* 2.7:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Php function json_encode/decode with option JSON_PARTIAL_OUTPUT_ON_ERROR return result on error, but if have is error json_last_error() always return error code even if there is a result and it is not false. Because of this is impossible set JSON_PARTIAL_OUTPUT_ON_ERROR option across variable $context.
Current fix solves this problem.
Verification on the false is completely correct, since json_encode / decode returns false only on error if not set JSON_PARTIAL_OUTPUT_ON_ERROR option.
Such have a problem e.g when encoding data is not utf-8 (emoji from facebook).
Commits
-------
e7e410b [Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
This PR was merged into the 2.8 branch.
Discussion
----------
Tweaked some styles in the profiler tables
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25670
| License | MIT
| Doc PR | -
To fix#25670 and other related minor issues, I propose some tweaks to the tables of the profiler panels.
Commits
-------
bc80258a1e Tweaked some styles in the profiler tables
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fail gracefully if the security token cannot be unserialized from the session
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).
This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)
Commits
-------
053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Disable CSP header on exception pages
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR | -
This makes exception pages styled normally when using CSP listener. Technically it's new feature, but from user POV it's bugfix, because it's really confusing to get a blank page. It takes a while to realize it is because of enabled CSP. Therefore I'm trying to push it as patch release.
Commits
-------
f33a383a1a [HttpKernel] Disable CSP header on exception pages
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
* 2.7:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
This PR was submitted for the 3.3 branch but it was merged into the 2.7 branch instead (closes#25662).
Discussion
----------
Dumper shouldn't use html format for phpdbg / cli-server
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This may not be the lowest branch that this fix applies to.
Prevents the dumper from outputting in html format when using phpdbg.
Commits
-------
e2b6091 Dumper shouldn't use html format for phpdbg
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix access to root object when using composite constraint
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12315, #20477, #21706
| License | MIT
| Doc PR |
Commits
-------
b18cdcf417 [Validator] Fix access to root object when using composite constraint
This PR was merged into the 2.7 branch.
Discussion
----------
Update LICENSE year... forever
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
By using the same trick than Facebook: https://github.com/facebook/react/blob/master/LICENSE
Commits
-------
8ce8bd5 Update LICENSE year... forever
This PR was merged into the 2.7 branch.
Discussion
----------
PHP CS Fixer: no need to exclude xml and yml files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
f51549c PHP CS Fixer: no need to exclude xml and yml files
This PR was squashed before being merged into the 2.7 branch (closes#25652).
Discussion
----------
Clean up
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've removed all white spaces and extra lines from our `markdown` files. Recently [I did it in our documentation](https://github.com/symfony/symfony-docs/pull/8944), and thought would be interesting to replicate here 😄
Commits
-------
acd0d7c Clean up
This PR was submitted for the 3.4 branch but it was merged into the 2.7 branch instead (closes#25656).
Discussion
----------
Update return type in docblock.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
c5f0f4c Update return type in docblock.
This PR was squashed before being merged into the 2.7 branch (closes#25430).
Discussion
----------
Fixes for Oracle in PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #18305 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
<!--
Fixes missing session data for Oracle in PdoSessionHandler
-->
Commits
-------
e7a4002b4f Fixes for Oracle in PdoSessionHandler
This PR was merged into the 2.8 branch.
Discussion
----------
Fix some deprecation messages
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
351b234f07 fixed some deprecation messages