This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should make 2.7 green again on Travis.
Commits
-------
ba8f46ad23 [HttpKernel] Fix test
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DX] [DI] Throw more helpful error when shortcutting global classes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? |no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22146
| License | MIT
As discussed in #22146 the error message received when trying to use a class in the global
namespace as a service without defined class is confusing. Helpful information was added
pointing out this current limitation.
Commits
-------
b9e7b4fd61 [DependencyInjection] Throw helpful error when shortcutting global classes
As discussed in #22146 the error message received when trying to use a class in the global
namespace as a service without defined class is confusing. Helpful information was added
pointing out this current limitation.
* 3.2:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[WebProfilerBundle] Include badge status in translation tabs
[FrameworkBundle] Cache pool clear command requires at least 1 pool
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
removed test that does not test anything
fixed tests
#21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile
[WebProfilerBundle] Fix for CSS attribute at Profiler Translation Page
Set Date header in Response constructor already
[Validator] fix URL validator to detect non supported chars according to RFC 3986
[Security] Fixed roles serialization on token from user object
* 2.8:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
* 2.7:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Add "by-id" autowiring: a side-effect free variant of it based on the class<>id convention
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR adds a new autowiring mode, based only on the class <> id convention.
This way of autowiring is free from any conflicting behavior, which is what I was looking for to begin with.
The expected DX is a bit more involving than the current way we do autowiring. But it's worth it to me, because it's plain predictable - a lot less "magic" imho.
So in this mode, for each `App\Foo` type hint, a reference to an "App\Foo" service will be created. If no such service exists, an exception will be thrown. To me, this opens a nice DX: when type hinting interfaces (which is the best practice), this will tell you when you need to create the explicit interface <> id mapping that is missing - thus encourage things to be made explicit, but only when required, and gradually, in a way that will favor discoverability by devs.
Of course, this is opt-in, and BC. You'd need to do eg in yaml: `autowire: by_id`.
For consistency, the current mode (`autowire: true`) can be configured using `autowire: by_type`.
Commits
-------
c298f2a90c [DI] Add "by-id" autowiring: a side-effect free variant of it based on the class<>id convention
This PR was merged into the 3.3-dev branch.
Discussion
----------
Revert "feature #20973 [DI] Add getter injection (nicolas-grekas)"
This reverts commit 2183f98f54, reversing
changes made to b465634a55.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (master only)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Let's remove getter injection, we now have enough alternative mechanisms to achieve almost the same results (e.g. `ServiceSubscriberInterface`, see #21708)., and I'm tired being called by names because of it.
The only use case in core is `ControllerTrait`, but this should be gone if #22157 is merged.
Commits
-------
23fa3a09bf Revert "feature #20973 [DI] Add getter injection (nicolas-grekas)"
This PR was squashed before being merged into the 3.3-dev branch (closes#22046).
Discussion
----------
[Asset] Adding a new version strategy that reads from a manifest JSON file
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/issues/7659
Hi guys!
Often, when using a frontend task manager or bundler (e.g. webpack of gulp), the final assets are dumped with a version or content hash in the filename itself (e.g. main.123abc.css). To know what the correct, current hashed filename is, you'll dump a `manifest.json` file - e.g.
```json
{
"main.js": "main.123abc.js",
"css/styles.css": "css/styles.555def.css"
}
```
Examples: [gulp-rev](https://github.com/sindresorhus/gulp-rev) and [webpack-manifest-plugin](https://www.npmjs.com/package/webpack-manifest-plugin).
This PR adds a new version strategy that will look up the asset path (e.g. `main.css`) in that file and return the final, versioned path. Some people may dump manifest files in other formats, but I think this catches the most common use-case (and you can always still create your own version strategy). I've written this to be "forgiving" - if a path doesn't exist in the manifest, the path is simply returned, unaltered.
Another implementation *could* have been to add a new Twig filter (e.g. `{{ asset('main.css|manifest_path) }}`) - but I thought I'd try first using the existing versioning system.
