* 5.1:
Handle fetch mode deprecation of DBAL 2.11.
Fixed security-* package dependencies
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
* 5.0:
Handle fetch mode deprecation of DBAL 2.11.
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
* 4.4:
Handle fetch mode deprecation of DBAL 2.11.
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing translations for cs locale (Czech)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Is it enough to submit this only against 3.4 to have it included also in 5.1 version?
Commits
-------
3d18c1c185 [Validator] add missing Czech translations
This PR was merged into the 3.4 branch.
Discussion
----------
Handle fetch mode deprecation of DBAL 2.11.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | N/A
See doctrine/dbal#4019
DBAL has deprecated PDO-style fetch modes in favor of more explicit methods.
Commits
-------
ed518551e1 Handle fetch mode deprecation of DBAL 2.11.
This PR was merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Fixed version constraint on security-core and security-guard
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://symfony.com/blog/new-in-symfony-5-1-updated-security-system#comment-24048
| License | MIT
| Doc PR | -
We somehow completely forgot to upgrade these version constraints to `^5.1`.
*build failures are unrelated*
Commits
-------
e3d9b259e0 Fixed security-* package dependencies
* 5.1:
[Contracts/Deprecation] fix composer.json for PHP 8
bumped Symfony version to 5.1.0
updated VERSION for 5.1.0-RC2
updated CHANGELOG for 5.1.0-RC2
This PR was merged into the 5.1 branch.
Discussion
----------
[Contracts/Deprecation] fix composer.json for PHP 8
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted by @xepozz in https://github.com/symfony/deprecation-contracts/pull/2
Commits
-------
5db0a8bf4b [Contracts/Deprecation] fix composer.json for PHP 8
This PR was merged into the 4.4 branch.
Discussion
----------
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36533
| License | MIT
| Doc PR | -
This PR fixes the memory usage labels in the time panel of the web profiler for 4.4+. PR #36571 already fixed this for 3.4 but since the time panel has been rewritten in 4.3, that minor fix has not correctly been transferred into 4.4+.
Commits
-------
a91204a79d [WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fixed handling of CSRF logout error
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36814
| License | MIT
| Doc PR | -
8 years ago, a typo was made while refactoring the `ExceptionListener`, loosing this logic (46071f3238). I think we should fix it.
The `LogoutException` is a very generic name for something only used when the CSRF token is invalid. Should we match the exception message to make sure only this CSRF error is transformed into 403? I didn't yet do it because any usage of `LogoutException` would have resulted in 500, which always is worse than 403.
Commits
-------
50348f2eb7 Fixed handling of CSRF logout error
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13706
We're about to delete some more component docs. The minimal examples where copy/pasted from the original component docs.
Commits
-------
f3b8a58513 [DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
This PR was merged into the 5.1 branch.
Discussion
----------
Fix extra SQL support in Doctrine migrations
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
/cc @weaverryan
Commits
-------
1d1f3e1cd4 Fix extra SQL support in Doctrine migrations
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpClient] fix management of shorter-than-requested timeouts with AmpHttpClient
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This will fix the most transient test in our CI, which was not a false positive.
Commits
-------
1ac069de0f [HttpClient] fix management of shorter-than-requested timeouts with AmpHttpClient
* 5.1:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
* 5.0:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
* 4.4:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Removed detection of Serializer < 3.2
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
The test that is changed here contains detection logic for Serializer versions prior 3.2. However, accoring to FrameworkBundle's composer.json, we need at least Serializer 3.3, so that logic is obsolete.
I came across this piece of code because on the 5.1 branch, this test is actually skipped because the `use` statement for `CacheClassMetadataFactory` is missing there.
Commits
-------
9badd71687 [FrameworkBundle] Removed detection of Serializer < 3.2
This PR was submitted for the master branch but it was merged into the 4.4 branch instead.
Discussion
----------
[Mime] Allow email message to have "To", "Cc", or "Bcc" header to be valid
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36944
| License | MIT
| Doc PR | N/A
Allow emails to have any one of To:, Cc:, or Bcc: fields rather than forcing a required To: field.
Commits
-------
35b7e1cb9a Allow email message to have "To", "Cc", or "Bcc" header to be valid
* 5.1:
[FrameworkBundle] Fix MicroKernelTrait for php 8
[DependencyInjection] Fixed tests for wither with static return type.
[HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc().
Don't call method_exists() with non-objects.
[Lock] skip tests when ext-mongo is not installed
[HttpClient] Adjust AmpResponse to the stricter trait handling in php 8.
[FrameworkBundle] don't use abstract methods in MicroKernelTrait, their semantics changed in PHP 8
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[FrameworkBundle] Fix MicroKernelTrait for php 8
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
This PR fixes several php 8 related issues with `MicroKernelTrait`.
* Anonymous microkernel classes were not handled properly. I've added a test case to cover this scenario and fixed the issues.
* As part of the upgrade path, the trait logic parsed `TypeErrors` raised by php. That code broke because the wording of those errors has changed. I've replaced that logic with a hopefully less brittle reflection-based approach.
* In order to fix compatibility issues, @nicolas-grekas has already commented out the two abstract methods of the trait. If someone forgets to implement them, they would've ran into rather cryptic errors. I've added tests for these scenarios as well and introduced user-friendly exceptions.
I've noticed that implementing an old-style `configureContainer()` does not raise any deprecation. Is that on purpose? I really think that we should deprecate the old way, so we can re-add the abstract methods again in Symfony 6.
Commits
-------
7f3132ebe3 [FrameworkBundle] Fix MicroKernelTrait for php 8
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc()
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
This should fix the remaining red php 8 test of the HttpFoundation suite.
Commits
-------
12f734d8b3 [HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc().