* 2.8:
[Security] Load the user before pre/post auth checks when needed
[SecurityBundle] Add test for simple authentication config
[SecurityBundle] Add missing argument to security.authentication.provider.simple
[Finder] fix tests
* 2.8:
fixed deprecated messages in tests
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 2.7:
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 2.8:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
* 2.7:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
* 2.8: (29 commits)
[Console] Fix docblock of DescriptorInterface::describe
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
Php Inspections (EA Ultimate): address some of one-time used local variables
[Intl] Load locale aliases to support alias fallbacks
[CssSelector] Fix CSS identifiers parsing - they can start with dash
...
This PR was squashed before being merged into the 3.4 branch (closes#26513).
Discussion
----------
[FrameworkBundle] Respect debug mode when warm up annotations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Propagate current debug mode to the annotations reader. Without thi, warmup is useless with debug mode, because timetsamps are not written to cache.
Commits
-------
f3ec39616c [FrameworkBundle] Respect debug mode when warm up annotations
* 2.7:
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
[DomCrawler] extract(): fix a bug when the attribute list is empty
[Config] Backport string|null api for node names
* 2.8:
[WebProfilerBundle] Fix Debug toolbar breaks app
bumped Symfony version to 2.8.36
updated VERSION for 2.8.35
updated CHANGELOG for 2.8.35
bumped Symfony version to 2.7.43
updated VERSION for 2.7.42
update CONTRIBUTORS for 2.7.42
updated CHANGELOG for 2.7.42
* 2.7:
[WebProfilerBundle] Fix Debug toolbar breaks app
bumped Symfony version to 2.7.43
updated VERSION for 2.7.42
update CONTRIBUTORS for 2.7.42
updated CHANGELOG for 2.7.42
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] limit ajax request to 100 and remove the last one
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | none fix merge
| License | MIT
Merging back the bugfix to 3.4.
Commits
-------
33bace4 [WebProfilerBundle] limit ajax request to 100 and remove the last one
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] [Console][DX] add a warning when command is not found
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | none
| License | MIT
| Doc PR |
This PR add DX on the the console `find()` and `get()` methods when a command is not found because it has not been registered properly.
Commits
-------
efd8f7fa3a [FrameworkBundle] [Console] add a warning when command is not found
This PR was merged into the 3.4 branch.
Discussion
----------
Set controller without __invoke method from invokable class
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes one part of #25103
Commits
-------
cc68c5074e Set controller without __invoke method from invokable class
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Fix using annotation_reader in compiler pass to inject configured cache provider
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26086
| License | MIT
| Doc PR | -
The compilation pass of AddAnnotationsCachedReaderPass relies on already removed definition `annotations.cached_reader` due to an alias to `annotation_reader`.
Since the definition is being removed because of alias, configured annotation cache provider is not injected and will default back to ArrayCache.
This PR replaces the use of `annotations.cached_reader` to `annotation_reader` to complete the injection of configured cache provider.
Commits
-------
dfd93da bug #26086 [FrameworkBundle] Fix using annotation_reader in compiler pass to inject configured cache provider
This PR was merged into the 3.4 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
777acfb do not mock the container builder in tests
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBundle][WebProfilerBundle] Fix JS collision
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #25894
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
da39e01eb9 [TwigBundle][WebProfilerBundle] Fix JS collision
* 2.8:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
* 2.7:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
This PR was squashed before being merged into the 3.4 branch (closes#25756).
Discussion
----------
[TwigBundle] Register TwigBridge extensions first
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25610
| License | MIT
| Doc PR | -
The only extension that is really needed to display the current exception page is the `CodeExtension` so we could only prepend this one. However, prepending all of them seems safer to me in the long term.
Also I deeply looked into why this problem only appeared in 3.4 and found the reason. Before 3.4 it actually never reaches the `ExceptionController` for this kind of error because it cannot be resolved because it needs a twig instance in its constructor. This instance is directly taken from the container. Before 3.4 when an exception is thrown when you try to get a service from the container, the instance stored in the `$services` array is unset which is not the case in further versions. So in 3.4+, the `ExceptionController` can be resolved because the instance of twig is still in the container even after the initial exception.
