This PR was squashed before being merged into the 2.7 branch (closes#25878).
Discussion
----------
[HttpFoundation] Added "null" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Continuation of #24902 and #25875
Commits
-------
b18f9e76a5 [HttpFoundation] Added "null" type on Request::create docblock
This PR was merged into the 2.7 branch.
Discussion
----------
Removed assertDateTimeEquals() methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
All PHPUnit versions that we use on Travis support comparing `DateTime` objects via `assertEquals()`. Yet, we have our own code in place to check for equality of `DateTime` objects. This PR removes that code.
Commits
-------
5b73d1c1e6 Removed assertDateTimeEquals() methods.
This PR was merged into the 2.7 branch.
Discussion
----------
Improve assertions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following #25420 before start other branches.
Btw, the other branches are 2.8, 3.3, 3.4, 4.0 and master?
Commits
-------
3d90a2217d Improve assertions
This PR was merged into the 2.7 branch.
Discussion
----------
Disable CSP header on exception pages only in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR |
Based on a feedback we received, there are situations on production when it's desired to have CSP header in place even if exception occurred.
This uses now same condition that is used by ExceptionController in TwigBridge to evaluate if styled exception template is going to be shown, minus `showException` request attribute which don't make sense in this context, because it's used by PreviewController only and in such case this listener isn't triggered.
Overriding CSP header via HTML meta tag unfortunately, but not surprisingly, doesn't work.
Commits
-------
b77538c2fe Disable CSP header on exception pages only in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed Button::setParent() when already submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
The `Button` does not respect the [FormInterface](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/FormInterface.php#L28), by extension the `SubmitButton` neither.
Commits
-------
9f0c7bf549 Fixed Button::setParent() when already submitted
This PR was merged into the 2.7 branch.
Discussion
----------
[minor] SCA: reduce repetitive method calls (sequential and in loop)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
609372252f SCA: get rid of repetitive calls
It confused me a lot that the method took an array and that the phpdoc said we should pass a string instead of an array. This small change should clear up the confusion.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] fixed return type of method HeaderBag::get
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
6b608e8 [HttpFoundation] fixed return type of method HeaderBag::get
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Added "resource" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Replaces #24902
Commits
-------
d1a96ca [HttpFoundation] Added "resource" type on Request::create docblock
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] add missing parent isset and add test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25843 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
This is a little PR to fix the error and to add the parent::__isset to the Constraints class, I'm adding a test too to be sure that this is not possible again.
Btw, since this is instagihub, I'm coding at home and then I see a squirrel :
Commits
-------
bcb79a3 [Validator] add missing parent isset and add test
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Always decorate existing exception handlers to deal with fatal errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25827
| License | MIT
| Doc PR | -
Decorating the exception is seamless, let's always do it and fix handling of fatal errors.
Related to #25408 also.
Commits
-------
205d7ae3f7 [Debug] Always decorate existing exception handlers to deal with fatal errors
This PR was merged into the 2.7 branch.
Discussion
----------
Fixing a bug where the dump() function depended on bundle ordering
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | not needed
If DebugBundle is registered *before* TwigBundle, then the simpler `dump()` function wins over the fancy, var-dumper one from DebugBundle. In other words, you get different functionality based on the *order* in which you install libraries. To get the "bad" way, you can:
```
composer create-project symfony/skeleton show_bad_dump
cd show_bad_dump
composer require symfony/debug-bundle
composer require twig
```
Then create a Twig template with a `dump()` inside. It will use the less-fancy XDebug version.
I'm not sure if there's a more elegant fix for this or not... I have verified locally that this DOES fix the issue.
Thanks!
Commits
-------
717663aac1 Fixing a bug where the dump() function depended on bundle ordering
This PR was squashed before being merged into the 2.7 branch (closes#25789).
Discussion
----------
Enableable ArrayNodeDefinition is disabled for empty configuration
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25760
| License | MIT
Fixes#25760.
Currently, documented behavior is not true:
70c8c2d47b/src/Symfony/Component/Config/Definition/Builder/ArrayNodeDefinition.php (L207-L208)
Commits
-------
a6a330dcd9 Enableable ArrayNodeDefinition is disabled for empty configuration
This PR was squashed before being merged into the 2.7 branch (closes#25816).
Discussion
----------
Problem in phar see mergerequest #25579
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
If packed into phar the old version creates path like 'file:///phar%3A/'. see https://github.com/symfony/symfony/pull/25579
Commits
-------
3e0c8ffb43 Problem in phar see mergerequest #25579
This PR was squashed before being merged into the 2.7 branch (closes#25781).
Discussion
----------
[Form] Disallow transform dates beyond the year 9999
Fixes#14727
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | not really
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14727
| License | MIT
Explicitly locked out submission of dates beyond December 31st 9999 in forms as PHP is highly incapable of consistently handling such dates. Before this patch dates were randomly transformed or mangled.
Technically there is a BC break as this will now cause validation to fail on input that was *accepted* before, but it was mangled. Not my call but I prefer the rejection over data corruption:
```
// Old behavior
$transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, null, \IntlDateFormatter::GREGORIAN, 'yyyy-MM-dd');
$result = $transformer->reverseTransform('20107-03-21');
// $result is now 2007-03-21
```
Commits
-------
70cc969537 [Form] Disallow transform dates beyond the year 9999
This PR was merged into the 2.7 branch.
