I changed CHANGELOG.md to reflect actual changes in the code. The third argument is called $filter, not $context. This mistake was propageted to UPGRADE-4.0.md. I fixed that in https://github.com/symfony/symfony/pull/33821
This PR was merged into the 3.4 branch.
Discussion
----------
[Security]: Don't let falsy usernames slip through impersonation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you try to impersonate users with a falsy username, `SwitchUserListener::handle()` would `return;` and impersonation would fail.
I'm using a third party OAuth provider that allows users to change their usernames with no guaranteed protection against re-use. To overcome that issue, I implemented `UserLoaderInterface::loadUserByUsername()` and query by a `providerId`.
After loading development fixtures, One user has `0` as it's `providerId`.
Commits
-------
64aecab0a7 Don't let falsey usernames slip through
This PR was merged into the 4.3 branch.
Discussion
----------
[DI] Add CSV env var processor tests / support PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Similar as #32051
Commits
-------
82f341864c [DI] Add CSV env var processor tests
This PR was merged into the 4.3 branch.
Discussion
----------
[EventDispatcher] Added tests for aliased events
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
While working on #33793 I discovered that I could remove the event alias feature of `RegisterListenersPass` without breaking the component's tests. This PR adds the missing tests.
Commits
-------
8e8a6ed99b [EventDispatcher] Added tests for aliased events.
This prevents to exclude the RedirectController from the warmed annotation cache which would lead to warnings when trying to use the warmed cache on read only file systems
See #29357
* 3.4:
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[Security/Http] fix parsing X509 emailAddress
[Serializer] fix denormalization of string-arrays with only one element #33731
[Cache] fix known tag versions ttl check
This PR was squashed before being merged into the 3.4 branch (closes#33777).
Discussion
----------
Fix the :only-of-type pseudo class selector
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33773
| License | MIT
| Doc PR | -
Commits
-------
c2a9bf08f1 Fix the :only-of-type pseudo class selector
This PR was squashed before being merged into the 3.4 branch (closes#32051).
Discussion
----------
[Serializer] Add CsvEncoder tests for PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? |no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Some CSV encoder tests to show the broken behavior of a trailing slash. Spotted in #31867, not sure what to do with it :)
Commits
-------
760354d533 [Serializer] Add CsvEncoder tests for PHP 7.4
This PR was merged into the 3.4 branch.
Discussion
----------
Copy phpunit.xsd to a predictable path
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes-ish
| Deprecations? | no
| Tickets | https://github.com/symfony/recipes/pull/652#discussion_r329446277
| License | MIT
| Doc PR | -
In symfony/recipes#652 I would like to make Flex create the `phpunit.xml.dist` file with a local URI for the `phpunit.xsd`. This is doable when using `phpunit/phpunit` standalone because the path to the XSD file is known. This PR aims to allow doing this when using the PHPUnit Bridge, which installs PHPUnit in a path that might change.
Is is simple `@copy()` call ok? Should I add some error handling?
Commits
-------
233dcb4b75 Copy phpunit.xsd to a predictable path
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] fix denormalization of string-arrays with only one element
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |no
| Deprecations? |no
| Tickets | Fix#33731
| License | MIT
| Doc PR |
This PR does almost the same as ac70edf8cd, just not only for arrays of objects.
Commits
-------
8814751b96 [Serializer] fix denormalization of string-arrays with only one element #33731
This PR was squashed before being merged into the 3.4 branch (closes#33625).
Discussion
----------
[DependencyInjection] Fix wrong exception when service is synthetic
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #32874
| License | MIT
This fixes wrongfully thrown exception when service is defined as synthetic and some arguments are binded in _defaults
Commits
-------
152dec95bc [DependencyInjection] Fix wrong exception when service is synthetic
* 3.4:
[Form][Validator][Intl] Fix tests
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Fix toolbar load when GET params are present in "_wdt" route
This PR was squashed before being merged into the 4.3 branch (closes#32979).
Discussion
----------
[Messenger] return empty envelopes when RetryableException occurs
| Q | A
| ------------- | ---
| Branch? | 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| License | MIT
| ~~Doc PR~~ | ~~symfony/symfony-docs#12109~~
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Problem occurs when you are using more than 1 worker with Doctrine Transport.
`Symfony\Component\Messenger\Transport\Doctrine\Connection::get` does a query `SELECT ... FOR UPDATE` and this locking query could lock table and workers stops. But using locks can result in dead locks or lock timeouts. Doctrine renders these SQL errors as RetryableExceptions. These exceptions are often normal if you are in a high concurrency environment. They can happen very often and your application should handle them properly.
Commits
-------
9add32a9ca [Messenger] return empty envelopes when RetryableException occurs
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Accept underscores in the URL validator, as the URL will load
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #32506
| License | MIT
| Doc PR | -
As @javiereguiluz mentioned, regardless of convention a URL with an underscore in it will load perfectly fine - so in that respect it must be valid.