It also means these kind of exceptions are displayed with bugs on all versions before 3.4 I guess. Actually it shows the message 2 times : one for the initial exception and the other one when it tries to resolve the `ExceptionController`.
Maybe another solution might be to use a dedicated twig instance with the right settings just for the exception page ?
Commits
-------
c8465ed97f [TwigBundle] Register TwigBridge extensions first
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
* 2.8:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
* 2.7:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
* 3.3:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.8:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.7:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
[minor] SCA: reduce repetitive method calls (sequential and in loop)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
609372252f SCA: get rid of repetitive calls
This will revert #25847. Basically, the changes done in #25847 were not
wrong per se. However, those changes were not necessary as the tests
were not failing because of the missing "assets" config, but due to an
issue introduced in the Config component. Furthermore, removing this
part of the config fixtures gives us the benefit that our before
normalization logic that enables assets support when the templating
integration is enabled is properly tested.
This PR was merged into the 3.3 branch.
Discussion
----------
[FrameworkBundle] fix DI extension tests
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The failing tests relied on the assets integration being enabled. Since
we never did enable this explicitly, the assets related definitions are
removed now that #25789 was merged which fixed#25760.
Commits
-------
1cb8f69 [FrameworkBundle] fix DI extension tests
The failing tests relied on the assets integration being enabled. Since
we never did enable this explicitly, the assets related definitions are
removed now that #25789 was merged which fixed#25760.
* 3.3:
[HttpKernel] DebugHandlersListener should always replace the existing exception handler
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
[Cache] Fix handling of apcu_fetch() edgy behavior
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
[Console] Improve phpdoc on StyleInterface::ask()
* 2.8:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
* 2.7:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Auto-enable CSRF if the component *+ session* are loaded
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/recipes/issues/262
| License | MIT
| Doc PR | -
By binding CSRF and session default state, we provide better DX, but we also provide a way for bundles to enable session on its own: they just need to require "symfony/security-csrf".
Yes, that's a side effect, but I think that's a nice one for 3.4/4.0.
Of course, we might do better in 4.1, but for bug fix only releases, LGTM.
Commits
-------
9e8231f [FrameworkBundle] Automatically enable the CSRF if component *+ session* are loaded
* 3.3:
fix merge
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
Add missing @ in phpdoc return statement
Don't right trim the deprecation message
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.8:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.7:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 3.3:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
Add type string to docblock for Process::setInput()
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
Run simple-phpunit with --no-suggest option
[FrameworkBundle] Fix using "annotations.cached_reader" in after-removing passes
bumped Symfony version to 3.3.16
updated VERSION for 3.3.15
updated CHANGELOG for 3.3.15
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
* 2.8:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
This PR was merged into the 3.4 branch.
Discussion
----------
Remove randomness from dumped containers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
With this PR, the generated container is immutable by cache clearing: it doesn't contain any random string anymore (well, third party bundles can add random things back, but at least core doesn't).
Since the class+file name of the container is based on a hash of its content, it means that they are now stable also. This should help fix some edge cases/race conditions during cache clears/rebuilds.
(fabbot failure is false positive)
Commits
-------
14dd5d1dbd Remove randomness from dumped containers
This PR was squashed before being merged into the 3.4 branch (closes#25678).
Discussion
----------
[WebProfilerBundle] set the var in the right scope
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
![2018-01-04 um 09 29 54](https://user-images.githubusercontent.com/1322118/34555989-de6fd11c-f134-11e7-81f7-9b840a946073.png)
This PR fixes the bug when displaying the toolbar. The variable "has_time_events" was not created in the scope of the toolbar.
Commits
-------
3e9780df59 [WebProfilerBundle] set the var in the right scope
This PR was merged into the 3.4 branch.
