* 3.4:
[HttpFoundation] fix guessing mime-types of files with leading dash
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
This PR was merged into the 5.0-dev branch.
Discussion
----------
Last cleanups before beta
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
61c7c11a32 Last cleanups before beta
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] merge and remove the ErrorRenderer component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR supersedes #34288.
Here is what it does:
- Merge the `ErrorRenderer` component into `ErrorHandler`
- Add `ErrorRendererInterface::render(\Throwable $e): FlattenException` and refactor error renderers around it.
- Add `FlattenException::setAsString()` to make the previous possible.
- Add `CliErrorRenderer` to render error on the CLI too. This means `VarDumper` is now a required dependency of `ErrorHandler`. This paves the way to use it also for rendering HTML - the logic there is much more advanced than what `HtmlErrorRenderer` provides and ever should provide.
- Make `BufferingLogger` map its collected logs to `error_log()` if they are not emptied before.
- Remove some classes that are not needed anymore (`ErrorRenderer`, `ErrorRendererPass`, `HtmlErrorRendererInterface`)
- Simplified the logic in `Debug::enable()` - nobody uses its arguments
- Fix a few issues found meanwhile.
With these changes, the component can be used standalone. One is now able to require only it, register it either with either `ErrorHandler::register()` or `Debug::enable()` and profit.
Commits
-------
d1bf1cada4 [ErrorHandler] help finish the PR
6c9157bbc2 [ErrorHandler] merge and remove the ErrorRenderer component
This PR was merged into the 5.0-dev branch.
Discussion
----------
[5.0][Security] Minor clarification of the new isGranted signature
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
As we now only allow a single attribute for `isGranted()` in Symfony 5, let's adapt the PHPdoc and parameter name as well.
Commits
-------
e41e6b48a9 Clarified single attribute to isGranted() a bit more
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] make ExceptionEvent able to propagate any throwable
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
An alternative to #34306.
As a reminder, the goal of this series of PRs is to remove the `FatalThrowableError` wrapper that we introduced to seamlessly handle throwables when they were introduced in PHP 7.
From the changelog of `HttpKernel`:
* Deprecated methods `ExceptionEvent::get/setException()`, use `get/setThrowable()` instead
* Deprecated class `ExceptionListener`, use `ErrorListener` instead
And the final target: removed `Symfony\Component\ErrorHandler\Exception\ErrorException` (`FatalThrowableError` is already deprecated.)
Commits
-------
6f67f0e0c0 [HttpKernel] make ExceptionEvent able to propagate any throwable
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Fix defining multiple roles per access_control rule
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12371 needs to be reverted
#33584 deprecated passing multiple attributes to `AccessDecisionManager::decide()`, but this change must not impact `access_control` as you cannot define multiple rules with the same criteria for request matching (the first match wins).
Commits
-------
338b3dfd9f [Security] Fix defining multiple roles per access_control rule
* 4.4:
[Messenger] Fixed bad event dispatcher mocks.
[Workflow] Simplified EventDispatcherMock.
[Routing] revert the return type for UrlGeneratorInterface::generate to remove null
[HttpFoundation] Add a way to anonymize IPs
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fixed bad event dispatcher mocks
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
`EventDispatcherInterface::dispatch()` must return the passed event object. This PR fixes two mocks that violated this contract.
Commits
-------
103930039b [Messenger] Fixed bad event dispatcher mocks.
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] revert the return type for UrlGeneratorInterface::generate to remove null
…to remove null
| Q | A
| ------------- | ---
| Branch? | 3.4 (only)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
Bit of a casualty of commit tennis this:
A change to add `null` here as an option for how `UrlGeneratorInterface::generate()` (rather than the concrete `UrlGenerator`) was merged in https://github.com/symfony/symfony/pull/28321, but then [reverted](90494c20cc) for the reason [that this could be seen as a BC break](https://github.com/symfony/symfony/pull/28321#issuecomment-418540080), as the `null` return had not previously been documented (and is still not as part of the interface method docs).
However, in a subsequent change (https://github.com/symfony/symfony/pull/33252) with a wider scope, this doc change was added _back_ in order to reflect the underlying implementation as a result of a PHPStorm plugin complaining. There's no indication though of what a `null` return here though would mean, and for the same reason as the first revert (that this should be seen as a BC break), I'd like to submit this to be reverted for the 3.4 branch. (In 4.4 the `null` has already been removed.)
Having the interface indicating that this method can return `null` necessitates introducing a lot of actually redundant null checks in code that is covered by static analysis tools such as PHPStan.
Commits
-------
9f853f324f [Routing] revert the return type for UrlGeneratorInterface::generate to remove null
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Simplified EventDispatcherMock
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
This PR simplifies the Workflow component's mock implementation of the event dispatcher by implementing the much simpler contracts interface instead of the full-blown component interface.
Commits
-------
5aee181c83 [Workflow] Simplified EventDispatcherMock.
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] Add a way to anonymize IPs
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features --> TODO
This is helpful for GDPR compliance reasons, and it isn't much code saved but it's also good if you don't have to think about how to do it.
Commits
-------
9e62330bc4 [HttpFoundation] Add a way to anonymize IPs
* 4.4:
[DI] fix locators with numeric keys
Add support for NO_COLOR env var
[DI][FrameworkBundle] add EnvVarLoaderInterface - remove SecretEnvVarProcessor
Fix error when we use VO for the marking property
[DI] Remove LazyString from 4.4, before adding back to the String component
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Remove LazyString from 4.4, before adding back to the String component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In #34190 I'm proposing to move LazyString to the Service contracts, but String might be a better fit actually. Let's remove the class from 4.4 where it's not really needed, and add it back on 5.0 in the String component.
Commits
-------
b1a3ee76ac [DI] Remove LazyString from 4.4, before adding back to the String component
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Fix error when we use ValueObject for the marking property
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28203#22031
| License | MIT
Fix Illegal offset type in `MethodMarkingStore` class when we use Value Object for
the marking property.
Now, we can avoid to use only a string an we can have a Subject class with a Value Object like this :
```php
final class State
{
public const DRAFT = 'draft';
public const REVIEWED = 'reviewed';
public const REJECTED = 'rejected';
public const PUBLISHED = 'published';
/** @var string */
private $state;
public function __construct(string $state)
{
// some validation
$this->state = $state;
}
public function __toString()
{
return $this->state;
}
public static function Draft()
{
return new self(self::DRAFT);
}
...
}
final class Subject
{
private $marking;
public function __construct(State $marking = null)
{
$this->marking = $marking;
}
public function getMarking()
{
return $this->marking;
}
public function setMarking($marking)
{
$this->marking = $marking instanceof State ? $marking : new State($marking);
}
```
Commits
-------
6570d5cbe2 Fix error when we use VO for the marking property
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Add support for NO_COLOR env var
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR |
Adds support for https://no-color.org/ - ideally this would be considered a bugfix and added to older releases IMO, but submitting as new feature for now.
cc @johnstevenson
Commits
-------
c1b0a8e956 Add support for NO_COLOR env var
* 4.4:
[DI] Dont cache classes with missing parents
[HttpClient] Fix a crash when calling CurlHttpClient::__destruct()
Unallow symfony/http-kernel ^5.0
[FrameworkBundle] fix SodiumVault after stof review
[HttpClient] allow arbitrary JSON values in requests
[DependencyInjection] Added option `ignore_errors: not_found` while importing config files
[Validator] Add the missing translations for the Hebrew (\"he\") locale and fix 2 typos
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
This PR was merged into the 5.0-dev branch.
Discussion
----------
Remove \Throwable bubbling down support deprecation layer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Remove deprecation layer of https://github.com/symfony/symfony/pull/33065
Commits
-------
ffcfdb42a7 Remove \Throwable support deprecation layer
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Added option `ignore_errors: not_found` for imported config files
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#11647
If someone want to add optional config file. The only available choice was to add `ignore_errors: true` option
e.g.
```
imports:
- { resource: parameters.yml, ignore_errors: true }
```
But this will hide all errors in imported file. We ran in many situations that broke our Symfony applications because we had a typo in this imported files.
This PR introduce new possible value `not_found` for `ignore_errors` option. It can be used for optional config files like the `ignore_errors: true`, but it will ignore only the file non-existence, not the possible syntax errors inside.
Usage:
```
imports:
- { resource: parameters.yml, ignore_errors: not_found}
```
Commits
-------
e0ee01c10d [DependencyInjection] Added option `ignore_errors: not_found` while importing config files
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] fix SodiumVault after stof review
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/pull/34275#pullrequestreview-313355834
Commits
-------
a594599078 [FrameworkBundle] fix SodiumVault after stof review
* 4.3:
[DI] Dont cache classes with missing parents
[HttpClient] Fix a crash when calling CurlHttpClient::__destruct()
[Validator] Add the missing translations for the Hebrew (\"he\") locale and fix 2 typos
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
Allow arbitrary values in the "json" request option. Previously values were
limitated to arrays and objects of type JsonSerializable. This doesn't account
for scalar values and classes with public properties (which don't need to
implement JsonSerializable), all of which are perfectly acceptable arguments to
json_encode.
This PR was merged into the 5.0-dev branch.
Discussion
----------
[SecurityBundle] Remove deprecated service and code
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Remove deprecated service in https://github.com/symfony/symfony/pull/25839 and deprecated code in https://github.com/symfony/symfony/pull/33676.
Commits
-------
ad61d6f72b [SecurityBundle] Remove deprecated service and code
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Debug] Remove it from master
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Looks like it came back from the dead 😅
Commits
-------
54ffd46 [Debug] Remove it from master
This PR was merged into the 4.3 branch.
Discussion
----------
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/33992
| License | MIT
| Doc PR | -
The cache file name needs to depend on the scanned directories list. Otherwise, when a new directory is added, even if the container is rebuilt and the `FWB Translator` gets the new scanned directories list, the cached catalogue name is still the same and is resolved accordingly.
An alternative would be to make the `Translation Translator` `getCatalogueCachePath()` method and `fallbackLocales` `@internal` and `protected` to just override everything in the `FWB Translator`. The `cacheVary` argument has the benefit to be reusable by all the `Translation` component users.
Note that there is a negative minor performance impact that increases when the list of scanned directories grows.
Commits
-------
6cbee0944c [FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
This PR was merged into the 4.4 branch.
Discussion
----------
[DoctrineBridge] fix min version of http-kernel
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Required after #34257 and #34230
Commits
-------
69ba86ba66 [DoctrineBridge] fix min version of http-kernel
This PR was merged into the 4.4 branch.
Discussion
----------
[DoctrineBridge] Reopen DoctrineDataCollector to extensibility
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
DoctrineBundle is using it (0d20a98fb8/DataCollector/DoctrineDataCollector.php (L41)) and we don't want to prevent them from doing it.
Commits
-------
af021248bf [DoctrineBridge] Reopen DoctrineDataCollector to extensibility
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Notifier][Telegram] Fixing Telegram token
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Thanks, i really love this integration! i needed to do two minor changes while playing around:
- token needs to contain user and password, see https://core.telegram.org/bots/api#making-requests
- channel should be optional for bot interaction, using `chat_id` as message option instead
Commits
-------
c2c3e70e6b fixing telegram token
* 4.4:
[HttpClient] fix after merge from 4.3
[HttpClient] expose only gzip when doing transparent compression
[VarDumper] fix tests & displaying generators
Fix WeekType tests
add species to inflector and inflector tests
Add handling for delayed message to redis transport
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix after merge from 4.3
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
3c6dc96ab4 [HttpClient] fix after merge from 4.3
This PR was squashed before being merged into the 3.4 branch (closes#34135).
Discussion
----------
[Validator] Add the missing translations for the Hebrew ("he") locale and fix 2 typos
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#30166
| License | MIT
Ref #30166
Commits
-------
022cf67f19 [Validator] Add the missing translations for the Hebrew (\"he\") locale and fix 2 typos
* 4.4: (39 commits)
[Console] Fix#33915, Detect dimensions using mode CON if vt100 is supported
[PhpUnitBridge] Also search for composer.phar in git root folder
[HttpKernel][DataCollectorInterface] Ease compatibility
Add tests to ensure defaultLocale is properly passed to the URL generator
[DependencyInjection] Fix broken references in tests
[VarDumper] display the method we're in when dumping stack traces
[HttpClient] Retry safe requests when then fail before the body arrives
[Console] Rename some methods related to redraw frequency
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
Fix CS
[Serializer] Fix property name usage for denormalization
Name test accordingly to the tested class
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
[Security] Fix SwitchUserToken wrongly deauthenticated
Supporting Bootstrap 4 custom switches
Add new Form WeekType
bumped Symfony version to 4.3.7
...
* 4.3: (26 commits)
[Console] Fix#33915, Detect dimensions using mode CON if vt100 is supported
[HttpKernel][DataCollectorInterface] Ease compatibility
Add tests to ensure defaultLocale is properly passed to the URL generator
[DependencyInjection] Fix broken references in tests
[HttpClient] Retry safe requests when then fail before the body arrives
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
[Serializer] Fix property name usage for denormalization
Name test accordingly to the tested class
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
bumped Symfony version to 4.3.7
updated VERSION for 4.3.6
updated CHANGELOG for 4.3.6
bumped Symfony version to 3.4.34
updated VERSION for 3.4.33
update CONTRIBUTORS for 3.4.33
updated CHANGELOG for 3.4.33
[HttpClient] Fix perf issue when doing thousands of requests with curl
...
This PR was merged into the 4.3 branch.
Discussion
----------
[Console] Detect dimensions using mode CON if vt100 is supported
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33915
| License | MIT
This fixes color support detection for users of Win10 + git-bash. If vt100 support is detected, the terminal will not try to use `stty` to test for dimensions. Calling such command implicitly disables vt100 support on STDOUT.
Commits
-------
fdeceff85e [Console] Fix#33915, Detect dimensions using mode CON if vt100 is supported
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] Retry safe requests using HTTP/1.1 when HTTP/2 fails
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
cURL support of HTTP/2 is not as robust as HTTP/1.1. When doing >1k requests, the stream can break for buggy reasons. New versions of cURL are fixed already, but let's make our logic more resilient anyway, and switch to HTTP/1.1 when a *safe* request fails for send/recv reasons.
Commits
-------
9f7cd66004 [HttpClient] Retry safe requests when then fail before the body arrives
* 3.4:
[DependencyInjection] Fix broken references in tests
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
bumped Symfony version to 3.4.34
updated VERSION for 3.4.33
update CONTRIBUTORS for 3.4.33
updated CHANGELOG for 3.4.33
[Stopwatch] Fixed a bug in stopwatch event getStartTime
[Stopwatch] Fixed bug in getDuration when counting multiple ongoing periods
Adding some validations tags on validators.et.xlf
add missing translation for 94 (it)
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Avoid using of kernel after shutdown in KernelTestCase
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #...
