This PR was merged into the 2.3 branch.
Discussion
----------
Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a25beb6 Fix docblocks about callables
The FrameworkBundle in version 2.3 can be used with recent versions of
the Security component. However, after the Security component has been
split with Symfony 2.4, translations resources have been moved to the
`symfony/security-core` package. Thus, the changed location must be
taken into account.
This PR was merged into the 2.3 branch.
Discussion
----------
Command list ordering fix
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Makes sure that global commands are always first.
Commits
-------
2984f8e fixed previous commit
70f2b3e global commands are always first in command list
This PR was merged into the 2.3 branch.
Discussion
----------
Fixed typos
Following #16098
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
f5802c2 Fixed typos
This PR was squashed before being merged into the 2.3 branch (closes#14842).
Discussion
----------
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14822
| License | MIT
| Doc PR | ~
* test now always pass "secure" and "httponly" options, as they are required
* could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required
* I can squash the commits before merging
* Alternative solution: #14843
Commits
-------
18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself.
[DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it.
But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication.
It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication.
Commits
-------
729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 2.3 branch.
Discussion
----------
Fix PropertyAccessor modifying array in object when array key does no…
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16056
| License | MIT
| Doc PR |
Commits
-------
f24c678 Fix PropertyAccessor modifying array in object when array key does not exist
This PR was merged into the 2.3 branch.
Discussion
----------
Throw exception if tempnam returns false in ProcessPipes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15215
| License | MIT
| Doc PR |
Related to #16092
Commits
-------
1425b8a Throw exception if tempnam returns false in ProcessPipes
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] use PHP_OS instead of php_uname('s')
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15058
| License | MIT
| Doc PR |
The php_uname() function may be disabled for security reasons.
Commits
-------
40e0dc8 use PHP_OS instead of php_uname('s')
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Fix improper comments removal
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15857
| License | MIT
| Doc PR | -
This tries to fix#15857 .
Honestly, I don't have any idea of the regressions it might introduce. Tests are passing, so if this code had any reason to exist, tests covering it are certainly missing :/
Any hint ?
Commits
-------
0e24fc5 [Yaml] Fix improper comments removal inside strings
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBundle] fix useless and failing test
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This test is failing in php 7, see https://travis-ci.org/symfony/symfony/jobs/83107755#L2015
But it also doesn't test anything. So it's useless in it's current form.
In 2.7 we have more tests that are actually useful. So the class is not untested.
Commits
-------
d94dd16 [TwigBundle] fix useless and failing test
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] change a class in tests to avoid depending on SQLite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
d6a7517 [HttpKernel] change a class in tests to avoid depending on SQLite
This PR was merged into the 2.3 branch.
Discussion
----------
[ci] Display fastest results first when running tests in parallel
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Keeping order prevents seeing failures early as they happen. I propose to display tests results asap instead.
Best viewed with: https://github.com/symfony/symfony/pull/15993/files?w=1
Commits
-------
3d6c864 [ci] Display fastest results first when running tests in parallel
This PR was merged into the 2.3 branch.
Discussion
----------
remove api tags from code
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15977
| License | MIT
| Doc PR | n/a
Commits
-------
f1c7c65 remove api tags from code
This PR was squashed before being merged into the 2.3 branch (closes#15799).
Discussion
----------
[HttpFoundation] NativeSessionStorage `regenerate` method wrongly sets storage as started
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR fixes an error when regenerating session IDs for non-active sessions.
Right now, the session is flagged as _started_, no matter if the session ID was successfully regenerated or not, making the storage [unable to _start the session_](6393ec3169/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php (L130-L132)) later on.
This also fixes a future error with PHP 7, which throws an error if a regeneration is attempted for non-active sessions.
```
session_regenerate_id(): Cannot regenerate session id - session is not active
```
Commits
-------
8e6ef9c [HttpFoundation] NativeSessionStorage method wrongly sets storage as started
IBAN is an acronym. The term 'IBAN-Kontonummer' is redundant, since the 'AN' part (Account Number) already translates to 'Kontonummer'. It's like saying 'International Bank Account Number Account Number'.
"Fiş" is a correct translation for "token", however "bilet" is also used, I fixed that inconsistency. Moreover, "kimlik bilgileri" is a better translation for "credentials" than "girdiler". "Girdiler" is the translation of "inputs", so I fixed sentences with "credentials". "Hesap engellenmiş" is better than "Hesap devre dışı bırakılmış" for "Account is disabled.". "Digest nonce has expired" can be translated better as "Derleme zaman aşımına uğradı." because "Derleme zaman aşımı gerçekleşti" has a confirmation sense like user requested it to expire and it has expired.
References:
token: http://tureng.com/search/token (3rd entry)
credentials: http://www2.zargan.com/tr/q/credentials-ceviri-nedir (1st entry)
disable: http://tureng.com/search/disable (15th entry)
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Fix input validation when required arguments are missing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15505
| License | MIT
| Doc PR | -
The rule that was here in place previously only works when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
Commits
-------
4982b02 [Console] Add the command name to input arguments if it's missing
f12a4c1 [Console] Fix input validation when required arguments are missing
Mintty is now the default terminal in GitBash, and it supports ANSI
colors without the need of ANSICON (it even supports 256 colors rather
than the 16 colors supported by ANSICON).
This PR was merged into the 2.3 branch.
