This PR was merged into the 2.7 branch.
Discussion
----------
Update misleading comment about RFC4627
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
RFC 4627 does not dictate escaping of HTML special characters
Commits
-------
72b6c9e Update misleading comment about RFC4627
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Check for class existence before is_subclass_of
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Same as #19342
Commits
-------
8a9e0f5 [FrameworkBundle] Check for class existence before is_subclass_of
This PR was submitted for the 3.0 branch but it was merged into the 2.7 branch instead (closes#19862).
Discussion
----------
Update GroupSequence.php
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Corrected the docblock example
Commits
-------
c8f3741 Update GroupSequence.php
This PR was squashed before being merged into the 2.7 branch (closes#19830).
Discussion
----------
Code enhancement and cleanup
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
325da3c Code enhancement and cleanup
On 32-bit systems the cookie expiration value was not being calculated
correctly as it was being fetched as an integer. When the timestamp exceeded
the PHP_INT_MAX size it would return an invalid value, breaking the cookie
construction.
The BrowserKit cookie has now been updated to get the timestamp as a string
which works around this platform limitation.
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] Remove legacy code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
It looks like these lines were forgotten during the transition to 2.0 as references are already [managed in `Inline`](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Yaml/Inline.php#L542-L559).
Commits
-------
a88dff3 [Yaml] Remove legacy code
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Various minor fixes & cleanups
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
Minor fixes & cleanups found while working on a few VarDumper enhancements.
I'm going to merge this one quickly to unlock the other PRs I'm preparing for master.
Commits
-------
a989491 [VarDumper] Various minor fixes & cleanups
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Add missing SsiFragmentRendererTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
One notable difference between ESI/SSI fragments renderers is that [passing options to the strategy doesn't impact the rendered ssi include tag](d666c64eb0 (diff-98eb5db767a1d6600cff43b74800ae46R37)).
Commits
-------
6c89199 [HttpKernel] Add missing SsiFragmentRendererTest
This PR was merged into the 2.7 branch.
Discussion
----------
[DoctrineBridge] Enhance exception message in EntityUserProvider
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Lots of people use the `UserEntityProvider` without having a custom Repository for the user entity configured on the entity provider and in this case, if the `property` key of the provider isn't set, the exception thrown says:
> The Doctrine repository "Doctrine\ORM\EntityRepository" must implement Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface
"Doctrine\ORM\EntityRepository" doesn't feel relevant.
Plus, we can't guess that the exception is thrown first because there is no `property` configured on the corresponding provider, that is useful to have in the trace IMHO.
If accepted, `"Symfony\Component\Security\Core\User\UserProviderInterface"` will need to be replaced by `"Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface"` when merging in newer branches.
Commits
-------
acc0460 [DoctrineBridge] Enhance exception message in EntityUserProvider
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] BasicAuthenticationListener: simpler getting value from Request
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Unless I'm mistaken, the default `null` should be OK. If it's not, I will create a new PR with a test proving that `false` or other "special" value must be used.
Commits
-------
d67f090 SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
As discussed right now on php-internals, this string is ignored and the docs only tells about null.
Commits
-------
0f95708 [ClassLoader] Fix tests
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Swap dumper services at bootstrap
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
Commits
-------
d80589c [Debug] Swap dumper services at bootstrap
This PR was merged into the 2.7 branch.
Discussion
----------
[DI][2.7] Include dynamic services in alternatives
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
428b5cc include dynamic services in list of alternatives
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes (aka "small-bc-breaks")
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
On PHP 7.2:
- `is_object()` is going to return `true` for `__PHP_Incomplete_Class` instances
- `gettype($closed_resource);` returns "resource (closed)"
ping @nikic FYI
see https://travis-ci.org/symfony/symfony/jobs/154114269 for fixed tests (except the one on ClassLoader which is a BC break on 7.1 that should be fixed there IMHO).
Commits
-------
feb2cd0 [Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes
This PR was squashed before being merged into the 2.7 branch (closes#19666).