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
I had sadly something like this in my codebase:
```php
if (!static::$kernel) {
static::bootKernel();
}
```
As the $kernel is never set again to null a old $kernel was still there. I would not only set the $container also the $kernel variable to null. ~~As this could be a BC Break I'm targeting master~~.
Commits
-------
49b58ed45e Avoid using of kernel after shutdown
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] Also search for composer.phar in git root folder
| Q | A
| ------------- | ---
| Branch? | 4.4 for features
| Bug fix? | kindof
| New feature? | addition to existing feature
| Deprecations? | no
| Tickets | Related: https://github.com/symfony/symfony/issues/26637#issuecomment-390749681
| License | MIT
When you don't have a system `composer` installation, but a `composer.phar` in the project folder, you cannot use the `simple-phpunit` script from a subfolder of the project with e.g. `../vendor/bin/simple-phpunit`.
This change also searches for the `composer.phar` in the current git root folder if it was not found at any other places to increase the likelihood of it being found.
Commits
-------
97fd204d16 [PhpUnitBridge] Also search for composer.phar in git root folder
This PR was merged into the 4.4 branch.
Discussion
----------
[VarDumper] display the method we're in when dumping stack traces
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR adds the line in blue:
Without it, we're missing some context as the method is from a trait. This allows knowing which class is actually importing and using the method.
Commits
-------
23600cc8e1 [VarDumper] display the method we're in when dumping stack traces
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorRenderer] Show generic message in non-debug mode
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I agree with @Tobion here https://github.com/symfony/symfony/pull/34158#issuecomment-548181099, so let's always show the detail message, but for 5xx errors we'll send a generic message instead.
/cc @dunglas wdyt?
Commits
-------
45f1a5ee06 Show generic message in non-debug mode
This PR was squashed before being merged into the 4.4 branch (closes#33732).
Discussion
----------
[Console] Rename some methods related to redraw frequency
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In #26339 we added `preventRedrawFasterThan()` and `forceRedrawSlowerThan()`. While merging the docs for them (https://github.com/symfony/symfony-docs/pull/12364) I thought that the method names are a bit hard to understand.
In this PR I propose a renaming for your consideration. Thanks!
In the following example, we want to update the progress bar every 100 iterations, but not faster than 100ms or slower than 200ms.
**Before**
```php
$progressBar = new ProgressBar($output, 50000);
$progressBar->start();
$progressBar->setRedrawFrequency(100);
$progressBar->preventRedrawFasterThan(0.1);
$progressBar->forceRedrawSlowerThan(0.2);
```
**After**
```php
$progressBar = new ProgressBar($output, 50000);
$progressBar->start();
$progressBar->setRedrawFrequency(100);
$progressBar->maxRefreshInterval(0.1);
$progressBar->minRefreshInterval(0.2);
```
Commits
-------
e6ee7b07f3 [Console] Rename some methods related to redraw frequency
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing][Config] Allow patterns of resources to be excluded from config loading
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #31516
| License | MIT
| Doc PR | not yet
The PR will fix the following RFC: #31516
Like resource loading for services, this PR offers a way to exclude patterns of resources like:
```yml
// config/routes/annotations.yaml
controllers:
resource: ../../src/Controller/*
type: annotation
exclude: '../src/Controller/{DebugEmailController}.php'
```
All the annotation routes inside `Controller/` will be loaded in this example except all the one present inside the `Controller/DebugEmailController.php`
Commits
-------
332ff8811c [Routing][Config] Allow patterns of resources to be excluded from config loading
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Add compiler pass and command to check that services wiring matches type declarations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27744
| License | MIT
| Doc PR |
PR replacing https://github.com/symfony/symfony/pull/27825.
It adds a `lint:container` command asserting the type hints used in your code are correct.
Commits
-------
8230a1543e Make it really work on real apps
4b3e9d4c96 Fix comments, improve the feature
a6292b917b [DI] Add compiler pass to check arguments type hint
This PR was merged into the 4.3 branch.
Discussion
----------
[Messenger] fix retry of messages losing the routing key and properties
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#32994 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR |
Messages sent for retry in rabbitmq lost the routing key and properties like the priority. Now we read those original properties and sent the retry message with the same properties (unless those properties have already been set manually before).
Commits
-------
75c674debc [Messenger] fix retry of messages losing the routing key and properties
This PR was merged into the 3.4 branch.
Discussion
----------
Adding some validations tags on validators.et.xlf
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/30160
| License | MIT
I saw an issue in the **Issues Page** and i want to help to improve the repository, even with a simple modification
Commits
-------
16bd71b5b1 Adding some validations tags on validators.et.xlf
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] add missing translation for 94 (it)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR | not needed
Italian translation for validator is missing last item (id 94)
Commits
-------
1dc7ce1159 add missing translation for 94 (it)
This PR was merged into the 3.4 branch.
Discussion
----------
[Stopwatch] Fixed bug in getDuration when counting multiple ongoing periods
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34087
| License | MIT
| Doc PR | N/A
When running multiple periods in StopwatchEvent (start multiple times and not stop them all), the getDuration() method would return unexpected values.
This was because at every stop, the last entry in the `started` array was removed, while the `getDuration` method was still expecting all the started events to still be there.
Now, when calling `getDuration`, the duration of all the finished periods are added together with the unfinished counts.
Commits
-------
af00d8deab [Stopwatch] Fixed bug in getDuration when counting multiple ongoing periods
This PR was squashed before being merged into the 4.3 branch (closes#34165).
Discussion
----------
[PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When an annotation is declared as `int[]|null`, it is handled like `(int|null)[]|null`. So array values are also nullable.
Now this behavior is fixed that `int[]|null` is either a collection of integers only or null.
How to reproduce:
```php
class Dummy
{
/** @var int[]|null */
public $nullableCollectionOfNonNullableElements;
}
/** @var Type[] $types */
$types = (new PhpDocExtractor())->getTypes(Dummy::class, 'nullableCollectionOfNonNullableElements');
$collectionType = $types[0];
assert($collectionType->isCollection() === true); // OK
assert($collectionType->isNullable() === true); // OK
assert($collectionType->getCollectionValueType()->getBuiltinType() === Type::BUILTIN_TYPE_INT); // OK
assert($collectionType->getCollectionValueType()->isNullable() === false); // FAILED
```
Commits
-------
5e394c40f0 [PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
This PR was merged into the 3.4 branch.
Discussion
----------
[Stopwatch] Fixed a bug in StopwatchEvent::getStartTime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34088
| License | MIT
| Doc PR | N/A
When using a `StopwatchEvent` with an `$origin` that's smaller than the first start time, calling `getStartTime()` before ending the event will give `0` instead of the correct number.
The proposed fix in #34088 fixes this.
Commits
-------
b2b7eab949 [Stopwatch] Fixed a bug in stopwatch event getStartTime
* Added a hardcoded day 01 in order to output the proper month November
which is the correct EOL and EOM month.
* \DateTime::createFromFormat('mY') will output December for every month
where day 31 exists.
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Security] Add back ROLE_PREVIOUS_ADMIN to impersonated user
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Still useful as per https://symfony.com/doc/master/security/impersonating_user.html#knowing-when-impersonation-is-active
Commits
-------
64f4430cda [Security] Add back ROLE_PREVIOUS_ADMIN to impersonated user
This PR was merged into the 4.4 branch.
Discussion
----------
Add new Form WeekType
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #32029
| License | MIT
| Doc PR | <!--symfony/symfony-docs#...--> coming soon
----
#### Update
After the first try, I've updated the field to have more options, and be more "straight".
The field acts like the `DateTimeType` or `TimeType`, various fields type (pure text, html5 type, select boxes), data validation, ....
For that I took the choice to update the `DateTimeToStringTransformer` and `DateTimeToArrayTransformer` to make them work with weeks format.
I was not sure if it was better to update them or create new ones, WDYT?
Before addind tests and docs, it would be nice to have your first thoughts/comments 😊
Do you need/want a small test repo?
Commits
-------
c4a2f026e0 Add new Form WeekType
This PR was merged into the 4.4 branch.
Discussion
----------
Form theme: support Bootstrap 4 custom switches
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12464
Hello,
At the moment, Symfony form theme supports [custom checkboxes](https://getbootstrap.com/docs/4.3/components/forms/#checkboxes) through an extra class in `label_attr`.
Bootstrap4 introduced also [custom switches](https://getbootstrap.com/docs/4.3/components/forms/#switches), which has exactly the same HTML markup, but use a different class. This PR slightly modify `bootstrap_4_layout` to handle it.
Some reasons why I think supporting those have its place in Symfony:
- those are getting common in UI right now, it is a common use case
- it is complementary to normal checkboxes, and works the same way: required attribute, validation error, and so on are supported immediately
- implementing it yourself in your form theme is actually tricky, because of the way checkbox are handled (ie., `form_label` called inside `form_widget` with a `{ widget: parent() }`). You have to overwrite the whole fragment, otherwise you get an infinite recursion.
Finally, some screenshots and code examples.
Custom checkbox (as at the moment):
```php
->add('test', CheckboxType::class, [
'label_attr' => [
'class' => 'checkbox-custom',
],
])
```
Custom switch (proposed):
```php
->add('test', CheckboxType::class, [
'label_attr' => [
'class' => 'switch-custom',
],
])
```
Commits
-------
99f59e262f Supporting Bootstrap 4 custom switches
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Add ability to choose behavior of decorations on non existent decorated services
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33522
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12442
# Handling decorations on non existent decorated services
Handle decorations on non existent decorated services by either throwing the service not found exception, silently ignoring services (decorator & decorated) all together or leave the decorated service to null (current behavior)
Something almost similar to how missing services as parameters are handles.
## Yaml configuration
```yaml
decorator:
decorates: decorated
decoration_on_invalid: ignore
```
Available values: `exception`, `ignore`, `null`. `exception` if nothing is specified.
## Xml configuration
```xml
<service id="decorator" decorates="decorated" decoration-on-invalid="ignore" />
```
Available values: `exception`, `ignore`, `null`. `exception` if nothing is specified.
## Behavior
- `exception`: Throws a `ServiceNotFoundException` telling that the decorator's dependency is missing
- `ignore`: Remove decorator definition. Decorator and decorated will not be available at all.
- `null`: Keep decorator but set decorated to null. Therefore, decorator `__construct` should be written with a nullable decorated dependency (`public function __contruct(?DecoratedInterface $decorated) {}`) and check should be done in other methods
Commits
-------
f167c77eaf Handle non existent decorated services
This PR was squashed before being merged into the 4.3 branch (closes#34035).
Discussion
----------
[Serializer] Fix property name usage for denormalization
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Using the `@SerializedName()` and passing it an existing property name affects the deserialization even if `@Groups()` are not supposed to be involved.
## How to reproduce
Given the following class
```php
class Foo
{
/**
* @Group("list")
*/
private $bar;
public function setBar($bar)
{
$this->bar = $bar;
}
public function getBar()
{
return $this->bar;
}
/**
* @Groups({"list:export"})
* @SerializedName("bar")
*/
public function getBarForExport()
{
return $this->bar.' Rocks';
}
}
```
This allow us to change the content of the property based on the normalization context.
```php
$obj = new Foo();
$obj->setBar('Api Platform');
$data = $normalizer->normalize($obj, null, ['groups' => ["list"]]);
// $data => ['bar' => 'Api Platform'] as expected
$data = $normalizer->normalize($obj, null, ['groups' => ["list:export"]]);
// $data => ['bar' => 'Api Platform Rocks'] as expected
$obj = $normalizer->denormalize(['bar' => 'Api Platform'], Foo::class, null, ['groups' => ['list']]);
// $obj->getBar() would return null instead of 'Api Platform' as expected.
```
Commits
-------
8ca4a3f345 [Serializer] Fix property name usage for denormalization
This PR was merged into the 4.4 branch.
Discussion
----------
Fix typo
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
327a13cac0 Fix typo
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] extract worker logic to listener and get rid of SendersLocatorInterface::getSenderByAlias
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#32077 and #31848
| License | MIT
| Doc PR |
as discussed with @weaverryan sending messages for retry and failure directly to transport instead of redispatching on the bus makes things much cleaner
Commits
-------
d7e0f98cd0 [Messenger] extract worker logic to listener and sent messages for retry and failure directly to transport instead of redispatching on the bus
This PR was squashed before being merged into the 4.4 branch (closes#34155).
Discussion
----------
Revert SyncTransport simplification and fix properly
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34115 (and also related to #34066)
| License | MIT
| Doc PR | Not needed
In #34069, I made `SyncTransport` simpler by removing that transport class and making the whole things a config trick. I felt GREAT about that solution... until i realized two big problems:
1) It kills using env vars for `sync://` because we read the config values at build time - #34115 - that could probably be fixed by adding a factory, but then there is also the next problem
2) If someone routed a message to `[async, sync]` (weird, but allowed), my #34069 config solution basically maps this internally to `[async]`, which actually causes the message to *not* be handled immediately. Basically, my solution only worked if you route a message ONLY to one sync transport, but fails if you route to multiple transports.
So... this fixes things in a less-cool, but sensible way:
A) The first commit reverts #34069 exactly
B) The second commit solves the issue that we need to know if a message is being handled in a "worker" context or not, so middleware can decide if they should reset things before/after handling things. Previously we were using `ReceivedStamp` to know this. But because `SyncTransport` also "receives" the message and adds this stamp, it's not enough. To fix this, I added a new `ConsumedByWorkerStamp` that clearly means: "This message is being handled by a worker" (and so, you might want to "reset" some things before/after handling).
Thanks!
Commits
-------
01a9fefe77 Adding ConsumedByWorkerStamp as way to mark a message in a "worker context"
38f19a960c Revert "[Messenger] Removing "sync" transport and replacing it with much nicer config trick"
This PR was merged into the 4.4 branch.
Discussion
----------
[VarDumper] Do not dump the EventDispatcher
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
31c402a003 [VarDumper] Do not dump the EventDispatcher
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] add DeflateMarshaller - remove phpredis compression
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
phpredis compression doesn't play well with lua scripting as used in #33939
Let's remove it and provide a `DeflateMarshaller` instead.
Ppl can use it via decoration:
```yaml
services:
Symfony\Component\Cache\Marshaller\DeflateMarshaller:
decorates: cache.default_marshaller
arguments: ['@Symfony\Component\Cache\Marshaller\DeflateMarshaller.inner']
```
It's not enabled by default because that might break pools that are shared between different apps.
/cc @andrerom FYI
Commits
-------
452c863639 [Cache] add DeflateMarshaller - remove phpredis compression
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] fix regexp for anonymous services with no class set
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follows #33782
Commits
-------
a302d2050e [DI] fix regexp for anonymous services with no class set
This PR was merged into the 4.3 branch.
