This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Security] Remove unnecessary inherited doc annotation
Removes unnecessary inherited doc annotation from php doc from the methods that are not inherited from any parent class/interface.
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Commits
-------
4b70db1e85 [Security] Remove unnecessary inherited doc annotation
This PR was merged into the 5.2 branch.
Discussion
----------
[Messenger] [SQS] Document missing option "sslmode"
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This is a minor. There is an option "sslmode" that is not documented with the other options.
Commits
-------
bd6930effe [Messenger][SQS] Document missing option
This PR was merged into the 4.4 branch.
Discussion
----------
Specify that we run CI on Ubuntu-20.04
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This will remove the warning when we run the CI. This will also explicitly show what operating system we run the test on. Currently we just say: "Whatever Ubuntu Github decides"...
Commits
-------
3c47e03e92 Specify that we run CI on Ubuntu-20.04
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] zero parts can be omitted in date interval input
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35820
| License | MIT
| Doc PR |
Commits
-------
c316708669 zero parts can be omitted in date interval input
This PR was merged into the 4.4 branch.
Discussion
----------
improve exception message if symfony/security-csrf is missing
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37452
| License | MIT
| Doc PR |
Commits
-------
1a26ed43e7 improve exception message if symfony/security-csrf is missing
This PR was merged into the 4.4 branch.
Discussion
----------
MockResponse total_time should not be simulated when provided
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you provide a `total_time` to a MockResponse, it is overriden. It should be simulated only when it is not provided I guess.
Ex: `new MockResponse('{"foo":"bar"}', ['total_time' => 0.4])`
Commits
-------
8dada95cbf fix: MockResponse total_time should not be simulated when provided
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Add server-commands support for Predis Replication Environments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35867
| License | MIT
| Doc PR |
This fix is for predis MasterSlaveConnections which don't allow to run server commands.
Due to that it's not possible to e.g. clear a cache with cache:pool:clear.
PhpRedis and Predis do not have the same interface, so have to check which implementation is used.
Furthermore, the getClientFor('master') works only for replicated redis instances.
Commits
-------
2ae5c33c80 [Cache] Add server-commands support for Predis Replication Environments
This PR was merged into the 4.4 branch.
Discussion
----------
Speedup psalm
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
My try at #40310
Commits
-------
3fb74abe62 Speedup psalm
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Configure `session.cookie_secure` earlier
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40221
| License | MIT
| Doc PR | N/A
This PR does what @stof had suggested in #40221, allow me to quote him directly:
> 1. avoid setting auto as a value for the ini setting in the NativeSessionStorage initialization
> 2. ensuring that SessionListener resolves the auto value by the time the SessionListener runs, and not by the time the getSession() method is called in the Request session factory callback
Commits
-------
e82918cd60 [HttpKernel] Configure `session.cookie_secure` earlier
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Make sure the Psalm review CI job is working
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This PR is just a test to make sure psalm works as expected.
EDIT: It also fixes issues..
Commits
-------
d5a05f1b30 Make sure the Psalm review CI job is working
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Adding a Github action to run Psalm
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/15024
I've seen sometimes that we've forgotten to add `\` before `Throwable` or that we refer to a class that does not exist. One could argue that the code is not properly tested, but somehow these PRs still get merged. (And quickly fixed in a follow up PR).
I suggest to add psalm to check every PR for some errors that can be found with a static analyser. This is to help/automate the PR review process. All psalm errors found should be reviewed and discussed. The maintainers can decide to ignore some warnings if they want to. (Ie false positives)
This PR is about “Psalm PR review”. It does not try to fix “Psalm compatibility”. Psalm compatibility is a separate issue that should be discussed separate from the "Psalm PR review".
I currently plan to follow up with the more controversial topic of "Should we make Symfony more compatible with Psalm or not".
Commits
-------
c5ed24d8cb Adding a Github action to run Psalm
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBridge] Install symfony/intl to run tests on Travis
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | bi
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The hard dependency on `symfony/intl` was removed from the Form component in 5.3-dev (#40298). I suggest to add the explicit dev dependency on TwigBridge on 4.4 already.
Commits
-------
b2970456bf [TwigBridge] Install symfony/intl to run tests on Travis
This PR was submitted for the 5.2 branch but it was merged into the 4.4 branch instead.
Discussion
----------
[Translation] Make `name` attribute optional in xliff2
Do not set a fake `name` attribute on `unit` element from xliff2 to allow using `source` attribute and avoid missing translation error
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37055
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
When `xlf` translations are loaded, if a name exists on `unit` element, the segment's source is ignored:
```foreach ($xml->xpath('//xliff:unit') as $unit) {
foreach ($unit->segment as $segment) {
$attributes = $unit->attributes();
$source = $attributes['name'] ?? $segment->source;
```
At the same time, when dumping translations, the segment's source is copied into the unit's name attribute, unless it's longer than 80 characters. In that case, `substr(md5($source), -7)` is set into the name attribute.
