This PR was merged into the 5.2-dev branch.
Discussion
----------
Add tests for translated error messages of json authentication
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33168
| License | MIT
| Doc PR | -
In PR #38037 i added the translator to the json authenticator but there are some tests missing. I added some now.
Commits
-------
b50fc19af0 Add tests for translated error messages of json authentication
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] relax some test assertions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
473e2933f0 relax some test assertions
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Translate failure messages of json authentication
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Resolves#33168
| License | MIT
| Doc PR | -
Until now the failure messages of the json authentication were not translated. I'm not sure if it's a bug or a new feature. The changes shouldn't be a BC.
Commits
-------
7684663818 Translate failure messages of json authentication
* 5.1:
Enable "native_constant_invocation" CS rule
Make AbstractPhpFileCacheWarmer public
Fix CS
Add a warning comment on ldap empty password
Bump Symfony version to 4.4.14
Update VERSION for 4.4.13
Update CHANGELOG for 4.4.13
[PhpunitBridge] Fix deprecation type detection
* origin/4.4:
Fix CS
Add a warning comment on ldap empty password
Bump Symfony version to 4.4.14
Update VERSION for 4.4.13
Update CHANGELOG for 4.4.13
[PhpunitBridge] Fix deprecation type detection
This PR was merged into the 5.1 branch.
Discussion
----------
[PHPUnitBridge] Fix deprecation type detection when trigger_deprecation is used
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
when trigger_deprecation is used, the deprecation types (self, direct, indirect) are not properly detected because the file where the deprecation come from is always `deprecation-contracts/functions.php`. This PR aims to fix that.
Commits
-------
fd39961180 [PHPUnitBridge] Fix deprecation type detection when trigger_deprecation is used
This PR was merged into the 4.4 branch.
Discussion
----------
[PhpunitBridge] Fix deprecation type detection (when several autoload files are used)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Several autoload files are supported by the PHPUnit Bridge but when the internal paths are registered (for deprecation type detection), the paths (from prefixes) of the last autoload file override the paths previously registered. This PR fixes this bug.
Commits
-------
cc7b6c5e5a [PhpunitBridge] Fix deprecation type detection
This PR was merged into the 4.4 branch.
Discussion
----------
[Ldap] Add comment about bind with empty password
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
When LDAP server allows unauthenticated binds, calling the method `bind` with a blank password will return a positive response.
This is not an issue when using High Level classes of Symfony, because this case is handled in `LdapBindAuthenticationProvider` and `CheckLdapCredentialsListener`.
And passing a blank password could be a valid use case for the low level class `Connection`.
This PR adds a comment on the parameter `$password` to let people Know about this
Commits
-------
63a8570a42 Add a warning comment on ldap empty password
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Cache] give control over cache prefix seed
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
Reopened#35723 for master.
The configurable cache prefix seed does not give full control over the cache prefix because the container class is added to the prefix in any case. This is a problem because the container class contains the app env name. We use different app environments for different deployment targets (dev and test). We want dev and test to use the same redis cache. But this is impossible to achieve because even setting the cache prefix seed does not accomplish this.
Commits
-------
6681b92524 [Cache] give control over cache prefix seed
* 5.1:
Revert "Swallow errors"
Swallow errors
Allow Drupal to wrap the Symfony test listener
Bump Symfony version to 5.1.6
Update VERSION for 5.1.5
Update CHANGELOG for 5.1.5
This PR was merged into the 5.1 branch.
Discussion
----------
Allow Drupal to wrap the Symfony test listener (5.1 backport)
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | kinda
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
This is a backport of #37708
Commits
-------
244e8d2408 Revert "Swallow errors"
ee8cc2666b Swallow errors
f9bfe7fd79 Allow Drupal to wrap the Symfony test listener
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Configurable execution order for firewall listeners
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | n/a
Hello there, I'm the author of `scheb/two-factor-bundle`, which extends Symfony's security layer with two-factor authentication. I've been closely following the recent changes by @wouterj to rework the security layer with "authenticators" (great work!). While I managed to make my bundle work with authenticators, I see some limitations in the security layer that I'd like to address to make such extensions easier to implement.
In #37336 I've submitted a draft to let security factories add their own authentication listeners to the firewall. This PR is intended to address the issue of execution order. If you look at the `Firewall` class
f64f59a9c0/src/Symfony/Component/Security/Http/Firewall.php (L62-L82)
authentication listeners are executed in the order of their creation. Additionally, there's hardcoded logic to execute `Symfony\Component\Security\Http\Firewall\AccessListener` always last and the logout listener second to last. I'd like to have a more flexible approach, to remove the hardcoded order and give authentication listeners the ability to determine their execution order.
I've added an optional interface to provide a priority to sort all registered authenitication listeners. Sorting is done in a compiler pass, so no time is wasted at runtime.
This is a draft, so I'd like to hear your opinion on this :)
Commits
-------
91388e871b Add ability to prioritize firewall listeners
This PR was merged into the 5.2-dev branch.
Discussion
----------
Remove unnecessary silence operator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
A gobble-all-errors handler was added around the unserialize() call making the @ operator unnecessary.
Commits
-------
03201f0d23 No longer need to silence errors as we're catching them all
The configurable cache prefix seed does not give full control over the cache prefix because the container class is added to the prefix in any case. This is a problem because the container class contains the app env name. We use different app environments for different deployment targets (dev and test). Dev and test should use the same redis cache. But this is impossible to achieve because even setting the cache prefix seed does not accomplish this.