Discussion
----------
[4.3] Remove unused local variables
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follow up of https://github.com/symfony/symfony/pull/34105 on 4.3.
Commits
-------
58161b8eec [4.3] Remove unused local variables
* 4.4:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[HttpClient] always return the empty string when the response cannot have a body
[TwigBundle][exception] Added missing css variable to highlight line in trace
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
* 4.3:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[HttpClient] always return the empty string when the response cannot have a body
[TwigBundle][exception] Added missing css variable to highlight line in trace
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
* 3.4:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Config] Disable default alphabet sorting in glob function due of unstable sort
…table sort
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#33990 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | no <!-- required for new features -->
`\Symfony\Component\Config\Resource\GlobResource::getIterator` loads files using `glob` not it the stable sorting, e.g several files: `doctrine.yml` and `doctrine_mongodb.yaml` in `config/packages` folder.
On requests these files come(randomly) in a different order, which leads to reinitialization of symfony kernel in `dev` environment. It's a little bit annoying and takes a lot of time in a common :(
<!--
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
3bed0247c0 [Config] Disable default alphabet sorting in glob function due of unstable sort
* 4.4:
[HttpFoundation][FrameworkBundle] allow configuring the session handler with a DSN
[Validator] Add AutoMapping constraint to enable or disable auto-validation
[DI] Fix "!tagged" related upgrade/changelog notes
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation][FrameworkBundle] allow configuring the session handler with a DSN
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
```yaml
framework:
session:
handler_id: 'redis://localhost'
handler_id: '%env(REDIS_URL)%'
handler_id: '%env(DATABASE_URL)%'
handler_id: 'file://%kernel.project_dir%/var/sessions'
```
etc.
the database connection is not shared with the ORM (don't mess with transactions.)
redis/memcached connections are shared between cache and session.
(as a reminder, cache and ORM share the db connection: we're ok with trashing the cache on a rollback)
Lock-related changes are a follow up of #34043.
(fabbot failure is false positive)
Commits
-------
de9c61f423 [HttpFoundation][FrameworkBundle] allow configuring the session handler with a DSN
This PR was squashed before being merged into the 4.4 branch (closes#32107).
Discussion
----------
[Validator] Add AutoMapping constraint to enable or disable auto-validation
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #32070, #32015 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo
As discussed in #32070 and #32015, it's sometimes mandatory to prevent some classes or properties to be auto mapped (auto-validated). This PR introduces a new constraint, `@AutoMapping` allowing to do exactly that. Examples:
Class:
```php
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Validator\Constraints as Assert;
/**
* @ORM\Entity
* @Assert\AutoMapping(false)
*/
class DoctrineLoaderNoAutoMappingEntity
{
/**
* @ORM\Id
* @ORM\Column
*/
public $id;
/**
* @ORM\Column(length=20, unique=true)
*/
public $maxLength;
}
```
Property:
```php
namespace Symfony\Bridge\Doctrine\Tests\Fixtures;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Validator\Constraints as Assert;
/**
* @ORM\Entity
*/
class DoctrineLoaderEntity extends DoctrineLoaderParentEntity
{
/**
* @ORM\Id
* @ORM\Column
*/
public $id;
/**
* @ORM\Column(length=10)
* @Assert\AutoMapping(false)
*/
public $noAutoMapping;
}
```
The rules are the following:
* If the constraint is present on a property, and set to true, auto-mapping is always on, regardless of the config, and of any class level annotation
* If the constraint is present on a property, and set to false, auto-mapping is always off, regardless of the config, and of any class level annotation
* If the constraint is present on a class, and set to true, auto-mapping is always on except if a the annotation has been added to a specific property, and regardless of the config
* If the constraint is present on a class, and set to false, auto-mapping is always off except if a the annotation has been added to a specific property, and regardless of the config
Commits
-------
f6519ce88b [Validator] Add AutoMapping constraint to enable or disable auto-validation
This PR was merged into the 4.3 branch.
Discussion
----------
[TwigBundle][exception] Added missing css variable to highlight line in trace
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
---
To get the yellow background
Commits
-------
5f19501 [TwigBundle][exception] Added missing css variable to highlight line in trace
* 4.4:
Re-allow to use "tagged" in service definitions
[HttpFoundation] Allow to not pass a parameter to Request::isMethodSafe()
Add missing lock connection string in FrameworkExtension
[DomCrawler] normalizeWhitespace should be true by default
[DoctrineBridge] Auto-validation must work if no regex are passed
Allows URL DSN in Lock and Cache
This PR was merged into the 4.4 branch.
Discussion
----------
Re-allow to use "tagged" in service definitions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Re-allow to use `tagged` in 4.4 and 5.0. It makes it easier for bundles to support both Symfony 4.3- and Symfony 4.4+.
Needed to make API Platform compatible with Symfony 5 (api-platform/core#3009)
Commits
-------
7b7dc0df9a Re-allow to use "tagged" in service definitions
This PR was merged into the 4.4 branch.
Discussion
----------
[Lock][Cache] Allows URL DSN in PDO adapters
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
This PR duplicate a feature from PdoSessionHandler that convert URL DSN ( ie. mysql://localhost/test) into PDO DSN (ie. mysql:host=localhost;dbname=test)
that would ease configuration by using the same well-known variable
```
framework:
lock: '%env(DATABASE_URL)%'
```
note: I applied the same change on Cache component for consistency.
Commits
-------
474daf976e Allows URL DSN in Lock and Cache
This PR was squashed before being merged into the 4.3 branch (closes#33828).
Discussion
----------
[DoctrineBridge] Auto-validation must work if no regex are passed
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Backport of https://github.com/symfony/symfony/pull/32107/files#r295762928.
This behavior if faulty, if no regex are passed, autvalidation must be triggered, [as done in `PropertyInfoLoader`](https://github.com/symfony/symfony/blob/4.3/src/Symfony/Component/Validator/Mapping/Loader/PropertyInfoLoader.php#L50).
Commits
-------
5ed7d6c759 [DoctrineBridge] Auto-validation must work if no regex are passed
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorRenderer] Security fix: hide sensitive error messages
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This PR fixes a security issue. Exception messages must not be displayed except when debugging, because they can contain sensitive data including credentials.
For instance, PDO and Doctrine throw exception with message such as `The details are: SQLSTATE[HY000] [1045] Access denied for user 'root'@'db.example.com' (using password: NO)` revealing internal details about the infrastructure usful for an attacker.
Also, I still think that ErrorRenderer should be removed in favor of using the Serializer directly (see https://github.com/symfony/symfony/pull/33650#issuecomment-534441889). I'll try to open some PRs to do that in tomorrow.
Commits
-------
d7d7f22 [ErrorRenderer] Security fix: hide sensitive error messages
This PR was merged into the 4.3 branch.
Discussion
----------
[OptionsResolver] Fix an error message to be more accurate
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30432
| License | MIT
| Doc PR | -
Follow-up https://github.com/symfony/symfony/pull/30442 for 4.3
Commits
-------
1be68a752a Fix an error message to be more accurate
* 4.4:
[OptionsResolve] Revert change in tests for a not-merged change in code
[HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
[Workflow] Made the configuration more robust for the 'property' key
[Security/Core] make NativePasswordEncoder use sodium to validate passwords when possible
[FrameworkBundle] make SodiumVault report bad decryption key accurately
cs fix
[Security] Allow to set a fixed algorithm
[Security/Core] make encodedLength computation more generic
[Security/Core] add fast path when encoded password cannot match anything
#30432 fix an error message
fix paths to detect code owners
[HttpClient] ignore the body of responses to HEAD requests
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
[SecurityBundle] Fix wrong assertion
Remove unused local variables in tests
[Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
Make sure to collect child forms created on *_SET_DATA events
[WebProfilerBundle] Improve display in Email panel for dark theme
do not render errors for checkboxes twice
* 4.3:
[OptionsResolve] Revert change in tests for a not-merged change in code
[HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
[Workflow] Made the configuration more robust for the 'property' key
[Security/Core] make NativePasswordEncoder use sodium to validate passwords when possible
#30432 fix an error message
fix paths to detect code owners
[HttpClient] ignore the body of responses to HEAD requests
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
[SecurityBundle] Fix wrong assertion
Remove unused local variables in tests
[Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
Make sure to collect child forms created on *_SET_DATA events
[WebProfilerBundle] Improve display in Email panel for dark theme
do not render errors for checkboxes twice
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] correct types for default arguments for firewall configs
| Q | A
| ------------- | ---
| Branch? | 3.4 (and forward)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Up until now, the default template arguments in the `security.firewall.config` abstract service definition have been each defined (aside from the argument for `$listeners` which is given a `collection` type) in the XML as
```xml
<argument />
```
which resolves to an empty string, despite that some of the arguments are typed to being either `bool` or `array|null` on the `Symfony\Bundle\SecurityBundle\Security\FirewallConfig` class itself.
This wouldn't be so much of a problem if the child definitions that use this as a template overrode all the arguments every time, but in the case of firewall configs that mark security as _not_ being enabled, [only the first few arguments are overwritten](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php#L349-L352), so firewall config objects that do not have security enabled are instantiated by the DI container with parameters with some of the wrong types.
In general this wouldn't be an issue, as firewalls with security not enabled would not usually be consumed in a context where further security-related config were needed, but there is a case in `Symfony\Bundle\SecurityBundle\DataCollector\SecurityDataCollector` where the method `getSwitchUser()` on the firewall config object [can be called](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php#L181) without checking first whether the firewall has security enabled, which leads to an exception being thrown:
```
Symfony\Component\Debug\Exception\ContextErrorException
Warning: Illegal string offset 'parameter'
in vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php (line 184)
```
which is down to the firewall config being set with an empty string rather than `null` (in which case the logic here would function as expected).
It seemed most appropriate as a fix (especially given possible introduction of scalar type hints in the future) to apply types to the default arguments so that it was no longer possible to instantiate a firewall config object with parameters of unexpected types.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
6b7044fc01 [SecurityBundle] correct types for default arguments for firewall configs
* 3.4:
#30432 fix an error message
fix paths to detect code owners
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
Remove unused local variables in tests
Make sure to collect child forms created on *_SET_DATA events
do not render errors for checkboxes twice
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Made the configuration more robust for the 'property' key
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34092
| License | MIT
| Doc PR |
Commits
-------
0c31ff007e [Workflow] Made the configuration more robust for the 'property' key
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A `304` is the final response code.
This PR implements the same logic as curl.
Commits
-------
50a88c59f6 [HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Allow to stick to a specific password hashing algorithm
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33054
| License | MIT
| Doc PR | todo
Allows using `argon2i`, `argon2id` and `bcrypt`.
Commits
-------
6712d1e504 [Security] Allow to set a fixed algorithm
This PR was merged into the 5.0-dev branch.
Discussion
----------
Slack notifier actions
| Q | A
| ------------- | ---
| Branch? | 5.0 <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -
Slack messages can contain actions/buttons.
Commits
-------
b6e203dfe7 [Notifier] Add the possibility to add actions on Slack messages
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Core] add fast path when encoded password cannot match anything
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Only `MessageDigestPasswordEncoder` and `Pbkdf2PasswordEncoder` need this fast path: the sodium and the native encoders already implement it natively.
When a migrating encoder is used, a failed password validation fallbacks to all encoders. This makes the process slower than needed currently.
Commits
-------
c57f8f7f93 [Security/Core] add fast path when encoded password cannot match anything
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Remove suffix convention when using env vars to override secrets from the vault
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, env vars that override encrypted secrets must en up with `_SECRET`.
This PR removes this convention. It also enforces that only vars defined in the vault can be overriden locally. This means one cannot set a local-only secret.
Commits
-------
2ec9647e75 [FrameworkBundle] Remove suffix convention when using env vars to override secrets from the vault
This PR was merged into the 3.4 branch.
Discussion
----------
[OptionsResolver] Fix an error message to be more accurate
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30432
| License | MIT
| Doc PR |
See #30432 for more details:
> **Symfony version(s) affected**: 3.4, maybe other versions too (not tested)
>
> **Description**
> Error message when allowedTypes is an array contains `[]` but should not:
> `The option "testme" with value array is expected to be of type "string[]", but one of the elements is of type "integer[]".`
> It should be:
> `The option "testme" with value array is expected to be of type "string[]", but one of the elements is of type "integer".`
>
> **How to reproduce**
>
> ```
> $resolver = (new OptionsResolver())
> ->setDefault('testme', [])
> ->setAllowedTypes('testme', ['string[]'])
> ->resolve(['testme' => ['test', 12]]);
> ```
In addition I changed an error message to be more
accurate if provided more than one incorrect value:
> [...] is expected to be of type "integer[][]", but is of type "integer|boolean|string".
Commits
-------
7fa2fc2#30432 fix an error message
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Make sure to collect child forms created on *_SET_DATA events
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#29291
| License | MIT
| Doc PR | -
See reproducer provided by @WubbleWobble https://github.com/WubbleWobble/symfony-issue-29291.
Commits
-------
50efc1a Make sure to collect child forms created on *_SET_DATA events
This PR was merged into the 4.3 branch.
Discussion
----------
[Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This method is internal and unused. It was removed by a2ae6bf745 but was added back mistakenly by 1baac5a74f.
Commits
-------
49acc16424 [Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] ignore the body of responses to HEAD requests
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34102
| License | MIT
| Doc PR | -
Commits
-------
0fc371e7df [HttpClient] ignore the body of responses to HEAD requests
This PR was squashed before being merged into the 3.4 branch (closes#34097).
Discussion
----------
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Drupal is testing on PHP7.4 and hitting a problem with the line `if ('[' === $subPath[0]) {` because `$subPath` is not a string. We're already doing string casting in the method so we could do it once and be done. Note this is not a problem on the master branch / SF5 because of primitive typehinting.
Without this fix on PHP7.4 you see errors like...
```
1) Symfony\Component\Validator\Tests\Util\PropertyPathTest::testAppend with data set #5 ('0', 1, '0.1', 'Numeric subpaths do not cause...rrors.')
Trying to access array offset on value of type int
```
Commits
-------
6244a1ec47 [Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
This PR was merged into the 4.3 branch.
Discussion
----------
[Messenger] use database platform to convert correctly the DateTime
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32427
| License | MIT
In Doctrine Messenger the method `\Symfony\Component\Messenger\Transport\Doctrine\Connection::formatDateTime()` is used to format dateTime into this: `Y-m-d\TH:i:s`.
But this is not supported in all databases platform.
Here we use the database platform to convert correctly the dateTime.
Commits
-------
cfa11561d1 Format DateTime depending on database platform
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] allow option "buffer" to be a stream resource
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e87301603e [HttpClient] allow option "buffer" to be a stream resource
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Notifier] Fix default value for phone number of admins
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
`AdminRecipient` does not support `null` for phone.