Discussion
----------
Add a group for tests of the finder against the FTP server
This allows to skip them easily when running the testsuite, as they represent a significant part of the testsuite time. These 2 tests together represent 42% of the execution time of the testsuite (all the time being spent connecting to the FTP server).
I also remove the usage of the data provider as a data provider with a single dataset (and used only partially) only makes tests harder to read. and does not save any duplication.
Commits
-------
51147e3 Add a group for tests of the finder against the FTP server
This PR was merged into the 2.3 branch.
Discussion
----------
Forbid serializing a Crawler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Unserializing a Crawler instance creates DOM elements in an invalid state, making the Crawler unusable.
While working on #15849, I figured out that DomCrawler actually inherits ``Serializable`` from its ``SplObjectStorage`` parent, and so I tried to serialize and unserialize one. The answer is that it does not work. This is what happens when trying to call ``parents`` on it for instance:
```
Symfony\Component\DomCrawler\Crawler::parents(): Invalid State Error
```
Commits
-------
12733cb Forbid serializing a Crawler
This PR was merged into the 2.3 branch.
Discussion
----------
Use random_bytes function if it is available for random number generation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15239
| License | MIT
| Doc PR |
This is an attempt to use the random_bytes function when generating secure random numbers. This function is included in PHP 7 or through the "paragonie/random_compat" library.
This PR only adds support to use the function if it is available. Changes that can be added is to add a hard dependency on the paragonie/random_compat library, so all current functionality can be deprecated.
Commits
-------
6a217dc Use random_bytes function if it is available for random number generation
This PR was merged into the 2.3 branch.
Discussion
----------
[CssSelector] Optimize regexs matching simple selectors
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
These shortcut parsers are applied first when converting a CSS selector to XPath, to be faster for simple selectors (tag matching, class matching with an optional tag, id matching with an optional tag).
None of the regexes defined here could have more chances to match more element when backtracking identifiers. So the backtracking is only slowing down the regex engine when the regex does not match (i.e. for any more complex selector for instance, or even for simple selectors without namespace of without tag name). Making quantifiers possessive solves this issue.
I also turned some capturing groups (around the namespace and the namespace delimiter) into non-capturing groups as we don't care about them in the output (they are just here to be optional).
Commits
-------
d5abe0b [CssSelector] Optimize regexs matching simple selectors
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Add clock mock to fix transient test on HHVM
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This should fix the most frequent transient test on HHVM (ProgressBarTest::testAnsiColorsAndEmojis)
Commits
-------
549f43b [Console] Add clock mock to fix transient test on HHVM
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Stopped Autoruns when shelling on windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR |
Stop autoruns when shelling on Windows.
Original PR was on https://github.com/symfony/Process/pull/9#issuecomment-140721398.
Commits
-------
bca6771 Update Process.php
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Remove PHP 7 from allowed failures
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Looking at the latests PRs, PHP 7 does not segfault anymore with our test suite.
Commits
-------
ba8366e [travis] Remove PHP 7 from allowed failures
Testing against different adapters is now handled by multiple subclasses
of a common test case rather than using data providers. This allows
tests to be marked as skipped for unsupported adapters instead of making
them disappear from the testsuite.
This PR was squashed before being merged into the 2.3 branch (closes#13794).
Discussion
----------
[DomCrawler] Invalid uri created from forms if base tag present
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #13145 was merged the provided testcase does not work anymore and creates an invalid link
This affects the latest versions of 2.3, 2.5, 2.6 and 2.7
Right now this PR only includes the failing test, as I could no easy find a fix. If someone immediately knows whats the problem, give me a hint please.
Commits
-------
dc57a7a [DomCrawler] Invalid uri created from forms if base tag present
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] update param type phpdoc for StreamOutput
Makes it consistent with `getStream()`
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c036352 [Console] update param type phpdoc for StreamOutput
This PR was merged into the 2.3 branch.
Discussion
----------
Use ObjectManager interface instead of EntityManager
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If you use the EntityManager Decorator pattern that doctrine provides
then simply specifying a query_builder closure where your decorated
em is used fails as it isn't an instance of Doctrine\ORM\EntityManager.
Testing against the ObjectManager interface fixes the issue.
Commits
-------
1f3ea0f Use ObjectManager interface instead of EntityManager
Previous rule was only working when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
This PR was squashed before being merged into the 2.3 branch (closes#14802).
Discussion
----------
[HttpKernel] fix broken multiline <esi:remove>
|Q |A |
|--- |---|
|Bug Fix? |yes|
|New Feature? |n |
|BC Breaks? |n |
|Deprecations?|n |
|Tests Pass? |yes|
|Fixed Tickets| |
|License |MIT|
|Doc PR | |
Originally found in https://github.com/symfony/symfony/pull/14800#discussion-diff-31388942
`<esi:remove>` blocks with multiline contents were not removed.
`<esi:comment>` blocks with multiline contents were not removed.
Note. According to http://www.w3.org/TR/esi-lang
`comment is an empty element, and must not have an end tag.` so the support for multi line comments are not actually supported in the standard.
Commits
-------
06f97bf [HttpKernel] fix broken multiline <esi:remove>
This PR was squashed before being merged into the 2.3 branch (closes#14841).
