* 2.8:
Use "more entropy" option for uniqid()
reset constraint options
added checks for public services on compiler passes that use service id and not references
This PR was merged into the 3.2-dev branch.
Discussion
----------
fixed AddConstraintValidatorsPass config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65131e2 added checks for public services on compiler passes that use service id and not references
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] removed the Doctrine Annotations lib dependency on FrameworkBundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes (fixing this is easy by adding doctrine/annotations explicitly)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15748 partially
| License | MIT
| Doc PR | n/a
Another PR to reduce the number of required dependencies on FrameworkBundle. This PR removes the Doctrine annotations library from the list.
Commits
-------
c2d8356 [FrameworkBundle] removed the Doctrine Annotations lib dependency on FrameworkBundle
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] removed the Security Core and Security CSRF component dependencies on FrameworkBundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (except for people using FrameworkBundle without requiring symfony/symfony which should be pretty rare; and fixing this is easy by adding symfony/security-core and symfony/security-csrf explicitly)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15748 partially
| License | MIT
| Doc PR | n/a
Another PR to reduce the number of required dependencies on FrameworkBundle. This PR removes the Security Core and CSRF components from the list.
Commits
-------
d703784 [FrameworkBundle] removed the Security Core and Security CSRF component dependencies on FrameworkBundle
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] removed the Templating component dependency on FrameworkBundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no (except for people using FrameworkBundle without requiring symfony/symfony which should be pretty rare; and fixing this is easy by adding symfony/templating explicitly)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15748 partially
| License | MIT
| Doc PR | n/a
Another PR to reduce the number of required dependencies on FrameworkBundle. This PR removes the Templating component from the list.
I made most of the work in previous version, so this change is really just about adding a good error message when templating is not enabled. For the record, this is also in the path of making possible to use Symfony with Twig without using the Templating component indirection (I think that this is in fact the last step).
Commits
-------
b3de62f [FrameworkBundle] removed the Templating component dependency on FrameworkBundle
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] fix yaml:lint when yaml is not installed along side framework-bundle
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
YAML is not an explicit dependency of FrameworkBundle. If it is not installed, the console is broken as the yaml:lint commands tries to extends the one in the YAML component. This bug only exists in master as this refactoring happened in 3.2
Commits
-------
b1c5a68 [FrameworkBundle] fixed yaml:lint when yaml is not installed along side framwork-bundle
* 3.1:
expectedException expects FQCN
Fixed expectedException annotations
[Cache] Fix password used to make the redis connection.
Security and validators messages translation to Latvian
[Form] FormView->isRendered() remove dead code and simplify the flow
Fixed issue with legacy find() method not working as expected
* 2.8:
expectedException expects FQCN
Fixed expectedException annotations
Security and validators messages translation to Latvian
[Form] FormView->isRendered() remove dead code and simplify the flow
* 2.7:
Fixed expectedException annotations
Security and validators messages translation to Latvian
[Form] FormView->isRendered() remove dead code and simplify the flow
This PR was merged into the 3.2-dev branch.
Discussion
----------
[Translation] added Base Exception for the component.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
0fa4397 [Translation] added Base Exception for the component.
This PR was merged into the 3.2-dev branch.
Discussion
----------
inlined some CSS
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR has several goals:
* It fixes the discrepancy between where CSS files were stored (FrameworkBundle) and where there were used (TwigBundle);
* It removes the need to install the assets to get exceptions (think Silex, micro-kernel-based-edition, ...);
* It makes things consistent with how we already manage images for exceptions (they are inlined);
* It makes things consistent with how we manage assets for the web profiler.
Commits
-------
f354638 inlined some CSS
* 3.1:
[TwigBridge] removed Twig null nodes (deprecated as of Twig 1.25)
Make redis host configurable in tests
[Console] Fix empty optionnal options with = separator in argv
This PR was squashed before being merged into the 3.1 branch (closes#19974).
Discussion
----------
Make redis host configurable in tests
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Makes running tests on dockerized environments possible, since we can now export the `REDIS_HOST` environment variable:
```
REDIS_HOST=redis ./phpunit src/Symfony/Component/Cache
```
If this gets merged, in master we can later replace the `SYMFONY__REDIS_HOST` usage in the FrameworkBundle with the new `env(REDIS_HOST)`.
