* 2.7:
prefer phpunit 5.x on hhvm
[FrameworkBundle][HttpKernel] the finder is required to discover bundle commands
[travis] Auto-conf deps=high matrix line
Fix the logout path when not using the router
Fix the logout path when not using the router
[Form] cast IDs to match deprecated behaviour of EntityChoiceList
[HttpFoundation] Added the ability of mapping stream wrapper protocols when using X-Sendfile
[HttpFoundation] Add a test case for using BinaryFileResponse with stream wrappers
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/composer.json
* 2.3:
prefer phpunit 5.x on hhvm
[FrameworkBundle][HttpKernel] the finder is required to discover bundle commands
[travis] Auto-conf deps=high matrix line
Fix the logout path when not using the router
[HttpFoundation] Added the ability of mapping stream wrapper protocols when using X-Sendfile
[HttpFoundation] Add a test case for using BinaryFileResponse with stream wrappers
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the logout path when not using the router
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17029
| License | MIT
| Doc PR | n/a
This needs to use the base url, not the base path, so that it goes through the front controller when not using url rewriting.
Commits
-------
1a2567e Fix the logout path when not using the router
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] ContainerDebugCommand: pass the right object to the descriptors
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | c5067dacb3 (commitcomment-14884960)
| License | MIT
| Doc PR |
Commits
-------
8cf0022 pass the right object to the descriptors
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Improve deprecation notice to mention the affected service id
| Q | A
| ------------- | ---
| Bug fix? |no
| New feature? |no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This fix changes the deprecation notice to mention the affected service id. Without this update it is quite annoying to find the service with the deprecated definition.
Commits
-------
0b9ea95 Improve form deprecation notices to mention the affected service ids
* 2.8:
[Process] Enhance compatiblity with --enable-sigchild
[Validator] removes unused variable in LengthValidator class.
[FrameworkBundle] [Bug] Fixes new InputStyle bug #16920
fix short array syntax for php 5.3
[Serializer] Fixed on array of objects in .
[Process] Always call proc_close
[Form] Add missing tests for StringUtil::fqcnToBlockPrefix()
[Security] Fix a Polyfill import statement in StringUtils
[Validator] Updated Luxembourgish translations for 2.8
Improved the code of the commands that use the new SymfonyStyle class
disable server commands without Process component
list all server command names in suggestion
Suggested Process dependency
disable server:run cmd without Process component
Suggested Process dependency
[FrameworkBundle] prevent cache:clear creating too long paths
[FrameworkBundle] [Translation] Fixed translations not written when no translations directory in update command
Conflicts:
.travis.yml
src/Symfony/Bridge/Twig/Command/LintCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/ConfigDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/TranslationDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/YamlLintCommand.php
src/Symfony/Bundle/TwigBundle/Command/DebugCommand.php
src/Symfony/Component/Security/Core/Util/StringUtils.php
* 2.7:
[Process] Enhance compatiblity with --enable-sigchild
fix short array syntax for php 5.3
[Serializer] Fixed on array of objects in .
[Process] Always call proc_close
[Validator] Updated Luxembourgish translations for 2.8
disable server commands without Process component
list all server command names in suggestion
Suggested Process dependency
disable server:run cmd without Process component
Suggested Process dependency
[FrameworkBundle] prevent cache:clear creating too long paths
[FrameworkBundle] [Translation] Fixed translations not written when no translations directory in update command
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/Command/TranslationUpdateCommand.php
src/Symfony/Bundle/FrameworkBundle/composer.json
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] prevent cache:clear creating too long paths
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15547#16783
| License | MIT
| Doc PR | -
Commits
-------
6e279c5 [FrameworkBundle] prevent cache:clear creating too long paths
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] [Translation] Fixed translations not written when no translations directory in update command
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Currently when you run the TranslationUpdateCommand and want to write the translation in the domain file without a `translations` directory the output is `[OK] Success` but the file is not created.
This PR fix the creation of the directory.
Commits
-------
8c45107 [FrameworkBundle] [Translation] Fixed translations not written when no translations directory in update command
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Disable built-in server commands when Process component is missing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This also backports the improvement for the `suggest` section from #16650 to the `2.7` branch and improves it by also mentioning the other built-in server commands.
Commits
-------
972c4ca disable server commands without Process component
dd82b64 list all server command names in suggestion
d18fb9b Suggested Process dependency
* 2.8:
[Process] Fix stopping a process on Windows
[PhpUnitBridge] Add weak-verbose mode and match against message instead of test name
Added a note about the new requirement iconv.
Improved error messages for Yaml Deprecations
Added a test case for the Logger class.
[Form] Fix choices defined as Traversable
CS: general fixes
Suggested Process dependency
This PR was merged into the 2.8 branch.
Discussion
----------
Suggested Process dependency
The `server:run` command requires the Process component.
Commits
-------
7c1231a Suggested Process dependency
This PR was merged into the 3.0-dev branch.