Discussion
----------
[DoctrineBridge] Fixed#14840
[DoctrineBridge] Fixed compatibility with entities packed in Phar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14840
| License | MIT
| Doc PR | none
Commits
-------
92ad5df [DoctrineBridge] Fixed#14840
This PR was merged into the 2.3 branch.
Discussion
----------
[framework-bundle] Add Test for TranslationUpdateCommand
Added the test script as per the discussion in PR #15562
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
232f6fd [framework-bundle] Add Test for TranslationUpdateCommand
This PR was merged into the 2.3 branch.
Discussion
----------
Add tests to the recently added exceptions thrown from YamlFileLoaders
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15702#15731
| License | MIT
| Doc PR | -
* use the `Symfony\Component\DependencyInjection\Exception\InvalidArgumentException` in the DI component
* add tests
Commits
-------
93e418f Improve exception messages.
ResourceInterface::__toString is mainly important because in various places, array_uniqe() is called to perform a de-duplication of resources and will use the string representation for objects.
Thus, we need to take care that if DirectoryResources apply different patterns they must be kept after array_unique calls.
This PR was squashed before being merged into the 2.3 branch (closes#15746).
Discussion
----------
Tests fix clockmock
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
On my local computer tests for HttpCacheTest not passed, because ClockMock make side effects on another tests (it takes time from _SERVER['REQUEST_TIME'] and for my computer difference with real one time and this time was more than expected by HttpCacheTest, one part of code take time from mock, anothers - from native time function). This PR remove this side effects.
Commits
-------
6b21752 Tests fix clockmock
This PR was merged into the 2.3 branch.
Discussion
----------
Dispatch console.terminate *after* console.exception
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
The problem is when using the ConsoleHandler from MonologBridge, TERMINATE closes it and removes the output, so when EXCEPTION fires if you want to log the exception it's too late and you don't get any output. See ed4fb54901/src/Symfony/Bridge/Monolog/Handler/ConsoleHandler.php (L115-L145)
It is my understanding that TERMINATE is always supposed to come last anyway, so it is a bug in any case, but this particular use case is what prompted the discovery.
Commits
-------
7802345 Dispatch console.terminate *after* console.exception
Added the test script as per the discussion in PR #15562
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Fix test
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7969503 [Intl] Fix test
This PR was merged into the 2.3 branch.
Discussion
----------
[console] Use the description when no help is available
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15498
| License | MIT
| Doc PR |
Commits
-------
e5d3f25 [console] Use the description when no help is available
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Not bug fix because the fix it fixes has not yet been released in any taggued version, but still a fix.
Commits
-------
de7d4a7 [FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
This PR was merged into the 2.3 branch.
Discussion
----------
[ci] Run minimal versions on appveyor only
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Hopefully the last round of ci optimizations: what do you think about running the minimal supported version on appveyor only? This removes one matrix line on travis, and gives more flexibility in choosing the minimal version because, where travis only supports a limited list of minimal versions, windows.php.net provides a binary for each and every php ever released.
Commits
-------
e564805 [ci] Run minimal versions on appveyor only
If you use the EntityManager Decorator pattern that doctrine provides
then simply specifying a query_builder closure where your decorated
em is used fails as it isn't an instance of Doctrine\ORM\EntityManager.
Testing against the ObjectManager interface fixes the issue.
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the validation of form resources to register the default theme
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
https://github.com/symfony/symfony/pull/14173 made some wrong changes, changing the behavior of the code. This reverts to the right behavior in affected places
Commits
-------
ea92610 Fix the validation of form resources to register the default theme
This PR was merged into the 2.3 branch.
Discussion
----------
consistently use str_replace to unify directory separators
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
We used a mix of `str_replace` and `strtr` for the same thing. `str_replace` is faster as [I tested myself](https://3v4l.org/MNrgC) which is logical since strtr adds logic we don't need here.
Commits
-------
b9760ef consistently use str_replace to unify directory separators
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Add missing docblock in PreAuthenticatedToken
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed the `PreAuthenticatedToken` does not provide any dockblock about its constructor parameters so PHPStorm uses the `AbstractToken` parameters and think I'm using `PreAuthenticatedToken` badly.
This fix it by adding the missing docblock and I also added the string[] possibility for roles in `AbstractToken` as it's present in the code and the exception message.
Commits
-------
1dda0a6 [Security] Add missing docblock in PreAuthenticatedToken
This PR was merged into the 2.3 branch.
Discussion
----------
Add appveyor.yml for C.I. on Windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | YES, both on Travis (Linux) and on Appveyor (Windows)!
| Fixed tickets | #13934, #15049, #14259, #15045, #15444
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5654
- testing two matrix lines:
- one without mbtring nor fileinfo nor intl
- one with these ext enables, intl version 51.2 so that almost no test is skipped on our Intl component
- bug fixes thanks to these harder testing conditions
- some display bug on appveyor, [reported here](http://help.appveyor.com/discussions/suggestions/197-support-ansi-color-codes).
Commits
-------
ea5d656 Windows and Intl fixes
8bbd8d9 Add appveyor.yml for C.I. on Windows
This PR was merged into the 2.3 branch.
Discussion
----------
[DoctrineBridge][Form] fix EntityChoiceList when indexing by primary foreign key
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I've found a bug while using the 'entity' FormType.
