* 2.4:
udpated LICENSE year
update year on licenses
rundown and typo fix
[Process] Fix#9861 : Revert TTY mode
[Form] Update minimal requirement in composer.json
Fix Empty translations with Qt files
[Console] Fixed command name guessing if an alternative is an alias.
Update UPGRADE-2.3.md to account for #9388
[WebProfilerBundle] Fixed profiler toolbar icons for XHTML.
[BrowserKit] Throw exception on invalid cookie expiration timestamp
[Propel1Bridge][ModelChoiceList] add exception message for invalid classes
This PR was squashed before being merged into the 2.3 branch (closes#9948).
Discussion
----------
[WebProfilerBundle] Fixed profiler toolbar icons for XHTML.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Profiler page itself is entirely autonomic, but toolbar is not - unfortunately currently it doesn't work in XHTML documents :(.
#9877 backported to `2.3` branch.
Commits
-------
296c4d1 [WebProfilerBundle] Fixed profiler toolbar icons for XHTML.
Instead correctly use the array of schemes from the Route.
Also adjusted the dumpers to dump the correct data.
I extended the tests to not only test the deprecated behavior, but also
the new schemes-requirement.
* 2.4:
Revert "bug #9601 [Routing] Remove usage of deprecated _scheme requirement (Danez)"
bumped Symfony version to 2.4.2
updated VERSION for 2.4.1
updated CHANGELOG for 2.4.1
bumped Symfony version to 2.3.10
updated VERSION for 2.3.9
update CONTRIBUTORS for 2.3.9
updated CHANGELOG for 2.3.9
Add support SAPI cli-server
Fix hardcoded listenerTag name in error message
[HttpFoundation] Documented public properties.
[Routing] add missing unit tests for Route and RouteCollection classes
Conflicts:
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.4:
removed unneeded use statements
[DoctrineBridge] Fixed an issue with DoctrineParserCache
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
* 2.3:
removed unneeded use statements
Prepend Child Bundle paths before the parent
[Routing] add unit tests for Symfony\Component\Routing\RequestContext class
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/CsrfExtension.php
src/Symfony/Component/HttpKernel/DataCollector/TimeDataCollector.php
src/Symfony/Component/Validator/ConstraintValidatorFactory.php
This PR was merged into the 2.3 branch.
Discussion
----------
removed unneeded use statements
| Q | A
| ------------- | ---
| License | MIT
Commits
-------
7f9a366 removed unneeded use statements
* 2.4:
[Security] fixed pre/post authentication checks
fixed missing use statements
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[Intl] Added round support for ROUND_CEILING, ROUND_FLOOR, ROUND_DOWN, ROUND_UP
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
* 2.3:
[Security] fixed pre/post authentication checks
Updated lithuanian validator translation: changed vartotojas to naudotojas as it is more proper term.
Fixed CSS
[HttpFoundation] Throw proper exception when invalid data is passed to JsonResponse class
addressed == -> === suggestion
Fixed#9020 - Added support for collections in service#parameters
fixes PSR-0 issues in tests
adjusted behavior to always copy override on url files
Skips test that need full lib-intl.
Conflicts:
src/Symfony/Component/Security/Acl/Tests/Permission/MaskBuilderTest.php
src/Symfony/Component/Security/Core/Tests/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Core/Tests/User/AccountCheckerTest.php
src/Symfony/Component/Security/Core/Tests/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php
src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememberMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/Authentication/Token/RememerMeTokenTest.php
src/Symfony/Component/Security/Tests/Core/User/AccountCheckerTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/InMemoryUserProviderTest.php
src/Symfony/Component/Security/Tests/Core/User/UserCheckerTest.php
This PR was squashed before being merged into the 2.5-dev branch (closes#9855).
Discussion
----------
[Twig] Decouple Twig commands from the Famework
I want to use the command `twig:lint` in a Silex project.
In this PR, I've moved the class `Symfony\Bundle\TwigBundle\Command\LintCommand` to `Symfony\Bridge\Twig\Command\LintCommand` and removed dependency to the `ContainerAwareCommand`.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes (renamed class)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/9818#issuecomment-30961360
| License | MIT
| Doc PR | n/a
- [ ] Move command `twig:debug` once merged.
- [x] Lazy load twig service
Commits
-------
907748d [Twig] Decouple Twig commands from the Famework
This PR was merged into the 2.5-dev branch.
Discussion
----------
[WIP] [FrameworkBundle] removed some more dependencies on the request service
| Q | A
| ------------- | ---
| Bug fix? | kinda (see linked tickets)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8915, #9185
| License | MIT
| Doc PR | n/a
/cc @kriswallsmith
Commits
-------
4f3d502 [FrameworkBundle] removed some more dependencies on the request service
This PR was merged into the 2.5-dev branch.
Discussion
----------
WebTestCase: Assume relative KERNEL_DIR is relative to phpunit.xml[.dist]?
When using the `KERNEL_DIR` setting in phpunit.xml[.dist] files for the `WebTestCase`, a relative path seems to be interpreted relative to the cwd.
That makes no difference in the probably most common case of having the phpunit config in the project's top level directory and just running `phpunit`. It makes a difference however when running it from a lower level dir and referencing the config with `-c ../../phpunit.xml`.
A conservative change would be to interpret the `KERNEL_DIR` as relative to cwd and only try it as relative to the phpunit.xml[.dist] file if the first path does not exist.
A more consistent approach would be to always have it (in case of relative paths) being relative to the config file. That might break things for folks who intentionally start phpunit from different directories to use different kernels.
The docs seem not to say anything about how it is supposed to used, the example values provided suggest using an absolute path.
Opinions?
