This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Check for MercureBundle in MercureTransportFactory
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
https://github.com/symfony/symfony/pull/39903 has removed the check for `MercureBundle` from the `FrameworkExtension`.
The following PR is re-adding that check but in the `MercureTransportFactory` class.
Commits
-------
49bbbc1ed5 [Notifier] Check for MercureBundle in Factory
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Randomize CSRF token to harden BREACH attacks
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
This PR randomize the CSRF token in each request in order to hardening the [BREACH attack](https://en.wikipedia.org/wiki/Cross-site_request_forgery)
Commits
-------
8b01095933 Randomize CSRF token to harden BREACH attacks
* 5.2:
fix test
"export-ignore" contracts and phpunit-bridge
[Console][Command] Fix Closure code binding when it is a static anonymous function
Use class const in test
[Security] [HttpFoundation] Use class const in test
[Notifier] [OvhCloud] “Invalid signature” for message with slashes
Remove wrong test
[PropertyInfo] Fix breaking change with has*(arguments...) methods
[Uid] Unable to extend Uuid/Ulid and use fromString()
Fix typo in property name
* 5.1:
"export-ignore" contracts and phpunit-bridge
[Console][Command] Fix Closure code binding when it is a static anonymous function
Use class const in test
[Security] [HttpFoundation] Use class const in test
[PropertyInfo] Fix breaking change with has*(arguments...) methods
This PR was merged into the 5.2 branch.
Discussion
----------
[Notifier] fix test
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
542dddca9a fix test
This PR was merged into the 5.1 branch.
Discussion
----------
[PropertyInfo] Fix breaking change with has*(arguments...) methods
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39885
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Until 5.0:
```php
class Dummy
{
private $elements;
public function hasElement($element): bool
{
// ...
}
}
$extractor = new ReflectionExtractor();
$extractor->isReadable('Dummy', 'element'); // false
```
After 5.0:
```php
class Dummy
{
private $elements;
public function hasElement($element): bool
{
// ...
}
}
$extractor = new ReflectionExtractor();
$extractor->isReadable('Dummy', 'element'); // true => BREAKING CHANGE
```
Commits
-------
37cc16e3d8 [PropertyInfo] Fix breaking change with has*(arguments...) methods
This PR was merged into the 4.4 branch.
Discussion
----------
"export-ignore" contracts and phpunit-bridge
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39934
| License | MIT
| Doc PR | -
Since these directories are not autoloaded.
Commits
-------
12e19a9a3d "export-ignore" contracts and phpunit-bridge
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] [Command] Fix Closure code binding when it is a static anonymous function
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I'm building a single command application and I did:
```php
->setCode(static function (InputInterface $input, OutputInterface $output): void {
// my code
})
```
and it results in a warning `Cannot bind an instance to a static closure` + an exception `You must override the execute() method in the concrete command class.` I guess we should silently fail here if the Closure is not bindable.
Commits
-------
18d426871e [Console][Command] Fix Closure code binding when it is a static anonymous function
This PR was merged into the 5.1 branch.
Discussion
----------
Use class const in test
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
super minor, same as #39930, but for `5.1`
I will finish this PR after #39930 is merged and upmerged
Commits
-------
4a98eeecdc [Security] [HttpFoundation] Use class const in test
This PR was merged into the 4.4 branch.
Discussion
----------
Use class const in test
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
super minor
Commits
-------
39181f4fdf Use class const in test
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Notifier] [OvhCloud] “Invalid signature” for message with slashes
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39836 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
Test to show issue of invalid signature when message contains slash.
Commits
-------
9f01fb84b7 [Notifier] [OvhCloud] “Invalid signature” for message with slashes
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Remove wrong test
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This tests, asserts that all links to logout are identical, which is wrong and incompatible with BREACH mitigation #39919
Commits
-------
91c360ec75 Remove wrong test
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Fix HttpClient TransportException handling
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Right now, when exceptions are coming from HttpClient component, we always assume that there is a response and use it to throw a Notifier's `TransportException`.
But with this approach, `TransportExceptionInterface` and `DecodingExceptionInterface` aren't handled properly because they aren't containing a response at all.
This PR fix the exception handling when such exceptions are thrown.