Discussion
----------
Verify explicitly that the request IP is a valid IPv4 address
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Take the following base code (the array is based on [CloudFlare IP Ranges](https://www.cloudflare.com/ips/)):
```php
use Symfony\Component\HttpFoundation\IpUtils;
$ips = [
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"104.16.0.0/12",
"108.162.192.0/18",
"131.0.72.0/22",
"141.101.64.0/18",
"162.158.0.0/15",
"172.64.0.0/13",
"173.245.48.0/20",
"188.114.96.0/20",
"190.93.240.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"199.27.128.0/21",
"2400:cb00::/32",
"2405:8100::/32",
"2405:b500::/32",
"2606:4700::/32",
"2803:f800::/32",
"2c0f:f248::/32",
"2a06:98c0::/29",
];
```
Before this PR, the following code would have returned `true` instead of the expected `false` value:
```php
IpUtils::checkIp('blablabla', $ips);
```
This due to the `ip2long` function returning `false` for an invalid IP address, thus returning `"00000000000000000000000000000000"` with the following code:
```php
sprintf('%032b', ip2long('blablabla'));
```
To fix this I simply check if the `$requestIp` variable contains a valid IP address.
Commits
-------
17e418c Verify explicitly that the request IP is a valid IPv4 address
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix too strict test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
This test is too strict and prevents adding properties to Data objects for no reason.
Commits
-------
2e7301d [HttpKernel] Fix too strict test
This PR was merged into the 2.7 branch.
Discussion
----------
Exception details break the layout
Exception details break the layout
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| License | MIT
By adding `word-wrap: break-word;` the exception details will wrap inside the block.
Commits
-------
00b4ecb Exception details break the layout
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Remove unnecessary block calling for choices without "choice_attr" option. This check gain the performance on a large datasets.
Previous Pull to master #19527
Commits
-------
bf6748d Move space from the before 'if' to the after 'if'
d1cf4d1 [TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
This PR was squashed before being merged into the 2.7 branch (closes#19549).
Discussion
----------
[HttpFoundation] fixed Request::getContent() reusage bug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
After calling ```Request::getContent(true)```, subsequent calls to the
same instance method (withouth the ```$asResource``` flag) always returned
```false``` instead of the request body as a plain string.
A unit test already existed to guard against this behaviour (the 'Resource then fetch' case) but it
yielded a false positive because it was comparing ```''``` to ```false``` using
PHPUnit's ```assertEquals``` method instead of ```assertSame```.
For completeness sake I also added the missing usage permutations in
the data provider, which already worked OK.
Commits
-------
c42ac66 [HttpFoundation] fixed Request::getContent() reusage bug
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
This PR was merged into the 2.7 branch.
Discussion
----------
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19531
| License | MIT
| Doc PR |
Commits
-------
c951bb6Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
This PR was squashed before being merged into the 2.7 branch (closes#19468).
Discussion
----------
[Intl] Update ICU data to 57.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19315
| License | MIT
| Doc PR | -
I think the only thing that makes sense with ICU is to always be on the latest available version.
Commits
-------
a48c00b [Intl] Update ICU data to 57.1
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Improved test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
456d53a [Config] Improved test
This PR was merged into the 2.7 branch.
Discussion
----------
Added class existence check if is_subclass_of() fails in compiler passes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | no
Backport of #19342 to 2.7 branch
Commits
-------
77adea7 Added class existence check if is_subclass_of() fails in compiler passes
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Reorder assert parameters
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The expected value must be the first parameter.
Commits
-------
7f88796 [Routing] Reorder assert parameters
This PR was merged into the 2.7 branch.
Discussion
----------
Added missing czech validators translation of not expected charset
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Profiler was complaining about using a not translated message so I translated it.
Not sure if bug or feature. The bug label is probably not apropriate, sorry. But I guess it should be merged to all versions.
Commits
-------
7eacae8 Added missing czech validators translation of not expected charset
Added error-suppression to the `is_executable($path)` call, too, per the bug noted just above.