Commits
-------
c87de00 Make redis host configurable in tests
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Parse source link maps using json_decode() instead of parse_str()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | updated code exists only on master
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19807
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/6944
Because `parse_str()` turns some characters into underscores in keys (e.g. `.`).
Commits
-------
9b174fb [FrameworkBundle] Parse source link maps using json_decode() instead of parse_str()
* 3.1:
added a comment about a workaround
[Finder] no PHP warning on empty directory iteration
[HttpKernel] Fixed the nullable support for php 7.1 and below
fixed CS
[Form] Fix typo in doc comment
Fix version constraint
[Config] Handle open_basedir restrictions in FileLocator
Fixed bad merge
[DoctrineBridge][PropertyInfo] Treat Doctrine decimal type as string
[bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
Use JSON_UNESCAPED_SLASHES for lint commands output
Fixed collapsed ChoiceType options attributes
[FrameworkBundle] Remove cache clearer default value in config
Consider the umask setting when dumping a file.
Fixed the nullable support for php 7.1 and below
Make ReflectionExtractor compatible with ReflectionType changes in PHP 7.1
This PR was squashed before being merged into the 3.2-dev branch (closes#19197).
Discussion
----------
[Serializer][FrameworkBundle] Add a CSV encoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
Usage:
```php
use Symfony\Component\Serializer\Serializer;
use Symfony\Component\Serializer\Encoder\CsvEncoder;
use Symfony\Component\Serializer\Normalizer\ObjectNormalizer;
$serializer = new Serializer(array(new ObjectNormalizer()), array(new CsvEncoder()));
// or $serializer = $container->get('serializer'); when using the full stack framework
$serializer->encode($something, 'csv');
$serializer->decode(<<<'CSV'
id,name
1,Kévin
CSV
, 'csv');
```
CSV files must contain a header line with property names as keys.
ping @clementtalleu @Simperfit @gorghoa
Commits
-------
e71f5be [Serializer][FrameworkBundle] Add a CSV encoder
This PR was squashed before being merged into the 3.2-dev branch (closes#19326).
Discussion
----------
[Serializer][FrameworkBundle] Add a YAML encoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
Add YAML support to the Serializer.
Commits
-------
9366a7d [Serializer][FrameworkBundle] Add a YAML encoder
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Introduce a cache warmer for Validator based on PhpArrayAdapter
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | -
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following the cache warmer for annotations PR (https://github.com/symfony/symfony/pull/18533), this PR introduces a cache warmer for YAML and XML Validator configuration.
Based on the PhpArrayAdapter, it uses the naming conventions (`Resources/config/validation`) to find the files and compile them into a single PHP file stored in the cache directory. This file uses shared memory on PHP 7.
The benefit of this PR are the same than the ones of the annotations PR:
- validation configuration can be warmed up offline
- on PHP 7, there is no need for user extension to get maximum performances (ie. if you use this PR and the other one, you probably won't need to enable APCu to have great performances)
- on PHP 7 again, we are not sensitive to APCu memory fragmentation
- last but not least, global performance is slightly better (I get 30us per class gain in Blackfire)
This PR also deprecates the framework.validator.cache key in favor of the cache pool introduced in https://github.com/symfony/symfony/pull/18544.
Commits
-------
6bdaf0b [FrameworkBundle] Introduce a cache warmer for Validator based on PhpArrayAdapter
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] add support for prioritizing form type extension tags
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19735
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/6958
This PR proposes to add support for `priority` on `form.type_extension` dependecyinjection tags to enable sorting/prioritizing form type extensions.
Issue was mentioned here: https://github.com/symfony/symfony/issues/19735
Commits
-------
a3db5f0 [FrameworkBundle] add support for prioritizing form type extension tags
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Introduce a cache warmer for Serializer based on PhpArrayAdapter
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following the cache warmer for annotations (#18533) and for the validator (#19485), this PR introduces a cache warmer for the Serializer YAML and XML metadata configuration (mainly groups).
Based on the PhpArrayAdapter, it uses the naming conventions (Resources/config/serialization) to find the files and compile them into a single PHP file stored in the cache directory. This file uses shared memory on PHP 7.