This results in a missing translation error, because the source is ignored and the name is a random string.
Suggested solution: only set the name attribute if the string is less than 80 characters.
Commits
-------
97058559cc [Translation] Make `name` attribute optional in xliff2
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] #[CurrentUser] arguments should resolve to null for "anon."
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The UserValueResolver should only resolve `UserInterface` (or subtype) typed arguments:
bc9e946a56/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php (L54-L55)
When using the `#CurrentUser` attribute with an AnonymousToken in the storage, the resolved argument value is `anon.`. This PR fixes it.
/cc @jvasseur
Commits
-------
8d3078dd35 [Security] #[CurrentUser] argument should resolve to null when it is anonymous
This PR was merged into the 5.2 branch.
Discussion
----------
[Config] Switched to non-null defaults in exception constructors
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Follow-up to #40271 on the 5.2 branch.
Commits
-------
2e865ac057 Switched to non-null defaults in exception constructors
This PR was submitted for the 5.x branch but it was merged into the 5.2 branch instead.
Discussion
----------
[FrameworkBundle] Allow x-forwarded-prefix trusted header in config
| Q | A
| ------------- | ---
| Branch? | 5.2 (as requested by @nicolas-grekas)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
Support for `X_FORWARDED_PREFIX` has been added in PR https://github.com/symfony/symfony/pull/37734.
However, it is impossible to use it because the configuration doesn't allow the `x-forwarded-prefix` value in `framework.yaml`.
Commits
-------
95fdd90491 Allow x-forwarded-prefix trusted header.
* 4.4:
Move github templates at the org level
[Cache] Fix Redis TLS scheme `rediss` for Redis connection
In calls to mb_ functions, silently transform arg into string
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Handle calls to mb_ functions with non string arguments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40200
| License | MIT
| Doc PR | no
In PHP8.1, a number of functions who were accepting null arguments will only accept
string ones.
(see https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg)
In the polyfill, mb_* functions are already declared with a strict type checking of "string".
Therefore, it is necessary to get rid of the use of non string arguments when calling mb_* functions,
so that it won't break when either using the polyfill,or future php8 versions.
In every call where the argument may not be a string, this commit enforces the string type of the argument (with transtyping)
--- For reviewers
* I generally don't like transtyping, but found it was the more "secure" way (on a non-BC point of view) here.
Specially in Console/Helper/Table.php, where $cell can be an object (there are 2 "$cell instanceof ... tests)
However, where the argument can already be either null or string (and not anything else), there may a beter approach ?
* It's the first time I send a PR on symfony, so don't hesitate pointing me to thinks I've forgotten to done.
Commits
-------
ac45be2580 In calls to mb_ functions, silently transform arg into string
This PR was submitted for the 5.x branch but it was merged into the 4.4 branch instead.
Discussion
----------
[Cache] Fix Redis TLS scheme `rediss` for Redis connection
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/14728
Like https://github.com/symfony/symfony/pull/35503 on Symfony Messenger, this will enable TLS support for Redis adapter.
The implementation just prefix the host with `tls://` as described here: https://github.com/phpredis/phpredis#connect-open
I don't know how to test it because I guess I need a TLS Redis in `src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php`.
Commits
-------
3288897e0f [Cache] Fix Redis TLS scheme `rediss` for Redis connection
In PHP8, a number of functions who were accepting null arguments will only accept
string ones.
In the polyfill, mb_* functions are declared with a trict type checking of "string".
Therefore, we deprecate the use of non string arguments, so that it won't break when either using the polyfill,
or future php8 versions.
* 4.4:
Switched to non-null defaults in exception constructors
[Routing] fix conflict with param named class in attribute
[Cache] fix setting items' metadata on commit()
This PR was merged into the 4.4 branch.
Discussion
----------
Switched to non-null defaults in exception constructors
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
PHP 8.1 will trigger a deprecation warning if we pass `null` as `$message` or `$code` to the constructor of `\Exception`. However, many of our own exception accept `null` for those parameters and even use them as default.
This is unfortunate because code like the following snippet would trigger that deprecation although the code itself is perfectly fine:
```php
throw new NotFoundHttpException();
```
With this PR, I'd like to change our defaults to `''` and `0` while still allowing to pass `null` for BC. In a follow-up PR for the 5.x branch, I'd like to deprecate passing `null`, matching the future behavior of PHP.
This PR also adjust various PHPDoc blocks with inaccurate types.
Commits
-------
f8e10094a4 Switched to non-null defaults in exception constructors