## Usage
```yml
# app/config/config.yml
framework:
# ...
assets:
# added validation prevents you from setting json_manifest_path AND version, for example
json_manifest_path: '%kernel.root_dir%/../web/manifest.json'
```
```twig
{# someTemplate.html.twig #}
{# use asset() just like normal #}
<script src="{{ asset('js/main.js') }}"></script>
```
## TODO
* fabbot hates my invalid json syntax file... even though I tried to be clever and not give it a `.json` suffix :)
Commits
-------
07fec2bbad [Asset] Adding a new version strategy that reads from a manifest JSON file
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Fixed fatal error when the command is not defined
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/18140/files#r107871406
| License | MIT
| Doc PR |
Commits
-------
d5b41b6b0a [Console] Fixed fatal error when the command is not defined
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] normalize paths before making them relative
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22083
| License | MIT
| Doc PR |
Commits
-------
d50ffa1de7 normalize paths before making them relative
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][DX] MockArraySessionStorage: phpdocs update
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
967f7a7add MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
* 2.8:
removed test that does not test anything
fixed tests
#21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile
[WebProfilerBundle] Fix for CSS attribute at Profiler Translation Page
Set Date header in Response constructor already
[Validator] fix URL validator to detect non supported chars according to RFC 3986
[Security] Fixed roles serialization on token from user object
* 2.7:
removed test that does not test anything
fixed tests
#21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile
[Validator] fix URL validator to detect non supported chars according to RFC 3986
[Security] Fixed roles serialization on token from user object
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DX][Form][Validator] Add ability check if cocrete constraint fails.
| Q | A |
| --- | --- |
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | wait for travis |
| Fixed tickets | #15154 |
| License | MIT |
| Doc PR | should open |
Sometimes for big forms with multiple constraints we should handle some errors separately.
``` php
// when using validator
$constraintViolations = $validator->validate(...);
if (count($constraintViolations->findByCodes(UniqueEntity::NOT_UNIQUE_ERROR))) {
// display some message or send email or etc
}
// when using forms
if (count($form->getErrors()->findByCodes(UniqueEntity::NOT_UNIQUE_ERROR))) {
// display some message or send email or etc
}
```
This PR add some useful methods to handle this. Before we should iterate all failed constraints using foreach.
Feel free to suggest better names for new methods.
Commits
-------
29a3a7e0d6 Add ability retrieve errors by their code.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Lock] Adjust lock delay to avoid false error tests
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Adjust the clockDelay to fix tests
This test is here to:
T0.
* Fork A, B, C
T1.
* A acquire Lock then start sleeping for 3*clockDelay
* B start sleeping for 1*clockDelay
* C start sleeping for 1*clockDelay
T2
* B wakeup AND try to acquire lock in wait mode
* C wakeup AND try to acquire lock in non wait mode (lock should be till acquired by A)
T4
* A release Lock
* B acquire lock and release it
At the end, this tests assert than:
* A acquire and delete the lock
* B acquire and delete the lock
* C failed to acquire the lock
The point is, this test is time sensitive, and if the fork is too slow, A, B and C are not synchronized and C is able to acquire Lock.
This PR adjuste clock delay to reduce false failures
Commits
-------
33f2a9a6f7 Adjust lock delay to avoid false error tests
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Add console.ERROR event and deprecate console.EXCEPTION
| Q | A |
| --- | --- |
| Branch | master |
| Bug fix? | yes |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | - |
| License | MIT |
| Doc PR | todo |
## The Problem
The current `console.EXCEPTION` event is only dispatched for exceptions during the execution of `Command#execute()`. All other exceptions (e.g. the ones thrown by listeners to events) are catched by the `try ... catch` loop in `Application#doRunCommand()`. This means that there is _no way to override exception handling_.
## The Solution
This PR adds a `console.ERROR` event which has the same scope as the default `try ... catch` loop. This allows to customize all exception handling.
In order to keep BC, a new event was created and `console.EXCEPTION` was deprecated.
Commits
-------
c02a4c9857 Added a console.ERROR event
This PR was squashed before being merged into the 3.3-dev branch (closes#22120).
Discussion
----------
[FrameworkBundle] Multiple services on one Command class
rebased version of #19305
Commits
-------
2b82fcb437 [FrameworkBundle] Multiple services on one Command class
This PR was squashed before being merged into the 3.3-dev branch (closes#22043).
Discussion
----------
Refactor stale-while-revalidate code in HttpCache, add a (first?) test for it
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I came up with this while trying to hunt a production bug related to handling of stale cache entries under the condition of a busy backend (also see #22033).
It's just a refactoring to make the code more readable plus a new test.
Commits
-------
b14057c88a Refactor stale-while-revalidate code in HttpCache, add a (first?) test for it
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle] Add new "controller.service_arguments" tag to inject services into actions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | (no test yet)
| Fixed tickets | -
| License | MIT
| Doc PR | -
Talking with @simensen and @weaverryan, we wondered if we could leverage the `ArgumentResolver` mechanism to make it inject services on demand, using e.g. autowiring.