Discussion
----------
Backport Flex-specific error messages in controller shortcuts to 3.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/25133#issuecomment-354551079
| License | MIT
| Doc PR | n/a
Commits
-------
419e93465f Proposing Flex-specific error messages in the controller shortcuts
* 3.3:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.8:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.7:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
* 3.3:
Clean up
Update return type in docblock.
PHP CS Fixer: no need to exclude xml and yml files
PHP CS Fixer: no need to exclude json file
Update LICENSE year... forever
This PR was merged into the 2.7 branch.
Discussion
----------
Update LICENSE year... forever
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
By using the same trick than Facebook: https://github.com/facebook/react/blob/master/LICENSE
Commits
-------
8ce8bd5 Update LICENSE year... forever
* 3.3:
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
[2.7][DX] Use constant message contextualisation for deprecations
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Remove redundant translation path
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is only dead code, nothing change because all files are loaded from the `translations/` directory recursively and they override the ones from the bundle.
> http://symfony.com/doc/3.4/bundles/override.html#translations
> Translations are not related to bundles, but to domains. That means that you can override the translations from any translation file, as long as it is in the correct domain.
Commits
-------
16af89045a Remove redundant translation path
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Make cache:clear "atomic" and consistent with cache:warmup
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Here's what happens before/after this PR on `cache:clear` and `cache:clear --no-warmup`.
### Before PR
**`cache:clear`**
1. `rm var/cache_old`
1. Clearing cache in `var/cache` <i><--- This is not in line and not atomic</i>
1. `rm var/cache_warmup`
1. Warming up cache in `var/cache_warmup`
1. `mv var/cache var/cache_old`
1. `mv var/cache_warmup var/cache`
1. `rm var/cache_old`
**`cache:clear --no-warmup`**
1. `rm var/cache_old`
1. Clearing cache in `var/cache` <i><--- This is not in line and not atomic</i>
1. `mv var/cache var/cache_old` <i><--- The old cache dir is completely obsolete in this workflow</i>
1. `rm var/cache_old`
---
### After PR
**`cache:clear`**
1. `rm var/cache_old`
1. `rm var/cache_new`
1. Clearing cache in `var/cache_new`
1. Warming up cache in `var/cache_new`
1. `mv var/cache var/cache_old`
1. `mv var/cache_new var/cache`
1. `rm var/cache_old`
**`cache:clear --no-warmup`**
1. `rm var/cache_old`
1. `rm var/cache_new`
1. Clearing cache in `var/cache_new`
1. `mv var/cache var/cache_old`
1. `mv var/cache_new var/cache`
1. `rm var/cache_old`
---
The main differences:
- Unify the flows and have each distinct operation only once in the code
- Clear the cache in the new cache directory and then switch to it atomically instead of clearing in the current one.
- Always have the cache directory present in the end. It was missing after `cache:clear --no-warmup` before.
I think this brings more consistency and is aligned with the present goals of the command as well.
However, I'm not really familiar with the Symfony framework and I might have wrong assumptions.
Commits
-------
8b88d9fc36 [FrameworkBundle] Make cache:clear "atomic" and consistent with cache:warmup
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/24988
| License | MIT
| Doc PR | -
As described in #24988 I think the current handling of the `Cache-Control` header set by the `NativeSessionStorage` causes inconsistent behaviour.
In #24988 @nicolas-grekas states that if you start a session a response should be considered to be private. I do agree with this but up until now, nobody takes care of this on `kernel.response`.
I think we must always suppress the `NativeSessionStorage` from generating any headers by default. Otherwise the `Cache-Control` header never makes it to the `Response` instance and is thus missed by `kernel.response` listeners and for example the Symfony HttpCache. So depending on whether you use Symfony's HttpCache or Varnish as a reverse proxy, caching would be handled differently. Varnish would consider the response to be private if you set the php.ini setting `session.cache_limiter` to `nocache` (which is default) because it will receive the header. HttpCache would not because the `Cache-Control` header is not present on the `Response`. That's inconsistent and may cause confusion or problems when switching proxies.
