This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Whitelist error_renderer.renderer tag in UnusedTagsPass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
82644dd [DI] Whitelist error_renderer.renderer tag in UnusedTagsPass
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] Update CHANGELOG.md
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
forgotten in #33791
Commits
-------
332128f Update CHANGELOG.md
This PR was merged into the 4.4 branch.
Discussion
----------
[EventDispatcher] A compiler pass for aliased userland events
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | TODO
Since 4.3, the EventDispatcher component allows to register events via the FQCN of the class name instead of a dedicated event name.
Earlier this year I have worked with a team that used the event dispatcher for own custom events. When 4.3 was released, the team decided to use the new mechanism for new events. For the sake of consistency, we also wanted to migrate existing event subscribers to FQCN events.
While FrameworkBundle implements a nice aliasing mechanism for its own events, we couldn't find an obvious way to make use of FQCN event aliases for our own events. The best way we could find is registering a compiler pass that would extend an internal parameter that stores all event aliases. But that made us feel like we're fiddling with an implementation detail of the framework.
This PR aims to provide a standard way for applications and third-party bundles to register their own event aliases.
```php
$container->addCompilerPass(new EventAliasesPass([
MyCustomEvent::class => 'my_custom_event',
]));
```
Furthermore, it adds tests for class aliasing to the component's test suite. Additionally, the newly introduced pass is dogfooded by the SecurityBundle, so FrameworkBundle doesn't need to know about events fired by the security components.
Commits
-------
34efe40371 [EventDispatcher] A compiler pass for aliased userland events.
This PR was merged into the 3.4 branch.
Discussion
----------
Added missing translations
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#30163 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
865b9ffb09 Added missing translations.
This PR was merged into the 5.0-dev branch.
Discussion
----------
[FrameworkBundle] encourage installing intl when String is available
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
215595be5a [FrameworkBundle] encourage installing intl when String is available
This PR was merged into the 4.4 branch.
Discussion
----------
[Validator] Fix wrong expression language value
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
766162c4c7/src/Symfony/Component/Validator/Constraints/ExpressionValidator.php (L28)
```php
(new ExpressionValidator($propertyAccessor))->validate($object, $constraint);
```
Based on the previous method signature (4.3 above), that code would result in an exception in 4.4:
```
Call to undefined method Symfony\Component\PropertyAccess\PropertyAccessor::evaluate()
```
Spotted by @fancyweb in https://github.com/symfony/symfony/pull/33829#discussion_r330995572
Fixed here and updated test case to avoid regression.
Commits
-------
4288f1c9f9 Fix wrong expression language value
This PR was merged into the 4.3 branch.
Discussion
----------
Fixed invalid changelog 4.0.0 for VarDumper
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
I changed CHANGELOG.md to reflect actual changes in the code. The third argument is called $filter, not $context. This mistake was propageted to UPGRADE-4.0.md. I fixed that in https://github.com/symfony/symfony/pull/33821
Commits
-------
169a2b310f Fixed invalid changelog 4.0.0 for VarDumper
This PR was squashed before being merged into the 4.4 branch (closes#33791).
Discussion
----------
[Form] Added CountryType option for using alpha3 country codes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#20313
| License | MIT
| Doc PR | -
In the linked issue #20313 was a proposal to add an alpha3 option to the country type.
Here it is..
Hopefully I've made no mistake, so when the code is fine, I will create a documentation PR.. :-)
Commits
-------
d07f5a33db [Form] Added CountryType option for using alpha3 country codes
I changed CHANGELOG.md to reflect actual changes in the code. The third argument is called $filter, not $context. This mistake was propageted to UPGRADE-4.0.md. I fixed that in https://github.com/symfony/symfony/pull/33821
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Fixed BC break on WorkflowInterface
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
1eb10b996a [Workflow] Fixed BC break on WorkflowInterface
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Inherit Throwable in HttpExceptionInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| **BC BREAKS?**| **YES**
| Tickets | n/a
| License | MIT
| Doc PR | n/a
When using a static analysis tools, it is not possible to do this:
```php
if ($exception instanceof HttpExceptionInterface) {
$exception->getStatusCode();
$exception->getHeaders();
$exception->getMessage(); // ❌ Will fail here
}
```
This is due to `getMessage()` not being a method declared in `HttpExceptionInterface`. Since Symfony now requires PHP 7.1+ to run, it is safe to inherit from the `Throwable` interface (added in PHP 7.0).