```php
class PostController
{
public function indexAction(Request $request, PostRepository $postRepository)
{
// PostRepository comes from the container
$postRepository->findAll(); // ...
}
}
```
This PR achieves that, using a new "controller.service_arguments" tag. Typically:
```yaml
services:
AppBundle\Controller\PostController:
autowire: true
tags:
- name: controller.service_arguments
```
It also supports with explicit wiring (thus doesn't necessarily require autowiring if you don't want to use it):
```yaml
services:
AppBundle\Controller\PostController:
tags:
- name: controller.service_arguments
action: fooAction
argument: logger
id: my_logger
```
~~The attached diff is bigger than strictly required for now, until #21770 is merged.~~
Todo:
- [x] rebase on top of #21770 when merged
- [x] add tests
- [x] add cleaning pass to remove empty service locators
Commits
-------
9c6e672780 [FrameworkBundle] Add new "controller.service_arguments" tag to inject services into actions
This PR was merged into the 3.3-dev branch.
Discussion
----------
[lock] Rename Quorum into Strategy
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes (not consistent naming)
| New feature? | no
| BC breaks? | yes (but version 3.4 not yet released)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
The term `Quorum` in Interface is confusing an not consistent with the Symfony project.
This PR switch to naming `Strategy\StrategyInterface` (like in adapter i `Cache` and `Ldap` component)
Commits
-------
1e9671b993 Rename Quorum into Strategy
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Lock] Don't call blindly the redis client
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Actual code rely on controls on the constructor. This PR add an assertion to avoid futur bugs
Commits
-------
e4db018b6d Don't call blindly the redis client
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fixed roles serialization on token from user object
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #14274 |
| License | MIT |
| Doc PR | - |
This PR fixes the serialization of tokens when using `Role` objects provided from the user. Indeed, there were actually a reference issue that can causes fatal errors like the following one:
```
FatalErrorException in RoleHierarchy.php line 43:
Error: Call to a member function getRole() on string
```
Here is a small code example to reproduce and its output:
``` php
$user = new Symfony\Component\Security\Core\User\User('name', 'password', [
new Symfony\Component\Security\Core\Role\Role('name')
]);
$token = new Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
$serialized = serialize($token);
$unserialized = unserialize($serialized);
var_dump($unserialized->getRoles());
```
Before:
```
array(1) { [0]=> bool(true) }
```
After:
```
array(1) { [0]=> object(Symfony\Component\Security\Core\Role\Role)#15 (1) {["role":"Symfony\Component\Security\Core\Role\Role":private]=> string(4) "name" } }
```
Thank you
Commits
-------
dfa7f5020e [Security] Fixed roles serialization on token from user object
* 3.2:
Fixed pathinfo calculation for requests starting with a question mark.
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
removed usage of $that
HttpCache: New test for revalidating responses with an expired TTL
[Serializer] [XML] Ignore Process Instruction
[Security] simplify the SwitchUserListenerTest
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security][SecurityBundle] Enhance automatic logout url generation
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This should help whenever:
- [the token does not implement the `getProviderKey` method](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Logout/LogoutUrlGenerator.php#L89-L99)
- you've got multiple firewalls sharing a same context but a logout listener only define on one of them.
##### Behavior:
> When not providing the firewall key:
>
>- Try to find the key from the token (unless it's an anonymous token)
>- If found, try to get the listener from the key. If the listener is found, stop there.
>- Try from the injected firewall key. If the listener is found, stop there.
>- Try from the injected firewall context. If the listener is found, stop there.
>
>The behavior remains unchanged when providing explicitly the firewall key. No fallback.
Commits
-------
5b7fe852aa [Security][SecurityBundle] Enhance automatic logout url generation
This PR was squashed before being merged into the 3.3-dev branch (closes#22112).
Discussion
----------
Minor PR fixes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
cc @fabpot my bad :)
Commits
-------
0728fb91b8 typo
036b0414d6 Minor PR fixes
This PR was merged into the 3.3-dev branch.
Discussion
----------
[WebProfilerBundle] Improved cookie traffic
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
![image](https://cloud.githubusercontent.com/assets/1047696/20455635/a033a814-ae60-11e6-8500-e60146f4619e.png)
Relates to #20569 in terms of getting _all_ the cookies.