The cited issue manifests as such without it:
```
ErrorException in ExecutableFinder.php line 63:
is_executable(): open_basedir restriction in effect. File(/usr/share/php) is not within the allowed path(s): (/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/usr/local/zend/var/zray/extensions:/usr/local/zend/share:/usr/local/zend/var/plugins)
```
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix variable conflicting name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Simply fix a conflicting name (`$bundle` is used for the foreach on line 466 and 476). It works for the moment only because there is nothing after the second foreach inside the first.
Commits
-------
9ac9f55 [HttpKernel] Fix variable conflicting name
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix double-fread() when reading unix pipes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While looking at the blackfire profile of a `composer install`, I was able to reduce the number of calls to `fread` from 90k to 60k using this patch (and from 60k to <1k with https://github.com/composer/composer/pull/5569 but that's another story).
In fact, we should continue reading only if there might be something next, which won"t be the case if the buffer has not been filled.
Commits
-------
ac17617 [Process] Fix double-fread() when reading unix pipes
This PR was squashed before being merged into the 2.7 branch (closes#19446).
Discussion
----------
[Console] Overcomplete argument exception message tweak.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Updates the exception message when to many arguments are passed.
From;
```php
'Too many arguments.'
```
To:
```php
'No argument expected, got "foo".'
// or
'Too many arguments, expected arguments "foo".'
// or
'Too many arguments, expected arguments "foo, bar".'
// ... turtles all the way down
```
Commits
-------
7af59cd [Console] Overcomplete argument exception message tweak.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Use flock() for HttpCache's lock files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #16777, #15813 and #16312 are also related
| License | MIT
| Doc PR |
When a PHP process crashes or terminates (maybe the OOM killer kicks in or other bad things ™️ happen) while the `HttpCache` holds a `.lck` file, that lock file may not get `unlink()`ed.
The result is that other requests trying to access this cache entry will see a few seconds delay while waiting for the lock; they will eventually continue but send 503 status codes along with the response. The sudden buildup of PHP processes caused by the additional delay may cause further problems (sudden load increase).
As `LockHandler` is using `flock()`-based locking, locks should be released by the OS when the PHP process terminates.
I wrote this as bugfix against 2.7 because every once in a while I encounter situations (not always reproducible) where `.lock` files are left over and keep the cache locked.
Commits
-------
2668edd [HttpKernel] Use flock() for HttpCache's lock files
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix write access check for pipes on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19336, #19416
| License | MIT
| Doc PR | -
Commits
-------
66e694e [Process] Fix write access check for pipes on Windows
This PR was squashed before being merged into the 2.7 branch (closes#19389).
Discussion
----------
[Console] Application update PHPDoc of add and register methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The [PHPDoc](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Console/Application.php#L354) states the method will always return a command, but it doesn't. Since [Application::register](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Console/Application.php#L328) returns the result of `add` directly is also doesn't always return the command (as its PHPDoc states).
Commits
-------
6f0474f [Console] Application update PHPDoc of add and register methods
This PR was squashed before being merged into the 2.7 branch (closes#19399).
Discussion
----------
[Config] Extra tests for Config component
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
d0f4434 [Config] Extra tests for Config component
This PR was squashed before being merged into the 2.7 branch (closes#19405).
Discussion
----------
Fixed bugs in names of classes and methods.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
It's related to case sensitive.
I changed only calls of names of called methods but not definition of methods because BC.
Commits
-------
c41aa03 Fixed bugs in names of classes and methods.
This PR was squashed before being merged into the 2.7 branch (closes#19392).
Discussion
----------
[BrowserKit] Added test for followRedirect method (POST method)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Test covers 'else' branches in these conditions:
```php
if (in_array($this->internalResponse->getStatus(), array(302, 303))) {
$method = 'get';
$files = array();
$content = null;
} else {
$method = $request->getMethod();
$files = $request->getFiles();
$content = $request->getContent();
}
if ('get' === strtolower($method)) {
// Don't forward parameters for GET request as it should reach the redirection URI
$parameters = array();
} else {
$parameters = $request->getParameters();
}
```
Commits
-------
2ace5d8 [BrowserKit] Added test for followRedirect method (POST method)
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] [HttpFoundation] HttpCache refresh stale responses containing an ETag
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no
| BC breaks? |no
| Deprecations? |no
| Tests pass? | yes
| Fixed tickets | #19390, #6746
| License | MIT
| Doc PR |
This PR is the replacement of #19391, which points at the wrong branch.