Commits
-------
dbc1c1c4b6 [HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBundle/Brige] catch missing requirements to throw meaningful exceptions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25256, https://github.com/symfony/webpack-encore/issues/173
| License | MIT
| Doc PR | -
It is possible to register a handler for undefined twig functions/filters.
IMHO, this is the hook point we should leverage to throw meaningful exception messages.
This works well on its own. We now just need to list the functions/filters with appropriate messages.
There is one case we could enhance: at warmup time, Twig exceptions are swallowed, thus not visible.
Shouldn't we make these visible instead?
ping @weaverryan since this is related to two issues of yours.
Commits
-------
ac891ac881 [TwigBundle/Brige] catch missing requirements to throw meaningful exceptions
* 3.3:
Add application/ld+json format associated to json
[HttpFoundation] Fix false-positive ConflictingHeadersException
[WebServerBundle] Fix escaping of php binary with arguments
Error handlers' $context should be optional as it's deprecated
[Serializer] Correct typing mistake in DocBlock
[Config] Fix closure CS
PHP CS Fixer: use PHPUnit Migration ruleset
Update MemcachedTrait.php
[Bridge/PhpUnit] thank phpunit/phpunit
[Process] Fix setting empty env vars
[Process] Dont use getenv(), it returns arrays and can introduce subtle breaks accros PHP versions
[WebServerBundle] fix a bug where require would not require the good file because of env
[Console] Commands with an alias should not be recognized as ambiguous
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] Fix panel break when stopwatch component is not installed.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25350
| License | MIT
| Doc PR | -
Fixes a crash in the time profiler panel when the stopwatch is not installed. This avoids a hard dependency like the ticket author requested, as the rest of the component can already deal with that case.
I think this is an issue in 3.4+, but I only tested against 4.0.2 locally (code in the affected file only differs in whitespace between 3.4 and 4.0).
Commits
-------
e9577cb207 Display n/a for sub-requests time when Stopwatch component is not installed
410b597393 Fix panel break when stopwatch component is not installed.
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] allow auto_wire for SessionAuthenticationStrategy class
| Q | A
| ------------- | ---
| Branch? | 3.4 up to 4.0 for deprecation fixe
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
b36154e allow auto_wire for SessionAuthenticationStrategy class
This PR was merged into the 3.3 branch.
Discussion
----------
[WebServerBundle] fix a bug where require would not require the good file because of env
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25515
| License | MIT
| Doc PR |
This fixes a bug with putenv that could be not working on certain version of php. (>=7.0.0).
Commits
-------
bfeee1f [WebServerBundle] fix a bug where require would not require the good file because of env
* 3.3:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.8:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.7:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] remove esi/ssi renderers if inactive
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? |no
| Tests pass? | yes
| Fixed tickets | #25246
| License | MIT
| Doc PR | -
As found out within #25246 the esi/ssi fragment renderer services were registered for < 3.4 even when the framework config for it was disabled.
On 3.4+ this has been fixed already and the service definitions are removed.
With this fix the usual exception message appears when `framework.esi` or `framework.ssi` are disabled and using `render_esi(...)` or `render_ssi(...)`:
```
An exception has been thrown during the rendering of a template ("The "esi" renderer does not exist.").
```
**Note: Some people may see this exception when updating to this patch but this just means they are using esi/ssi without enabling it.**
Commits
-------
e1c36525fd [FrameworkBundle] remove esi/ssi renderers if inactive
This PR was merged into the 3.4 branch.
Discussion
----------
Fixing wrong class_exists on interface
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | symfony/symfony-docs#8873 already does not mention changing anything in the config
This was a bug introduced in #25151 on the 3.4 branch. It's... pretty self-explanatory I hope :).
Cheers!
Commits
-------
be75bd994b Fixing wrong class_exists on interface
* 2.8:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
* 2.7:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
This method will only add 'class_exists' as an autoloader if it has not
already been added. This helps alleviate a performance issue when the
same loader is added many times in tests.
* 3.3:
fix merge
[Translation] Fix InvalidArgumentException when using untranslated plural forms from .po files
Fixed exit code with non-integer throwable code
Add suggestions
Added instructions to upgrade Symfony applications to 4.x
This PR was merged into the 3.3 branch.