The benefit of this PR are the same than the ones of the previous PR:
- serialization metadata cache can be warmed up offline
- on PHP 7, there is no need for user extension to get maximum performances (ie. if you use this PR and the other one, you probably won't need to enable APCu to have great performances)
- on PHP 7 again, we are not sensitive to APCu memory fragmentation
last but not least, global performance is slightly better (I get 30us per class gain in Blackfire)
As previous work on the Serializer cache system introduced issues (see 96e418a14f), it would be interesting to pay careful attention to the backward compatibility during the review (ping @Ener-Getick).
Commits
-------
810f469 [FrameworkBundle] Introduce a cache warmer for Serializer based on PhpArrayAdapter
* 2.8:
[Form] Fix typo in doc comment
[Config] Handle open_basedir restrictions in FileLocator
[bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
Use JSON_UNESCAPED_SLASHES for lint commands output
Fixed collapsed ChoiceType options attributes
Fixed the nullable support for php 7.1 and below
* 2.7:
[Form] Fix typo in doc comment
[Config] Handle open_basedir restrictions in FileLocator
[bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
Use JSON_UNESCAPED_SLASHES for lint commands output
Fixed collapsed ChoiceType options attributes
Fixed the nullable support for php 7.1 and below
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Add %debug.file_link_format% with remapping for IDE links
| Q | A
| ------------- | ---
| Branch? | master
| New feature? | yes
| Tests pass? | yes
| Fixed tickets | #14340
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/6944
`templating.helper.code.file_link_format` is a parameter that requires templating to be defined, but holds a concept that is used beyond templating borders.
Let's make it a general parameter that can be injected easily when required.
Commits
-------
1c4ca8c [FrameworkBundle] Add %debug.file_link_format% with remapping for IDE links
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Add cache:pool:clear command
| Q | A
| ------------- | ---
| Branch? | master
| New feature? | yes
| Tests pass? | yes
| License | MIT
Useful when deploying apps to get better control of cache pool clearing.
Commits
-------
37c5b18 [FrameworkBundle] Add cache:pool:clear command
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Add CachePoolClearerPass for weak cache pool refs in cache clearers
| Q | A
| ------------- | ---
| Branch? | master
| New feature? | yes
| Tests pass? | yes
| License | MIT
On 3.1, when a cache pool is private and not injected anywhere, it is still added to its clearer service.
The `CachePoolClearerPass` fixes this by referencing pools in clearers only after the removing passes.
Commits
-------
c4b9f7d [FrameworkBundle] Add CachePoolClearerPass for weak cache pool refs in cache clearers
This PR was merged into the 3.1 branch.
Discussion
----------
[FrameworkBundle] Remove cache clearer default value in config
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
`cache.default_clearer` is already the default behavior (tested), but duplicating this in the configuration prevents inheriting the `clearer` setting when configuring child pools.
Commits
-------
193542f [FrameworkBundle] Remove cache clearer default value in config
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml][TwigBridge] Use JSON_UNESCAPED_SLASHES for lint commands output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Slashes are escaped when sing the `lint:twig` and `lint:yaml` commands with the `format` option set to `json`, giving such results:
```json
[
{
"file": "yaml\/wrong\/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
That's not convenient as file paths may be reused (e.g. copy-pasted).
Results stay fine as error messages are already escaped:
```json
[
{
"file": "yaml/wrong/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
Commits
-------
0427594 Use JSON_UNESCAPED_SLASHES for lint commands output
* 3.1:
[travis/appveyor] Wire simple-phpunit
[Console] fixed PHP7 Errors are now handled and converted to Exceptions
Fix#19721
Fix translation:update command count
bumped Symfony version to 2.8.12
updated VERSION for 2.8.11
updated CHANGELOG for 2.8.11
bumped Symfony version to 2.7.19
updated VERSION for 2.7.18
update CONTRIBUTORS for 2.7.18
updated CHANGELOG for 2.7.18
[Security] Optimize RoleHierarchy's buildRoleMap method
[FrameworkBundle] Fix Incorrect line break in exception message (500 debug page)
[Security] Added note inside phpdoc.
Minor cleanups and improvements
[form] lazy trans `post_max_size_message`.