Commits
-------
171c6d100e [WebProfilerBundle] Improved cookie traffic
This PR was squashed before being merged into the 2.8 branch (closes#22036).
Discussion
----------
Set Date header in Response constructor already
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Setting the `Date` header in the `Response` constructor has been removed in #14912 and changed to a more lazy approach in `getDate()`.
That way, methods like `getAge()`, `getTtl()` or `isFresh()` cause side effects as they eventually call `getDate()` and the Request "starts to age" once you call them.
I don't know if this would be a nice test, but current behaviour is
```php
$response = new Response();
$response->setSharedMaxAge(10);
sleep(20);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertFalse($response->isFresh());
```
A particular weird case is the `isCacheable()` method, because it calls `isFresh()` only under certain conditions, like particular status codes, no `ETag` present etc. This symptom is also described under "Cause of the problem" in #19390, however the problem is worked around there in other ways.
So, this PR suggests to effectively revert #14912.
Additionally, I'd like to suggest to move this special handling of the `Date` header into the `ResponseHeaderBag`. If the `ResponseHeaderBag` guards that we always have the `Date`, we would not need special logic in `sendHeaders()` and could also take care of https://github.com/symfony/symfony/pull/14912#issuecomment-110105215.
Commits
-------
3a7fa7ede2 Set Date header in Response constructor already
This PR was squashed before being merged into the 3.3-dev branch (closes#19887).
Discussion
----------
Sort alternatives alphabetically when a command is not found
| Q | A |
| --- | --- |
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #10893 |
| License | MIT |
| Doc PR | - |
Commits
-------
ba6c9464ea Sort commands like a human would do
f04b1bd72f Sort alternatives alphabetically when a command is not found
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] json auth listener should not produce a 500 response on bad request format
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
To me, it looks wrong to simply throw a `BadCredentialsException` in the wild, which produces a 500 (unless an entrypoint handles it, which you probably don't have on a json login firewall). There isn't any server error, the client request originated the error due to a wrong format.
Instead, the listener should give a chance to the failure handler to resolve it, and return a proper 4XX response. (BTW, the `UsernamePasswordFormAuthenticationListener` also throws a similar `BadCredentialsException` on a too long submitted username, which is caught and forwarded to the failure handler)
Better diff: https://github.com/symfony/symfony/pull/22034/files?w=1
BTW, should we have another exception type like `BadCredentialsFormatException` or whatever in order to distinct a proper `BadCredentialsException` from a format issue in a failure listener?
Commits
-------
cb175a41c3 [Security] json auth listener should not produce a 500 response on bad request format
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] simplify the SwitchUserListenerTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While working on #22048 I noticed that the `SwitchUserListenerTest` was more complicated than necessary by mocking a lot of stuff that didn't need to be mocked.
Commits
-------
923bbdbf9f [Security] simplify the SwitchUserListenerTest
This PR was squashed before being merged into the 3.3-dev branch (closes#20885).
Discussion
----------
[Console] Option to disable stty
| Q | A
| ------------- | ---
| Branch? |
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR | reference to the documentation PR, if any
Shall fix problems in Windows based environments if e.g. git is installed and stty is therefore found but writes only cryptic rubbish into the cmd. In the case of console questions it is also possible that input can't be read properly by console component.
Commits
-------
a189a6c52e [Console] Option to disable stty
* 2.8:
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We're missing handling of for/host/proto info embedded in the `Forwarded` header, as eg in:
`Forwarded: for=1.1.1.1:443, host=foo.example.com:1234, proto=https, for=2.2.2.2, host=real.example.com:8080`
Commits
-------
04caacb757 [HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
This PR was squashed before being merged into the 2.7 branch (closes#21968).
Discussion
----------
Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21967
| License | MIT
| Doc PR |
With improper `strpos` result check calculated pathinfo for requests starting with '?' equals to request itself.
Correct pathinfo for those requests should be '/'.
Commits
-------
43297b45de Fixed pathinfo calculation for requests starting with a question mark.
This PR was merged into the 2.8 branch.
Discussion
----------
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21953, https://github.com/symfony/symfony/issues/22050
| License | MIT
| Doc PR | n/a
A bit frustrated to revert this change since the BC break report lacks of information, making us unable to reproduce nor to look at improving the situation.
I'm going to re-propose this on master, covering the BC break that is identified, fixed and tested using the changes made in #21953. That will let the choice for the reporter to upgrade using the 1 required LOC.