Commits
-------
1f82ab6155 [Notifier] Fix default value for phone number of admins
This PR was merged into the 4.3 branch.
Discussion
----------
[Messenger] Show exceptions after multiple retries
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #32311
| License | MIT
| Doc PR | n/a
After retrying a failed message, the `RedeliveryStamp` looses it's exception information. This PR will remedy that.
Commits
-------
598bd92313 [Messenger] Show exceptions on after empty fails
* 4.4:
[Validator] Set Length::$allowEmptyString to false when a NotBlank contraint is defined
[FrameworkBundle] Dont reset the test container but the real one instead
Import missing classes
[SecurityBundle] test with doctrine-bundle 2
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Don't reset the test container but the real one instead
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes/no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -
After #31202 and #32056, the tearDown method keeps throwing deprecation notices about "Getting the container from a non-booted kernel". The reason is that resetting the test-container calls `$kernel->getContainer()` while the kernel has been shut down.
This fixes it and a few other glitches found meanwhile.
Commits
-------
8e16143256 [FrameworkBundle] Dont reset the test container but the real one instead
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] test with doctrine-bundle 2
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e3261f4f7f [SecurityBundle] test with doctrine-bundle 2
* 4.4:
[Debug] remove return types that break FC badly
[Mailer][MailchimpBridge] Don't send address names if empty string
[ExpressionLanguage][Lexer] Exponential format for number
[Mailer] Fix SES Message Id retrieval
Add .gitignore to .gitattributes
This PR was merged into the 4.4 branch.
Discussion
----------
[Debug] remove return types that break FC badly
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The return type on Debug's FlattenException blocks creating a child class that is compatible with both v4.4 and v5.0.
Removing it fixes the issue with no BC break.
Adding `final` on `setPrevious` will allow updating its type hint in v5.0.
Commits
-------
cb5ef6ec18 [Debug] remove return types that break FC badly
This PR was merged into the 4.4 branch.
Discussion
----------
Add .gitignore to .gitattributes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #33946
| License | MIT
Commits
-------
246c5fdf43 Add .gitignore to .gitattributes
This PR was merged into the 4.4 branch.
Discussion
----------
[Mailer] Fix typo
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#34006
| License | MIT
| Doc PR | n/a
The XML is different depending on the way we are sending email. So, it's `SendEmailResult` when using the API and `SendRawEmailResult` when using the HTTP class (we are then sending the raw email).
Commits
-------
4bd7cb0368 [Mailer] Fix SES Message Id retrieval
This PR was merged into the 4.4 branch.
Discussion
----------
[ExpressionLanguage][Lexer] Exponential format for number
Exponential format has been added for numbers.
Ex: 1.99E+3 === 1990,
Ex: expression (1 + 1.99E+3) = 1991
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Exponential format has been added for numbers.
Ex: 1.99E+3 === 1990,
Expressions:
0.1e+2 = 10
1e-2 = 0.01
(1 + 1.99E+3) = 1991
and etc...
Commits
-------
430ec32992 [ExpressionLanguage][Lexer] Exponential format for number
* 4.4:
[ErrorRenderer] FlattenException cannot be final
Fixing issue where worker-only middleware were run in all contexts
[Messenger] Removing "sync" transport and replacing it with much nicer config trick
Use port 465 for SES SMTP transport
[DI] made the `%env(base64:...)%` processor able to decode base64url
[VarDumper] improve displaying cut closures
Set ReturnType of LockFactory to LockInterface
[EventDispatcher] handle lazy-callable invokable
This PR was merged into the 4.4 branch.
Discussion
----------
Use port 465 for SES SMTP transport
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34064
| License | MIT
Commits
-------
8492e260cb Use port 465 for SES SMTP transport
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fix worker-only Doctrine middleware from running always
| Q | A
| ------------- | ---
| Branch? | 4.4 (or 4.3?, this is a bug fix)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#32436 Depends on #34069
| License | MIT
| Doc PR | not needed
Several Doctrine middleware are only meant to be run in a "worker" context: we want to "ping" the connection, "close" the connection and "clear" the entity manager ONLY when we are receiving messages. Before this PR, it was done always, which causes bad behavior for sync messages (imagine your Doctrine connection being closed in the middle of a controller or see https://github.com/symfony/symfony/pull/31334#issuecomment-544288437).
This fixes that in a pragmatic way: no new system for "worker-only" middleware or anything like that: just make the middleware smart enough to only do their work when a message is being received async.
Commits
-------
290a72917b Fixing issue where worker-only middleware were run in all contexts
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorRenderer] FlattenException cannot be final
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Making it final forces tight coupling with the implementation as soon as one type-hints for the class.
That's a blocker on making e.g. `EasyAdminBundle` compatible with Symfony 5.
Commits
-------
b125835056 [ErrorRenderer] FlattenException cannot be final
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] skip tests implemented in 4.4
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Needed after #34051 and #34044
Commits
-------
ae86ab18fa [HttpClient] skip tests implemented in 4.4
This PR was merged into the 4.4 branch.
Discussion
----------
[VarDumper] improve displaying cut closures
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Minor but still an improvement so 4.4: this change makes closures replaced by `CutStub` be displayed with their signature instead of just the `Closure` label.
Commits
-------
2b0a11de02 [VarDumper] improve displaying cut closures
This PR was merged into the 4.4 branch.
Discussion
----------
[Lock] Set ReturnType of LockFactory to LockInterface
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #...
| License | MIT
| Doc PR |
LockFactory I think should return a LockInterface and not the Lock class.
/cc @chalasr
Commits
-------
ff1fa57ef2 Set ReturnType of LockFactory to LockInterface
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBridge] do not render errors for checkboxes twice
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34008
| License | MIT
| Doc PR |
Commits
-------
9eddea97d8 do not render errors for checkboxes twice
This PR was merged into the 4.3 branch.
Discussion
----------
[Messenger] Fix ignored options in redis transport
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33425
| License | MIT
| Doc PR | -
Also fixes redis authentication failure handling (inline with invalid db index handling, borrowed from symfony/cache).
/cc @alexander-schranz
Commits
-------
c83ff94c37 [Messenger] Fix ignored options in redis transport
* 4.4:
[Console] Revert wrong change
[HttpClient] Add a canceled state to the ResponseInterface
Fix small typo in Exception message
Restrict secrets management to sodium+filesystem
Add secrets management
Proof of concept for encrypted secrets
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Add `secrets:*` commands and `%env(secret:...)%` processor to deal with secrets seamlessly
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#27351
| License | MIT
| Doc PR | symfony/symfony-docs/pull/11396
This PR continues #31101, please see there for previous discussions. The attached patch has been fine-tuned on https://github.com/nicolas-grekas/symfony/pull/33 with @jderusse.
This PR is more opinionated and thus a lot simpler than #31101: only Sodium is supported to encrypt/decrypt (polyfill possible), and only local filesystem is available as a storage, with little to no extension point. That's on purpose: the goal here is to provide an experience, not software building blocks. In 5.1, this might be extended and might lead to a new component, but we'd first need reports from real-world needs. Having this straight-to-the-point in 4.4 will allow gathering these needs (if they exist) and will immediately provide a nice workflow for the need we do want to solve now: forwarding secrets from dev to prod using git in a secure way.
The workflow this will allow is the following:
- public/private key pairs are generated in the `config/secrets/%kernel.environment%/` folder using `bin/console secrets:generate-keys`
- for the prod env, the corresponding private key should be deployed to the server using whatever means the hosting provider allows - this key MUST NOT be committed
- the public key is used to encrypt secrets and thus *may* be committed in the git repository to allow anyone *that can commit* to add secrets - this is done using `bin/console secrets:set`
DI configuration can reference secrets using `%env(secret:...)%` in e.g `services.yaml`.
There is also `bin/console secrets:remove` and `bin/console debug:secrets` to complete the toolbox.
In terms of design, vs #31101, this groups the dual "encoder" + "storage" concepts in a single "vault" one. That's part of what makes this PR simpler.
That's all folks :)
Commits
-------
c4653e1f65 Restrict secrets management to sodium+filesystem
02b5d740e5 Add secrets management
8c8f62390a Proof of concept for encrypted secrets
* 4.4:
[HttpKernel] fix wrong removal of the just generated container dir
bug #34024 [Routing] fix route loading with wildcard, but dir or file is empty (gseidel)
[Routing] fix route loading with wildcard, but dir or file is empty
bump Form component compatibility versions
execute all compatible tests across versions
[Mailer][MailchimpBridge] Fix NamedAddress obsolete paths
* 4.3:
[HttpKernel] fix wrong removal of the just generated container dir
bug #34024 [Routing] fix route loading with wildcard, but dir or file is empty (gseidel)
[Routing] fix route loading with wildcard, but dir or file is empty
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] fix wrong removal of the just generated container dir
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The patch applies to 3.4 but the fix really affects to 4.4 with the introduction of the new `.preload.php` file.
/cc @fabpot since you encountered this error quite often recently during `composer up/req` :)
Commits
-------
4ad09ebafb [HttpKernel] fix wrong removal of the just generated container dir
This PR was merged into the 4.3 branch.
Discussion
----------
[Routing] fix route loading with wildcard, but dir or file is empty
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no ticket i see so far
| License | MIT
In my route config i have something like:
```yaml
empty_wildcard:
resource: ../controller/empty_wildcard/*
prefix: /empty_wildcard
```
But ``empty_wildcard`` is empty or has no route configured.
So i had this error:
``Call to a member function addPrefix() on null``
This PR take care if no route is configured, there will be no error.
Commits
-------
217058b475 [Routing] fix route loading with wildcard, but dir or file is empty
This PR was merged into the 4.3 branch.
Discussion
----------
[Routing] fix route loading with wildcard, but dir or file is empty
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no ticket i see so far
| License | MIT
In my route config i have something like:
```yaml
empty_wildcard:
resource: ../controller/empty_wildcard/*
prefix: /empty_wildcard
```
But ``empty_wildcard`` is empty or has no route configured.
So i had this error:
``Call to a member function addPrefix() on null``
This PR take care if no route is configured, there will be no error.
Commits
-------
217058b475 [Routing] fix route loading with wildcard, but dir or file is empty
* 4.4:
[DI] add `LazyString` for lazy computation of string values injected into services
[Dotenv] allow LF in single-quoted strings
Replace STDIN by php://stdin
[Yaml] Throw exception for tagged invalid inline elements
[Mailer] Fix Mandrill Transport API payload with named addresses
[HttpClient] improve StreamWrapper
* 4.3:
[Dotenv] allow LF in single-quoted strings
[Yaml] Throw exception for tagged invalid inline elements
[Mailer] Fix Mandrill Transport API payload with named addresses
This PR was merged into the 3.4 branch.
Discussion
----------
[Dotenv] allow LF in single-quoted strings
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
in a shell:
```sh
FOO='bar
baz'
```
is legal to set a value to (in PHP):
```php
"bar\nbaz"
```
Commits
-------
4d79116a0d [Dotenv] allow LF in single-quoted strings
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] Throw exception for tagged invalid inline elements
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
At the moment the result for `!foo 'don't do somthin' like that'` is a `TaggedValue` with value "don".
Commits
-------
bed479c561 [Yaml] Throw exception for tagged invalid inline elements
This PR was merged into the 4.4 branch.
Discussion
----------
Replace STDIN by php://stdin
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`STDIN` is SAPI-dependent.
Commits
-------
365d02be77 Replace STDIN by php://stdin
* 4.4:
extend legacy exception for backwards compatibility
[HttpClient] workaround curl_multi_select() issue
[CI] fix building local packages
Add show-deprecations option to lint:twig command
[HttpClient] try using php-http/discovery when nyholm/psr7 is not installed
[FrameworkBundle] Improve the sorting of tagged services
[HttpClient] add HttpClient::createForBaseUri()
Increase limits for flakey appveyor tests
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] add HttpClient::createForBaseUri()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I've seen ppl use `HttpClient::create()` with default `base_uri` & `auth_bearer`. That's a security risk as the bearer would be sent to any hosts that the client requests.
Instead, ppl should use `ScopingHttpClient`.
The new method should help to discover and use it.
Commits
-------
1aa9a118d6 [HttpClient] add HttpClient::createForBaseUri()
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] Added test for replaceMatches
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33905
| License | MIT
| Doc PR |
Added test for String:replaceMatches
Commits
-------
1cbbddd4a9 [String] Added test for replaceMatches
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Improve the sorting of tagged services
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/33716
| License | MIT
| Doc PR | -
Little DX improvement, to sort the tags inside each service tagged.
More details in linked issue.
Commits
-------
f892289351 [FrameworkBundle] Improve the sorting of tagged services
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] wrap(): test and fix
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs/pull/12440
Commits
-------
015b81a2f5 [String] wrap(): test and fix
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] try using php-http/discovery when nyholm/psr7 is not installed
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In case one has `php-http/discovery`, we can leverage it...
Commits
-------
6e0cb581a1 [HttpClient] try using php-http/discovery when nyholm/psr7 is not installed
* 4.4:
fix PHP 5.6 compatibility
[Cache] fixed TagAwareAdapter returning invalid cache
Add plus character `+` to legal mime subtype
Make Symfony\Contracts\Service\Test\ServiceLocatorTest abstract
bug #33942 [DI] Add extra type check to php dumper
[Dotenv] search variable values in ENV first then env file
[PropertyInfo] Respect property name case when guessing from public method name
[VarDumper] fix resetting the "bold" state in CliDumper
Missing argument in method_exists
SCA: added missing break in a loop
* 4.3:
fix PHP 5.6 compatibility
[Cache] fixed TagAwareAdapter returning invalid cache
Add plus character `+` to legal mime subtype
Make Symfony\Contracts\Service\Test\ServiceLocatorTest abstract
bug #33942 [DI] Add extra type check to php dumper
[Dotenv] search variable values in ENV first then env file
[PropertyInfo] Respect property name case when guessing from public method name
[VarDumper] fix resetting the "bold" state in CliDumper
Missing argument in method_exists
SCA: added missing break in a loop
* 3.4:
fix PHP 5.6 compatibility
[Cache] fixed TagAwareAdapter returning invalid cache
[PropertyInfo] Respect property name case when guessing from public method name
This PR was squashed before being merged into the 4.4 branch (closes#33967).
Discussion
----------
[Mailer] Add Message-Id to SentMessage when sending an email
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes-ish
| New feature? | yes-ish as well
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | fixes#33681
| License | MIT
| Doc PR | -
This adds `SentMessage::getMessageId()` to retrieve the message id as generated internally OR by the provider sending the email.
Commits
-------
d97d1f9bb4 [Mailer] Fix Message ID for Postmark SMTP
b42c269760 Add Message-Id to SentMessage when sending an email
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer][CSV] Add context options to handle BOM
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33684
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12461
This allows BOM handling in en/decoded CSV files. To keep current behaviour intact both skipping BOM at the beginning of the CSV and outputting BOM are an opt-in feature.