Discussion
----------
[MonologBridge][WebServerBundle] Add suggestions for using the log server
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | /
| License | MIT
| Doc PR | /
If you want launch `server:log`, you need the monolog bridge and the VarDumper. Optionally, you need EL if you want use `server:log --filter`.
Commits
-------
aca0ddd Add suggestions
* 3.3:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
[DI] Impossible to set an environment variable and then an array as container parameter
[LDAP] added missing dots at the end of some exception messages.
Set `width: auto` on WebProfiler toolbar's reset.
[Process] Dont rely on putenv(), it fails on ZTS PHP
[HttpKernel] detect deprecations thrown by container initialization during tests
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
[VarDumper] Fixed file links leave blank pages when ide is configured
Fix hidden currency element with Bootstrap 3 theme
* 2.8:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
Set `width: auto` on WebProfiler toolbar's reset.
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
Fix hidden currency element with Bootstrap 3 theme
* 2.7:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
Set `width: auto` on WebProfiler toolbar's reset.
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
Fix hidden currency element with Bootstrap 3 theme
* 2.7:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
This PR was squashed before being merged into the 3.4 branch (closes#25272).
Discussion
----------
[SecurityBundle] fix setLogoutOnUserChange calls for context listeners
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25267
| License | MIT
| Doc PR | -
As pointed out in https://github.com/symfony/symfony/issues/25267 the `setLogoutOnUserChange` method calls were added to the parent definition `security.context_listener` instead of the concrete child definitions `security.context_listener.*`.
ping @iltar @chalasr
Commits
-------
4eff146 [SecurityBundle] fix setLogoutOnUserChange calls for context listeners
This PR was merged into the 3.3 branch.
Discussion
----------
[FrameworkBundle] Fix a bug where a color tag will be shown when passing an antislash
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25193
| License | MIT
| Doc PR | none
You can see in the [reproducer](e6509ffcb4) when running `bin/console debug:container` that there an error in the ouput (like in the issue) when using a class with `\` in the service name.
This PR fix this wrong output. (even if that feels more developer thingy when there are xml everywhere ;)
Commits
-------
890edf7c38 [FrameworkBundle] Fix a bug where a color tag will be shown when passing an antislash
This PR was merged into the 3.3 branch.
Discussion
----------
[WebProfiler] Disallow viewing dot-files in Profiler
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The file viewer in the profiler should not open files that were specifically intended to be hidden, like specifically .env files, but similarly files like .htaccess that might expose server configuration knowledge.
Added tests validating both the new and old behavior.
Commits
-------
6a2f518e74 Disallow viewing dot-files in Profiler
The file viewer in the profiler should not open files that were meant
to be hidden, like specifically .env files, but similarly files like
.htaccess that might expose server configuration knowledge.
* 3.3:
Fail as early and noisily as possible
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
do not eagerly filter comment lines
[WebProfilerBundle], [TwigBundle] Fix Profiler breaking XHTML pages (Content-Type: application/xhtml+xml)
* 2.8:
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
* 2.7:
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
* 3.3:
[DI] Fix infinite loop in InlineServiceDefinitionsPass
Do not cache cache attributes if `attributes` is in the context
Test that it do not remove the new flashes when displaying the existing ones
[HttpFoundation] AutExpireFlashBag should not clear new flashes
[FrameworkBundle][Serializer] Remove YamlEncoder definition if Yaml component isn't installed
[DI] Fix tracking of env vars in exceptions
[Form] Don't rely on if http-foundation isn't in FileType
Fix merge
substitute aliases in inline mappings
added ability for substitute aliases when mapping in YAML is on single line
[Console] Fix global console flag when used in chain
* 3.3:
[DI] Dont resolve envs in service ids
Add tests proving it can load annotated files
[WebProfilerBundle] Reset letter-spacing in toolbar
Prefer overflow-wrap to word-break
[Routing] Fix "config-file-relative" annotation loader resources
Make search in debug:container command case-insensitive
`resolveEnvPlaceholders` will return a mixed value
This PR was merged into the 3.4 branch.