Discussion
----------
Copied NO language files to the new NB locale
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25792
| License | MIT
| Doc PR | N/A
This PR copies all `NO` language files to a new locale `NB`. It also adds unit tests to ensure that `NB` and `NO` will always contain the same translations. This way, we allow application developers to either use the generic `NO` language code or the more precise `NB` (e.g. if they need to distinguish between the `NB` and `NN` variants of the Norwegian language).
For further details, please have a look at the discussion in #25792.
Commits
-------
aee9b1ea3e Copied NO language files to the new NB locale.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Improve phpdoc on StyleInterface::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
In a CLI command i keep asking an optional question until i get an answer. So interactively it's a required question. It looks like..
```php
do {
$value = $io->ask('Value', null, function ($value) { return $value; });
} while (null === $value);
```
Which works nice.. but SA is complaining about
```
Strict comparison using === between null and string will always evaluate to false.
```
This should fix it. The mixed API goes back to https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Console/Helper/QuestionHelper.php#L38
Commits
-------
499d04f [Console] Improve phpdoc on StyleInterface::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[appveyor] set memory_limit=-1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
10e33ac [appveyor] set memory_limit=-1
This PR was squashed before being merged into the 2.7 branch (closes#25801).
Discussion
----------
[Router] Skip anonymous classes when loading annotated routes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25796
| License | MIT
| Doc PR |
Skip any usage of anonymous classes when parsing files in `AnnotationFileLoader`
Commits
-------
d76a545 [Router] Skip anonymous classes when loading annotated routes
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix fatal error on non string username
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25612
| License | MIT
| Doc PR | n/a
That's consistent with what #22569 did for the `json_login` listener.
Commits
-------
8f095683d0 [Security] Fix fatal error on non string username
This PR was submitted for the 3.4 branch but it was squashed and merged into the 3.3 branch instead (closes#25752).
Discussion
----------
Don't right trim the deprecation message
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | maybe yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
The PhpUnit bridge lists deprecation messages after a test. In order to do this it outputs the message but it right trims the message - removing any fullstops. This is unexpected. It does this to add the number of time the message appears but this is not really necessary because the number of the times a deprecation message is triggered and from where is added below.
Commits
-------
0b03631 Don't right trim the deprecation message
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Php function json_encode/decode with option JSON_PARTIAL_OUTPUT_ON_ERROR return result on error, but if have is error json_last_error() always return error code even if there is a result and it is not false. Because of this is impossible set JSON_PARTIAL_OUTPUT_ON_ERROR option across variable $context.
Current fix solves this problem.
Verification on the false is completely correct, since json_encode / decode returns false only on error if not set JSON_PARTIAL_OUTPUT_ON_ERROR option.
Such have a problem e.g when encoding data is not utf-8 (emoji from facebook).
Commits
-------
e7e410b [Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fail gracefully if the security token cannot be unserialized from the session
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).
This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)
Commits
-------
053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix access to root object when using composite constraint
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12315, #20477, #21706
| License | MIT
| Doc PR |
Commits
-------
b18cdcf417 [Validator] Fix access to root object when using composite constraint
This PR was merged into the 2.7 branch.
Discussion
----------
Update LICENSE year... forever
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
By using the same trick than Facebook: https://github.com/facebook/react/blob/master/LICENSE
Commits
-------
8ce8bd5 Update LICENSE year... forever
This PR was squashed before being merged into the 2.7 branch (closes#25652).
Discussion
----------
Clean up
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've removed all white spaces and extra lines from our `markdown` files. Recently [I did it in our documentation](https://github.com/symfony/symfony-docs/pull/8944), and thought would be interesting to replicate here 😄
Commits
-------
acd0d7c Clean up
This PR was squashed before being merged into the 2.7 branch (closes#25430).
Discussion
----------
Fixes for Oracle in PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #18305 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
<!--
Fixes missing session data for Oracle in PdoSessionHandler
-->
Commits
-------
e7a4002b4f Fixes for Oracle in PdoSessionHandler
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][DX] Use constant message contextualisation for deprecations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Since many projects are using this mechanism for deprecating feature, it is sometimes difficult to understand which vendor triggers a deprecation.
Sometimes we're using `since Symfony x.y` format, sometimes we are using `since x.y`. I propose to always use `since Symfony x.y` format.
Commits
-------
c2338cbd7a [2.7][DX] Use constant message contextualisation for deprecations
This PR was squashed before being merged into the 2.7 branch (closes#25599).
Discussion
----------
Add application/ld+json format associated to json
| Q | A
| ------------- | ---
| Branch? | 2.7 up to 4.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Add `application/ld+json` Content-Type as json format in Request.
Commits
-------
0917c4c Add application/ld+json format associated to json
| Q | A
| ------------- | ---
| Branch? | 2.1 to 4.0
| Bug fix? | yes (comment only)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | na
| Fixed tickets | na
| License | MIT
| Doc PR |
DocBlock comment referred to `NormalizableInterface` but code was using `DenormalizableInterface`
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Commands with an alias should not be recognized as ambiguous
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | no <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
When having two commands with the same starting name and an alias equal to the starting name, we should not have an ambiguous error because we are setting the alias.
Commits
-------
863f632 [Console] Commands with an alias should not be recognized as ambiguous