Personally I'd propose to make `SKIP_INPUT_BOM` default to `false` in 5.0 so the BOM is transparent and people that for some reasons expect BOM characters to be present in the parsed text explicitly opt-out of trimming it.
Commits
-------
3eb36684d8 Add context options to handle BOM
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] Respect property name case when guessing from public method name
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#32656
| License | MIT
| Doc PR |
Using camelCase, with an attribute `$aFooBar`, naming the getter/setter `getAFooBar()`/`setAFooBar()`, returns the property name as AFooBar instead of aFooBar.
# Before
Property name `'AFooBar'`
# After
Property name `'aFooBar'` as expected
Commits
-------
843bb76f8a [PropertyInfo] Respect property name case when guessing from public method name
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] resolve promise chains on HttplugClient::wait()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#32142
| License | MIT
| Doc PR | -
Follow up of #33743
Right now, keeping a reference to promise objects returned by `HttplugClient::sendAsyncRequest()`, then calling their `wait()` method is the only way to actually resolve the promises. That's why when these promises are destructed, we cancel the corresponding HTTP request.
But thanks to the `HttplugClient::wait()` method, we have a hook to tick the event loop managed by the Symfony client.
I added a test case to run into this situation.
~It fails currently. I'd like asking @joelwurtz, @dbu and/or maybe @Nyholm if you could have a look and finish this PR? I'm not that familiar with promises and you might get faster and better to the goal. Anyone else is welcome also of course. Thank you for having a look :) PR welcome on my fork or as a separate one on this repos.~
Commits
-------
ea0be07a33 [HttpClient] resolve promise chains on HttplugClient::wait()
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] fix 2RTT + race condition in AbstractTagAwareAdapter::deleteItems()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A final improvement to `AbstractTagAwareAdapter::deleteItems()`: this PR makes `deleteItems()` operate in 1RTT instead of 2.
Commits
-------
0613c227ec [Cache] fix 2RTT + race condition in AbstractTagAwareAdapter::deleteItems()
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fixed TagAwareAdapter returning invalid cache
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33953
| License | MIT
| Doc PR |
This PR fixes `TagAwareAdapter` returning `CacheItem` when item-tags pair is missing tag key in pool. Currently `TagAwareAdapter` returns `CacheItem` with empty tags and `isHit` set to `true`. With this PR it returns `CacheItem` with `isHit` set to `false` as we can't know if item is valid or invalid when it's missing tag entry so we treat it as cache miss.
Commits
-------
946f0a1e11 [Cache] fixed TagAwareAdapter returning invalid cache
This PR was merged into the 4.3 branch.
Discussion
----------
Make Symfony\Contracts\Service\Test\ServiceLocatorTest abstract
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #33946
| License | MIT
Commits
-------
c2dd804a24 Make Symfony\Contracts\Service\Test\ServiceLocatorTest abstract
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] Add extra type check to php dumper
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33942
| License | MIT
| Doc PR
This PR adds a missing type check in the PHP Dumper. The bug has been detected while working on the https://github.com/prooph/service-bus-symfony-bundle and I haven't been able to reproduce it within a minimalist testcase.
I would like to add a unit test to cover it once I have figured out the exact context in which the bug occurs.
Any help would be greatly appreciated to do so, especially from "senior" contributors of the DependencyInjection component, many thanks in advance!
You will find more information about this bug in the linked ticket above.
Commits
-------
b17ebdf081 bug #33942 [DI] Add extra type check to php dumper
* 3.4:
Add plus character `+` to legal mime subtype
[Dotenv] search variable values in ENV first then env file
[VarDumper] fix resetting the "bold" state in CliDumper
SCA: added missing break in a loop
This PR was merged into the 4.4 branch.
Discussion
----------
[Mailer] added ReplyTo option for PostmarkApiTransport
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Supports "ReplyTo" option with Postmark transport
Commits
-------
d49a7387de [Mailer] added ReplyTo option for PostmarkApiTransport
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Rework fatal errors
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32605
| License | MIT
| Doc PR | -
Built on top of https://github.com/symfony/symfony/pull/33038 so review only the second commit : d5c3f7ed48
The goals of this PR is to replace current "fatal error handlers" with "error enhancers" since all our current fatal error handlers works on \Error since PHP7.
That means we won't use the FatalErrorException anymore, so we will be able to remove it (once we don't need it in the rest of the codebase).
The final goal btw is to handle \Throwable everywhere in the code so we can remove FatalThrowableError & FatalErrorException classes.
Commits
-------
aaa0cdf523 [ErrorHandler] Rework fatal error handlers
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] add TagAwareMarshaller to optimize data storage when using AbstractTagAwareAdapter
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #33924
| License | MIT
| Doc PR | -
This is the final touch in my series of PR that fixes the linked issue.
Remarkably, the solutions I implemented for this issue are completely different than the one I described there. Fortunately, the issues themselves were correctly identified.
Plannification of implementation is gambling :)
/cc @andrerom
Commits
-------
5a4a30c6ef [Cache] add TagAwareMarshaller to optimize data storage when using AbstractTagAwareAdapter
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] add $lastGlue argument to join() methods
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
An idea that came when reviewing https://github.com/symfony/symfony-docs/pull/12440
Commits
-------
714d6290df [String] add $lastGlue argument to join() methods
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] fix resetting the "bold" state in CliDumper
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
21645a5b96 [VarDumper] fix resetting the "bold" state in CliDumper
This PR was merged into the 4.4 branch.
Discussion
----------
[Mime] added image/svg MIME support
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33909
| License | MIT
| Doc PR |
Added `image/svg` MIME type to `svg` extension.
More @#33909.
Commits
-------
015eb6625c added image/svg MIME support
* 4.3:
[Cache] ignore unserialization failures in AbstractTagAwareAdapter::doDelete()
[HttpClient] send `Accept: */*` by default, fix removing it when needed
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] ignore unserialization failures in AbstractTagAwareAdapter::doDelete()
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Making things more robust, part of #33924
Commits
-------
a1f334c1b7 [Cache] ignore unserialization failures in AbstractTagAwareAdapter::doDelete()
* 4.4: (26 commits)
cs fix
[Validator] sync NO and NB translations
[Cache] improve perf of pruning for fs-based adapters
[Cache] cs fix
[Cache] clean tags folder on invalidation
[Cache] remove implicit dependency on symfony/filesystem
Allow to set cookie_samesite to 'none'
[Dotenv] support setting default env var values
[VarDumper] fix array key error for class SymfonyCaster
[Cache] Improve RedisTagAwareAdapter invalidation logic & requirements
Adds missing translations for no nb
[HttpKernel] fix $dotenvVars in data collector
Add the missing translations for the Swedish ("sv") locale
Prevent ProgressBar redraw when message is same
[DI] enable improved syntax for defining method calls in Yaml
bumped Symfony version to 4.3.6
updated VERSION for 4.3.5
updated CHANGELOG for 4.3.5
bumped Symfony version to 3.4.33
updated VERSION for 3.4.32
...
* 4.3:
[Cache] clean tags folder on invalidation
[Cache] remove implicit dependency on symfony/filesystem
Allow to set cookie_samesite to 'none'
[VarDumper] fix array key error for class SymfonyCaster
Adds missing translations for no nb
[HttpKernel] fix $dotenvVars in data collector
Add the missing translations for the Swedish ("sv") locale
bumped Symfony version to 4.3.6
updated VERSION for 4.3.5
updated CHANGELOG for 4.3.5
bumped Symfony version to 3.4.33
updated VERSION for 3.4.32
update CONTRIBUTORS for 3.4.32
updated CHANGELOG for 3.4.32
[Messenger] DoctrineTransport: ensure auto setup is only done once
[Form][DateTimeImmutableToDateTimeTransformer] Preserve microseconds and use \DateTime::createFromImmutable() when available
[Crawler] document $default as string|null
* 3.4:
Adds missing translations for no nb
Add the missing translations for the Swedish ("sv") locale
bumped Symfony version to 3.4.33
updated VERSION for 3.4.32
update CONTRIBUTORS for 3.4.32
updated CHANGELOG for 3.4.32
This PR was merged into the 4.3 branch.
Discussion
----------
Allow to set SameSite config to 'none'
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33926
| License | MIT
| Doc PR | -
Commits
-------
eec7e8cc61 Allow to set cookie_samesite to 'none'
This PR was merged into the 4.4 branch.
Discussion
----------
[EventDispatcher] Allow to omit the event name when registering listeners
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33453 (kind of)
| License | MIT
| Doc PR | TODO
After #30801 and #33485, this is another attempt at taking advantage of FQCN events for simplifying the registration of event listeners by inferring the event name from the parameter type declaration of the listener. This is my last attempt, I promise. 🙈
This time, I'd like to make the `event` attribute of the `kernel.event_listener` tag optional. This would allow us to build listeners like the following one without adding any attributes to the `kernel.event_listener` tag.
```php
namespace App\EventListener;
final class MyRequestListener
{
public function __invoke(RequestEvent $event): void
{
// do something
}
}
```
This in turn allows us to register a whole namespace of such listeners without having to configure each listener individually:
```YAML
services:
App\EventListener\:
resource: ../src/EventListener/*
tags: [kernel.event_listener]
```
Commits
-------
6f32584c76 [EventDispatcher] Allow to omit the event name when registering listeners.
This PR was merged into the 4.3 branch.
Discussion
----------
[Form][DateTimeImmutableToDateTimeTransformer] Preserve microseconds and use \DateTime::createFromImmutable() when available
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
For PHP >= 7.3, we should use [\DateTime::createFromImmutable()](https://www.php.net/manual/en/datetime.createfromimmutable.php) directly.
This patch also preserves the `\DateTime` microseconds when the conversion is done with `\DateTime::createFromFormat()`.
Commits
-------
dfa23034c3 [Form][DateTimeImmutableToDateTimeTransformer] Preserve microseconds and use \DateTime::createFromImmutable() when available
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Improve RedisTagAwareAdapter invalidation logic & requirements
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes, _and improvment_
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR |
Changes logic of invalidation in RedisTagAwareAdapter in order to:
- Delete the tag key on invalidation => _avoiding possible left behind empty tag keys that Redis is not allowed to evict, gradually consuming more and more memory_
Positive side effects of no longer using sPOP:
- Lowered requirements to Redis 2.8, and no specific version constraint for phpredis
- Lift limitation of 2 billion keys per tag _(Now only limited by Redis Set datatype: 4 billion)_
Commits
-------
3d38c58b42 [Cache] Improve RedisTagAwareAdapter invalidation logic & requirements
This PR was squashed before being merged into the 4.4 branch (closes#33884).
Discussion
----------
Prevent ProgressBar redraw when message is same
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This PR prevents ProgressBar from performing unnecessary redrawes if new output is same as current one. This is mostly useful when working with multiple progress bars. Same behavior can enforced by carefully setting redraw frequency, but I don't see any downsides for smarter redrawing by default.
This can be moved to `if ($this->overwrite)` if necessary, so it's applied only in case overwriting is enabled.
Commits
-------
78b515f049 Prevent ProgressBar redraw when message is same
This PR was merged into the 4.3 branch.
Discussion
----------
[Crawler] document $default as string|null
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This has been introduced in 4.3
Commits
-------
e96add4787 [Crawler] document $default as string|null
This PR was squashed before being merged into the 4.3 branch (closes#32308).
Discussion
----------
[Messenger] DoctrineTransport: ensure auto setup is only done once
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? |no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Setup is done for every invocation of `get`, `find`, and `findAll`.
For `get`, this causes message consumption to be very slow, as slow as 1 message per second on my moderately sized schema, because a schema diff is done in `setup` every `get`.
I'm not sure what the desired behaviour is here, but it seems like we should try performing a query, fail once, `setup`, and retry. This will the same approach taken by the PDO Cache.
However, we still need auto setup in `get`, as `get` starts a transaction, so the auto setup in `executeQuery` won't be called.
Further more, the same problem seems to exist for the AMPQ Transport, but the performance impact should be less there, but i have not tried.
Commits
-------
02414027e1 [Messenger] DoctrineTransport: ensure auto setup is only done once
* 4.4:
[travis] Fix build-packages script
Add types to constructors and private/final/internal methods (Batch III)
[HttpClient] Async HTTPlug client
[Messenger] Allow to configure the db index on Redis transport
[HttpClient] bugfix exploding values of headers
[VarDumper] Made all casters final
[VarDumper] Added a support for casting Ramsey/Uuid
Remove useless testCanCheckIfTerminalIsInteractive test case
[Validator] Add the missing translations for the Thai (\"th\") locale
[Routing] gracefully handle docref_root ini setting
[Validator] Fix ValidValidator group cascading usage
* 4.3:
[travis] Fix build-packages script
[HttpClient] bugfix exploding values of headers
Remove useless testCanCheckIfTerminalIsInteractive test case
[Validator] Add the missing translations for the Thai (\"th\") locale
[Routing] gracefully handle docref_root ini setting
[Validator] Fix ValidValidator group cascading usage
* 3.4:
[travis] Fix build-packages script
Remove useless testCanCheckIfTerminalIsInteractive test case
[Validator] Add the missing translations for the Thai (\"th\") locale
[Validator] Fix ValidValidator group cascading usage
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Console] Replace posix_isatty with cross-platform, always available stream_isatty
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
stream_isatty is always available since PHP 7.2, which is the minimal version required for Symfony 5.0, so we can remove usages of old, not cross-platform compatible `posix_isatty`
DeprecationErrorHandler left out, since AFAIK it's still meant to be compatible with PHP 5.5
Commits
-------
c9b8b046a7 Replace posix_isatty with cross-platform, always available stream_isatty
This PR was squashed before being merged into the 4.4 branch (closes#33770).
Discussion
----------
Add types to constructors and private/final/internal methods (Batch III)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #32179, #33228
| License | MIT
| Doc PR | N/A
Followup to #33709, this time with:
* Validator
* VarDumper
* Workflow
* Yaml
* all bridges
* all bundles
That should be the final batch. 😃
Commits
-------
6493902287 Add types to constructors and private/final/internal methods (Batch III)
This PR was squashed before being merged into the 4.4 branch (closes#33743).
Discussion
----------
[HttpClient] Async HTTPlug client
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33710, Fix#32142
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12389
This PR removes `HttplugClient`'s dependency on `Psr18Client`. It will also add an `HttplugPromise` to make sure we sure we respect the Httplug's `HttpAsyncClient` interface.
It implements `HttpAsyncClient::sendAsyncRequest()` and provides two extensions:
- `HttplugPromise::cancel()` allows cancelling a promise (and the underlying response)
- `HttplugClient::wait()` allows to tick the promise pool, with configurable timeouts.