Discussion
----------
[Form] Drop remaing CsrfProviderAdapter/Interface mentions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
CsrfProviderAdapter+Interface have already been removed from master, we should not use them anymore. Let's see if tests agree.
Commits
-------
5bc34d2 [Form] Drop remaing CsrfProviderAdapter/Interface mentions
* 2.8:
Fixed the wrong source name and the ja translation
[Debug] fix readme: DebugClassLoader moved to debug itself
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
[Console] Fix bug with overloading
[Form] Fixed wrong usages of the "text" type
[Form] Disabled view data validation if "data_class" is set to null
[HttpFoundation] Workaround HHVM rewriting HTTP response line
* 2.7:
Fixed the wrong source name and the ja translation
[Debug] fix readme: DebugClassLoader moved to debug itself
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
[Form] Disabled view data validation if "data_class" is set to null
[HttpFoundation] Workaround HHVM rewriting HTTP response line
* 2.3:
Fixed the wrong source name and the ja translation
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
This PR was squashed before being merged into the 2.8 branch (closes#16621).
Discussion
----------
[Console] Fix bug with $output overloading
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-standard/issues/887, #16622
| License | MIT
| Doc PR | -
This is exactly why variable overloading isn't a great idea :)
Commits
-------
5764a00 [Console] Fix bug with overloading
* 2.8:
Always enable clock-mock for HttpFoundation
[ClassLoader] Fix parsing namespace when token_get_all() is missing
Bug #16343 [Router] Too many Routes ?
Fixes the stack traces of the deprecation logs
fix unused variable warning
[Translation][Form] Do not translate form labels and placeholders when 'translation_domain' is false
add composer exclude-from-classmap for new 2.8 components
[Yaml] sync changelog and upgrade files
[Debug] Ensure class declarations are loaded only once
Minor design tweaks for the Logs and Doctrine profiler panels
Conflicts:
UPGRADE-2.8.md
This PR was squashed before being merged into the 2.8 branch (closes#16031).
Discussion
----------
[Translation][Form] Do not translate form labels and placeholders when 'translation_domain' is false
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Seems like this behaviour was already partially added (as stated [here](https://github.com/symfony/symfony/pull/16016#issuecomment-144464875)) to solve the problem of expanded choice widgets.
Commits
-------
0e0b904 [Translation][Form] Do not translate form labels and placeholders when 'translation_domain' is false
* 2.8:
removed usage of the deprecated StringUtils::equals() method
Fix: Resolve tempdir symlink, not working on OSX
fixed tests
migrate session after remember me authentication
prevent timing attacks in digest auth listener
mitigate CSRF timing attack vulnerability
fix potential timing attack issue
[WebProfilerBundle] Added a top left border radius to the minified to…
[Routing] Changing RouteCollectionBuilder::import() behavior to add to the builder
[HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
[Process] PhpExecutableFinder: add regression test
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15185
| License | MIT
| Doc PR | -
While trying to migrate Blackfire to 2.8-beta, I found this BC-break: by resetting the container on kernel shut-down, functional tests are broken when they need to use the container after a call to `$this->client->request()`. Broken because e.g . the session or the profiler state is lost between consecutive requests in the same test, and because a call to $container->get('kernel') throws a synthetic-related exception.
This PR fixes the BC-break by reverting to the <=2.7 behavior (not resetting the container on kernel shut-down), and moving resetting to the KernelTestCase.
Commits
-------
baad4da [HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
* 2.8:
Add Spanish translation for BIC validator
Added translation for BIC validator
Sent out a status text for unknown HTTP headers.
[DependencyInjection] Unescape parameters for all types of injection
[Process] Fix trailing space in PHP binary finder
Remove tmp addition of zend-stdlib
[WebProfilerBundle] Fix minitoolbar height
[Form] Fix ResolvedFormType deprecation notices
[Serializer] add missing unit tests related to Encoder
add it back
Conflicts:
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Component/Form/ResolvedFormType.php
* 2.8:
Fix undefined array $server
Fix call to undefined function json_last_error_message
Fix bug in windows detection
[ProxyManager] Tmp fix composer reqs issue in ZF
Fix PropertyInfo extractor namespace in framework bundle
Add missing exclusions from phpunit.xml.dist
[Serializer] ObjectNormalizer: don't serialize static methods and props
[Form] Enhance some FormRegistry deprecation messages
[Validator] [sl] BIC (SWIFT-BIC) validation constraint
[WebProfilerBundle] correct typo in show stack trace link
bumped Symfony version to 2.8.0
updated VERSION for 2.8.0-BETA1
updated CHANGELOG for 2.8.0-BETA1
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Compiler/FormPass.php
src/Symfony/Component/Form/FormRegistry.php
* 2.7:
Fix undefined array $server
Fix bug in windows detection
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
[Serializer] ObjectNormalizer: don't serialize static methods and props
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Component/Security/phpunit.xml.dist
* 2.3:
Fix undefined array $server
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Bundle/DebugBundle/phpunit.xml.dist
src/Symfony/Component/Security/phpunit.xml.dist
This PR was squashed before being merged into the 2.3 branch (closes#16352).