Discussion
----------
[*Bundle] Replace some kernel.root_dir by kernel.project_dir
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
92fc2f7 remove more kernel.root_dir parameter refs
4add28b [*Bundle] Replace some kernel.root_dir by kernel.project_dir
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Update translation commands to work with default paths
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25062
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/8634
This should make translation commands (debug & update) work with `translator.default_path` and `twig.default_path` directories (introduced here in 3.4) and their overridden paths if available.
Would be great to include also the custom paths mapping by the user, either `translator.paths` as `twig.paths`, but I'm not sure about the right way and probably it should be implemented on another branch.
TODO
- [x] Add some tests.
Commits
-------
dc7286625b Update translation commands to work with default paths
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock][Process][FrameworkBundle] fix tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When running tests locally, I have several failures. This fixes them.
Commits
-------
878b08c [Lock][Process][FrameworkBundle] fix tests
* 3.3:
Display a nice error message if the form/serializer component is missing.
Force phpunit-bridge update (bis)
[Bridge/PhpUnit] Fix disabling global state preservation
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Ignore failures when removing the old cache dir
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25066
| License | MIT
| Doc PR | -
ping @phoenixgao can you please check if this improves the situation?
Commits
-------
3c4d168ca9 [FrameworkBundle] Ignore failures when removing the old cache dir
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBundle][FrameworkBundle] Remove the internals from debug autowiring
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? |no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #24986
| License | MIT
| Doc PR |
#SymfonyConHackday2017
@nicolas-grekas @weaverryan @fabpot @stof It should be OK to review and to merge.
Commits
-------
491839b [TwigBundle][FrameworkBundle] Remove the internals from debug autowiring
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Don't trigger auto-picking notice if provider is set per listener
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24980
| License | MIT
| Doc PR | n/a
Commits
-------
19e891a [SecurityBundle] Don't trigger auto-picking notice if provider is set per listener
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Dont create empty bundles directory by default
| Q | A
| ------------- | ---
| Branch? | 3.4 / 4.1?
| Bug fix? | yes?
| New feature? | no
| BC breaks? | no?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
we still run `assets:install` by default, which in bundle-less apps gives this annoying empty public/bundles dir and some useless cli output, all the time. This fixes it.
Commits
-------
f8e7478583 [FrameworkBundle] Dont create empty bundles directory
This PR was squashed before being merged into the 3.4 branch (closes#25014).
Discussion
----------
Move deprecation under use statements
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
Commits
-------
0a5b016 Move deprecation under use statements
* 3.3:
[Bridge\PhpUnit] Disable broken auto-require mechanism of phpunit
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 3.3.14
bumped Symfony version to 2.8.32
bumped Symfony version to 2.7.39
updated VERSION for 3.3.13
updated CHANGELOG for 3.3.13
updated VERSION for 2.8.31
updated CHANGELOG for 2.8.31
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
* 2.8:
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 2.8.32
bumped Symfony version to 2.7.39
updated VERSION for 2.8.31
updated CHANGELOG for 2.8.31
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
* 2.7:
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 2.7.39
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Empty event dispatcher earlier in CacheClearCommand
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Once the cache folder is emptied, the event dispatcher cannot be used because service factories are gone. This currently fails very badly when an error is dispatched, but the error listeners are themselves failing to be loaded for this reason.
Commits
-------
a961392 [FrameworkBundle] Empty event dispatcher earlier in CacheClearCommand
* 3.3:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 3.3.13
updated VERSION for 3.3.12
updated CHANGELOG for 3.3.12
bumped Symfony version to 2.8.31
updated VERSION for 2.8.30
updated CHANGELOG for 2.8.30
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
* 2.8:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 2.8.31
updated VERSION for 2.8.30
updated CHANGELOG for 2.8.30
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
* 2.7:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
This PR was merged into the 2.7 branch.