Commits
-------
4fd593f869 [HttpClient] Async HTTPlug client
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] renamed core classes to Byte/CodePoint/UnicodeString
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In #33553 there have been discussions about the naming of the classes - eg. "what's a grapheme", "why `Utf8String`", "lowercase on binary is weird", etc.
What about these names? Would they get your votes *vs* the current ones?
- `BinaryString` -> `ByteString`
- `Utf8String` -> `CodePointString`
- `GraphemeString` -> `UnicodeString`
Commits
-------
63c105d406 [String] renamed core classes to Byte/CodePoint/UnicodeString
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Allow to configure the db index on Redis transport
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33724
| License | MIT
| Doc PR | todo
Quite useful for testing.
Commits
-------
115a9bbeda [Messenger] Allow to configure the db index on Redis transport
This PR was squashed before being merged into the 4.3 branch (closes#33871).
Discussion
----------
[HttpClient] bugfix exploding values of headers
| Q | A
| ------------- | ---
| Branch? | 4.3 for bug fixes
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I tried to use CachingHttpClient yesterday and I received an error.
```
explode() expects parameter 2 to be string, array given
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\HttpClientTrait.php:200
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\HttpClientTrait.php:131
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\HttpClientTrait.php:45
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\CurlHttpClient.php:105
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpClientKernel.php:54
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpCache\SubRequestHandler.php:85
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpCache\HttpCache.php:477
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpCache\HttpCache.php:450
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpCache\HttpCache.php:347
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpKernel\HttpCache\HttpCache.php:222
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\CachingHttpClient.php:96
C:\PROJEKTY\PHPStorm\symfony\src\Symfony\Component\HttpClient\Tests\CachingHttpClientTest.php:34
```
This PR fix this.
Commits
-------
5cd8895c67 [HttpClient] bugfix exploding values of headers
This PR was squashed before being merged into the 4.4 branch (closes#33881).
Discussion
----------
[VarDumper] Added a support for casting Ramsey/Uuid
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
I worked on a project using ramsey/uuid and I noticed a dumped uuid does
not contain the uuid. So here we go :)
(Note: don't get me wrong, I still do not recommend this lib)
---
Before / After:
Commits
-------
99247bbd47 [VarDumper] Added a support for casting Ramsey/Uuid
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fix ValidValidator group cascading usage
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`$this->context->getGroup()` returns `string` or `null`.
`ContextualValidatorInterface::validate()` 3rd argument accepts an array but it must not contain `null` (its contract doesn't allow it). If it does, it will fail in `RecursiveContextualValidator::validateInGroup()` for example because of the `string` scalar type on the `$group` argument. (on 4.4)
Note that in our "common" usage of the `Valid` constraint, the group in its validator will never be `null` because this constraint has a special treatment. However, if this validator is reused in a custom way, it can fail.
Commits
-------
72684b001c [Validator] Fix ValidValidator group cascading usage
* 4.4: (27 commits)
[Validator] add notice in UPGRADE file for new Range constraint option
[CssSelector] Support *:only-of-type pseudo class selector
[Intl] Update the ICU data to 65.1 (4.4 branch)
[Intl] Update the ICU data to 65.1 (4.3 branch)
Replace deprecated calls in tests
[Intl] Update the ICU data to 65.1
Delete 5_Security_issue.md
[DI] Whitelist error_renderer.renderer tag in UnusedTagsPass
[DI] Whitelist validator.auto_mapper in UnusedTagsPass
Update CHANGELOG.md
[HttpClient] Fixed#33832 NO_PROXY option ignored in NativeHttpClient::request() method
[EventDispatcher] A compiler pass for aliased userland events.
[Cache] give 100ms before starting the expiration countdown
[Cache] fix logger usage in CacheTrait::doGet()
[VarDumper] fix dumping uninitialized SplFileInfo
Added missing translations.
[Form] Added CountryType option for using alpha3 country codes
Fixed invalid changelog 4.0.0 for VarDumper
[Workflow] Fixed BC break on WorkflowInterface
Fix wrong expression language value
...
This PR was merged into the 4.4 branch.
Discussion
----------
[Intl] Update the ICU data to 65.1 (4.4 branch)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Followup for #33862
| License | MIT
| Doc PR | -
Commits
-------
5b2da724d7 [Intl] Update the ICU data to 65.1 (4.4 branch)
This PR was squashed before being merged into the 5.0-dev branch (closes#33868).
Discussion
----------
Skip the intl notice if run with phpunit
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Re #33825
| License | MIT
| Doc PR | -
Commits
-------
25461b358c Skip the intl notice if run with phpunit
This PR was squashed before being merged into the 3.4 branch (closes#33844).
Discussion
----------
[Validator] Add the missing translations for the Thai ("th") locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30191
| License | MIT
| Doc PR |
I have added the missing translations for the Thai.
Also fixed a typo on trans-unit id=54.
Commits
-------
2315be85d8 [Validator] Add the missing translations for the Thai (\"th\") locale
* 4.3:
[Intl] Update the ICU data to 65.1 (4.3 branch)
Replace deprecated calls in tests
[Intl] Update the ICU data to 65.1
Delete 5_Security_issue.md
[DI] Whitelist validator.auto_mapper in UnusedTagsPass
[HttpClient] Fixed#33832 NO_PROXY option ignored in NativeHttpClient::request() method
[Cache] give 100ms before starting the expiration countdown
[Cache] fix logger usage in CacheTrait::doGet()
[VarDumper] fix dumping uninitialized SplFileInfo
Added missing translations.
Fixed invalid changelog 4.0.0 for VarDumper
Fixed invalid VarDumper upgrade doc.
[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
Don't let falsey usernames slip through
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] give 100ms before starting the expiration countdown
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#31573, Fix#33837
| License | MIT
| Doc PR | -
Because the expiration count-down starts immediately after calling `CachItem::expiresAfter(N)`, it's impossible to actually cache items for more than `N-1` seconds.
This PR adds a 0.1s grace period so that backends that have a second-level resolution can store the items for `N` seconds, provided the time between calling `CachItem::expiresAfter(N)` and saving the value to the backend is lower than 0.1s.
This PR also fixes the calculation of the computation time in `ContractsTrait`.
Commits
-------
ba63e181fd [Cache] give 100ms before starting the expiration countdown
* 3.4:
[Intl] Update the ICU data to 65.1
[VarDumper] fix dumping uninitialized SplFileInfo
Added missing translations.
Fixed invalid VarDumper upgrade doc.
[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
Don't let falsey usernames slip through
This PR was merged into the 3.4 branch.
Discussion
----------
[Intl] Update the ICU data to 65.1
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33548
| License | MIT
| Doc PR | -
Commits
-------
5cc9811fa9 [Intl] Update the ICU data to 65.1
This PR was merged into the 5.0-dev branch.
Discussion
----------
[FrameworkBundle] encourage installing intl when String is available
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
215595be5a [FrameworkBundle] encourage installing intl when String is available
This PR was merged into the 4.4 branch.
Discussion
----------
[Validator] Fix wrong expression language value
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
766162c4c7/src/Symfony/Component/Validator/Constraints/ExpressionValidator.php (L28)
```php
(new ExpressionValidator($propertyAccessor))->validate($object, $constraint);
```
Based on the previous method signature (4.3 above), that code would result in an exception in 4.4:
```
Call to undefined method Symfony\Component\PropertyAccess\PropertyAccessor::evaluate()
```
Spotted by @fancyweb in https://github.com/symfony/symfony/pull/33829#discussion_r330995572
Fixed here and updated test case to avoid regression.
Commits
-------
4288f1c9f9 Fix wrong expression language value
This PR was squashed before being merged into the 4.4 branch (closes#33791).
Discussion
----------
[Form] Added CountryType option for using alpha3 country codes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#20313
| License | MIT
| Doc PR | -
In the linked issue #20313 was a proposal to add an alpha3 option to the country type.
Here it is..
Hopefully I've made no mistake, so when the code is fine, I will create a documentation PR.. :-)
Commits
-------
d07f5a33db [Form] Added CountryType option for using alpha3 country codes
I changed CHANGELOG.md to reflect actual changes in the code. The third argument is called $filter, not $context. This mistake was propageted to UPGRADE-4.0.md. I fixed that in https://github.com/symfony/symfony/pull/33821
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Inherit Throwable in HttpExceptionInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| **BC BREAKS?**| **YES**
| Tickets | n/a
| License | MIT
| Doc PR | n/a
When using a static analysis tools, it is not possible to do this:
```php
if ($exception instanceof HttpExceptionInterface) {
$exception->getStatusCode();
$exception->getHeaders();
$exception->getMessage(); // ❌ Will fail here
}
```
This is due to `getMessage()` not being a method declared in `HttpExceptionInterface`. Since Symfony now requires PHP 7.1+ to run, it is safe to inherit from the `Throwable` interface (added in PHP 7.0).
### About backward compatibility
Adding new methods to `HttpExceptionInterface` [breaks BC](https://symfony.com/doc/current/contributing/code/bc.html#changing-interfaces), however this interface shouldn't be used on a class other than an exception, so this shouldn't affect much code.
### About tests
I'm not sure this really needs tests, but maybe I'm wrong? Tell me what to test if you think this is required.
Commits
-------
2ac3fbf232 Inherit Throwable in HttpExceptionInterface
This PR was merged into the 3.4 branch.
Discussion
----------
[Security]: Don't let falsy usernames slip through impersonation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you try to impersonate users with a falsy username, `SwitchUserListener::handle()` would `return;` and impersonation would fail.
I'm using a third party OAuth provider that allows users to change their usernames with no guaranteed protection against re-use. To overcome that issue, I implemented `UserLoaderInterface::loadUserByUsername()` and query by a `providerId`.
After loading development fixtures, One user has `0` as it's `providerId`.
Commits
-------
64aecab0a7 Don't let falsey usernames slip through
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] added Ability to define a priority method for tagged service
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#32976
| License | MIT
| Doc PR |
Commits
-------
c1917c2999 [DependencyInjection] added Ability to define a priority method for tagged service
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Workflow] Fixed default marking store value of Workflow
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33749
| License | MIT
| Doc PR |
Commits
-------
a2330b7a90 [Workflow] Fixed default marking store value of Workflow
* 4.4: (24 commits)
[Console] Command::execute() should always return int - deprecate returning null
[FrameworkBundle] Fix wrong returned status code in ConfigDebugCommand
[AnnotationCacheWarmer] add RedirectController to annotation cache
[WebProfilerBundle] Try to display the most useful panel by default
Add note about deprecating the XmlEncoder::TYPE_CASE_ATTRIBUTES constant in the upgrade guide
fix merge
[DI] add tests loading calls with returns-clone
[DI] dont mandate a class on inline services with a factory
Fixed Redis Sentinel usage when only one Sentinel specified
[EventDispatcher] Added tests for aliased events.
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
Deprecate the XmlEncoder::TYPE_CASE_ATTRIBUTES constant
[Mailer] Tweak some code
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[WebserverBundle] Remove duplicated deprecation message
remove duplicated test
[Security/Http] fix parsing X509 emailAddress
[FrameworkBundle] conflict with VarDumper < 4.4
...
- added deprecation message for non-int return value in Command::execute()
- fixed all core commands to return proper int values
- added proper return type-hint to Command::execute() method in all core Commands
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] Add CSV env var processor tests / support PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Similar as #32051
Commits
-------
82f341864c [DI] Add CSV env var processor tests
This PR was merged into the 4.3 branch.
Discussion
----------
[EventDispatcher] Added tests for aliased events
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
While working on #33793 I discovered that I could remove the event alias feature of `RegisterListenersPass` without breaking the component's tests. This PR adds the missing tests.
Commits
-------
8e8a6ed99b [EventDispatcher] Added tests for aliased events.
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Serializer] Remove XmlEncoder::TYPE_CASE_ATTRIBUTES constant
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | not really
| Deprecations? | yes (well, sort of)
| Tickets | N/A
| License | MIT
| Doc PR | N/A
There is a small typo in the `XmlEncoder` constant. This can only be fixed in the master branch for Symfony 5 as it is a breaking change. I'm not sure if it's possible to deprecate the usage of the old constant name in 4.4? As the constant just resolves to a string, there is no way of determining if someone used the constant or not (a quick search on Github, I can't find any direct usages of the constant outside of this class)
Commits
-------
001d0f1693 Remove XmlEncoder::TYPE_CASE_ATTRIBUTES constant
This PR was merged into the 4.4 branch.
Discussion
----------
[WebProfilerBundle] Try to display the most useful panel by default
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
Alternative to https://github.com/symfony/symfony/pull/32491, the goal stays the same.
I think reserving a data collector name is fine, isn'it ? It's not likely that end users use this name (that's why I added an underscore) + shouldn't be hard for them to just rename it.
I don't think adding a configuration option to toggle the "_best" behavior is useful, should be by default for DX IMHO.
Not adding an extension point for now (for end users to set their panel as the "best"), maybe later if someone request it?
Commits
-------
a45dd98b73 [WebProfilerBundle] Try to display the most useful panel by default
This prevents to exclude the RedirectController from the warmed annotation cache which would lead to warnings when trying to use the warmed cache on read only file systems
See #29357
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] dont mandate a class on inline services with a factory
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This check is too strict, useless and boring for inline services :)
Commits
-------
a2665d17cd [DI] dont mandate a class on inline services with a factory
* 4.3:
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[Security/Http] fix parsing X509 emailAddress
[Serializer] fix denormalization of string-arrays with only one element #33731
[Cache] fix known tag versions ttl check
* 3.4:
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[Security/Http] fix parsing X509 emailAddress
[Serializer] fix denormalization of string-arrays with only one element #33731
[Cache] fix known tag versions ttl check
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Fixed Redis Sentinel usage when only one Sentinel specified
Added check for $params['redis_sentinel'] to line 274, as by converting the array of hosts to a single host configuration (as you might in a test environment), this causes the class to initialise incorrectly.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33796
| License | MIT
| Doc PR |
As from Issue #33796
In a Redis Sentinel setup, if only a single Redis Sentinel, or multiple Sentinels with the same host/port are specified (as we're currently doing in a test environment), then the call to `setSentinelTimeout` in `RedisTrait.php` throws an exception, as the wrong interface appears to be initialised as a result.
Adding a check for the `redis_sentinel` parameter, as was done with a check for the `redis_cluster` parameter, avoids this, and the Redis Client is initialised correctly.
Commits
-------
13233fcd8e Fixed Redis Sentinel usage when only one Sentinel specified
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] wrap compilation of the container in an opportunistic lock
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
https://github.com/symfony/symfony/pull/32764#issuecomment-516924305
This PR adds a lock around the compilation of the container. When two or more concurrent requests want to compile the container, the first one runs the computation and the others wait for its completion. If for any reasons the lock doesn't work, compilation happens as usual.