Discussion
----------
Fix the server variables in the router_*.php files
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
The built-in web server automatically rewrites everything to the `app_dev.php` script, but it does not adjust the server variables accordingly.
Here is the output of `print_r($_SERVER)` on Apache with mod_rewrite enabled (relevant lines only):
```
Array
(
[REQUEST_URI] => /text-elements.html
[SCRIPT_NAME] => /app_dev.php
[PHP_SELF] => /app_dev.php
)
```
And here is the output of the exact same script on the built-in server:
```
Array
(
[REQUEST_URI] => /text-elements.html
[SCRIPT_NAME] => /text-elements.html
[PHP_SELF] => /text-elements.html
)
```
And here is the return value of Symfony's `Request::getScriptName()` method:
```php
// Apache: http://localhost/text-elements.html
echo $this->container->get('request_stack')->getCurrentRequest()->getScriptName(); // /app_dev.php
// Built-in web server: http://127.0.0.1:8000/text-elements.html
echo $this->container->get('request_stack')->getCurrentRequest()->getScriptName(); // /text-elements.html
```
This PR fixes the two server variables in the `router_dev.php` script.
Commits
-------
4923411 Fix the server variables in the router_*.php files
* 2.8:
Fixed tabs when there are several groups of tabs in the same page
Fix mode
Fixed failing test for HHVM
Removed unused logic in MockStream
Update coding standard for MockStream
[Filesystem] added tempnam() stream wrapper aware version of PHP's native tempnam() and fixed dumpFile to allow dumping to streams
Renamed key to secret
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Renamed key to secret Part 2
Anonymous and RememberMe were already changed in https://github.com/symfony/symfony/pull/15141 This PR renames 2 more occurences of key in the Security: AnonymousAuthenticationListener and the Digest entry point.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
55f59d5 Renamed key to secret
* 2.8:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[VarDumper] Fix PHP7 type-hints compat
[Bridge] [PhpUnit] fixes documentation markup.
[PropertyAccess] Port of the performance optimization from 2.3
trigger deprecation warning when using empty_value
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
[Serializer] GetSetNormalizer shouldn't set/get static methods
[Serializer] PropertyNormalizer shouldn't set static properties
JsonDescriptor - encode container params only once
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/Form/Extension/Core/Type/DateType.php
src/Symfony/Component/Form/Extension/Core/Type/TimeType.php
src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
* 2.7:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[VarDumper] Fix PHP7 type-hints compat
[Bridge] [PhpUnit] fixes documentation markup.
[PropertyAccess] Port of the performance optimization from 2.3
trigger deprecation warning when using empty_value
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
[Serializer] GetSetNormalizer shouldn't set/get static methods
[Serializer] PropertyNormalizer shouldn't set static properties
JsonDescriptor - encode container params only once
Conflicts:
src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
* 2.8:
[Bridge\PhpUnit] Add extra clock-mocked namespaces in phpunit.xml.dist
[DependencyInjection] Autowing: exclude abstract definitons
[DependencyInjection] Autowiring: support parent/decorators
[FrameworkBundle] Autowiring support for debug:container
Fixing bad type-hint auto-wiring bug
[Yaml] deprecate unquoted indicator characters
added a micro kernel
Re-adding the ability to add a resource to the RouteCollectionBuilder
[DependencyInjection] Add autowiring support to dumpers
ldap_set_option should be called with a valid link identifier
[FrameworkBundle][Form] Better exception message for private form tagged services
Conflicts:
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Compiler/FormPass.php
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_public.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_services.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_tag1.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/builder_1_tags.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/definition_1.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/definition_1.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/definition_2.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/definition_2.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_1.json
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_1.md
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_1.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_1.xml
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_2.json
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_2.md
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_2.txt
src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Descriptor/legacy_synchronized_service_definition_2.xml
src/Symfony/Component/DependencyInjection/Compiler/ResolveDefinitionTemplatesPass.php
src/Symfony/Component/DependencyInjection/Dumper/YamlDumper.php
This PR was merged into the 2.8 branch.
Discussion
----------
[DependencyInjection] [FrameworkBundle] Enhance autowiring DX
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Dump autowiring data when using the container
* Add autowiring data to the `debug:container` command
Commits
-------
9c3b910 [FrameworkBundle] Autowiring support for debug:container
18913e1 [DependencyInjection] Add autowiring support to dumpers
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] JsonDescriptor - encode container params only once
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16379
| License | MIT
| Doc PR |
Commits
-------
dd9d076 JsonDescriptor - encode container params only once
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][Form] Better exception message for private form tagged services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Similar to what is done in [RegisterListenerPass](https://github.com/symfony/symfony/blob/2.8/src/Symfony/Component/EventDispatcher/DependencyInjection/RegisterListenersPass.php#L61-L63), those changes allow to have a better exception message when defining a private `form.type`, `form.type_extension` or `form.form_guesser` tagged service, and at container compilation instead of runtime:
> The service "my.form.type" must be public as form types are lazy-loaded.
instead of:
> You have requested a non-existent service "my.form.type"
If I'm right, similar cases were considered as new features in the past, so this targets 2.8.