Commits
-------
5af47c40dc Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
* 2.7:
[Validator] Add object handling of invalid constraints in Composite
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The first "host" in the list provided by `X_FORWARDED_HOST` should be the one, not the last.
Already the case for "port" and "scheme".
Commits
-------
9a2b2de64f [HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was squashed before being merged into the 3.3-dev branch (closes#21926).
Discussion
----------
[Routing] Optimised dumped matcher
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
TL;DR: I've optimised the PhpMatcherDumper output for a <del>60x</del> 4.4x performance improvement on a collection of ~800 routes by inducing cyclomatic complexity.
[EDIT] The 60x performance boost was only visible when profiling with blackfire, which is quite possibly a result of the cost of profiling playing a part. After doing some more profiling the realistic benefit of the optimisation is more likely to be in the ranges is 1.3x to 4.4x.
After the previous optimisation I began looking at how the PrefixCollection was adding its performance boost. I spotted another way to do this, which has the same theory behind it (excluding groups based on prefixes). The current implementation only groups when one prefix resides in the other. In this new implementation I've created a way to detect common prefixes, which allows for much more efficient grouping. Every time a route is added to the group it'll either merge into an existing group, merge into a new group with a route that has a common prefix, or merge into a new group with an existing group that has a common prefix.
However, when a parameter is present grouping must only be done AFTER that route, this case is accounted for. In all other cases, where there's no collision routes can be grouped freely because if a group was matched other groups wouldn't have matched.
After all the groups are created the groups are optimised. Groups with fewer than 3 children are inlined into the parent group. This is because a group with 2 children would potentially result in 3 prefix checks while if they are inlines it's 2 checks.
Like with the previous optimisation I've profiled this using blackfire. But the match function didn't show up anymore. I've added `usleep` calls in the dumped matcher during profiling, which made it show up again. I've verified with @simensen that this is because the wall time of the function was too small for it to be of any interest. When it DID get detected, because of more tasks running, it would show up with around 250 nanoseconds. In comparison, the previous speed improvement brought the wall time down from 7ms to ~2.5ms on a set of ~800 routes.
Because of the altered grouping behaviour I've not modified the PrefixCollection but I've created a new StaticPrefixCollection and updated the PhpMatcherDumper to use that instead.
Commits
-------
449b6912dc [Routing] Optimised dumped matcher
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Yaml] ParseException: pcre.backtrack_limit reached
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
while merging 3.2 into master, I noticed that `testCanParseVeryLongValue` is triggering this error on master, due to this regexp that we added for handling yaml tags. This regexp needs to be fixed so that we can merge the test case.
ping @GuilhemN
Commits
-------
f0256f1aa5 [Yaml] Fix pcre.backtrack_limit reached
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Deprecate Container::isFrozen and introduce isCompiled
| Q | A |
| --- | --- |
| Branch? | "master" |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
This deprecates the concept of freezing a container, implied by `Container::isFrozen`. However, freezing happens due compilation (`Container::compile`). So having just `isCompiled` instead seems more intuitive, and plays along well with `ContainerBuilder`.
Before/After;
- `Container::isFrozen`
- Checks if the parameter bag is frozen, but is deprecated in 3.2
- In 4.0 this methods does not exists and can be replaced with `getParameterBag() instanceof FrozenParameterBag` _or_ `isCompiled()`. Depending on what you want (to clarify; the behavior is different when passing a frozen bag to the constructor)
- `Container::isCompiled`
- Truly checks if `compile()` has ran, and is a new feature
- `ContainerBuilder::merge` etc.
- Now uses `isCompiled` instead of `isFrozen`, ie. we allow for it till compilation regarding the state of the paramater bag
Commits
-------
6abd312800 [DI] Deprecate Container::isFrozen and introduce isCompiled
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Exclude empty namespaces in text descriptor
| Q | A |
| --- | --- |
| Branch? | "master" |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
Before:
```
$ bin/console
doctrine
doctrine:mapping:convert [orm:convert:mapping] Convert mapping information between supported formats.
orm <----
router
router:match Helps debug routes by simulating a path info match
$ bin/console list orm
[Symfony\Component\Debug\Exception\ContextErrorException]
Warning: max(): Array must contain at least one element
$ bin/console list generate
Available commands for the "generate" namespace:
generate:bundle Generates a bundle
generate:command Generates a console command
generate:controller Generates a controller
```
After:
```
$ bin/console
doctrine
doctrine:mapping:convert [orm:convert:mapping] Convert mapping information between supported formats.
router
router:match Helps debug routes by simulating a path info match
$ bin/console list orm
Available commands for the "orm" namespace:
orm:convert:mapping Convert mapping information between supported formats.
