* 2.7:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
* 2.7:
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
* 2.7:
[VarDumper] Fix dumping jsons casted as arrays
PassConfig::getMergePass is not an array
Revert "bug #19114 [HttpKernel] Dont close the reponse stream in debug (nicolas-grekas)"
Fix the retrieval of the last username when using forwarding
[Yaml] Fix PHPDoc of the Yaml class
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
Update getAbsoluteUri() for query string uris
* 2.7:
removed @since
Remove and change unrelevant comments in Validator and Security components.
[Validator] UuidValidator must accept a Uuid constraint.
[Validator] make UuidValidator class formatting consistent.
This PR was merged into the 2.8 branch.
Discussion
----------
Fixed issue with blank password with Ldap
| Q | A
| ------------- | ---
| Branch? | 1.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c7d9c62 Fixed issue with blank password with Ldap
The bind operation of LDAP, as described in RFC 4513, provides a method
which allows for authentication of users. For the Simple Authentication
Method a user may use the anonymous authentication mechanism, the
unauthenticated authentication mechanism, or the name/password
authentication mechanism. The unauthenticated authentication mechanism
is used when a client who desires to establish an anonymous
authorization state passes a non-zero length distinguished name and a
zero length password. Most LDAP servers either can be configured to
allow this mechanism or allow it by default.
_Web-based applications which perform the simple bind operation with the
client's credentials are at risk when an anonymous authorization state is
established. This can occur when the web-based application passes a
distinguished name and a zero length password to the LDAP server._
Thus, misconfiguring a server with simple bind can trick Symfony into
thinking the username/password tuple as valid, potentially leading to
unauthorized access.
* 2.7:
[2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param
prevent calling get() for service_container service
call get() after the container was compiled
Fixed readme of OptionsResolver
[DependencyInjection] Suggest ExpressionLanguage in composer.json
* 2.3:
[2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param
call get() after the container was compiled
Fixed readme of OptionsResolver
This PR was squashed before being merged into the 2.3 branch (closes#18727).
Discussion
----------
[2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param
| Q | A
| ------------- | ---
| Branch? | 2.3
| Bug fix? | yes, phpdoc one
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Updated phpdoc of AnonymousToken $user param from string to string|object since an object is allowed to in the parent AbstractToken: https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php#L91
Commits
-------
b1c60b4 [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param
* 2.7:
add @Event annotation for AuthenticationEvents
add @Event annotation for KernelEvents
bumped Symfony version to 2.7.13
updated VERSION for 2.7.12
update CONTRIBUTORS for 2.7.12
updated CHANGELOG for 2.7.12
bumped Symfony version to 2.3.41
updated VERSION for 2.3.40
update CONTRIBUTORS for 2.3.40
updated CHANGELOG for 2.3.40
Revert "minor #18257 [Routing] Don't needlessly execute strtr's as they are fairly expensive (arjenm)"
Revert "fixed CS"
[FrameworkBundle] Remove misleading comment
bug #17460 [DI] fix ambiguous services schema
* 2.3:
add @Event annotation for AuthenticationEvents
bumped Symfony version to 2.3.41
updated VERSION for 2.3.40
update CONTRIBUTORS for 2.3.40
updated CHANGELOG for 2.3.40
bug #17460 [DI] fix ambiguous services schema
* 2.7:
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
Windows 10 version check in just one line
Detect CLI color support for Windows 10 build 10586
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[EventDispatcher] Try first if the event is Stopped
[FrameworkBundle] fixes grammar in container:debug command manual.
[Form] fix "prototype" not required when parent form is not required
* 2.3:
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[Form] fix "prototype" not required when parent form is not required
If you configure a firewall with switch user with `role: IS_AUTHENTICATED_ANONYMOUSLY` it's impossible to exit the
impersonation because the next line `$this->provider->refreshUser($original->getUser())` will fail. It fails because `RefreshUser`
expects an instance of `UserInterface` and here it's a string.
Therefore, it does not make sense to refresh an Anonymous Token, right ?
* check for existance of `setMetadataFactory()` method (this is needed
for tests run with deps=high as the method was removed in Symfony
3.0)
* fix mock testing the `EngineInterface` as the `stream()` method cannot
be mocked when it is does not exist in the mocked interface
This PR was merged into the 2.3 branch.