Commits
-------
11d675f [FrameworkBundle][Form] Better exception message for private form tagged services
I made the class final because it is not meant to be extended. By using the trait, which uses protected visibility for the container property, it would otherwise make the container property part of of BC promise
* 2.8:
added the new Composer exclude-from-classmap option
added the new Composer exclude-from-classmap option
fix docblock description for the build() method
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
* 2.7:
added the new Composer exclude-from-classmap option
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
* 2.3:
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
This PR was merged into the 2.3 branch.
Discussion
----------
added the new Composer exclude-from-classmap option
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65bef75 added the new Composer exclude-from-classmap option
This PR was merged into the 2.8 branch.
Discussion
----------
Add the PHP 7 polyfill for the random_bytes function
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Some classes (like the `SecureRandom` class) currently depends on the `random_bytes` function, which is only available in the PHP 7 polyfill
Commits
-------
8ab8ca0 Add the PHP 7 polyfill for the random_bytes function
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Filter links in search results
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14110
| License | MIT
| Doc PR |
Quite often I find myself copy/pasting the results from the search results in the profiler search form. Adding links for this allows developers to narrow down to the proper profiler result fast.
Commits
-------
4bffacc [WebProfilerBundle] Filter links in search results
This PR was merged into the 2.8 branch.
Discussion
----------
Fixed Ajax panel loading in the toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16349
| License | MIT
| Doc PR | -
Commits
-------
862daf2 Fixed Ajax panel loading in the toolbar
* 2.7:
fixed YAML files missing quotes when a string starts with @
[VarDumper] Fix anonymous class dumping
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
* 2.3:
fixed YAML files missing quotes when a string starts with @
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Autoreloading was previously set to `false`, but actually we want to force it.
This could even lead to a fatal error when warming where it was already warmed as the previous `classes.php` is directly required.
Commits
-------
d31350f [FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
* 2.8:
Fix the FrameworkBundle dependencies
[DoctrineBridge] Fix required guess of boolean fields
[DI] don't use array_map to resolve services
Remove dead code in the PropertyPath constructor
[EventDispatcher] fix docblock
[Process] Inherit env vars by default in PhpProcess
Changed one console output style to avoid visual issues
[VarDumper] Fix return type and anonymous classes dumping
[FrameworkBundle] PropertyInfo support
[HttpFoundation] Fixes /0 subnet handling in IpUtils
[Form] Simplify DateTimeToStringTransformer Avoid unneeded catch and re-throw of the same exception.
[Minor] [Serializer] Removed second license header
[TwigBundle] added a Twig templates warmer when templating is disabled
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
[Templating] deprecate low-level RouterHelper::generate method as it's cumbersome to use constants in templates
[Templating] introduce path and url methods in php templates to be in line with twig templates
[Routing] deprecate the old url generator reference type values
[Routing] use constant in a test that is new in 2.7
[FrameworkBundle] Add a new ClassCache cache warmer
[Validator] Add expressionLanguage to ExpressionValidator constructor
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/services.xml
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/BrowserKit/composer.json
src/Symfony/Component/ClassLoader/ClassCollectionLoader.php
src/Symfony/Component/EventDispatcher/EventDispatcher.php
This PR was squashed before being merged into the 2.8 branch (closes#15966).
Discussion
----------
[FrameworkBundle] PropertyInfo support
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
Commits
-------
f84a92a [FrameworkBundle] PropertyInfo support
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Add a new ClassCache cache warmer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This new cache warmer allows to remove the known slowness of the first hit of a Symfony application (even when cache has been warmed up). This also allows to make a Symfony application runnable on a read-only filesystem (like in a Docker container for example)
Commits
-------
b570d6c [FrameworkBundle] Add a new ClassCache cache warmer
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] added a Twig templates warmer when templating is disabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When disabling the templating component, Twig templates are not warmed up as the warmer depends on the template finder which needs the templating component. This PR adds a new cache warmer that covers this case.
see #16262
Commits
-------
bd3701b [TwigBundle] added a Twig templates warmer when templating is disabled
* 2.8:
[Routing] use constants in tests
[Process] tweaked README
[TwigBundle] Fix Twig cache is not properly warmed
[Validator] Allow an empty path in a URL with only a fragment or a query
[Security] Use SessionAuthenticationStrategy on RememberMe login
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Fix Twig cache is not properly warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15982
| License | MIT
| Doc PR | -
Alternative to #15034
Commits
-------
e704ee4 [TwigBundle] Fix Twig cache is not properly warmed
This PR was merged into the 2.8 branch.
