* 4.1:
fix cs
[Validator] Allow `ConstraintViolation::__toString()` to expose codes that are not null or emtpy strings
fix type for $value in DocBlock
[WebProfilerBundle] Fix title case
Fix wrapped loop of event listener
[DI] fix edge case in InlineServiceDefinitionsPass
undeprecate the single-colon notation for controllers
Update HttpKernel.php
* 3.4:
fix cs
[Validator] Allow `ConstraintViolation::__toString()` to expose codes that are not null or emtpy strings
fix type for $value in DocBlock
Fix wrapped loop of event listener
Update HttpKernel.php
* 4.1:
fix cs
fix cs
fix cs
SCA: consolidate non empty array checks across codebase
[cs] correct invalid @param types
[Bridge/PhpUnit] Use composer to download phpunit
[DI] fix taking lazy services into account when dumping the container
[Form] Fixed empty data for compound date interval
[Cache] fix optimizing Psr6Cache for AdapterInterface pools
deal with explicitly enabled workflow nodes
* 3.4:
fix cs
SCA: consolidate non empty array checks across codebase
[cs] correct invalid @param types
[Bridge/PhpUnit] Use composer to download phpunit
[DI] fix taking lazy services into account when dumping the container
[Form] Fixed empty data for compound date interval
[Cache] fix optimizing Psr6Cache for AdapterInterface pools
deal with explicitly enabled workflow nodes
* 4.1:
Undeprecate the single-colon notation for controllers
Command::addOption should allow int in $default
Update symfony links to https
[Form] Fixed keeping hash of equal \DateTimeInterface on submit
[PhpUnitBridge] Fix typo
[Routing] generate(null) should throw an exception
[Form] Minor fixes in docs and cs
[Workflow] Made code simpler
[Config] Unset key during normalization
[Form] Fixed empty data for compound date types
invalidate forms on transformation failures
[FrameworkBundle] fixed guard event names for transitions
method buildTransitionBlockerList returns TransitionBlockerList of expected transition
[FrameworkBundle] fixed guard event names for transitions
[PropertyAccessor] Fix unable to write to singular property using setter while plural adder/remover exist
This notation is the only way to support controllers as services in the 3.4
LTS version.
This deprecation has only a very small benefit for the Symfony codebase (the
amount of code involved is very small), but has a huge cost for the community
which cannot avoid this deprecation without dropping support for the LTS or
making crazy logic to switch routing files (as they cannot switch things
inline in YAML or XML files).
This deprecation will be delayed until a future 5.x version, when the current
LTS will be 4.4 (which supports the new notation).
* 4.1:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
* 3.4:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
Some attributes being used in the phpunit configuration files, namely
failOnRisky and failOnWarning were introduced in phpunit 5.2.0. The
Composer configuration shows that tests should run with old versions of
phpunit, but phpunit only validates the configuration against the XSD
since phpunit 7.2.0.
These changes can be tested as follows:
wget http://schema.phpunit.de/5.2/phpunit.xsd
xargs xmllint --schema phpunit.xsd 1>/dev/null
find src -name phpunit.xml.dist| xargs xmllint --schema phpunit.xsd 1>/dev/null
See 7e06a82806
See 46e3745a03/composer.json (L98)
* 4.1:
[VarDumper] fix dump of closures created from callables
[DI] fix dumping inlined services
Add framework asset changes to upgrade 3.0 guide
[Travis] Bump ext-mongodb to 1.5.2 on Travis
[DI] dont track classes/interfaces used to compute autowiring error messages
[DI] fix GraphvizDumper ignoring inline definitions
bumped Symfony version to 4.1.8
updated VERSION for 4.1.7
updated CHANGELOG for 4.1.7
bumped Symfony version to 3.4.19
updated VERSION for 3.4.18
updated CHANGELOG for 3.4.18
bumped Symfony version to 2.8.48
updated VERSION for 2.8.47
update CONTRIBUTORS for 2.8.47
updated CHANGELOG for 2.8.47
Fix ini_get() for boolean values
* 3.4:
[VarDumper] fix dump of closures created from callables
[DI] fix dumping inlined services
Add framework asset changes to upgrade 3.0 guide
[Travis] Bump ext-mongodb to 1.5.2 on Travis
[DI] dont track classes/interfaces used to compute autowiring error messages
[DI] fix GraphvizDumper ignoring inline definitions
bumped Symfony version to 3.4.19
updated VERSION for 3.4.18
updated CHANGELOG for 3.4.18
bumped Symfony version to 2.8.48
updated VERSION for 2.8.47
update CONTRIBUTORS for 2.8.47
updated CHANGELOG for 2.8.47
Fix ini_get() for boolean values
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] fix dump of closures created from callables
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We are missing displaying full information about closures created using `ReflectionMethod::getClosure()` or `Closure::fromCallable()`.
This PR fixes it. For VarDumper but also other places where we have logic to display them.
