* 4.1:
Undeprecate the single-colon notation for controllers
Command::addOption should allow int in $default
Update symfony links to https
[Form] Fixed keeping hash of equal \DateTimeInterface on submit
[PhpUnitBridge] Fix typo
[Routing] generate(null) should throw an exception
[Form] Minor fixes in docs and cs
[Workflow] Made code simpler
[Config] Unset key during normalization
[Form] Fixed empty data for compound date types
invalidate forms on transformation failures
[FrameworkBundle] fixed guard event names for transitions
method buildTransitionBlockerList returns TransitionBlockerList of expected transition
[FrameworkBundle] fixed guard event names for transitions
[PropertyAccessor] Fix unable to write to singular property using setter while plural adder/remover exist
This notation is the only way to support controllers as services in the 3.4
LTS version.
This deprecation has only a very small benefit for the Symfony codebase (the
amount of code involved is very small), but has a huge cost for the community
which cannot avoid this deprecation without dropping support for the LTS or
making crazy logic to switch routing files (as they cannot switch things
inline in YAML or XML files).
This deprecation will be delayed until a future 5.x version, when the current
LTS will be 4.4 (which supports the new notation).
* 4.1:
SCA: removed unused variables
Remove duplicate condition
fix useless space in docblock
remove unneeded tearDown method
[Intl] Update the ICU data to 63.1
[FrameworkBundle] Fix broken exception message
[Messenger] send using the routing_key for AMQP transport
also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session
[TwigBundle] Fix usage of TwigBundle without FrameworkBundle
Revert "fixed CS"
[Serializer] Reduce class discriminator overhead
Skip empty proxy code
[Security] Fix "exclude-from-classmap"
[Security] Removed unsed trait import
[Config] Fix @method annotation
add missing double-quotes to extra_fields output message
[DI] Default undefined env to empty string during compile
Convert InsufficientAuthenticationException to HttpException
* 4.1:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 3.4:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 2.8:
improve docblocks around group sequences
[WebProfilerBundle] added a note in the README
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
Caching missed templates on cache warmup
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26731
| License | MIT
| Doc PR | -
By creating Cookie instances using `null` for the `$secure` argument, this PR allows making cookies inherit their "secure" attribute from the request.
This PR also adds a forward to make $secure=null and samesite=lax the defaults in Symfony 5.0:
- either define all constructor's arguments explicitly
- or use the new `Cookie::create()` factory
Commits
-------
9493cfd5f2 [HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
* 4.1:
[appveyor] fix
[DI] Fix dumping some complex service graphs
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
added missing LICENSE file
remove cache warmers when Twig cache is disabled
[Workflow] Make sure we do not run the next transition on an updated state
change baseUrl to basePath to fix wrong profiler url
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option