Doctrine allow the definition of primary keys which are foreign key of other entities. In this scenario, the `EntityChoiceList` instance check if:
* the entity has a id composed by a single column and
* eventually, the column is an integer
When this happens, it use the primary key as "choices indices", but since is an entity it fails in many places, where it expects integer.
The easy solution is to check whether the single-column id is not an association. Anyway, I've fixed it the RightWay™ :), and now it resolve the entity reference to the actual column type, and restart the logic. Code speaks better then words.
Commits
-------
fe4246a [DoctrineBridge][Form] Fix EntityChoiceList when indexing by primary foreign key
This PR was merged into the 2.3 branch.
Discussion
----------
Implement the support of timezone objects in the stub IntlDateFormatter
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As of PHP 5.5, the IntlDateFormatter accepts to use DateTimeZone or IntlTimeZone objects as timezone in the constructor (and in the new setTimeZone method) rather than timezone ids.
This is even the proper way to pass a timezone from a DateTime object as DateTimeZone names are not all valid ICU identifiers (and there is a PR on the Twig-extensions repo to use such feature to support things properly: https://github.com/twigphp/Twig-extensions/pull/148).
I'm considering this as a bugfix because it is a mismatch between the stub implementation and the real class.
Note that for simplicity, these objects are accepted on all PHP versions, as reproducing the behavior of older versions is not possible in the stub anyway (triggering a warning and making the instantiating with ``new`` return ``null``). We already have such differences anyway (the ``setTimeZone`` method exists in all PHP versions in the stub)
Commits
-------
2856abe Implement the support of timezone objects in the stub IntlDateFormatter
As of PHP 5.5, the IntlDateFormatter accepts to use DateTimeZone or
IntlTimeZone objects as timezone in the constructor (and in the new
setTimeZone method) rather than timezone ids.
This is even the proper way to pass a timezone from a DateTime object as
DateTimeZone names are not all valid ICU identifiers.
This PR was merged into the 2.3 branch.
Discussion
----------
[Serializer] Add support for variadic arguments in the GetSetNormalizer
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
There were 2 broken cases:
- when the value was passed, the array was passed as argument, becoming the first value of the variadic array. The array needs to be spread into multiple arguments when calling the method
- when the value was missing, the code would throw a ReflectionException, similar to the issue reported in #13690, because a variadic argument is optional but does not have a default value
Commits
-------
704760b Add support for variadic arguments in the GetSetNormalizer
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Nested merge keys
When trying to use nested merge keys in Yaml, the ref sometimes had the wrong value
eg, with:
```yaml
taz: &taz
a: Steve
w:
p: 1234
nested:
<<: *taz
d: Doug
w: &nestedref
p: 12345
z:
<<: *nestedref
```
in this case, the ref `nestedref` had the value "Doug", which cause this error :
Symfony\Component\Yaml\Exception\ParseException: YAML merge keys used with a scalar value instead of an array at line 38 (near "<<: *nestedref").
It now works as expected
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
note: this PR replace #15241
Commits
-------
500c57e [Yaml] Nested merge keys
This piece of code adds a space then removes it immediately. One could think that only the space after the last element of the loop is removed, but this is not the case. Space between loop elements are also removed.
This PR was squashed before being merged into the 2.3 branch (closes#15263).
Discussion
----------
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
| Q | A
| ------------- | ---
| Fixed tickets | #15262
| License | MIT
'proxy-revalidate' is not a header on its own but a 'Cache-Control' directive
See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
Commits
-------
6c22f0a [HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
This PR was merged into the 2.3 branch.
Discussion
----------
Remove skipping of tests based on ICU data version whenever possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Many tests being skipped based on the ICU data version don't actually need it. They might be testing code paths not relying on Intl, or not performing assertions on the values depending on the ICU data and so not dependant on the exact ICU version being used.
this is somewhat related to https://github.com/symfony/symfony/issues/14259 as it allows to reduce the number of tests not running on Travis.
Commits
-------
7994513 Remove skipping of tests based on ICU data version whenever possible
This PR was merged into the 2.3 branch.
Discussion
----------
do not dump leading backslashes in class names
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15001
| License | MIT
| Doc PR |
Commits
-------
ad6cb10 do not dump leading backslashes in class names
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] type specific check for emptiness
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13736
| License | MIT
| Doc PR |
Commits
-------
0199fbf [Config] type specific check for emptiness
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the handling of null as locale in the stub intl classes
The Intl extension accepts null as locale in formatters and the collator and will use the default locale in such case. Given that the stub implementation considers that the default locale is always 'en', it should be supported here too instead of forcing libraries to pass the default locale explicitly. For instance, ``Twig_Extensions_Extension_Intl`` relies on the fact that ``null`` as locale uses the default one: https://github.com/twigphp/Twig-extensions/pull/94
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-demo/pull/123
| License | MIT
| Doc PR | n/a
Commits
-------
d6db6ad Fix the handling of null as locale in the stub intl classes
The error tell to implement the service `doctrine.orm.<em_name>.metadata_driver`, but this extensions check for the existence of the `doctrine.orm.<em_name>_metadata_driver` where `<em_name>` the entity manager name.
Many tests being skipped based on the ICU data version don't actually
need it. They might be testing code paths not relying on Intl, or not
performing assertions on the values depending on the ICU data and so not
dependant on the exact ICU version being used.