Commits
-------
1c1818b876 [VarDumper] fix dump of closures created from callables
* 4.1:
SCA: removed unused variables
Remove duplicate condition
fix useless space in docblock
remove unneeded tearDown method
[Intl] Update the ICU data to 63.1
[FrameworkBundle] Fix broken exception message
[Messenger] send using the routing_key for AMQP transport
also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session
[TwigBundle] Fix usage of TwigBundle without FrameworkBundle
Revert "fixed CS"
[Serializer] Reduce class discriminator overhead
Skip empty proxy code
[Security] Fix "exclude-from-classmap"
[Security] Removed unsed trait import
[Config] Fix @method annotation
add missing double-quotes to extra_fields output message
[DI] Default undefined env to empty string during compile
Convert InsufficientAuthenticationException to HttpException
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpKernel] Deprecate the Kernel name
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #26904
| License | MIT
| Doc PR | n/a
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
98ff750ee1 [HttpKernel] deprecated the Kernel name
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpKernel] Add a note about env name restrictions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #26884
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
b0f863d77e [HttpKernel] added a note about env name restrictions
* 4.1: (21 commits)
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 4.1.6
updated VERSION for 4.1.5
updated CHANGELOG for 4.1.5
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
...
* 3.4:
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
* 2.8:
[php_cs] disable fopen_flags
[CS] Remove unused variables passed to closures
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
This PR was merged into the 2.8 branch.
Discussion
----------
[CS] Enforces null type hint on last position in phpDocs
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
As a majority in our codebase, the `null` typehint usually comes in the last position in phpDocs.
Commits
-------
efbba25577 [CS] Enforces null type hint on last position in phpDocs
* 4.1:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 3.4:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 2.8:
improve docblocks around group sequences
[WebProfilerBundle] added a note in the README
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
Caching missed templates on cache warmup
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26731
| License | MIT
| Doc PR | -
By creating Cookie instances using `null` for the `$secure` argument, this PR allows making cookies inherit their "secure" attribute from the request.
This PR also adds a forward to make $secure=null and samesite=lax the defaults in Symfony 5.0:
- either define all constructor's arguments explicitly
- or use the new `Cookie::create()` factory
Commits
-------
9493cfd5f2 [HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
This PR was merged into the 4.2-dev branch.
Discussion
----------
[SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28338
| License | MIT
| Doc PR | -
Let's make it easier to have a good default security level, now for the remember-me cookie.
Commits
-------
6ec223bf6f [SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
* 4.1:
[TwigBridge] fix lowest version of symfony/form
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
fix not displaying labels when value is false
[Form] Fix DateTimeType html5 input format
* 3.4:
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
[Form] Fix DateTimeType html5 input format
* 2.8:
KernelInterface can return null container
[Ldap] Use shut up operator on connection errors at ldap_start_tls
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
[Form] Fix DateTimeType html5 input format
This PR was merged into the 3.4 branch.
Discussion
----------
[Controller][ServiceValueResolver] Making method access case insensitive
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28254
| License | MIT
| Doc PR | -
Fix#28254 by making the method access insensitive in `ServiceValueResolver`.
Commits
-------
cc6f82769b [Controller][ServiceValueResolver] Making method access case insensitive
* 4.1:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 3.4:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 4.1:
[appveyor] fix
[DI] Fix dumping some complex service graphs
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
added missing LICENSE file
remove cache warmers when Twig cache is disabled
[Workflow] Make sure we do not run the next transition on an updated state
change baseUrl to basePath to fix wrong profiler url
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
* 3.4:
[appveyor] fix
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
remove cache warmers when Twig cache is disabled
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
* 2.8:
[appveyor] fix
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
remove cache warmers when Twig cache is disabled
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
This PR was squashed before being merged into the 4.2-dev branch (closes#25125).
Discussion
----------
[VarDumper] New env var to select the dump format
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
This PR introduces a new environment variable that can be used to force `dump()` to generate HTML even in CLI, or CLI even in a web context.
It allows to dump large objects when debugging a command, to open the resulting HTML in a browser, and to benefit of the nice JS UI (folded by default, search engine...).
Example usage:
VAR_DUMPER_FORMAT=html vendor/bin/behat > tmp.html; open -a firefox tmp.html
VAR_DUMPER_FORMAT=cli vendor/bin/behat > tmp.txt
Commits
-------
536125ac3c [VarDumper] New env var to select the dump format
* 4.1:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
bumped Symfony version to 3.4.16
updated VERSION for 3.4.15
updated CHANGELOG for 3.4.15
* 3.4:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
bumped Symfony version to 3.4.16
updated VERSION for 3.4.15
updated CHANGELOG for 3.4.15
* 2.8:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
This PR was merged into the 4.2-dev branch.
Discussion
----------
[FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm pretty sure we're many forgetting to make session cookies "secure".
Here is an "auto" mode that makes them secure automatically when the session is started on requests with the "https" scheme.
Commits
-------
4f7b41a83d [FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used