Discussion
----------
[Hack Day] Issue for newcomers (2). Replace perfom by perform
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #18089
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
f33f192 replace perfom by perform
* 2.7:
[HttpFoundation] Fix transient test
[HttpFoundation] Add a dependency on the mbstring polyfill
[2.7] update readme files for new components
add readme files where missing
fix lowest TwigBridge deps versions
[EventDispatcher] fix syntax error
Don't use reflections when possible
Don't use reflections when possible
[Form] Update form tests after the ICU data update
[Intl] Update tests and the number formatter to match behaviour of the intl extension
[Intl] Update the ICU data to version 55
[Intl] Fix the update-data.php script in preparation for ICU 5.5
[Process] Fix memory issue when using large input streams
Use constant instead of function call.
fixed test name
automatically generate safe fallback filename
[Console] default to stderr in the console helpers
Conflicts:
composer.json
src/Symfony/Bridge/PhpUnit/README.md
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Component/Console/Helper/DialogHelper.php
src/Symfony/Component/Debug/DebugClassLoader.php
src/Symfony/Component/HttpFoundation/composer.json
src/Symfony/Component/Security/Acl/README.md
src/Symfony/Component/Security/Core/README.md
src/Symfony/Component/Security/Csrf/README.md
src/Symfony/Component/Security/Http/README.md
* 2.7:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
Improved the error message when using "@" in a decorated service
Improve error reporting in router panel of web profiler
[DoctrineBridge][Form] Fix performance regression in EntityType
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
minor [Form] fix tests added by #16886
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
* 2.3:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
* 2.7:
[Console] Add missing `@require` annotation in test
Fix merge
[appveyor] Fix failure reporting
[#17634] move DebugBundle license file
backport GlobTest from 2.7 branch
Move licenses according to new best practices
[FrameworkBundle] Remove unused code in test
[2.3] Fixed an undefined variable in Glob::toRegex
simplified a test
fix container cache key generation
[Form] fix option name in changelog
[Translation] Add resources from fallback locale
[DependencyInjection] enforce tags to have a name
[YAML] Refine the return value of Yaml::parse()
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/Loader/YamlFileLoaderTest.php
* 2.7:
Increase the inlining YAML level for config:debug
[Serializer] Minor: fix CS and PHPDoc
[Form] fix tests
[Serializer] Ensure that groups are strings
[Debug] Tell that the extension is for PHP 5 only
Static code analysis
Update AnnotationDirectoryLoader.php
added a test
Escape the delimiter in Glob::toRegex
[FrameworkBundle] Fix template location for PHP templates
[FrameworkBundle] Add path verification to the template parsing test cases
This PR was merged into the 2.3 branch.
Discussion
----------
Static code analysis
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Things that done:
* fix case in method calls
* removed unused imports
* use shorter concat where it possible
* optimize some css
* removed duplicated array keys
* removed redurant return statements
* removed one-time variables
* do not pass arguments that not used in functions
Commits
-------
8db691a Static code analysis
* 2.7:
fixed undefined variable
Fixed the phpDoc of UserInterface
fixed APCu dep version
make apc class loader testable against apcu without apc bc layer
Added support for the `0.0.0.0/0` trusted proxy
[DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
added missing constant
Added 451 status code
Remove unnecessary code
Allow absolute URLs to be displayed in the debug toolbar
[ClassLoader] Use symfony/polyfill-apcu
[HttpKernel] Lookup the response even if the lock was released after 2 seconds
* 2.3:
fixed undefined variable
Fixed the phpDoc of UserInterface
fixed APCu dep version
Added support for the `0.0.0.0/0` trusted proxy
[DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
[HttpKernel] Lookup the response even if the lock was released after 2 seconds
* 2.7:
fixed test
[Request] Ignore invalid IP addresses sent by proxies
Throw for missing container extensions
[TwigBridge] add missing unit tests (AppVariable)
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
add defaultNull to version
sort bundles in config:dump-reference command
Fixer findings.
[Translation][Writer] avoid calling setBackup if the dumper is not an instance of FileDumper.
[FrameworkBundle] Compute the kernel root hash only one time
* 2.3:
[Request] Ignore invalid IP addresses sent by proxies
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
sort bundles in config:dump-reference command
Fixer findings.