Discussion
----------
[EventDispatcher] added EventDispatcher::getListenerPriority()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14563, #15825
| License | MIT
| Doc PR | n/a
In #14563, we added a way to get the priorities of listeners, but as noted by @Tobion in #15825, the implementation is sub-optimal because of two main reasons: the change is not part of the interface but more importantly, the added boolean changes the return value of `getListeners()`.
This PR reverts most of #14563 to add a `getListenerPriority()` method. This method is quite slow, but as it should only be used for debugging purposes (on the CLI or the WDT), I think it's not really a problem.
In 3.0, this method should probably be added to `EventDispatcherInterface`.
ping @Tobion
Commits
-------
068e955 [EventDispatcher] added EventDispatcher::getListenerPriority()
* 2.8:
[PhpUnit] Auto-register SymfonyTestsListener
[phpunit] Upgrade when a change is detected and when install subcommand is used
[Filesystem] Fix test on Windows
Fix merge
[HttpFoundation] Extend ClockMock to session storage tests
[Process] Don't use @requires on abstract class
[VarDumper] Fix wordwrap with Bootstrap
Fix the BC layer for the key->secret renaming for remember_me
Fix potential access to undefined index
Conflicts:
src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/LegacyPdoSessionHandlerTest.php
src/Symfony/Component/Locale/phpunit.xml.dist
This PR was merged into the 2.8 branch.
Discussion
----------
Fix the BC layer for the key->secret renaming for remember_me
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/5765
| License | MIT
| Doc PR | n/a
There was a mistake in https://github.com/symfony/symfony/pull/15141 removing the configuration entirely.
Commits
-------
f52b3a0 Fix the BC layer for the key->secret renaming for remember_me
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [yes|no]
| BC breaks? | [yes|no]
Since cache is now required, it makes no sense to suggest it
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The new feature is in the DI component and it enlighten a deprecation from Doctrine that we ignored in FrameworkBundle, that is also fixed in this PR.
See https://github.com/symfony/symfony/pull/16001/files?w=1
Commits
-------
ca69fa3 [DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
This PR was merged into the 3.0-dev branch.
Discussion
----------
Replace is_callable checks with type hints
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14330
| License | MIT
| Doc PR | -
Also removes tests checking the exceptions thrown from
the removed is_callable checks.
Commits
-------
7685cdd Add more callable type hints
4e0c6e1 Replace is_callable checks with type hints
The FrameworkBundle in version 2.3 can be used with recent versions of
the Security component. However, after the Security component has been
split with Symfony 2.4, translations resources have been moved to the
`symfony/security-core` package. Thus, the changed location must be
taken into account.
* 2.8: (21 commits)
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Throw exception if tempnam returns false in ProcessPipes
[DomCrawler] Deprecated using /_root/ in XPath expressions
Pass missing request template variables
Simplify AbstractVoter
[Form] add missing deprecation triggers
Throw exception if tempnam returns false
Fix PropertyAccessor modifying array in object when array key does not exist
[DependencyInjection] Add autowiring capabilities
Fixing typo in variable name
Add a few additional tests for the Crawler
[Form] remove obsolete deprecation comments
Updated the style of the event commands
[Debug] Deprecate providing $fileLinkFormat as second argument
[Form] minor CS fix
Updated PHPDoc of the AbstractVoter class
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
...
* 2.7:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Fix PropertyAccessor modifying array in object when array key does not exist
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
* 2.8:
Updated the stlyes of the YAML commands
[Security] Configuring a user checker per firewall
[PropertyInfo] Test behavior when an extractor return null.
This PR was squashed before being merged into the 2.8 branch (closes#14721).
Discussion
----------
[Security] Configuring a user checker per firewall
_Changed my base branch to avoid issues, closed old PR_
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed ticket | #11090 and helps #14673
| License | MIT
| Doc PR | symfony/symfony-docs/pull/5530
This pull request adds support for a configurable user checker per firewall. An example could be:
```yml
services:
app.user_checker:
class: App\Security\UserChecker
arguments:
- "@request_stack"
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
basic_auth: ~
user_checker: app.user_checker
```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.
I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.
Commits
-------
76bc662 [Security] Configuring a user checker per firewall
* 2.8:
added missing a deprecated notice
Move AjaxCollector for use without framework bundle
Deprecate loading multiple documents in the same crawler
[VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
Prevent adding non-DOMElement elements in DomCrawler
[appveyor] Fix command line
Using a service as a router resource
Fluid interface for building routes in PHP
Updated the styles of the container commands
fix tests after twig commands style changes
synchronize tests for static and non-static API
[DomCrawler] fix deprecation triggers
[Yaml] Fix improper comments removal inside strings
This PR was squashed before being merged into the 2.8 branch (closes#15742).
Discussion
----------
Using a service as a router resource
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | almost
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
Hi guys!
This adds the ability to use a service as a routing resource. In other words, instead of loading `routing.yml`, you could load `my_route_loader`, and then a method would be called on your service to return a RouteCollection.