The effect is visible when developing locally:
Here is what all concurrent requests consume now:
And here is what they will consume with this PR (they wait but reuse the just compiled container):
Commits
-------
0b5b3ed7f9 [HttpKernel] wrap compilation of the container in an opportunistic lock
Added check for $params['redis_sentinel'] to line 274, as by converting the array of hosts to a single host configuration (as you might in a test environment), this causes the class to initialise incorrectly.
This PR was squashed before being merged into the 3.4 branch (closes#33777).
Discussion
----------
Fix the :only-of-type pseudo class selector
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33773
| License | MIT
| Doc PR | -
Commits
-------
c2a9bf08f1 Fix the :only-of-type pseudo class selector
This PR was squashed before being merged into the 3.4 branch (closes#32051).
Discussion
----------
[Serializer] Add CsvEncoder tests for PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? |no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Some CSV encoder tests to show the broken behavior of a trailing slash. Spotted in #31867, not sure what to do with it :)
Commits
-------
760354d533 [Serializer] Add CsvEncoder tests for PHP 7.4
This PR was merged into the 3.4 branch.
Discussion
----------
Copy phpunit.xsd to a predictable path
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes-ish
| Deprecations? | no
| Tickets | https://github.com/symfony/recipes/pull/652#discussion_r329446277
| License | MIT
| Doc PR | -
In symfony/recipes#652 I would like to make Flex create the `phpunit.xml.dist` file with a local URI for the `phpunit.xsd`. This is doable when using `phpunit/phpunit` standalone because the path to the XSD file is known. This PR aims to allow doing this when using the PHPUnit Bridge, which installs PHPUnit in a path that might change.
Is is simple `@copy()` call ok? Should I add some error handling?
Commits
-------
233dcb4b75 Copy phpunit.xsd to a predictable path
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] fix denormalization of string-arrays with only one element
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |no
| Deprecations? |no
| Tickets | Fix#33731
| License | MIT
| Doc PR |
This PR does almost the same as ac70edf8cd, just not only for arrays of objects.
Commits
-------
8814751b96 [Serializer] fix denormalization of string-arrays with only one element #33731
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] improve AbstractUnicodeString::ascii() fallback logic
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`any-latin/bgn` is a better default when available, and accepting `\Transliterator` instances allows the consumer code to decide how they are instantiated.
Commits
-------
59069626fd [String] improve AbstractUnicodeString::ascii() fallback logic
This PR was merged into the 4.4 branch.
Discussion
----------
[VarDumper] Output the location of calls to dump()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not tested yet
| Fixed tickets | #30830
| License | MIT
| Doc PR |
see #30830
Commits
-------
f0a59d3eab [VarDumper] Output the location of calls to dump()
* 4.4:
sync phpunit script with master
[HttpFoundation] allow additinal characters in not raw cookies
[Console] Deprecate abbreviating hidden command names using Application->find()
Do not include hidden commands in suggested alternatives
[Messenger] Improve error message when routing to an invalid transport (closes#31613)
[DependencyInjection] Fix wrong exception when service is synthetic
[Security] add "anonymous: lazy" mode to firewalls
This PR was merged into the 4.4 branch.
Discussion
----------
[DX][Messenger] Improve error message when routing to an invalid transport
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31613
| License | MIT
| Doc PR | -
Commits
-------
7909092891 [Messenger] Improve error message when routing to an invalid transport (closes#31613)
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] add "anonymous: lazy" mode to firewalls
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#26769 et al.
| License | MIT
| Doc PR | -
Contains #33663 until it is merged.
This PR allows defining a firewall as such:
```yaml
security:
firewalls:
main:
anonymous: lazy
```
This means that the corresponding area should not start the session / load the user unless the application actively gets access to it. On pages that don't fetch the user at all, this means the session is not started, which means the corresponding token neither is. Lazily, when the user is accessed, e.g. via a call to `is_granted()`, the user is loaded, starting the session if needed.
See #27817 for previous explanations on the topic also.
Note that thanks to the logic in #33633, this PR doesn't have the drawback spotted in #27817: here, the profiler works as expected.
Recipe update pending at https://github.com/symfony/recipes/pull/649
Commits
-------
5cd1d7b4cc [Security] add "anonymous: lazy" mode to firewalls
This PR was squashed before being merged into the 3.4 branch (closes#33625).
Discussion
----------
[DependencyInjection] Fix wrong exception when service is synthetic
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #32874
| License | MIT
This fixes wrongfully thrown exception when service is defined as synthetic and some arguments are binded in _defaults
Commits
-------
152dec95bc [DependencyInjection] Fix wrong exception when service is synthetic
* 4.4:
[Form][Validator][Intl] Fix tests
[Messenger] return empty envelopes when RetryableException occurs
[Intl] Excludes locale from language codes (split localized language names)
[FrameworkBundle] WebTestCase KernelBrowser::getContainer null return type
[Intl] Fix compile type errors
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Add types to constructors and private/final/internal methods (Batch I)
[HttpFoundation] optimize normalization of headers
Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
[ErrorHandler] Forward \Throwable
Fix toolbar load when GET params are present in "_wdt" route
* 4.3:
[Form][Validator][Intl] Fix tests
[Messenger] return empty envelopes when RetryableException occurs
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Fix toolbar load when GET params are present in "_wdt" route
* 3.4:
[Form][Validator][Intl] Fix tests
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Fix toolbar load when GET params are present in "_wdt" route
This PR was squashed before being merged into the 4.3 branch (closes#32979).
Discussion
----------
[Messenger] return empty envelopes when RetryableException occurs
| Q | A
| ------------- | ---
| Branch? | 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| License | MIT
| ~~Doc PR~~ | ~~symfony/symfony-docs#12109~~
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Problem occurs when you are using more than 1 worker with Doctrine Transport.
`Symfony\Component\Messenger\Transport\Doctrine\Connection::get` does a query `SELECT ... FOR UPDATE` and this locking query could lock table and workers stops. But using locks can result in dead locks or lock timeouts. Doctrine renders these SQL errors as RetryableExceptions. These exceptions are often normal if you are in a high concurrency environment. They can happen very often and your application should handle them properly.
Commits
-------
9add32a9ca [Messenger] return empty envelopes when RetryableException occurs
This PR was merged into the 4.4 branch.
Discussion
----------
[Intl] Excludes locale from language codes (split localized language names)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #33146
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
(includes #33140)
Commits
-------
1a9f517903 [Intl] Excludes locale from language codes (split localized language names)
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] WebTestCase KernelBrowser::getContainer null return type
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #25920 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
As @stof suggested in the #25920 I started deprecating the behaviour of returning null when the container is non booted / null.
If this is not wanted we should close both the PR and the issue ;).
Commits
-------
e169e1a4d5 [FrameworkBundle] WebTestCase KernelBrowser::getContainer null return type
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Accept underscores in the URL validator, as the URL will load
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #32506
| License | MIT
| Doc PR | -
As @javiereguiluz mentioned, regardless of convention a URL with an underscore in it will load perfectly fine - so in that respect it must be valid.
Commits
-------
c9c7a1118c [Validator] Accept underscores in the URL validator as the URL will resolve correctly
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Forward \Throwable
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32605
| License | MIT
| Doc PR | -
The goal of this PR is that `ErrorHandler::handleException()` handles `\Throwable` directly and forwards it without altering it.
Commits
-------
62483ed305 [ErrorHandler] Forward \Throwable
This PR was merged into the 3.4 branch.
Discussion
----------
Fix toolbar load when GET params are present in "_wdt" route
When using a custom router that inject GET parameters, eg:
```
# services.yaml
parameters:
# Replace default url generator service
router.options.generator_base_class: Combodo\iTop\Portal\Routing\UrlGenerator
```
The path generated by the toolbar JS is HTML entity encoded which breaks the JS call (`&` becomes `&`).
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4, 4.2 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
5309e64949 Fix toolbar load when GET params are present in "_wdt" route
This PR was squashed before being merged into the 3.4 branch (closes#32925).
Discussion
----------
[Translation] Collect original locale in case of fallback translation
Before, it collected the fallback locale that was used to translate a key. But this information is confusing, as it does not reveal which translation key is missing in the requested language.
So I'd like to propose to track the "requested" locale instead, so that the Symfony profiler gives me the information in which locale the key is missing instead of which locale was used as a fallback.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In principle, this change is a BC break, but imho also a bug. It's really confusing when the Profiler tells you that it uses a translation fallback for an ID and locale that is actually translated. Took some debugging so recognize that this fallback came from another locale. If you think it's better to target 5.0, I'll update the PR.
Commits
-------
5564e149cb [Translation] Collect original locale in case of fallback translation
This PR was merged into the 4.4 branch.
Discussion
----------
[Http][DI] Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR |
Currently handling trusted ips when deploying behind some CDNs/Load balancers such as ELB is difficult because they dont have a constant IP address, its possible to overcome this as is suggested by the docs - https://symfony.com/doc/current/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly - by settings trusted proxies to `$request->server->get('REMOTE_ADDR')` - but this has to be done in code, and so becomes dangerous if you code is deployed in different environments.
This change would allow the developer to stick to providing the envvar `TRUSTED_PROXIES`, and in the environment behind a ELB set the value to the literal string `REMOTE_ADDR`, and have it replaced at run time. This way in environments that are not using ELB his app is kept safe.
I think doing this replacement in `Request:: setTrustedProxies` is the best place because it means this feature isn't exposed to other parts of the code that might call `Request::getTrustedProxies`.
Commits
-------
643c9ff257 Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] optimize normalization of headers
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I was experimenting with using maps to bypass calls to normalization functions, but that didn't lead to any significant perf improvement.
I still found this, the new call is twice as fast :)
Commits
-------
9c676d37a0 [HttpFoundation] optimize normalization of headers
* 4.4: (28 commits)
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
[Validator] Add the missing translations for the Azerbaijani locale
[HttpClient] workaround bad Content-Length sent by old libcurl
[Cache] dont override native Memcached options
Fix CS
Fix exceptions (PDOException) error code type
[ErrorHandler] fix return-type patching logic
[Messenger] Added support for `from_transport` attribute on `messenger.message_handler` tag
[ErrorHandler] don't throw deprecations for return-types by default
ensure legacy event dispatcher compatibility
ensure legacy event dispatcher compatibility
Fix return type of Process::restart().
[Cache] fail gracefully when locking is not supported
[HttpKernel] compress files generated by the profiler
tweak deprecation messages and changelog
fix version in @deprecated annotation
Use VarCloner data instead of legacy array for query params
[Security] use LegacyEventDispatcherProxy
[HttpClient] fix undefined index access
[HttpClient] fix race condition when reading response with informational status
...
* 4.3:
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
[Validator] Add the missing translations for the Azerbaijani locale
[HttpClient] workaround bad Content-Length sent by old libcurl
[Cache] dont override native Memcached options
Fix CS
Fix exceptions (PDOException) error code type
Fix return type of Process::restart().
[Cache] fail gracefully when locking is not supported
[HttpClient] fix race condition when reading response with informational status
Names for buttons should start with lowercase
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] fix race condition when reading response with informational status
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted by some transiently failing jobs on Travis.
Commits
-------
450c3c4998 [HttpClient] fix race condition when reading response with informational status
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] workaround bad Content-Length sent by old libcurl
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Issue described in https://curl.haxx.se/mail/lib-2014-01/0106.html, happens with curl 7.29 at least.
Commits
-------
b8d2496979 [HttpClient] workaround bad Content-Length sent by old libcurl
* 3.4:
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
[Validator] Add the missing translations for the Azerbaijani locale
[Cache] dont override native Memcached options
Fix return type of Process::restart().
This PR was squashed before being merged into the 3.4 branch (closes#31198).
Discussion
----------
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31197
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11465 & https://github.com/symfony/symfony-docs/pull/11466
This fixes#31197 and makes the lock configuration work with installations that are not full stack ones and configurations that use xml files.
Commits
-------
c7af2df340 [FrameworkBundle] Fix framework bundle lock configuration not working as expected
This PR was merged into the 4.4 branch.
Discussion
----------
[DoctrineBridge] Use VarCloner data instead of legacy array for query params
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR |
When I implemented Symfony 4.0 support in DoctrineBundle, I have run into issue that DoctrineBridge does not return VarCloner instance here, so I had to introduce [conversion inside DoctrineBundle](af8ac792c9/DataCollector/DoctrineDataCollector.php (L135-L141)).
We need this because `WebProfilerBundle\Twig\WebProfilerExtension::dumpData()` requires this instance since Symfony 4.0. Not returning this instance here was oversight during work on Symfony 4.0. I did not contribute this sooner, because we can't remove code in DoctrineBundle until we drop Symfony 3.4 support anyways. But not doing this in Symfony 4.4 would mean having to keep transformation code not just during 3.4 LTS lifetime, but 4.4 LTS lifetime too.
Commits
-------
81c6df511d Use VarCloner data instead of legacy array for query params
This PR was merged into the 5.0-dev branch.
Discussion
----------
[String] a new component for object-oriented strings management with an abstract unit system
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This is a reboot of #22184 (thanks @hhamon for working on it) and a generalization of my previous work on the topic ([patchwork/utf8](https://github.com/tchwork/utf8)). Unlike existing libraries (including `patchwork/utf8`), this component provides a unified API for the 3 unit systems of strings: bytes, code points and grapheme clusters.
The unified API is defined by the `AbstractString` class. It has 2 direct child classes: `BinaryString` and `AbstractUnicodeString`, itself extended by `Utf8String` and `GraphemeString`.
All objects are immutable and provide clear edge-case semantics, using exceptions and/or (nullable) types!
Two helper functions are provided to create such strings:
```php
new GraphemeString('foo') == u('foo'); // when dealing with Unicode, prefer grapheme units
new BinaryString('foo') == b('foo');
```
`GraphemeString` is the most linguistic-friendly variant of them, which means it's the one ppl should use most of the time *when dealing with written text*.
Future ideas:
- improve tests
- add more docblocks (only where they'd add value!)
- consider adding more methods in the string API (`is*()?`, `*Encode()`?, etc.)
- first class Emoji support
- merge the Inflector component into this one
- use `width()` to improve `truncate()` and `wordwrap()`
- move method `slug()` to a dedicated locale-aware service class
- propose your ideas (send PRs after merge)
Out of (current) scope:
- what [intl](https://php.net/intl) provides (collations, transliterations, confusables, segmentation, etc)
Here is the unified API I'm proposing in this PR, borrowed from looking at many existing libraries, but also Java, Python, JavaScript and Go.