$ bin/console list generate
Available commands for the "generate" namespace:
generate:bundle Generates a bundle
generate:command Generates a console command
generate:controller Generates a controller
generate:doctrine:crud Generates a CRUD based on a Doctrine entity
generate:doctrine:entities Generates entity classes and method stubs from your mapping information
generate:doctrine:entity Generates a new Doctrine entity inside a bundle
generate:doctrine:form Generates a form type class based on a Doctrine entity
```
Overrules #19776 but also includes other fixes related to aliases that popped up when writing tests 👍
Commits
-------
d5a7608036 [Console] Exclude empty namespaces in text descriptor
This PR was squashed before being merged into the 3.3-dev branch (closes#21093).
Discussion
----------
[Lock] Create a lock component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | they will
| Fixed tickets | #20382
| License | MIT
| Doc PR | symfony/symfony-docs#7364
This PR aim to add a new component Lock going further than the FileSystem\LockHandler by allowing remote backend (like Redis, memcache, etc)
Inspired by
## Usage
The simplest way to use lock is to inject an instance of a Lock in your service
```php
class MyService
{
private $lock;
public function __construct(LockInterface $lock)
{
$this->lock = $lock;
}
public function run()
{
$this->lock->acquire(true);
// If I'm here, no exception had been raised. Lock is acquired
try {
// do my job
} finally {
$this->lock->release();
}
}
}
```
Configured with something like
```yaml
services:
app.my_service:
class: AppBundle\MyService
arguments:
- app.lock.my_service
app.lock.my_service:
class: Symfony\Component\Lock\Lock
factory: ['@locker', createLock]
arguments: ['my_service']
```
If you need to lock serveral resource on runtime, wou'll nneed to inject the LockFactory.
```php
class MyService
{
private $lockFactory;
public function __construct(LockFactoryInterface $lockFactory)
{
$this->lockFactory = $lockFactory;
}
public function run()
{
foreach ($this->items as $item) {
$lock = $this->lockFactory->createLock((string) $item);
try {
$lock->acquire();
} catch (LockConflictedException $e) {
continue;
}
// When I'm here, no exception had been, raised. Lock is acquired
try {
// do my job
} finally {
$lock->release();
}
}
}
}
```
Configured with something like
```yaml
services:
app.my_service:
class: AppBundle\MyService
arguments:
- '@locker'
```
This component allow you to refresh an expirable lock.
This is usefull, if you run a long operation split in several small parts.
If you lock with a ttl for the overall operatoin time and your process crash, the lock will block everybody for the defined TTL.
But thank to the refresh method, you're able to lock for a small TTL, and refresh it between each parts.
```php
class MyService
{
private $lock;
public function __construct(LockInterface $lock)
{
$this->lock = $lock;
}
public function run()
{
$this->lock->acquire(true);
try {
do {
$finished = $this->performLongTask();
// Increase the expire date by 300 more seconds
$this->lock->refresh();
} while (!$finished)
// do my job
} finally {
$this->lock->release();
}
}
}
```
## Naming anc implementation choise
```
$lock->acquire()
vs
$lock->lock()
```
Choose to use acquire, because this component is full of `lock` Symfony\Component\Lock\Lock::Lock` raised a E_TOO_MANY_LOCK in my head.
```
$lock->acquire(false);
$lock->acquire(true);
vs
$lock->aquire()
$lock->waitAndAquire()
```
Not a big fan of flag feature and 2. But I choose to use the blocking flag to offer a simple (and common usecase) implementation
```
$lock = $factory->createLock($key);
$lock->acquire();
vs
$lock->aquire($key)
```
I choose to a the pool of locks implementation. It allow the user to create 2 instances and use cross lock even in the same process.
```
interface LockInterface
final class Lock implements LockInterface
vs
final class Lock
```
I choose to use a Interface even if there is only one implementaiton to offer an extension point here
# TODO
## In this PR
* [x] tests
* [x] add logs
* [x] offer several redis connectors
* [x] try other store implementation to validate the architecture/interface
## In other PR
* documentation
* add configuration in framework bundle
* add stop watch in the debug bar
* improve the combined store (takes the drift into account and elapsed time between each store)
* implement other stores (memcache, ...)
* use this component in session manipulation (fixes#4976)
Commits
-------
018e0fc330 [Lock] Create a lock component