License | MIT
| Doc PR | none
You can see in the [reproducer](e6509ffcb4) when running `bin/console debug:container` that there an error in the ouput (like in the issue) when using a class with `\` in the service name.
This PR fix this wrong output. (even if that feels more developer thingy when there are xml everywhere ;)
Commits
-------
890edf7c38 [FrameworkBundle] Fix a bug where a color tag will be shown when passing an antislash
This PR was merged into the 2.7 branch.
Discussion
----------
Fix for missing whitespace control modifier in form layout
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25252
| License | MIT
| Doc PR | -
That single missing whitespace control modifier results in e.g. new line in `data-prototype` attribute when using CollectionType field type in form.
Commits
-------
369075a282 Fix for missing whitespace control modifier in form layout
This PR was merged into the 3.3 branch.
Discussion
----------
[WebProfiler] Disallow viewing dot-files in Profiler
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The file viewer in the profiler should not open files that were specifically intended to be hidden, like specifically .env files, but similarly files like .htaccess that might expose server configuration knowledge.
Added tests validating both the new and old behavior.
Commits
-------
6a2f518e74 Disallow viewing dot-files in Profiler