The Intl extension accepts null as locale in formatters and the
collator and will use the default locale in such case. Given that the
stub implementation considers that the default locale is always 'en', it
should be supported here too instead of forcing libraries to pass the
default locale explicitly.
This PR was squashed before being merged into the 2.3 branch (closes#15172).
Discussion
----------
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
The ParameterBagInterface was missing some @throws annotations, so the FrozenParameterBag class was a violation of Liskov subtitution principle. Also the ParameterBagInterface was missing the remove method.
(Optionally the ParameterBagInterface can be later split into two smaller interfaces, because the FrozenParameterBag shouldn't have the add, remove methods in the first place.)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I have also fixed removing elements from FrozenParameterBag, as introduced by @satahippy
https://github.com/symfony/DependencyInjection/pull/8
Commits
-------
3ad0794 [DependencyInjection] fixed FrozenParameterBag and improved Parameter…
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Fix deps=high/low jobs
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15230
| License | MIT
| Doc PR | -
Commits
-------
1c9b433 [travis] Fix deps=high jobs
This PR was squashed before being merged into the 2.3 branch (closes#15249).
Discussion
----------
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
* Allows to fix tests of https://github.com/symfony/psr-http-message-bridge with PHP 5.6.
* Ease the transition to PSR-7 (in PSR-7, almost everything is stream - #15186)
Maybe should I open it against 2.8 but it can be considered a bug fix at least for the part "returning a string as a resource".
Commits
-------
059964d [HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Behaviour change in PHP7 for substr
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
In PHP7 the behaviour of substr() changed.
To resume: "Truncating an entire string should result in a string."
See: https://bugs.php.net/bug.php?id=62922
Commits
-------
ba6000b [HttpFoundation] Behaviour change in PHP7 for substr
In PHP7 the behaviour of substr() changed.
To resume: "Truncating an entire string should result in a string."
See: https://bugs.php.net/bug.php?id=62922
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] allow to use `method` in XML configs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Before this change, you always had to use the `methods` key which is
inconsistent compared to other options like `roles` and `ips` for which
it was possible to use their singular versions.
Commits
-------
9b0dfd4 [Security] allow to use `method` in XML configs
This PR was squashed before being merged into the 2.3 branch (closes#15223).
Discussion
----------
[Finder] Command::addAtIndex() fails with Command instance argument
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14384
| License | MIT
| Doc PR | -
Fixed reported bug #14384 and added test case for it. This is a second PR as previous #14385 went bad after I failed to rebase 2.3 branch properly.
Commits
-------
2aff566 [Finder] Command::addAtIndex() fails with Command instance argument
This PR was merged into the 2.3 branch.
Discussion
----------
CS fixes for 2.3
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
To keep fabbot.io happy ;)
Commits
-------
464b67e fix CS
Before this change, you always had to use the `methods` key which is
inconsistent compared to other options like `roles` and `ips` for which
it was possible to use their singular versions.
This PR was merged into the 2.3 branch.
Discussion
----------
Mock microtime() and time() in transient tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
8319ca3 Mock microtime() and time() in transient tests
In AZ, as in TR, pluralization is always 0:
0 kitab (zero books)
1 kitab (1 book)
3 kitab (3 books)
104 kitab (104 books)
Apparently ZF ruleset was wrong in the first place :)
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Fixed: Data mappers always receive forms indexed by their names
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR facilitates writing domain-specific data mappers, since it guarantees that you can access forms by name in the data mapper methods. Currently, `Form::add()` does not set the index of the array passed to the data mapper to the form's name.
Commits
-------
86b7fe5 [Form] Fixed: Data mappers always receive forms indexed by their names
The `SwitchUserEvent` is triggered in case an account is switched. This works okay while switching to the user, but on exit the `SwitchUserEvent` is triggered again with the original User. That User was not initialized by the provider yet.
load user by UserInterface instead of username
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] Fail when dumping a Definition with no class nor factory
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I tried creating an anonymous inline service with a DefinitionDecorator, but that did not work.
Here is the fix.
Commits
-------
23ad4ad [DependencyInjection] Fail when dumping a Definition with no class nor factory
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] fix validation for Maestro UK card numbers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15085
| License | MIT
| Doc PR |
The issue with the fix in #15086 was, that the `[56-69]` part of the regular expression did not cover the numbers from 56 to 69 but only matched one number if it was 5, 6 or 9 which means that the regular expression itself was not only invalid, but also covered only a total maximum length of 18 digits.
Commits
-------
f24532a fix validation for Maestro UK card numbers
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] fixed sending non array data on submit to ResizeListener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13804, #13851
| License | MIT
| Doc PR |
I agree with @Tobion that #13851 is a bug fix and therefore should be applied on the `2.3` branch too.
Commits
-------
0f185c9 [Form] [EventListener] fixed sending non array data on submit to ResizeListener
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Use convention to allow throwing from __toString()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Corollary to #15076, works without it.
Commits
-------
8982c32 [HttpFoundation] Use convention to allow throwing from __toString()
This PR was squashed before being merged into the 2.3 branch (closes#15058).
Discussion
----------
[Console] Fix STDERR output text on IBM iSeries OS400
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | None
| License | MIT
| Doc PR | None
Prior to this PR a Symfony Console command would output error text as random symbols when executed via the IBM console program QSH. Affected error text output such as when a required InputArgument is missing, or when explicitly using `$output->getErrorOutput()->writeln('Some error text here')`.