Commits
-------
bb32beb488 [Notifier] Fix HttpClient TransportException handle
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Uid] Unable to extend Uuid/Ulid and use fromString()
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | -
Before:
```php
CustomUuid::fromString(...) // returns `Uuid`
```
After:
```php
CustomUuid::fromString(...) // returns `CustomUuid`
```
same for `Ulid` class.
cc @fancyweb
Commits
-------
824777938d [Uid] Unable to extend Uuid/Ulid and use fromString()
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] add option `--short` to the `list` command
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR is a follow up of https://github.com/symfony/symfony/pull/39851, triggered by @wouterj's comment at https://github.com/symfony/symfony/pull/39851#pullrequestreview-572147186.
This new option should enable creating fast shell auto-completion, by allowing the `list` command to run fast.
Commits
-------
81d5728f4a [Console] add option `--short` to the `list` command
This PR was merged into the 4.4 branch.
Discussion
----------
[MonologBridge] Typo in consoleFormatterOptions property name
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Fixes a typo in the property name, see also https://github.com/symfony/monolog-bundle/pull/384
Commits
-------
a70b71b50e Fix typo in property name
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] do not fail when MercureBundle is not installed
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
8cdbdcb1c9 do not fail when MercureBundle is not installed
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] enable describing commands in ways that make the `list` command lazy
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33804
| License | MIT
| Doc PR | -
This PR improves the way one can describe a command so that the `list` command can be made lazy:
- when provided using the `$defaultName` property or the `console.command` tag, the name of a command is now exploded using the `|` character. The first name in the list defines the name of the command, the other ones its aliases. When the first name is the empty string, the second name is used instead, and the command is declared as hidden.
- a new `$defaultDescription` static property and a new `description` tag attribute allow for defining the commands' description while registering them.
Together, this is enough to make the `list` command lazy, because this command only accesses each command's name, aliases, hidden-status, and description.
On the implementation side, this PR adds a `LazyCommand` class that proxies regular commands to make them lazy for the target purpose.
This PR will enable support for attributes for configuring a command name+description+etc.
e.g. using the concepts in #39804:
`#[CommandAutoTag(name: 'foo:bar', desc: 'boo', hidden: true)]#`
The attribute could very well split the `hidden` and `aliases` settings apart - while the underlying code and pre-PHP8 apps would use the compact form, because dealing with many static properties + methods would be a maintenance pain imho.
Commits
-------
8a1a1b8171 [Console] enable describing commands in ways that make the `list` command lazy
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Add mercure bridge
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36481
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/14840
Add a Notifier bridge for Mercure.
In this PR, Mercure is considered as a chatter (I'm still wondering if it's the most appropriate type).
The first approach for the DSN is `mercure://jwtToken@host:port/hubPath?topic=/foo/1&secure=false` with:
- `topic` optional (defaults to `null`)
- `secure` optional (defaults to `true`)
I'm not sure about the current way to deal with http/https. Maybe we can just replace the `mercure` scheme by `http|https`?
The notification representation is following [Activity Streams](https://www.w3.org/TR/activitystreams-core/#jsonld)
#SymfonyHackday
Commits
-------
19c6544f42 [Notifier] Add mercure bridge
* 5.2:
[HttpFoundation] Drop int return type from parseFilesize()
Added $translator->addLoader()
bug symfony/symfony#39878 [doctrine-bridge] Add username to UserNameNotFoundException
[Uid] Clarify the format returned by getTime()
fix spelling
Add check for constant in Curl client
Revert #38614, add assert to avoid regression
Fix container injection with TypedReference
Fix problem when SYMFONY_PHPUNIT_VERSION is empty string value
Update PHP CS Fixer config to v2.18
* 5.1:
[HttpFoundation] Drop int return type from parseFilesize()
Added $translator->addLoader()
bug symfony/symfony#39878 [doctrine-bridge] Add username to UserNameNotFoundException
[Uid] Clarify the format returned by getTime()
fix spelling
Add check for constant in Curl client
Revert #38614, add assert to avoid regression
Fix container injection with TypedReference
Fix problem when SYMFONY_PHPUNIT_VERSION is empty string value
Update PHP CS Fixer config to v2.18