Discussion
----------
Validate redirect targets using the session cookie domain
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
52b06f1c21 [Security] Validate redirect targets using the session cookie domain
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Add default translations path option and convention
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | ToDo
Similar to Twig default path, this proposal adds a `default_path` option under `translator` config:
```yaml
framework:
translator:
default_path: '%kernel.project_dir%/config/translations'
```
adding this default path to the discovered translations dirs. Thus, overriding bundle translations is possible by using this new convention: `config/translations/<BundleName>/messages.en.xlf`.
Also a new container parameter `%translator.default_path%` is defined by external purpose (similar to https://github.com/symfony/symfony/pull/24840)
Note: The current convention `%kernel.root_dir%/Resources/translations` path has priority over the new one.
TODO:
- [x] Add more tests about the new path
- [x] Update changelog
Commits
-------
1a8b1b41c9 Add default translations path option and convention
* 3.3:
[Intl] Update ICU data to 60.1
[YAML] Allow to parse custom tags when linting yaml files
[HttpKernel][Debug] Remove noise from stack frames of deprecations
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
[WebserverBundle] fixed the bug that caused that the webserver would …
update the pull request template
[Stopwatch] minor fix
* 2.8:
[Intl] Update ICU data to 60.1
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
update the pull request template
[Stopwatch] minor fix
* 2.7:
[Intl] Update ICU data to 60.1
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
update the pull request template
[Stopwatch] minor fix
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Add default mapping path for validator component in bundle-less app
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | ToDo
Same approach of https://github.com/symfony/symfony/pull/24833
Commits
-------
4e0daecc63 Add default mapping path for validator component
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Add default mapping path for serializer component in bundle-less app
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | ToDo
> http://symfony.com/doc/current/serializer.html#using-serialization-groups-annotations:
> In addition to the @Groups annotation, the Serializer component also supports Yaml or XML files. These files are automatically loaded when being stored in one of the following locations:
>* The `serialization.yml` or `serialization.xml` file in the `Resources/config/` directory of a bundle;
>* All `*.yml` and `*.xml` files in the `Resources/config/serialization/` directory of a bundle.
Inspired by the second convention, this proposal adds one more but for bundle-less structure. Theoretically this is what it does for you:
```yaml
framework:
serializer:
mapping:
paths:
- '%kernel.project_dir%/config/serializer/'
```
Commits
-------
43895b8dae Add default mapping path for serializer component
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBundle] Add default Twig templates path as a container param
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24839
| License | MIT
| Doc PR | N/A
Adds a `twig.default_path` container param for easier access to this config in compiler passes.
Commits
-------
81b38ec215 [TwigBundle] Add default Twig templates path as a container param
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
This ensures we always collect data about events, even when the `event_dispatcher` service is decorated, no matter the decoration order.
Commits
-------
7b3a641acc [FrameworkBundle] Specifically inject the debug dispatcher in the collector
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Add "container.hot_path" tag to flag the hot path and inline related services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR is the result of my quest to squeeze some performance out of 3.4/4.0.
It builds on two ideas:
- a new `container.inline` tag that identifies the services that are *always* needed. This tag is only applied to a very short list of bootstrapping services (`router`, `event_dispatcher`, `http_kernel` and `request_stack` only). Then, it is propagated to all dependencies of these services, with a special case for event listeners, where only listed events are propagated to their related listeners.
- replacing the PHP autoloader by plain inlined `require_once` in generated service factories, with the benefit of completely bypassing the autoloader for services and their class hierarchy.
The end result is significant, even on a simple Hello World.
Here is the Blackfire profile, results are consistent with `ab` benchmarks:
https://blackfire.io/profiles/compare/b5fa5ef0-755c-4967-b990-572305f8f381/graph
![capture du 2017-11-08 16-54-28](https://user-images.githubusercontent.com/243674/32558666-a3f439b2-c4a5-11e7-83a3-db588c3e21e5.png)
Commits
-------
f7cb559a06 [DI] Add "container.hot_path" tag to flag the hot path and inline related services