Specifically, I'm interested in this because it would allow a user to point their main router resource to the kernel itself, making it possible to load routes inside the kernel (making a single-file full-stack app more possible).
Thanks!
Commits
-------
79e210f Using a service as a router resource
This PR was squashed before being merged into the 2.8 branch (closes#15926).
Discussion
----------
[2.8][Form] Deprecate alias tag option
FQCN should be used since 2.8 instead, so a deprecation error should be triggered when the `alias` setting is used.
Furthermore, the name of the option doesn't make much sense for form types (as it's the alias of the field it applies to), so I renamed it to `extended_type`. I'm open to any other suggestions.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e3aa522 [2.8][Form] Deprecate alias tag option
This PR was squashed before being merged into the 2.8 branch (closes#16023).
Discussion
----------
Minor fixes for the profiler and toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | partially #15439
| License | MIT
| Doc PR | -
Changes:
* Fixed a misaligned icon
* Changed the priorities of the collectors to better control their position and to leave a "gap" between priorities so custom panels can be displayed between the default panels. This idea came from @stof.
By the way, @stof do you know how can I set the priority of the SwiftMailer collector? Its definition is the only one that doesn't use the `<tag name="data_collector" />`:
```xml
<service id="swiftmailer.data_collector" class="%swiftmailer.data_collector.class%">
<argument type="service" id="service_container" />
</service>
```
https://github.com/symfony/swiftmailer-bundle/blob/master/Resources/config/swiftmailer.xml#L90-L92
Commits
-------
bff4098 Minor fixes for the profiler and toolbar
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][TwigBridge] do not render empty form action attributes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13852, #15995
| License | MIT
| Doc PR |
Commits
-------
1307043 do not render empty form action attributes
* 2.8:
add dependency required by a replaced package
Add a way to group toolbar info pieces
Added general sf-toolbar-block-right class
Bind input before executing the COMMAND event
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Tag deprecated services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Tag deprecated services as such. Some are deprecated by transitivity with their class definition.
Having given some workshops on migrating to sf 3.0, the deprecation triggered at the class level is cryptic to most. Triggering a more tailored one about the service is really important to me in order to help users migrate.
Commits
-------
87e8e8f [FrameworkBundle] Tag deprecated services
* 2.8:
Remove profiler storages
deprecate finding deep items in request parameters
[CssSelector] updated README
[CssSelector] remove ConverterInterface
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[FrameworkBundle] Fix tests
[Bridge\Twig] Fix form lowest version
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
In #15973, the `searchResultsAction()` of the `ProfilerController` was
updated to pass the current request to the rendered template. However,
this change was not reflected in the test thus letting it fail.
This PR was merged into the 2.8 branch.
Discussion
----------
added logging of unused tags
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11511, #11744
| License | MIT
| Doc PR | -
This is the same as #11744 but with some minor tweaks and some unit tests for the compiler pass.
Commits
-------
95c9f50 added some tests
d3271e1 missing tags in whitelist
f51fe4a [FrameworkBundle] [DependencyInjection] added logging of unused tags during container compilation
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] removed usage of Templating classes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes (but frankly, I don't see how that would break anything out there)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
ff3c107 [TwigBundle] removed usage of Templating classes
7f13f95 [WebProfilerBundle] fixed a template reference
* Restore View Latest button
* In order to fit into the horizontal space available, shorten the names of the Latest Profiles and View Latest buttons and adjust the buttons' margin and padding.
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] [Ldap] Added support for LDAP (New Component + integration in the Security Component).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | -
| License | MIT
| Doc PR | not yet
Current state:
- [x] Implement logic
- [x] Post-review tuning and stabilization
- [x] Fix tests
This PR is a follow-up to #5189, which was in a stand-still for a few years now. It tries to fix the remaining issues which were mentioned in the discussion.
There are still a few issues with the PR, as it is. For example, it introduces two new firewall factories, whereas the base factories (`form_login` and `http_basic`) could simply introduce new configuration options.
Also, for a user to use an LDAP server as an authentication provider, he first needs to define a service which should be an instance of `Symfony\Component\Security\Ldap\Ldap`.
For example:
```yml
services:
my_ldap:
class: Symfony\Component\Security\Ldap\Ldap
arguments: [ "ldap.mydomain.tld" ]
```
Then, in `security.yml`, this service can be used in both the user provider and the firewalls:
```yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
ldap_users:
ldap:
service: my_ldap
base_dn: dc=MyDomain,dc=tld
search_dn: CN=My User,OU=Users,DC=MyDomain,DC=tld
search_password: p455w0rd
filter: (sAMAccountName={username})
default_roles: ROLE_USER
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
demo_login:
pattern: ^/login$
security: false
api:
provider: ldap_users
stateless: true
pattern: ^/api
http_basic_ldap:
service: my_ldap
dn_string: "{username}@MYDOMAIN"
demo_secured_area:
provider: ldap_users
pattern: ^/
logout:
path: logout
target: login
form_login_ldap:
service: my_ldap
dn_string: CN={username},OU=Users,DC=MyDomain,DC=tld
check_path: login_check
login_path: login
```
Commits
-------
60b9f2e Implemented LDAP authentication and LDAP user provider
1c964b9 Introducing the LDAP component
* 2.8: (28 commits)
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
[WebProfilerBundle] Fix search button click listener
[Form][Type Date/Time] added choice_translation_domain option.
Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870
Making all "debug" messages use the debug router
Making GuardTokenInterface extend TokenInterface
Updating behavior to not continue after an authenticator has set the response
Add a group for tests of the finder against the FTP server
Fix trigger_error calls
Fix legacy security tests
tweaking message related to configuration edge case that we want to be helpful with
Minor tweaks - lowering the required security-http requirement and nulling out a test field
Fix license headers
Fix license headers
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Allow serializer 3.0 in the PropertyInfo component
Add the replace rules for the security-guard component
Forbid serializing a Crawler
...
* 2.7:
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
* 2.3:
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][WebProfilerBundle] Fix search button click listener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This fixes an issue when clicking the sidebar "Search" button **text** instead of the **button**. Then the click event target/srcElement is the *span* child-element, instead of the listening *a* element, which causes errors in the listener, since it expects the listening element. In consequence of that the search form isn't shown.
To fix this, the same technique is used, as for the navigation tabs. Traversing the DOM up to the expected *a* element.
Commits
-------
f9ddddb [WebProfilerBundle] Fix search button click listener
This PR was merged into the 2.8 branch.
Discussion
----------
Guard minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Various completely minor things, most from suggestions on #14673
Commits
-------
869d5a7 tweaking message related to configuration edge case that we want to be helpful with
da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
* 2.7:
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Fix with_minutes option in time widget
Fixed properties not explicitily declared
* 2.8:
[BrowserKit] Added isFollowingRedirects and getMaxRedirects methods
[PropertyInfo] Import the component
deprecated the Shell Console class
Deprecate ResourceInterface::getResource()
Merged LegacySecurityContext tests
[WebProfilerBundle] Added collapsed sidebar on small screens
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed properties not explicitily declared
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| License | MIT
Commits
-------
d2b3fe4 Fixed properties not explicitily declared
This PR was merged into the 2.8 branch.
Discussion
----------
deprecated the Shell Console class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | n/a
Commits
-------
1c17928 deprecated the Shell Console class
* 2.8: (23 commits)
[Validator] added BIC (SWIFT-BIC) validation constraint
[TwigBridge] Foundation form layout integration
[Security] Deprecated supportsAttribute and supportsClass methods
bumped Symfony version to 2.7.6
updated VERSION for 2.7.5
updated CHANGELOG for 2.7.5
bumped Symfony version to 2.3.34
updated VERSION for 2.3.33
update CONTRIBUTORS for 2.3.33
updated CHANGELOG for 2.3.33
[Console] Fix transient HHVM test
[OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies
fixed tests
[DI] Support deprecated definitions in decorators
[DI] Allow to change the deprecation message in Definition
[DI] Trigger a deprecated error on the container builder
[DI] Dump the deprecated status
[DI] Supports the deprecated tag in loaders
[DI] Add a deprecated status to definitions
Fixing test locations
...
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] compatibility with older Form component versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15711
| License | MIT
| Doc PR |
Commits
-------
01ad767 compatibility with older Form component versions
This PR was squashed before being merged into the 2.8 branch (closes#15738).
Discussion
----------
Implement service-based Resource (cache) validation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7230, #15692, #7782
| License | MIT
| Doc PR | symfony/symfony-docs#5136
### Overview
Currently, any metadata passed to `ConfigCache` (namely implementations of `ResourceInterface`) is serialized to disk. When the `ConfigCache` is validated, the metadata is unserialized and queried through `ResourceInterface::isFresh()` to determine whether the cache is fresh. That way, `ResourceInterface` implementations cannot interact with services, for example a database connection.
This PR introduces the new concept of `ResourceCheckers`. Services implementing `ResourceCheckerInterface` can be tagged as `config_cache.resource_checker` with an optional priority.
Clients that wish to use `ConfigCache` can then obtain an instance from the `config_cache_factory` service (which implements `ConfigCacheFactoryInterface`). The factory will take care of injecting resource checkers into the `ConfigCache` instance so that they can be used for cache validation.
Checking cache metadata is easy for `ResourceCheckers`:
* First, the `ResourceCheckerInterface::supports()` implementation is passed the metadata object in question. If the checker cannot handle the type of resource passed, `supports()` should return `false`.
* Otherwise, the `ResourceCheckerInterface::isFresh()` method will be called and given the resource as well as the timestamp at which the cache was initialized. If that method returns `false`, the cache is considered stale. If it returns `true`, the resource is considered unchanged and will *not* be passed to any additional checkers.