```php
function __construct(string $string = '');
static function unwrap(array $values): array
static function wrap(array $values): array
function after($needle, bool $includeNeedle = false, int $offset = 0): self;
function afterLast($needle, bool $includeNeedle = false, int $offset = 0): self;
function append(string ...$suffix): self;
function before($needle, bool $includeNeedle = false, int $offset = 0): self;
function beforeLast($needle, bool $includeNeedle = false, int $offset = 0): self;
function camel(): self;
function chunk(int $length = 1): array;
function collapseWhitespace(): self
function endsWith($suffix): bool;
function ensureEnd(string $suffix): self;
function ensureStart(string $prefix): self;
function equalsTo($string): bool;
function folded(): self;
function ignoreCase(): self;
function indexOf($needle, int $offset = 0): ?int;
function indexOfLast($needle, int $offset = 0): ?int;
function isEmpty(): bool;
function join(array $strings): self;
function jsonSerialize(): string;
function length(): int;
function lower(): self;
function match(string $pattern, int $flags = 0, int $offset = 0): array;
function padBoth(int $length, string $padStr = ' '): self;
function padEnd(int $length, string $padStr = ' '): self;
function padStart(int $length, string $padStr = ' '): self;
function prepend(string ...$prefix): self;
function repeat(int $multiplier): self;
function replace(string $from, string $to): self;
function replaceMatches(string $fromPattern, $to): self;
function slice(int $start = 0, int $length = null): self;
function snake(): self;
function splice(string $replacement, int $start = 0, int $length = null): self;
function split(string $delimiter, int $limit = null, int $flags = null): array;
function startsWith($prefix): bool;
function title(bool $allWords = false): self;
function toBinary(string $toEncoding = null): BinaryString;
function toGrapheme(): GraphemeString;
function toUtf8(): Utf8String;
function trim(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self;
function trimEnd(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self;
function trimStart(string $chars = " \t\n\r\0\x0B\x0C\u{A0}\u{FEFF}"): self;
function truncate(int $length, string $ellipsis = ''): self;
function upper(): self;
function width(bool $ignoreAnsiDecoration = true): int;
function wordwrap(int $width = 75, string $break = "\n", bool $cut = false): self;
function __clone();
function __toString(): string;
```
`AbstractUnicodeString` adds these:
```php
static function fromCodePoints(int ...$codes): self;
function ascii(array $rules = []): self;
function codePoint(int $index = 0): ?int;
function folded(bool $compat = true): parent;
function normalize(int $form = self::NFC): self;
function slug(string $separator = '-'): self;
```
and `BinaryString`:
```php
static function fromRandom(int $length = 16): self;
function byteCode(int $index = 0): ?int;
function isUtf8(): bool;
function toUtf8(string $fromEncoding = null): Utf8String;
function toGrapheme(string $fromEncoding = null): GraphemeString;
```
Case insensitive operations are done with the `ignoreCase()` method.
e.g. `b('abc')->ignoreCase()->indexOf('B')` will return `1`.
For reference, CLDR transliterations (used in the `ascii()` method) are defined here:
https://github.com/unicode-org/cldr/tree/master/common/transforms
Commits
-------
dd8745aced [String] add more tests
82a00956bc [String] add tests
012e92a772 [String] a new component for object-oriented strings management with an abstract unit system
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] fail gracefully when locking is not supported
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33392
| License | MIT
| Doc PR | -
Commits
-------
93485190f9 [Cache] fail gracefully when locking is not supported
This PR was merged into the 4.3 branch.
Discussion
----------
[Form] Names for buttons should start with lowercase
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This fix changes the messages related to the changes in https://github.com/symfony/symfony/pull/28969 - the message used to state that names should start with a letter, a digit ... - so I got a confusing message:
```
Using names for buttons that do not start with a letter, a digit, or an underscore is deprecated since Symfony 4.3 and will throw an exception in 5.0 ("Search" given).'
```
Which made me find the message, look at the regex that was used, and work out that actually it should start with a lowercase letter, and hence this PR - where I assume there is a reason that the name must start with lowercase letters.
Commits
-------
f65524e4e0 Names for buttons should start with lowercase
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Sort tagged services
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | https://github.com/symfony/symfony/issues/32439 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | -
Hi
This PR it's to improve DX when `debug:container` command is use with tag argument by sorting them by priority (More details in linked issue).
Currently they are sort by alphabetical order.
Commits
-------
54cef2a3a3 [FrameworkBundle] Sort tagged service by priority
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] scope singly-implemented interfaces detection by file
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| License | MIT
[DependencyInjection] fixed handling singly implemented interfaces when importing multiple resources
for example:
```yaml
App\Adapter\:
resource: '../src/Adapter/*'
App\Port\:
resource: '../src/Port/*'
```
this configuration wont create service for interface (in other words singly implemented interface wont be autowired) and this chage fixes it
**Also** this will prevent false positives - for example if I had one implementation in \App\Port namespace and another in \App\Adapter then interface service would still be registered
but that could potentially break exisitng code not aware of this bug
Commits
-------
c1f39709ff [DI] add FileLoader::registerAliasesForSinglyImplementedInterfaces()
bec38900d8 [DI] scope singly-implemented interfaces detection by file
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Show fallback error page when default error controller is disabled
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This would avoid a blank page on errors when we've disabled the default error controller. e.g:
```yaml
framework:
error_controller: null
```
So, we will show you the default HTML error page.
Commits
-------
8eea11cc26 Show fallback error page when framework.error_controller is null
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] don't throw deprecations for return-types by default
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33235
| License | MIT
| Doc PR | -
As discussed a few times already, in 4.4, `DebugClassLoader` shouldn't trigger deprecations when return types are missing. We'll enable them back in 5.1.
Commits
-------
2cb419edf4 [ErrorHandler] don't throw deprecations for return-types by default
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] compress files generated by the profiler
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33006
| License | MIT
| Doc PR | -
I've recently seen several reports of fastly growing profiler storages. Let's compress them when possible.
Locally for the skeleton homepage, a single profile goes from 150k to 15k. Level 3 is producing significant compression ratio while being measurably faster than level 6 (the default), that's why I'm using it.
Commits
-------
08f9470556 [HttpKernel] compress files generated by the profiler
This PR was squashed before being merged into the 4.4 branch (closes#33317).
Discussion
----------
[Messenger] Added support for `from_transport` attribute on `messenger.message_handler` tag
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #33306
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12231
Right now, it's only possible to have dynamic `from_transport` when using `MessageSubscriberInterface`. Things like `priority` and `bus` can already be added as attributes on the messenger.message_handler` tag.
With this PR it now also supports `from_transport`.
Commits
-------
c965e4e844 [Messenger] Added support for `from_transport` attribute on `messenger.message_handler` tag
This PR was merged into the 4.3 branch.
Discussion
----------
Add missing row_attr option to FormType
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix: #33682 - related issue #33573
| License | MIT
The #33573 modified Symfony's form themes. But the [FormType](https://github.com/symfony/form/blob/master/Extension/Core/Type/FormType.php) don't allow the option `row_attr` so the OptionResolver throw an exception that the option is unknown.
This PR basically add the option and give it to the form view (like `label_attr` do)
Commits
-------
d711ea2b54 Add missing row_attr option to FormType
This PR was merged into the 4.3 branch.
Discussion
----------
[Security] use LegacyEventDispatcherProxy
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I ran into an issue on one of my apps that has its own event dispatcher class using the old dispatch method signature
```php
public function dispatch($eventName, Event $event = null)
```
This leads to
```
TypeError: Argument 2 passed to X\Tests\Base\TestEventDispatcher::dispatch() must be an instance of Symfony\Component\EventDispatcher\Event or null, string given, called in /var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php on line 230
/var/www/x/symfony/tests/Base/TestEventDispatcher.php:20
/var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php:230
/var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php:111
```
since the event here is dispatched using the new signature:
https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L259
Commits
-------
7067e48165 [Security] use LegacyEventDispatcherProxy
* 4.4:
[Security/Http] fix typo in deprecation message
[Security] Deprecate isGranted()/decide() on more than one attribute
Fixed a minor typo in the UPGRADE to 5.0 guide
Various tweaks 3.4
Various tweaks 4.3
[Security] Make stateful firewalls turn responses private only when needed
[PhpUnit] Fix usleep mock return value
Revert \"feature #33507 [WebProfiler] Deprecated intercept_redirects in 4.4 (dorumd)\"
[TwigBundle] typo
[TwigBundle] fix test case
[Lock] use Predis\ClientInterface instead of Predis\Client
Allow Twig 3
Minor tweaks
Fix version typo in deprecation notice
[Form][SubmitType] Add "validate" option
hint to the --parse-tags when parsing tags fails
Make legacy "wrong" RFC2047 encoding apply only to one header
* 4.3:
[Security/Http] fix typo in deprecation message
Various tweaks 3.4
Various tweaks 4.3
[PhpUnit] Fix usleep mock return value
[Lock] use Predis\ClientInterface instead of Predis\Client
Fix version typo in deprecation notice
Make legacy "wrong" RFC2047 encoding apply only to one header
This PR was merged into the 4.3 branch.
Discussion
----------
[Security/Http] fix typo in deprecation message
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
spotted by @stof in #33676
Commits
-------
e70057aed4 [Security/Http] fix typo in deprecation message
This PR was squashed before being merged into the 4.4 branch (closes#33584).
Discussion
----------
[Security] Deprecate isGranted()/decide() on more than one attribute
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | tbd
While I expect it not be used much, it is currently possible to call `isGranted()` on more than one attribute:
```php
if ($this->authorizationChecker->isGranted(['ROLE_USER', 'ROLE_ADMIN'])) {
// ...
}
```
Supporting this includes a couple of problems/questions:
- It is not clear whether this is `OR` or `AND`;
- In fact, this is left over to the voter to decide upon. So it can vary for each voter and writers of new voters need to consider this (otherwise, you get issues like https://github.com/LeaseWeb/LswSecureControllerBundle/issues/4 );
- It promotes to vote over roles instead of actions.
I think we can do better. In the past, we've created all tooling for this to be self-explaining and easier:
```php
// ExpressionLanguage component (also includes other functions, like `is_granted('EDIT')`)
if ($this->authorizationChecker->isGranted("has_role('ROLE_USER') or has_role('ROLE_ADMIN')")) {
// ...
}
// calling it multiple times in PHP (may reduce performance)
if ($this->authorizationChecker->isGranted('ROLE_USER')
|| $this->authorizationChecker->isGranted('ROLE_ADMIN')
) {
// ...
}
// or by using Role Hierarchy, if a user really wants to vote on roles
```
This PR deprecates passing more than one attribute to `isGranted()` and `decide()` to remove this confusing bit in Security usage.
Backwards compatiblity help
---
I need some help in how to approach changing the `VoterInterface::vote(TokenInterface $token, $subject, array $attributes)` method in a backwards compatible way. Removing `array` breaks all Voters, so does changing it to `string` and removed the parameter all together.
Commits
-------
c64b0beffb [Security] Deprecate isGranted()/decide() on more than one attribute
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Make stateful firewalls turn responses private only when needed
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26769 *et al.*
| License | MIT
| Doc PR | -
Replaces #28089
By taking over session usage tracking and replacing it with token usage tracking, we can prevent responses that don't actually use the token from turning responses private without changing anything to the lifecycle of security listeners. This makes the behavior much more seamless, allowing to still log the user with the monolog processor, and display it in the profiler toolbar.
This works by using two separate token storage services:
- `security.token_storage` now tracks access to the token and increments the session usage tracker when needed. This is the service that is injected in userland.
- `security.untracked_token_storage` is a raw token storage that just stores the token and is disconnected from the session. This service is injected in places where reading the session doesn't impact the generated output in any way (as e.g. in Monolog processors, etc.)
Commits
-------
20df3a125c [Security] Make stateful firewalls turn responses private only when needed
This PR was merged into the 4.4 branch.
Discussion
----------
[Form][SubmitType] Add "validate" option
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/8763
| License | MIT
| Doc PR | TODO
The second part of the ticket requires more work but is kind of unrelated.
Commits
-------
a2bc06d811 [Form][SubmitType] Add "validate" option
This PR was merged into the 4.3 branch.
Discussion
----------
Make legacy "wrong" RFC2047 encoding apply only to one header
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
It says in a comment in the code that "We have to go against RFC 2183/2231 in some areas for interoperability". But I would like that to be the exception and not the rule. As the code was, all parameterized headers except from "Content-Disposition" was not encoded according to RFC 2231.
This change is to make it so that the exception (to not follow the RFC) is for the header "Content-Type" only, and all other parameterized headers will follow the rule of RFC 2231.
The code kind of worked before, because in emails we generally only have two parameterized headers; "Content-Disposition" and "Content-Type". But I think it is a good thing that if another parameterized header would happen to be added, by default it should follow the rule of the RFC and not by default be an exception.
Commits
-------
3817a8b036 Make legacy "wrong" RFC2047 encoding apply only to one header
This PR was merged into the 4.4 branch.
Discussion
----------
[Yaml] hint to the --parse-tags when parsing tags fails
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/28465#issuecomment-533182079
| License | MIT
| Doc PR |
Commits
-------
012111524b hint to the --parse-tags when parsing tags fails
This PR was merged into the 4.4 branch.
Discussion
----------
[Twig] Remove deprecated tag usage
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
cd74cb32ef [Twig] Remove deprecated tag usage
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] fix throwing HTTP exceptions when the 1st chunk is emitted
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted while discussing the client with @Seldaek
The current behavior is transient: depending on the speed of the network/server, the exception can be thrown, or not.
This forces one do deal with 3/4/5xx when the first chunk is yielded.
Commits
-------
3c93764f10 [HttpClient] fix throwing HTTP exceptions when the 1st chunk is emitted
* 4.4:
Re-enable previously failing PHP 7.4 test cases
[PhpUnitBridge] fix uninitialized variable
[ErrorRenderer] fix Cannot use object of type ErrorException as array exception #33631
[Twig] Add missing check
Revert "bug #33618 fix tests depending on other components' tests (xabbuh)"
install from source to include components tests
Fix undefined constant and other minor issues
[Twig] Add NotificationEmail
ensure compatibility with type resolver 0.5
Call AssertEquals with proper parameters
[DependencyInjection] Allow binding iterable and tagged services
[Twig] Fix Twig config extra keys
fix tests depending on other components' tests
Fix lint commands frozen on empty stdin
* 3.4:
Re-enable previously failing PHP 7.4 test cases
Revert "bug #33618 fix tests depending on other components' tests (xabbuh)"
install from source to include components tests
This PR was squashed before being merged into the 4.4 branch (closes#33632).
Discussion
----------
[ErrorRenderer] fix Cannot use object of type ErrorException as array exception #33631
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33631
| License | MIT
This fixes exception thrown when trying to render ErrorException as an array
Commits
-------
063dc78b49 [ErrorRenderer] fix Cannot use object of type ErrorException as array exception #33631