### About backward compatibility
Adding new methods to `HttpExceptionInterface` [breaks BC](https://symfony.com/doc/current/contributing/code/bc.html#changing-interfaces), however this interface shouldn't be used on a class other than an exception, so this shouldn't affect much code.
### About tests
I'm not sure this really needs tests, but maybe I'm wrong? Tell me what to test if you think this is required.
Commits
-------
2ac3fbf232 Inherit Throwable in HttpExceptionInterface
This PR was merged into the 3.4 branch.
Discussion
----------
[Security]: Don't let falsy usernames slip through impersonation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you try to impersonate users with a falsy username, `SwitchUserListener::handle()` would `return;` and impersonation would fail.
I'm using a third party OAuth provider that allows users to change their usernames with no guaranteed protection against re-use. To overcome that issue, I implemented `UserLoaderInterface::loadUserByUsername()` and query by a `providerId`.
After loading development fixtures, One user has `0` as it's `providerId`.
Commits
-------
64aecab0a7 Don't let falsey usernames slip through
This PR was submitted for the 4.3 branch but it was merged into the 3.4 branch instead (closes#33821).
Discussion
----------
Fixed invalid VarDumper upgrade-4.0 doc.
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Updated upgrade-4.0 documentation to reflect actual changes in the code.
Commits
-------
afefc7104e Fixed invalid VarDumper upgrade doc.
This PR was merged into the 5.0-dev branch.
Discussion
----------
[WebProfilerBundle] Fix TemplateManager test
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d1ed9685e1 [WebProfilerBundle] Fix TemplateManager test
This PR was merged into the 4.4 branch.
Discussion
----------
Fixing 'TypeError' in LdapUser::getSalt()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
The following TypeError is returned as LdapUser::getSalt() returns no value.
Return value of Symfony\Component\Ldap\Security\LdapUser::getSalt() must be of the type string or null, none returned
Commits
-------
28e30b132b Fixing 'TypeError' in LdapUser::getSalt()
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] added Ability to define a priority method for tagged service
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#32976
| License | MIT
| Doc PR |
Commits
-------
c1917c2999 [DependencyInjection] added Ability to define a priority method for tagged service
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Console] Throw a TypeError for non-int return value calling Command::execute()
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#33747 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
### Todo
- [x] needs to be rebased after 4.4 was merged into master (see: https://github.com/symfony/symfony/pull/33805)
Commits
-------
b3a3b0c235 [Console] Throw a TypeError for non-int return values on calling Command::execute()
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] Introduce a locale-aware Slugger in the String component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR introduces a locale-aware Slugger in the new String component, based on transliterators provided by the PHP intl extension (or iconv if not available). It also wires this Slugger in the FrameworkBundle in order to use it easily as a service and to automatically inject the proper locale into it to choose the appropriate transliteration depending on the Request locale.
See https://github.com/unicode-org/cldr/tree/master/common/transforms for CLDR mappings.
Commits
-------
056d8ceed9 [String] Introduce a locale-aware Slugger in the String component with FrameworkBundle wiring
This PR was submitted for the 4.3 branch but it was merged into the 3.4 branch instead (closes#33814).
Discussion
----------
[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#33769 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
If `$_SESSION['_sf2_attributes']` is set to a string, `SessionBagProxy::initialize` will throw an error since it's argument is type-hinted as array. So this change is to check before if the data to be passed is truly an array.
Commits
-------
38782bceff [HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
Nicolas Grekas
Roland Franssen
Yonel Ceruto
Robin Chalas
Eric Grimois
Alexander M. Turek
Fabien Potencier
Tarmo Leppänen
creiner
Agata
Grégoire Pineau
Thomas Calvet
Tobias Schultze
Johann Pardanaud
Ryan Linnit
Jan Schädlich
Titouan Galopin
bogdan