![Example error output](http://i.imgur.com/PQplK1p.png)
This PR fixes error text so it properly prints to IBM console programs such as QSH and QP2SHELL.
I previously fixed STDOUT for PHP running on IBM iSeries OS400 (Zend Server) using the same approach. Since that PR was merged ConsoleOutput class began using its own output for STDERR which exhibits the same issue STDOUT did.
The following commits and previous Symfony PRs have our relevant discussion about ASCII vs EBCDIC character encoding to fix this issue:
* [Original IBM STDOUT reported in #1434](https://github.com/symfony/symfony/issues/1434)
* [My PR #4152 that fixes#1434](https://github.com/symfony/symfony/pull/4152)
Thanks!
🚀
Commits
-------
23c42ca [Console] Fix STDERR output text on IBM iSeries OS400
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation][update cmd] taken account into bundle overrides path.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #14942 (partially)
| Tests pass? | yes
| License | MIT
Commits
-------
a8f315b [Translation][update cmd] taken account into bundle overrides path.
This PR was squashed before being merged into the 2.3 branch (closes#14964).
Discussion
----------
[bugfix][MonologBridge] WebProcessor: passing $extraFields to BaseWebProcessor
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #14962
| License | MIT
| Doc PR | ~
Commits
-------
f41d1c9 [bugfix][MonologBridge] WebProcessor: passing to BaseWebProcessor
This PR was squashed before being merged into the 2.3 branch (closes#14890).
Discussion
----------
[2.3] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended):
- not optimal regular expressions usage
- strlen miss-use
- not optimal conditional statements in Process and Filesystem
- unsafe uniquid usage
PS: re-creating to no spam history log with reverts
Commits
-------
4a4fea7 [2.3] Static Code Analysis for Components
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Support DateTimeImmutable in transform()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When passing a DateTimeImmutable instance to DateTimeToLocalizedStringTransformer::transform($dateTime), it throws an exception, `TransformationFailedException('Expected a \DateTime.')`.
The method just converts a date-time object into a string, so there is no reason that it should not support all DateTimeInterface implementations.
DateTimeInterface was added in PHP 5.5, so in order to support earlier versions, we need to do instanceof checks for both DateTime and DateTimeInterface. When Symfony requires PHP 5.5 or larger, we can remove the DateTime check and only check for DateTimeInterface.
This was originally submitted as a PR against the 2.7 branch in #14676.
Commits
-------
17346c5 [Form] Support DateTimeImmutable in transform()
ResolvedFormType#getTypeExtensions() was calling method
AbstractType#getExtensions() which has been removed in
commit b3081e85a0
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR was squashed before being merged into the 2.3 branch (closes#14738).
Discussion
----------
[HttpFoundation] Get response content as resource several times for PHP >= 5.6
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Since PHP 5.6, `php://input` can be opened several times.
Commits
-------
9f9b0f7 [HttpFoundation] Get response content as resource several times for PHP >= 5.6
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] Improved duplicated code in FileLocator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR improves a duplicate check prepending the current path (if exists) to the list of paths.
Commits
-------
30aa4e9 Improved duplicated code in FileLocator
This PR was merged into the 2.3 branch.
Discussion
----------
[BrowserKit] Fix bug when uri starts with http.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
6d3ec63 [BrowserKit] Fix bug when uri starts with http.
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended), no functional changes:
- resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString
- resolved callable name case mismatches
Commits
-------
9eb2b14 Php Inspections (EA Extended): - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
- resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString
-resolved implicit magic methods calls
-resolved callable name case mismatches
This PR was merged into the 2.3 branch.
Discussion
----------
[Validators] Correct translation key and content [nl]
The nl file is not up to date. Correct changed translation key.
Commits
-------
5bc4085 [Validators] Correct translation key and content [nl]
This PR was merged into the 2.3 branch.
Discussion
----------
n/a
n/a
Commits
-------
d320d27 [HttpKernel] Do not call the FragmentListener if _controller is already defined
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Check instance of FormBuilderInterface instead of FormBuilder
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14714
| License | MIT
| Doc PR | -
Commits
-------
44469d0 Check instance of FormBuilderInterface instead of FormBuilder
This PR was squashed before being merged into the 2.3 branch (closes#14670).
Discussion
----------
[Security] TokenBasedRememberMeServices test to show why encoding username is required
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14577
| License | MIT
| Doc PR | no
241538d shows that it's not actually tested, 257b796 reimplements it with test.
I can remove the POC commit if it's not needed.
Commits
-------
63a9736 [Security] TokenBasedRememberMeServices test to show why encoding username is required
This PR was squashed before being merged into the 2.3 branch (closes#14678).
Discussion
----------
[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14577
| License | MIT
| Doc PR | no
`AbstractRememberMeServices::encodeCookie()` guards against `COOKIE_DELIMITER` in `$cookieParts`.
* it would make `AbstractRememberMeServices::cookieDecode()` broken
* all current extending classes do it anyway (see #14670 )
* added tests – it's not a public method, but it is expected to be used by user implementations – as such, it's good to know that it works properly
Commits
-------
464c39a [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Handle an array vary header in the http cache store
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12118
| License | MIT
| Doc PR | -
Commits
-------
5930800 [HttpKernel] Handle an array vary header in the http cache store
This PR was squashed before being merged into the 2.3 branch (closes#14335).