Commits
-------
c9c7a1118c [Validator] Accept underscores in the URL validator as the URL will resolve correctly
This PR was merged into the 3.4 branch.
Discussion
----------
Fix toolbar load when GET params are present in "_wdt" route
When using a custom router that inject GET parameters, eg:
```
# services.yaml
parameters:
# Replace default url generator service
router.options.generator_base_class: Combodo\iTop\Portal\Routing\UrlGenerator
```
The path generated by the toolbar JS is HTML entity encoded which breaks the JS call (`&` becomes `&`).
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4, 4.2 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
5309e64949 Fix toolbar load when GET params are present in "_wdt" route
This PR was squashed before being merged into the 3.4 branch (closes#32925).
Discussion
----------
[Translation] Collect original locale in case of fallback translation
Before, it collected the fallback locale that was used to translate a key. But this information is confusing, as it does not reveal which translation key is missing in the requested language.
So I'd like to propose to track the "requested" locale instead, so that the Symfony profiler gives me the information in which locale the key is missing instead of which locale was used as a fallback.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In principle, this change is a BC break, but imho also a bug. It's really confusing when the Profiler tells you that it uses a translation fallback for an ID and locale that is actually translated. Took some debugging so recognize that this fallback came from another locale. If you think it's better to target 5.0, I'll update the PR.
Commits
-------
5564e149cb [Translation] Collect original locale in case of fallback translation
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] fix race condition when reading response with informational status
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted by some transiently failing jobs on Travis.
Commits
-------
450c3c4998 [HttpClient] fix race condition when reading response with informational status
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] workaround bad Content-Length sent by old libcurl
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Issue described in https://curl.haxx.se/mail/lib-2014-01/0106.html, happens with curl 7.29 at least.
Commits
-------
b8d2496979 [HttpClient] workaround bad Content-Length sent by old libcurl
* 3.4:
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
[Validator] Add the missing translations for the Azerbaijani locale
[Cache] dont override native Memcached options
Fix return type of Process::restart().
This PR was squashed before being merged into the 3.4 branch (closes#31198).
Discussion
----------
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31197
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11465 & https://github.com/symfony/symfony-docs/pull/11466
This fixes#31197 and makes the lock configuration work with installations that are not full stack ones and configurations that use xml files.
Commits
-------
c7af2df340 [FrameworkBundle] Fix framework bundle lock configuration not working as expected
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] fail gracefully when locking is not supported
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33392
| License | MIT
| Doc PR | -
Commits
-------
93485190f9 [Cache] fail gracefully when locking is not supported
This PR was merged into the 4.3 branch.
Discussion
----------
[Form] Names for buttons should start with lowercase
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This fix changes the messages related to the changes in https://github.com/symfony/symfony/pull/28969 - the message used to state that names should start with a letter, a digit ... - so I got a confusing message:
```
Using names for buttons that do not start with a letter, a digit, or an underscore is deprecated since Symfony 4.3 and will throw an exception in 5.0 ("Search" given).'
```
Which made me find the message, look at the regex that was used, and work out that actually it should start with a lowercase letter, and hence this PR - where I assume there is a reason that the name must start with lowercase letters.
Commits
-------
f65524e4e0 Names for buttons should start with lowercase
This PR was merged into the 4.3 branch.
Discussion
----------
Add missing row_attr option to FormType
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix: #33682 - related issue #33573
| License | MIT
The #33573 modified Symfony's form themes. But the [FormType](https://github.com/symfony/form/blob/master/Extension/Core/Type/FormType.php) don't allow the option `row_attr` so the OptionResolver throw an exception that the option is unknown.
This PR basically add the option and give it to the form view (like `label_attr` do)
Commits
-------
d711ea2b54 Add missing row_attr option to FormType
This PR was merged into the 4.3 branch.
Discussion
----------
[Security] use LegacyEventDispatcherProxy
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I ran into an issue on one of my apps that has its own event dispatcher class using the old dispatch method signature
```php
public function dispatch($eventName, Event $event = null)
```
This leads to
```
TypeError: Argument 2 passed to X\Tests\Base\TestEventDispatcher::dispatch() must be an instance of Symfony\Component\EventDispatcher\Event or null, string given, called in /var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php on line 230
/var/www/x/symfony/tests/Base/TestEventDispatcher.php:20
/var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php:230
/var/www/x/symfony/vendor/symfony/security/Http/Firewall/ContextListener.php:111
```
since the event here is dispatched using the new signature:
https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L259
Commits
-------
7067e48165 [Security] use LegacyEventDispatcherProxy
This PR was merged into the 4.3 branch.
Discussion
----------
[Security/Http] fix typo in deprecation message
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
spotted by @stof in #33676
Commits
-------
e70057aed4 [Security/Http] fix typo in deprecation message
This PR was merged into the 4.3 branch.