### BC and migration path
This PR does not (intend to) break BC but it comes with deprecations. The main reason is that `ResourceInterface` contains an `isFresh()` method that does not make sense in the general case of resources.
Thus, `ResourceInterface::isFresh()` is marked as deprecated and should be removed in Symfony 3.0. Resource implementations that can (or wish to) be validated in that simple manner can implement the `SelfCheckingResourceInterface` sub-interface that still contains (and will keep) the `isFresh()` method. The change should be as simple as changing the `extends` list.
Apart from that, `ResourceInterface` will be kept as the base interface for resource implementations. It is used in several `@api` interfaces and thus cannot easily be substituted.
For the Symfony 2.x series, a `BCResourceInterfaceChecker` will be kept that performs validation through `ResourceInterface::isFresh()` but will trigger a deprecation warning. The remedy is to either implement a custom ResourceChecker with a priority higher than -1000; or to switch to the aforementioned `SelfCheckingResourceInterface` which is used at a priority of -990 (without deprecation warning).
The `ConfigCache` and `ConfigCacheFactory` classes can be used as previously but do not feature checker-based cache validation.
### Outlook and closing remarks:
This PR supersedes #7230, #15692 and works at least in parts towards the goal of #7176.
The `ResourceCheckerInterface`, `...ConfigCache` and `...ConfigCacheFactory` no longer need to be aware of the `debug` flag. The different validation rules applied previously are now just a matter of `ResourceChecker` configuration (i. e. "no checkers" in `prod`).
It might be possible to remove the `debug` flag from Symfony's `Router` and/or `Translator` classes in the future as well because it was only passed on to the `ConfigCache` there.
Commits
-------
20d3722 Implement service-based Resource (cache) validation
* 2.8: (29 commits)
Updating AbstractVoter so that the method receives the TokenInterface
Adding the necessary files so that Guard can be its own installable component
Fix syntax in a test
Normalize the way we check versions
Avoid errors when generating the logout URL when there is no firewall key
Removing unnecessary override
fabbot
Adding a new exception and throwing it when the User changes
Fixing a bug where having an authentication failure would log you out.
Tweaks thanks to Wouter
Adding logging on this step and switching the order - not for any huge reason
Adding a base class to assist with form login authentication
Allowing for other authenticators to be checked
meaningless author and license changes
Adding missing factory registration
Thanks again fabbot!
A few more changes thanks to @iltar
Splitting the getting of the user and checking credentials into two steps
Tweaking docblock on interface thanks to @iltar
Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
...
Conflicts:
UPGRADE-2.8.md
src/Symfony/Bridge/Twig/Tests/Node/DumpNodeTest.php
src/Symfony/Bundle/FrameworkBundle/Command/ServerCommand.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractComparisonValidatorTestCase.php
src/Symfony/Component/Validator/Tests/Constraints/IdenticalToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/RangeValidatorTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
New Guard Authentication System (e.g. putting the joy back into security)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more
| License | MIT
| Doc PR | symfony/symfony-docs#5265
Hi guys!
Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot.
### How it works
With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of.
For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple.
This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45
I've also tested with "remember me" and "switch user" - no problems with either.
I hope you like it :).
### What's Needed
1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases.
2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky.
### Deprecations?
This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication.
Thanks!
Commits
-------
a01ed35 Adding the necessary files so that Guard can be its own installable component
d763134 Removing unnecessary override
e353833 fabbot
dd485f4 Adding a new exception and throwing it when the User changes
302235e Fixing a bug where having an authentication failure would log you out.
396a162 Tweaks thanks to Wouter
c9d9430 Adding logging on this step and switching the order - not for any huge reason
31f9cae Adding a base class to assist with form login authentication
0501761 Allowing for other authenticators to be checked
293c8a1 meaningless author and license changes
81432f9 Adding missing factory registration
7a94994 Thanks again fabbot!
7de05be A few more changes thanks to @iltar
ffdbc66 Splitting the getting of the user and checking credentials into two steps
6edb9e1 Tweaking docblock on interface thanks to @iltar
d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant
c73c32e Thanks fabbot!
6c180c7 Adding an edge case - this should not happen anyways
180e2c7 Properly handles "post auth" tokens that have become not authenticated
873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
a0bceb4 adding Guard tests
05af97c Initial commit (but after some polished work) of the new Guard authentication system
330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
This PR was merged into the 3.0-dev branch.
Discussion
----------
[HttpKernel] Add better error message when controller action isn't callable
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
In the `ControllerResolver`, if a controller isn't callable, try to give a better description of what went wrong
Commits
-------
e0e19f6 Add better error message when controller action isn't callable
This PR was squashed before being merged into the 2.8 branch (closes#15861).
Discussion
----------
Avoid errors when generating the logout URL when there is no firewall key
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15853
| License | MIT
| Doc PR | -
Commits
-------
a811912 Avoid errors when generating the logout URL when there is no firewall key