* 2.7: (28 commits)
[Process] Use stream based storage to avoid memory issues
Fix upgrade guides concerning erroneous removal of assets helper
[Process] Remove a misleading comment
Fix markdown typo
ChooseBaseUrl should return an index
[Form] ChoiceType: Fix a notice when 'choices' normalizer is replaced
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
[FrameworkBundle] Don't log twice with the error handler
Remove useless is_object condition
[Process] Fix typo, no arguments needed anymore
[Serializer] Introduce constants for context keys
Fixed the documentation of VoterInterface::supportsAttribute
Fixed Bootstrap form theme form "reset" buttons
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
synchronize 2.7 and 3.0 upgrade files
fix merge 2.3 into 2.7 for SecureRandom dependency
Use is_subclass_of instead of reflection
Use is_subclass_of instead of Reflection when possible
...
* 2.3:
[Process] Remove a misleading comment
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
Fixed the documentation of VoterInterface::supportsAttribute
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
Use is_subclass_of instead of Reflection when possible
* 2.7:
Typo fix
[2.3] Static Code Analysis for Components
Added support \IteratorAggregate for UniqueEntityValidator
Update AbstractChoiceListTest.php
Fix#17306 Paths with % in it are note allowed (like urlencoded)
Use proper class to fetch $versionStrategy property
Added sort order SORT_STRING for params in UriSigner
Remove normalizer cache in Serializer class
* 2.3:
Typo fix
[2.3] Static Code Analysis for Components
Added support \IteratorAggregate for UniqueEntityValidator
Fix#17306 Paths with % in it are note allowed (like urlencoded)
Added sort order SORT_STRING for params in UriSigner
Remove normalizer cache in Serializer class
* 2.3:
[travis] timeout the sigchild tests at 60s
CS: Single line comments should use double slashes (//) and not hash (#).
Do not use HttpKernel Extension when not needed
bumped Symfony version to 2.3.37
updated VERSION for 2.3.36
update CONTRIBUTORS for 2.3.36
updated CHANGELOG for 2.3.36
use nowdoc instead of heredoc
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ConfigDumpReferenceCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterMatchCommand.php
src/Symfony/Bundle/FrameworkBundle/Translation/Translator.php
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Config/Tests/Definition/Dumper/YamlReferenceDumperTest.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Generator/Dumper/PhpGeneratorDumper.php
This PR was merged into the 2.3 branch.
Discussion
----------
CS: use nowdoc instead of heredoc
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
if this is accepted, we could add the fixer to symfony level of php-cs-fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1580
Commits
-------
3dca549 use nowdoc instead of heredoc
* 2.7:
[2.7] Fixed flatten exception recursion with errors
Embedded identifier support
Also transform inline mappings to objects
Change the ExtensionInterface load method definition to bo identical to the documentation.
add and correct armenian translations
[Config] Fix array sort on normalization in edge case
[Security] Run tests on all PHP versions
[Serializer] Make metadata interfaces internal
[Yaml] fix indented line handling in folded blocks
improve BrowserKit test coverage p1
* 2.7:
Clean EOL whitespace
[travis] Fix
[Routing] Reduce memory usage of a high consuming test case
use requires annotation
skip bcrypt tests on incompatible platforms
* 2.3:
Clean EOL whitespace
[travis] Fix
[Routing] Reduce memory usage of a high consuming test case
use requires annotation
skip bcrypt tests on incompatible platforms
Conflicts:
.travis.yml
* 2.7:
[SecurityBundle] Removing test insulations for a huge perf win
[Validator] Use the new interface in the README
[Filesystem] fix tests on 2.3
[Filesystem] Recursivly widen non-executable directories
[Form] fix#15544 when a collection type attribute "required" is false, "prototype" should too
updated validators.bg.xlf
[Security] Enable bcrypt validation and result length tests on all PHP versions
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
[Console] Avoid extra blank lines when rendering exceptions
[Console][Table] fixed render row with multiple cells.
[Yaml] do not remove "comments" in scalar blocks
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception2.txt
src/Symfony/Component/Console/Tests/Fixtures/application_renderexception4.txt
src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php
src/Symfony/Component/Yaml/Tests/ParserTest.php