Discussion
----------
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13617
| License | MIT
| Doc PR |
When the script filename is just /index.php, dirname() returns '/' for it. In Request::prepareBaseUrl() we append '/' to it (as introduced in #13039), which is wrong in this scenario as the resulting string is '//'.
When we rtrim('/') the output of dirname() then '/' would be constructed in this case, and in all other cases it makes no difference as dirname() already trims the right forward slash if there are path segments.
The test-cases should clarify the exact scenario.
Commits
-------
f24a6dd [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
This PR was merged into the 2.3 branch.
Discussion
----------
[DomCrawler] Throw an exception if a form field path is incomplete
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11807
| License | MIT
| Doc PR | -
Commits
-------
991e65c [DomCrawler] Throw an exception if a form field path is incomplete.
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Delete duplicate test in CommandTest
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The __get method is not implemented in the Command class, and the deleted test was duplicated with the preceding one.
Commits
-------
4a4eda9 [Console] Delete duplicate test in CommandTest
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Fix HTML escaping of to-source links
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
385a6b7 Fix HTML escaping of to-source links
This PR was merged into the 2.3 branch.
Discussion
----------
[ServerBag] Handled bearer authorization header in REDIRECT_ form
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Apache rewrite module renames client request
header (`HTTP_`) by prepending `REDIRECT_` to
it. http basic authentication and http digest
authentication are properly processed in
REDIRECT_ form, while bearer is processed in
HTTP_ form, but dropped in REDIRECT_ form.
Example:
The following auth headers are handled in ServerBag,
```
HTTP_AUTHORIZATION => Basic aGVsbG86d29ybGQ=
REDIREDCT_HTTP_AUTHOIZATION => Basic aGVsbG86d29ybGQ=
HTTP_AUTHORIZATION => Digest blah
REDIRECT_HTTP_AUTHORIZATION => Digest blah
HTTP_AUTHORIZATION => Bearer mF_9.B5f-4.1JqM
```
while
```
REDIRECT_HTTP_AUTHORIZATION => Bearer mF_9.B5f-4.1JqM
```
is dropped.
Commits
-------
7b2e2df Handled bearer authorization header in REDIRECT_ form
This PR was merged into the 2.3 branch.
Discussion
----------
[Framework] added test for router commands.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | ~
| Tests pass? | yes
| License | MIT
- [x] router:debug
- [x] router:match
Commits
-------
6d403a7 [Framework] added test for Router commands.
This PR was merged into the 2.3 branch.
Discussion
----------
[Security][Translation] fixes#14584
| Q | A
| ------------- | ---
| Fixed tickets | #14584
| License | MIT
Some french translations are wrong in the security component.
As #14587 has been closed here's my fix.
Commits
-------
34c780f [Security][Translation] fixes#14584
This PR was merged into the 2.3 branch.
Discussion
----------
CS: Pre incrementation/decrementation should be used if possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes provided by new fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1113
If this pr is merged I would change the level of the fixer to `symfony`.
Commits
-------
c5123d6 CS: Pre incrementation/decrementation should be used if possible
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Fix tests in HHVM
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR fixes the tests in the Security components when run in HHVM. The failing tests are related to sebastianbergmann/phpunit-mock-objects#207
Commits
-------
139bae7 Fix tests in HHVM
This PR was merged into the 2.3 branch.
Discussion
----------
Add PHP7 compatible versions for the Null/True/False constraints as they are reserved words in PHP7
| Q | A
| ------------- | ---
| Bug fix? | PHP7 compatibility
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | N/A
| Fixed tickets | N/A - helps towards https://github.com/symfony/symfony/issues/14086
| License | MIT
Null, True and False are reserved words in PHP7:
https://wiki.php.net/rfc/reserve_more_types_in_php_7
Commits
-------
44edbdf Fixed compatibility with PHP7 and up by introducing new constraints (IsNull, IsTrue, IsFalse) and related validators (IsNullValidator, IsTrueValidator, IsFalseValidator)
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][EventDispatcher] make listeners removable from an executed listener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13972
| License | MIT
| Doc PR |
This fixes#13972 for Symfony 2.3. On Symfony 2.6 and higher, this has already been fixed with #14355.
Commits
-------
54bb399 [EventDispatcher] make listeners removable from an executed listener
This PR was merged into the 2.3 branch.
Discussion
----------
[SecurityBundle] Use Enum Nodes Instead Of Scalar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
ce7fb04 [SecurityBundle] Use Enum Nodes Instead Of Scalar
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Check if "symfony/proxy-manager-bridge" package is installed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
43cc877 [HttpKernel] Check if "symfony/proxy-manager-bridge" package is installed
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] link to https://symfony.com where possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
bf8a1ce link to https://symfony.com where possible
This PR was merged into the 2.3 branch.
Discussion
----------
Use https://symfony.com/search for search form
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
Using https for symfony.com/search stops chrome (and eventually firefox)
from warning us about "Mixed Content" when developing sites that use SSL
for the entire site.
Here is the warning text:
```
Mixed Content: The page at 'https://example.org/' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://symfony.com/search'. This endpoint should be made available over a secure connection.
```
Commits
-------
74983d7 Use https://symfony.com/search for searching
This PR was merged into the 2.3 branch.