Commits
-------
96df6b9 [HttpFoundation] HttpCache refresh stale responses containing an ETag
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix the money form type render with Bootstrap3
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Part fixing https://github.com/symfony/symfony/issues/19424
| License | MIT
| Doc PR | none
There is a confusion between the variable naming, and the result expected.
When prepend variable is false, the currency symbol must be add after the widget.
When the `money_pattern`starts with `{{`, `prepend` variable must be `false`.
Commits
-------
637a441 Fix the money form type render with Bootstrap3
There is a confusion between the variable naming, and the result expected.
When prepend variable is false, the currency symbol must be add after the widget.
When the money_patternstarts with {{, prepend variable must be false.
This PR was merged into the 2.7 branch.
Discussion
----------
Fix the DBAL session handler version check for Postgresql
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
https://github.com/symfony/symfony/pull/19048 broken the DBAL session handler when using Postgresql by using method which does not exist on the main DBAL Connection class.
Commits
-------
e98c584 Fix the DBAL session handler version check for Postgresql
This PR was squashed before being merged into the 2.7 branch (closes#19343).
Discussion
----------
PassConfig::getMergePass is not an array
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Just a minor glitch my IDE noticed :-)
Commits
-------
edbefac PassConfig::getMergePass is not an array
This PR was squashed before being merged into the 2.7 branch (closes#19321).
Discussion
----------
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
According to [RFC 7231](https://tools.ietf.org/html/rfc7231#section-8.1.3) `OPTIONS` and `TRACE` are safe methods.
Commits
-------
1404607 [HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Update Client::getAbsoluteUri() for query string only URIs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19303
| License | MIT
| Doc PR | -
This PR allows BrowserKit to treat a value containing only query string parameters the same way anchor/hash values are treated when passed as a URI argument to the getAbsoluteUri() method. Helps when encountering sites that force a redirect with a location header value containing only a query string.
Commits
-------
965408f Update getAbsoluteUri() for query string uris
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix declared classes being computed when not needed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d513eae [ClassLoader] Fix declared classes being computed when not needed
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Added additional MasterCard range to the CardSchemeValidator
From October 2016 MasterCard will introduce a new card range, 222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
This implements the additional regex for validation to succeed, and some additional unit tests for this new range.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
4d68f56 [Validator] Added additional MasterCard range to the CardSchemeValidator
This PR was squashed before being merged into the 2.7 branch (closes#19290).
Discussion
----------
[HttpKernel] fixed internal subrequests having an if-modified-since-header
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As the InlineFragmentRenderer has no access to a cached copy of a subrequest's target and hence couldn't handle a response with a HTTP status code of 304 (not modified), it makes no sense to send an if-not-modified-since header.
Commits
-------
e90038c [HttpKernel] fixed internal subrequests having an if-modified-since-header
From October 2016 MasterCard will introduce a new card range,
222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
Implements unit tests and validation for this new card range.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] [Security] Remove unrelevant comments in Security and Validator components
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2cec4a6 Remove and change unrelevant comments in Validator and Security components.
This PR was squashed before being merged into the 2.7 branch (closes#19243).
Discussion
----------
Fixed typos in the expectedException annotations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
PHPUnit ignores any imports when resolving these. You must always reference the FQCN.
Commits
-------
b36de36 Fixed typos in the expectedException annotations
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
This PR was squashed before being merged into the 2.7 branch (closes#19173).
Discussion
----------
[Console] Decouple SymfonyStyle from TableCell
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Alternative approach, ie BC, for #19136 (i prefer that one though, as it also _fixes_ #19123 )
Commits
-------
51f59d6 [Console] Decouple SymfonyStyle from TableCell
This PR was merged into the 2.7 branch.
Discussion
----------
removed dots at the end of @param and @return
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
For phpdocs, we only add dots for sentences like description, but not for @param and @return for instance. This PR fixes this issue.