Discussion
----------
Make legacy "wrong" RFC2047 encoding apply only to one header
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
It says in a comment in the code that "We have to go against RFC 2183/2231 in some areas for interoperability". But I would like that to be the exception and not the rule. As the code was, all parameterized headers except from "Content-Disposition" was not encoded according to RFC 2231.
This change is to make it so that the exception (to not follow the RFC) is for the header "Content-Type" only, and all other parameterized headers will follow the rule of RFC 2231.
The code kind of worked before, because in emails we generally only have two parameterized headers; "Content-Disposition" and "Content-Type". But I think it is a good thing that if another parameterized header would happen to be added, by default it should follow the rule of the RFC and not by default be an exception.
Commits
-------
3817a8b036 Make legacy "wrong" RFC2047 encoding apply only to one header
This PR was merged into the 4.3 branch.
Discussion
----------
[HttpClient] fix throwing HTTP exceptions when the 1st chunk is emitted
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted while discussing the client with @Seldaek
The current behavior is transient: depending on the speed of the network/server, the exception can be thrown, or not.
This forces one do deal with 3/4/5xx when the first chunk is yielded.
Commits
-------
3c93764f10 [HttpClient] fix throwing HTTP exceptions when the 1st chunk is emitted
* 3.4:
Re-enable previously failing PHP 7.4 test cases
Revert "bug #33618 fix tests depending on other components' tests (xabbuh)"
install from source to include components tests
* 3.4:
ensure compatibility with type resolver 0.5
Call AssertEquals with proper parameters
[Twig] Fix Twig config extra keys
fix tests depending on other components' tests
This PR was merged into the 3.4 branch.
Discussion
----------
fix tests depending on other components' tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
cd2f3a6056 fix tests depending on other components' tests
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] ensure compatibility with type resolver 0.5
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
same as #33588 but for the `3.4` branch
Commits
-------
2d708b3e60 ensure compatibility with type resolver 0.5
Since `$response->getContent()` returns string and our first parameter is already string as well, in some cases (with different precisions) it may "compare strings" as "strings" and this is not what the test wants.
By changing the first parameter to actual number we force `AssertEquals` to compare them numerically rather than literally by string content.
* 3.4:
[Twig] Remove dead code
Add gitignore file for Symfony 3.4
[Inflector] Add .gitignore file
[Security] Removed unused argument in Test
[Console] Get dimensions from stty on windows if possible
[Inflector] add support 'see' to 'ee' for singularize 'fees' to 'fee'
This PR was merged into the 3.4 branch.
Discussion
----------
[Twig] Remove dead code
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
As the min version of Twig is 1.41, we can remove some dead code.
Commits
-------
786d136b5e [Twig] Remove dead code
This PR was squashed before being merged into the 4.3 branch (closes#33611).
Discussion
----------
Add gitignore file for Symfony 4.3
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
856b9a8a6e Add gitignore file for Symfony 4.3
This PR was merged into the 4.3 branch.
Discussion
----------
[Messenger] Fix exception message of failed message is dropped on retry
| Q | A
| ------------- | ---
| Branch? | 4.3 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#32719
| License | MIT
| Doc PR | NA <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
8f9f44eb21 [Messenger] Fix exception message of failed message is dropped on retry
This PR was squashed before being merged into the 4.3 branch (closes#33340).
Discussion
----------
[Finder] Adjust regex to correctly match comments in gitignore contents
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #32985
| License | MIT
Description from issue:
When using `ignoreVCSIgnored` as argument with the Symfony Finder, it will construct a regex equivalent of the gitignore pattern. However it seems that when a comment line (prefixed with `#`) is present in the `.gitignore`, the regex used to remove comment lines matches every line and thus returns `$gitignoreFileContent` as empty.
Commits
-------
e56fc7cb58 [Finder] Adjust regex to correctly match comments in gitignore contents
After #32998 there was a minor left over, the `testHandleAuthenticationClearsToken`
`$tokenClass` argument is no longer used and can be safely removed.
This PR was merged into the 3.4 branch.
Discussion
----------
[Inflector] add support 'see' to 'ee' for singularize 'fees' to 'fee'
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
I don't know if this is considered a bug or a new feature ? Tell me if I need to change target branch
This PR improves the singularization of words such as "trees", "employees" or "fees"
Commits
-------
45b4edc2dc [Inflector] add support 'see' to 'ee' for singularize 'fees' to 'fee'
This PR was squashed before being merged into the 4.3 branch (closes#33521).
Discussion
----------
Fixed incompatibility between ServiceSubscriberTrait and classes with protected $container property
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #33355
| License | MIT
| Doc PR |
Commits
-------
954dad44a1 Fixed incompatibility between ServiceSubscriberTrait and classes with protected $container property
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] don't dump a scalar tag value on its own line
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This commit fine tunes the bugfix made in #33377 with the feedback provided in https://github.com/symfony/symfony/issues/33464#issuecomment-528290985.
Commits
-------
a549069a49 don't dump a scalar tag value on its own line