Discussion
----------
[SecurityBundle][WebProfiler] check authenticated user by tokenClass instead of username.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #13628
| Tests pass? | yes
| License | MIT
Commits
-------
79e005b [profiler][security] check authenticated user by tokenClass instead of username.
This PR was merged into the 2.3 branch.
Discussion
----------
Show a better error when the port is in use
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14275
| License | MIT
| Doc PR | -
This is a backport of #14063
Commits
-------
34e000e Show a better error when the port is in use
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Fix Portuguese (Portugal) translation
Commits
-------
b62eb73 Fix Portuguese (Portugal) translation for Security
This PR was merged into the 2.3 branch.
Discussion
----------
[StringUtil] Fixed singularification of 'selfies'
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Related to #14191.
At tonights PHP Stockholm meetup we discussed #14191, and we noticed that "selfie" was incorrectly handled as well. One selfie, many selfies.
Commits
-------
7c2b875 [StringUtil] Fixed singularification of 'selfies'
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed Choice when an empty array is used in the "choices" option
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13853
| License | MIT
| Doc PR | -
This is a backport of #14448 for the 2.3 branch.
Commits
-------
8bf8556 [Validator] Fixed Choice when an empty array is used in the "choices" option
This PR was squashed before being merged into the 2.3 branch (closes#14470).
Discussion
----------
[DependencyInjection] Removed extra strtolower calls
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
`Alias` already lowercase the `$id` in the constructor. Using `ContainerBuilder::hasAlias()` and `ContainerBuilder::hasDefinition()` inside the code makes an extra strtolower call.
Commits
-------
3bfbf45 [DependencyInjection] Removed extra strtolower calls
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] Fixed missing tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Follow up of #11422 and #14446
Commits
-------
2892902 Fixed tests
Using https for symfony.com/search stops chrome (and eventually firefox)
from warning us about "Mixed Content" when developing sites that use SSL
for the entire site.
This PR was merged into the 2.3 branch.
Discussion
----------
[EventDispatcher] Added the sorted priority information on phpdoc of the getListeners method
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
Added the sorting by descending priority information on the `EventDisparcherInterface`
Commits
-------
c3eecb5 Add better phpdoc message for getListeners method of the EventDispatcher
There is no translation writer format named 'xliff', but 'xlf' only. So the TranslationUpdateCommand can't be called with 'output-format' == 'xliff' and the version info will never be shown.
This PR was squashed before being merged into the 2.3 branch (closes#14325).
Discussion
----------
[Routing][DependencyInjection] Support .yaml extension in YAML loaders
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14319
| License | MIT
| Doc PR | -
YAML [FAQ](http://www.yaml.org/faq.html) states that .yaml file extension should be used whenever possible. I tweaked YamlFileLoader supports() method in Symfony Routing component to accept both .yml and .yaml and added some asserts in tests for that behavior.
This PR replaces #14319 as it was based on 2.7. BTW Is there a way to "rebase" PR branch without redoing all the work?
Commits
-------
dd5a811 [Routing][DependencyInjection] Support .yaml extension in YAML loaders
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation][fixed test] refresh cache when resources are no longer fresh.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #14279
| Tests pass? | yes
| License | MIT
Commits
-------
04b8e4e [Translation][fixed test] refresh cache when resources are no longer fresh.
This PR was squashed before being merged into the 2.3 branch (closes#14231).
Discussion
----------
[DependencyInjection] Show better error when the Yaml component is not installed
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
As the Yaml component is a suggested dependency, if someone try to use the `YamlFileLoader` or the `YamlDumper` without the component will get an ugly message:
```
PHP Fatal error: Class 'Symfony\Component\Yaml\Dumper' not found in xxxx
```
With this PR the error will be an exception with the message: `Unable to dump the container as the Symfony Yaml Component is not installed.` for `YamlDumper` and `Unable to load YAML files service definitions as the Symfony Yaml Component is not installed.'` for `YamlFileLoader`
Commits
-------
870a299 [DependencyInjection] Show better error when the Yaml component is not installed
This PR was squashed before being merged into the 2.3 branch (closes#14206).
Discussion
----------
[2.3] SCA for Components - reference mismatches
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended), no functional changes:
- worked out some of reference mismatches
Commits
-------
f732659 [2.3] SCA for Components - reference mismatches
This PR was squashed before being merged into the 2.3 branch (closes#14097).
Discussion
----------
[2.3] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended), no functional changes:
- array_keys/array_values usage as foreach array
- foreach value by reference - added unsets to keep scope clear
- strstr usage as strpos fixed
- array_push miss-use resolved
Commits
-------
78cc93c [2.3] Static Code Analysis for Components
This PR was merged into the 2.3 branch.
Discussion
----------
renamed some confusing tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
a8e4c43 renamed some confusing tests
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Fix javascript
| Q | A
| ------------- | ---
| Bug fix? |yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Remove dead code and add missing semicolons.
Commits
-------
df76126 Fix javascript
As we're dumping entire catalogues including their fallbacks (standalone or inlined in ~2.7), we need to use different cache files for different sets of fallback locales.
This PR was merged into the 2.3 branch.
Discussion
----------
CS: Use "self" keyword instead of class name if possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes provided by new fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1116
If this pr is merged I would change the level of the fixer to `symfony`.
Commits
-------
e72128f CS: Use "self" keyword instead of class name if possible