This should probably be added to PHP-CS-Fixer as well (/cc @phansys @keradus).
Commits
-------
554303e removed dots at the end of @param and @return
This PR was merged into the 2.7 branch.
Discussion
----------
fixed typo
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
/cc @pborreli This one is for me :)
Commits
-------
e334960 fixed typo
This PR was merged into the 2.7 branch.
Discussion
----------
[WIP] [2.7] [Form] fix `empty_data` option in expanded `ChoiceType`
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17791
| License | MIT
| Doc PR | -
It might happen because in `Form::submit()` the handling of `empty_data` [line 597](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L597) comes after each child of a compound field has been submitted [line 549](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L549).
So when `ChoiceType` is `expanded`, `compound` option is defaulted to `true` and it passes its empty submitted data to its children before handling its own `empty_data` option.
This PR uses the listener already added in `ChoiceType` only when `expanded` is true to handle `empty_data` at `PRE_SUBMIT` [line 539](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L539).
- [ ] Fix FQCN in tests for 2.8
- [ ] Remove `choices_as_values` in tests for 3.0
Commits
-------
d479adf [Form] fix `empty_data` option in expanded `ChoiceType`
This PR was merged into the 2.7 branch.
Discussion
----------
Distinguish between first and subsequent progress bar displays
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19133
| License | MIT
| Doc PR | reference to the documentation PR, if any
Fixes https://github.com/symfony/symfony/issues/19133
When a progress bar is first displayed, if it is multi-line, previously output lines are erased, depending upon the number of lines in the progress bar.
This patch fixes that be distinguishing between the first display (no erasing of previous output) and subsequent displays of the progress bar.
Commits
-------
3871e1a Differentiate between the first time a progress bar is displayed and subsequent times
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] No more exception on field name with strange format
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18569, #18570
| License | MIT
| Doc PR | n/a
Commits
-------
e204913 finished previous commit
953a383 No more exception for malformed input name
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Consider a violation even if the form is not submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (only for the behavior)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11493
| License | MIT
| Doc PR |
Hey!
I'm currently implementing an API using the form component in order to validate the payload sent (in conjonction with the FOSRestBundle). Unfortunatelly, we dig into an issue about the PATCH request which don't map some of our validation rules to the form. Basically, the violations are lost in the middle of the process.
### Use case
We have an entity with the following fields "type", "image" & "video". The field "type"can be either "default", "image" or "video" and then accordingly we use the appropriate field (none for the "default" type, video for the "video" type and image for the "image" type. Then, in our form, we change the validation groups according to our entity type in order to make the "image" field mandatory if the type is "image" and the same for the video field if the type is "video".
### Current behavior
The current behavior (since 2.5) seems to not propages a violation to a form if this form is not submitted but in our use case, changing the field "type" via a PATCH request triggers some new validation which should be reported to end user (inform that a field (video or image) is missing in the PATCH request).
### Expected behavior
The current behavior was introduced in #10567 but IMO, this update is a bug as suggested by @webmozart in https://github.com/symfony/symfony/issues/11493#issuecomment-59549054 Instead, the form component should still map validation errors to the form even if the field was not submitted. If the initial data is not valid, then your initial data was buggy from the beginning but the form should not accept it and instead of silently ignoring the errors, end users should be informed and fix it.
WDYT?
Commits
-------
c483a0f [Form] Consider a violation even if the form is not submitted
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix pipes cleaning on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19089
| License | MIT
| Doc PR | -
Commits
-------
d54cd02 [Process] Fix pipes cleaning on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Dont close the reponse stream in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19078
| License | MIT
| Doc PR | -
Because it's `terminate`'s job to clean the state, not the `Response`'s,
and because the current behavior prevents getting any output on trailing errors on FPM especially.
Commits
-------
2fbc200 [HttpKernel] Dont close the output stream in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Session] fix PDO transaction aborted under PostgreSQL
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14641
| License | MIT
| Doc PR |
Fixes the transactional concurrency error handling for PostgreSQL which does not allow to execute further queries in a transaction with an error.