[DI] Fix setting synthetic services on ContainerBuilder
[ClassLoader] Fix ClassCollectionLoader inlining with declare(strict_types=1)
* 2.8:
[travis/appveyor] Wire simple-phpunit
[Console] fixed PHP7 Errors are now handled and converted to Exceptions
Fix#19721
Fix translation:update command count
bumped Symfony version to 2.8.12
updated VERSION for 2.8.11
updated CHANGELOG for 2.8.11
bumped Symfony version to 2.7.19
updated VERSION for 2.7.18
update CONTRIBUTORS for 2.7.18
updated CHANGELOG for 2.7.18
[Security] Optimize RoleHierarchy's buildRoleMap method
* 2.7:
[FrameworkBundle] Fix Incorrect line break in exception message (500 debug page)
Minor cleanups and improvements
[form] lazy trans `post_max_size_message`.
[DI] Fix setting synthetic services on ContainerBuilder
[ClassLoader] Fix ClassCollectionLoader inlining with declare(strict_types=1)
* 3.1:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[Form] Fix transformer tests after the ICU update
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
bumped Symfony version to 3.1.5
updated VERSION for 3.1.4
updated CHANGELOG for 3.1.4
bumped Symfony version to 2.8.11
updated VERSION for 2.8.10
updated CHANGELOG for 2.8.10
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
* 2.8:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[Form] Fix transformer tests after the ICU update
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
bumped Symfony version to 2.8.11
updated VERSION for 2.8.10
updated CHANGELOG for 2.8.10
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
* 2.7:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Check for class existence before is_subclass_of
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Same as #19342
Commits
-------
8a9e0f5 [FrameworkBundle] Check for class existence before is_subclass_of
* 3.1:
fix typo
add "provides" for psr/cache-implementation
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
Add symfony/inflector to composer.json "replaces"
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
* 2.8:
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
* 2.7:
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Use relative paths in templates paths cache
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #3079
| License | MIT
| Doc PR | -
This implements the usage of relative paths instead of absolute ones in `var/cache/*/templates.php`, important for ability to build the cache in a different context than where it will be used.
This PR transforms the following `templates.php`:
``` php
<?php return array (
':default:index.html.twig' => '/home/tgalopin/www/symfony-standard/app/Resources/views/default/index.html.twig',
'::base.html.twig' => '/home/tgalopin/www/symfony-standard/app/Resources/views/base.html.twig',
);
```
Into:
``` php
<?php return array (
':default:index.html.twig' => __DIR__.'/../../../app/Resources/views/default/index.html.twig',
'::base.html.twig' => __DIR__.'/../../../app/Resources/views/base.html.twig',
);
```
I also added tests for the TemplateCachePathsWarmer and improved tests for the TemplateLocator.
Commits
-------
6f6139c [FrameworkBundle] Use relative paths in templates paths cache
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle][Debug] Fix default config and cleaning of traces
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| Tests pass? | yes
| Fixed tickets | Follow up #19568
| License | MIT
| Doc PR | -
The default value of `framework.php_errors.log` must be `%kernel.debug%` to have deprecations and silenced errors logged in dev as before.
Cleaning the trace was broken because a closure can't be bound to an internal class.
This PR fixes both issues and enhance trace cleaning a bit by removing arguments from traces so that they take less memory when collected as part of the context of log messages.
Commits
-------
f640870 [FrameworkBundle][Debug] Fix default config and cleaning of traces
* 3.1:
Disable CLI color for Windows 10 greater than 10.0.10586
Exception details break the layout
[HttpKernel] Remove wrong docblock
[HttpKernel] Fix HttpCache validation HTTP method
[FrameworkBundle] Fix default lifetime of cache pools
Move space from the before 'if' to the after 'if'
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
* 3.1:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[PropertyInfo] Fix an error in PropertyInfoCacheExtractor
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Use try-finally where it possible
[DependencyInjection] ContainerBuilder: Remove obsolete definitions
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
[Cache] Handle unserialize() failures gracefully
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 2.8:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 2.7:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
This PR was merged into the 3.2-dev branch.
Discussion
----------
[Security] Expose the required roles in AccessDeniedException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Nowadays it is more and more common to protect some sensitive actions and part of a website using 2FA or some re-authentication mechanism (per example, on Github you have to enter your password again when you add an ssh key). But currently, in Symfony, it is really hard to implement without having to duplicate the logic, provide an explicit list of URLs to protect or hack into the security component.