Because of the loop, look at the diff with whitespace ignored to see the difference: https://github.com/symfony/symfony/pull/19101/files?w=1
Commits
-------
f8eefa0 [Session] fix PDO transaction aborted under PostgreSQL
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] changed MERGE queries
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17284
| License | MIT
| Doc PR | N/A
Changed the MERGE queries for Oracle and SQL Server to use question mark parameter markers so they work with emulation disabled or enabled - fixes#17284
Commits
-------
ebf3a2f Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Use InputInterface inherited doc as possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
In classes implementing `InputInterface`, the methods doc blocks are duplicated from the interface.
Sometimes descriptions are different from the interface's ones and, sometimes, the class doc is clearer. So I tried to keep always the most adapted one.
Commits
-------
b604be7 [Console] Use InputInterface inherited doc as possible
This PR was merged into the 2.7 branch.
Discussion
----------
FormBuilderInterface: fix getForm() return type.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
FormBuilderInterface->getForm() should depend on abstractions and
not implementations as a return type.
Commits
-------
3fa081c FormBuilderInterface: fix getForm() return type.
This PR was merged into the 2.7 branch.
Discussion
----------
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
| Q | A
| ------------- | ---
| Branch | 2.7
| Bug fix | no
| New feature | no
| BC breaks | no
| Deprecations | no
| Tests pass | yes
| License | MIT
In additional to #16965 PhpStorm supports `IteratorAggregate::getIterator` now. see https://blog.jetbrains.com/phpstorm/2016/06/phpstorm-2016-2-eap-162-844/
example
```
$collection = new \Symfony\Component\Routing\RouteCollection();
foreach ($collection as $route) {
$route->getHost();
}
```
Commits
-------
ede3556 add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
This PR was squashed before being merged into the 2.7 branch (closes#18732).
Discussion
----------
[PropertyAccess][DX] Enhance exception that say that some methods are missing if they don't
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18694
| License | MIT
| Doc PR |
When you try do define a manyToMany association but you don't give an array or \Traversable, the raised exception say that some methods are missing while they don't. This PR check if the adder and setter methods exists and if so, give a exception that pointing on the real problem.
Commits
-------
c46519b [PropertyAccess][DX] Enhance exception that say that some methods are missing if they don't
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Use UPSERT for sessions stored in PgSql >= 9.5
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
9569c74 [HttpFoundation] Use UPSERT for sessions stored in PgSql >= 9.5
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] added explanation of messages usage in a progress bar
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19031
| License | MIT
| Doc PR | symfony/symfony-docs#6544
The intent of progress bar messages is currently wrongly documented. This PR updates the phpdoc to hopefully better describe the usage of such messages.
So, basically, messages are a way to add dynamic information in the progress bar; information that cannot be computed by the progress bar (like for all other placeholders).
Commits
-------
d92f3ea [Console] added explanation of messages usage in a progress bar
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] force enabling the external XML entity loaders
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18876, #18908
| License | MIT
| Doc PR |
Commits
-------
12b5509 force enabling the external XML entity loaders
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] [SymfonyStyle] Replace long word wrapping test to directly test output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/18879#discussion_r64783524
| License | MIT
| Doc PR | -
This [line](https://github.com/symfony/symfony/pull/18879/files#diff-d3625f2548a3b329058ca5a0f5aa57feR60) should not have been changed in order to the test to pass. I assume the test was flawed at first, so I suggest to simply test the output as we did for other ones.
Ping @chalasr
Commits
-------
b78fff4 [Console] [SymfonyStyle] Replace long word wrapping test to directly test output
This PR was squashed before being merged into the 2.7 branch (closes#18971).
Discussion
----------
Do not inject web debug toolbar on attachments
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18965
| License | MIT
| Doc PR | -
Commits
-------
4a7d836 Do not inject web debug toolbar on attachments
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix context dependent test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Class `Foo` exists when the ClassLoader component is tested alongside with HttpKernel
Commits
-------
065dee8 [HttpKernel] Fix context dependent test