A good way to achieve that would be to add a special role (like IS_AUTHENTICATED_FULLY) and use it in the access map. But it requires us to be able to have a custom logic in an ExceptionListener depending on the roles behind an AccessDeniedException.
With this patch we could write an ExceptionListener of this kind (a similar logic could also be used in an AccessDeniedHandler):
```php
public function onKernelException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
do {
if ($exception instanceof AccessDeniedException) {
foreach ($exception->getAttributes() as $role) {
if ($role === 'IS_AUTHENTICATED_2FA' && !$this->accessDecisionManager->decide($this->tokenStorage->getToken(), $role, $exception->getObject())) {
// Start 2FA
}
}
}
} while (null !== $exception = $exception->getPrevious());
}
```
Replaces #18661
Commits
-------
6618c18 [Security] Expose the required roles in AccessDeniedException
* 2.8:
Relax 1 test failing with latest PHP versions
bumped Symfony version to 2.8.10
Remove usage of __CLASS__ outside of a class
[HttpKernel] Fix variable conflicting name
[Process] Fix double-fread() when reading unix pipes
[Process] Fix AbstractPipes::write() for a situation seen on HHVM (at least)
[Validator] Fix dockblock typehint in XmlFileLoader
bumped Symfony version to 2.8.10
updated VERSION for 2.8.9
updated CHANGELOG for 2.8.9
bumped Symfony version to 2.7.17
updated VERSION for 2.7.16
update CONTRIBUTORS for 2.7.16
updated CHANGELOG for 2.7.16
Minor fixes
[Console] Overcomplete argument exception message tweak.
fixed bad auto merge
Console table cleanup
undefined offset fix (#19406)
[EventDispatcher] Removed unused variable
Conflicts:
CHANGELOG-2.7.md
CHANGELOG-3.0.md
src/Symfony/Bridge/Swiftmailer/DataCollector/MessageDataCollector.php
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
src/Symfony/Component/Console/Tests/Helper/LegacyDialogHelperTest.php
src/Symfony/Component/Console/Tests/Helper/TableTest.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/containers/legacy-container9.php
src/Symfony/Component/EventDispatcher/Tests/AbstractEventDispatcherTest.php
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/LegacyPdoSessionHandlerTest.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was squashed before being merged into the 3.2-dev branch (closes#18533).
Discussion
----------
[FrameworkBundle] Wire PhpArrayAdapter with a new cache warmer for annotations
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | WIP
| Fixed tickets | -
| License | MIT
| Doc PR | -
Depends on https://github.com/symfony/symfony/pull/18825 and https://github.com/symfony/symfony/pull/18823
This PR implements the usage of the new OpCacheAdapter in the annotations caching system. The idea to use this adapter as much as possible in Symfony (validator, serializer, ...). These other implementations will be the object of different PRs.
Commits
-------
f950a2b [FrameworkBundle] Wire PhpArrayAdapter with a new cache warmer for annotations
* 3.1:
[TwigBundle] Removed redundant return statement.
enable property info
[Cache] Fix default lifetime being ignored
[DependencyInjection] Fixed deprecated default message template with XML
Reference the actual location of the documentation
[TwigBridge] Removed extra arguments in 2 places.
[Cache] Fix incorrect timestamps generated by FilesystemAdapter
[Process] Fix write access check for pipes on Windows
[HttpKernel] Use flock() for HttpCache's lock files
Conflicts:
src/Symfony/Component/Cache/Adapter/FilesystemAdapter.php
* 3.1:
[Console] Application update PHPDoc of add and register methods
[Config] Extra tests for Config component
Fixed bugs in names of classes and methods.
[DoctrineBridge] Fixed php doc
[FrameworkBundle] Fixed parameters number mismatch declaration
[BrowserKit] Added test for followRedirect method (POST method)
Fix the money form type render with Bootstrap3
[BrowserKit] Uppercase the "GET" method in redirects
[DomCrawler] Inherit the namespace cache in subcrawlers
[WebProfilerBundle] Fixed JSDoc parameter definition
[HttpFoundation] HttpCache refresh stale responses containing an ETag
Conflicts:
src/Symfony/Component/Console/Application.php
* 3.0:
[Console] Application update PHPDoc of add and register methods
[Config] Extra tests for Config component
Fixed bugs in names of classes and methods.
[DoctrineBridge] Fixed php doc
[FrameworkBundle] Fixed parameters number mismatch declaration
[BrowserKit] Added test for followRedirect method (POST method)
Fix the money form type render with Bootstrap3
[BrowserKit] Uppercase the "GET" method in redirects
[DomCrawler] Inherit the namespace cache in subcrawlers
[WebProfilerBundle] Fixed JSDoc parameter definition
[HttpFoundation] HttpCache refresh stale responses containing an ETag
* 2.8:
[Console] Application update PHPDoc of add and register methods
[Config] Extra tests for Config component
Fixed bugs in names of classes and methods.
[DoctrineBridge] Fixed php doc
[FrameworkBundle] Fixed parameters number mismatch declaration
[BrowserKit] Added test for followRedirect method (POST method)
Fix the money form type render with Bootstrap3
[BrowserKit] Uppercase the "GET" method in redirects
[DomCrawler] Inherit the namespace cache in subcrawlers
[WebProfilerBundle] Fixed JSDoc parameter definition
[HttpFoundation] HttpCache refresh stale responses containing an ETag
Conflicts:
src/Symfony/Component/Finder/Tests/Shell/CommandTest.php
* 2.7:
[Console] Application update PHPDoc of add and register methods
[Config] Extra tests for Config component
Fixed bugs in names of classes and methods.
[DoctrineBridge] Fixed php doc
[FrameworkBundle] Fixed parameters number mismatch declaration
[BrowserKit] Added test for followRedirect method (POST method)
Fix the money form type render with Bootstrap3
[BrowserKit] Uppercase the "GET" method in redirects
[WebProfilerBundle] Fixed JSDoc parameter definition
[HttpFoundation] HttpCache refresh stale responses containing an ETag
Conflicts:
src/Symfony/Component/BrowserKit/Tests/ClientTest.php
src/Symfony/Component/Security/Acl/Resources/bin/generateSql.php
This PR was squashed before being merged into the 2.7 branch (closes#19405).
Discussion
----------
Fixed bugs in names of classes and methods.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
It's related to case sensitive.
I changed only calls of names of called methods but not definition of methods because BC.
Commits
-------
c41aa03 Fixed bugs in names of classes and methods.
This PR was squashed before being merged into the 3.2-dev branch (closes#19276).
Discussion
----------
[ClassLoader] Add ClassCollectionLoader::inline() to generate inlined-classes files
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Unfortunately, can't be tested because the method relies too much on side effects.
Coupled with https://github.com/sensiolabs/SensioDistributionBundle/pull/272, allows inlining `ClassCollectionLoader` itself into the `bootstrap.php.cache` file.
Commits
-------
88fdcea [ClassLoader] Add ClassCollectionLoader::inline() to generate inlined-classes files
* 3.1: (22 commits)
[travis] Fix deps=low/high builds
[Form] Fix depreciation triggers
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 3.1.3
updated VERSION for 3.1.2
updated CHANGELOG for 3.1.2
bumped Symfony version to 3.0.9
updated VERSION for 3.0.8
updated CHANGELOG for 3.0.8
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 3.0:
[travis] Fix deps=low/high builds
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 3.0.9
updated VERSION for 3.0.8
updated CHANGELOG for 3.0.8
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fix some lowest deps
Fixed typos in the expectedException annotations
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
* 3.1:
Fixed BC Layer in DoctrineChoiceLoader
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
Fixed some issues of the AccessDecisionManager profiler
[DoctrineBridge] fixed default parameter value in UniqueEntityValidator
* 3.0:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.8:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.7:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
This PR was merged into the 3.2-dev branch.
Discussion
----------
[FrameworkBundle] Show server:run logs by default
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I propose to change the default for the `server:run` command and show `php -S` logs by default.
I really miss them otherwise. The `-vvv` mode is not suited here, because it adds a useless ` ERR ` red prefix.
I do this through a tty when available, so that the output remains colored.
Ping @javiereguiluz @weaverryan since this is mostly a DX issue.
Commits
-------
7cc6161 [FrameworkBundle] Show server:run logs by default
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
* 3.1:
fixed CS
fixed CS
fixed CS
fixed form tests
[Console] Fix formatting of SymfonyStyle::comment()
[Form] fix post max size translation type extension for >= 2.8
[Security] Allow LDAP loadUser override
removed dots at the end of @param and @return
fixed typo