Commits
-------
05dc0e1 Consider KERNEL_DIR setting as relative to the PhpUnit XML file if it does not point to a directory (relative to the current cwd)
* 2.4:
fixed CS
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
avoid tables to have apparently long blank line breaks and be too far appart for long nested array params
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
* 2.3:
fixed a typo
fixed CS for lambdas
[Yaml] fixed some license headers
Fixes message value for objects
Check for hour, minute & second validity
fixed various typos
[Filesystem] Fixed mirror for symlinks
[Validator] Removed duplicated test for IBAN in data provider
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/ContainerAwareHttpKernelTest.php
* 2.4: (44 commits)
[FrameworkBundle] Add missing license headers
Fix parent serialization of user object
[DependencyInjection] fixed typo
added condition to avoid skipping tests on JSON_PRETTY support
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[FrameworkBundle] Added extra details in XMLDescriptor to improve container description
fixed CS
Crawler default namespace fix
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
fix deprecated usage and clarify constructor defaults for number formatter
Bumping dependency to ProxyManager to allow testing against the new 0.5.x branch changes
Do normalization on tag options
bumped Symfony version to 2.3.9
...
* 2.3: (31 commits)
Fix parent serialization of user object
[DependencyInjection] fixed typo
add memcache, memcached, and mongodb extensions to run skipped tests
[DependencyInjection] Fixed support for backslashes in service ids.
fix#9356 [Security] Logger should manipulate the user reloaded from provider
[BrowserKit] fixes#8311 CookieJar is totally ignorant of RFC 6265 edge cases
[HttpFoundation] fixed constants that do exist in 2.3 (only in 2.4)
fix 5528 let ArrayNode::normalizeValue respect order of value array provided
fix#7243 allow 0 as arraynode name
Fixed issue in BaseDateTimeTransformer when invalid timezone cause Transformation filed exception (closes#9403).
BinaryFileResponse should also return 416 or 200 on some range-requets
Do normalization on tag options
bumped Symfony version to 2.3.9
updated VERSION for 2.3.8
update CONTRIBUTORS for 2.3.8
updated CHANGELOG for 2.3.8
[Filesystem] Changed the mode for a target file in copy() to be write only.
[Console] fixed CS
fixed TableHelper when cell value has new line
Improved and fixed grammar mistakes. Added pluralized messages
...
Conflicts:
src/Symfony/Component/BrowserKit/Cookie.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Matcher/UrlMatcher.php
This PR was merged into the 2.4 branch.
Discussion
----------
[Form] Improved debugger icon
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Changes the form icon in the toolbar to be pixel perfect.
| before | after |
| ---------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
|  |  |
Commits
-------
74e59fe Changes the form icon in the toolbar to be pixel perfect.
Instead correctly use the array of schemes from the Route.
Also adjusted the dumpers to dump the correct data.
I extended the tests to not only test the deprecated behavior, but also
the new schemes-requirement.
* 2.4:
[Debug] fixed tests
ErrorHandlerTest: restore_error_handler() on assertion failure
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
bumped Symfony version to 2.4.1
updated VERSION for 2.4.0
updated CHANGELOG for 2.4.0
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
Fixed typo
[validator] throw an exception if isn't an instance of ConstraintValidatorInterface.
Reset the box model to content-box in the web debug toolbar
[FrameworkBundle] Allowed "0" as a checkbox value in the php template.
raising delta on stopwatch as travis really breaks with less than 35
Switched to correct gender of "Token"
fixed typos in several translations
[HttpKernel] use static late binding when dumping out container
* 2.4:
updated Composer suggested packages
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Default form.csrf_protection.enabled to csrf_protection.enabled
Handled the scenario when no entity manager is passed with closure query builder.
Enabled csrf_protection by default if form.csrf_protection is enabled
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
* 2.3:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
Fixed typo in phpdoc
Handled the scenario when no entity manager is passed with closure query builder.
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
[Debug] ensured that a fatal PHP error is actually fatal after being handled by our error handler
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
* 2.2:
updated VERSION for 2.2.11
update CONTRIBUTORS for 2.2.11
updated CHANGELOG for 2.2.11
[HttpKernel] made a small optimization to Bundle initialization
minor optimalization at bundle initialization
[EventDispatcher] tweaked README
removed observer pattern, in favour of mediator
[DoctrineBridge] normalized class names in the ORM type guesser
Fix `extract` method to avoid recalculating count() for each iteration.
use the correct class name to retrieve mapped class' metadata and repository
[WebProfilerBundle] Fixed js escaping in time.html.twig
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/time.html.twig
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.4 branch.
Discussion
----------
Fixed BC break in csrf protection
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9429
| License | MIT
| Doc PR | n/a
Commits
-------
d00954a Default form.csrf_protection.enabled to csrf_protection.enabled
* 2.4:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
fixed lexing expression ending with spaces
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
[HttpKernel] Fix profiler event-listener usage outside request stack context
When getting the session's id, check if the session is not closed
Fix undefined offset when formatting namespace suggestions
Adjusting CacheClear Warmup method to namespaced kernels
* 2.3:
[Debug] fixed unit tests
Avoid notice from being *eaten* by fatal error.
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
Fixes#9633, Removed dependency to Symfony\Bundle\FrameworkBundle\Tests\TestCase
[Validator] Replaced inexistent interface.
When getting the session's id, check if the session is not closed
Adjusting CacheClear Warmup method to namespaced kernels
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/CacheClearCommand.php
* 2.2:
Teardown used wrong property
Modified guessDefaultEscapingStrategy to not escape txt templates
Fix DateType for 32bits computers.
Fixed the registration of validation.xml file when the form is disabled
When getting the session's id, check if the session is not closed
This PR was merged into the 2.3 branch.
Discussion
----------
Adjusting CacheClear Warmup method to namespaced kernels
Backported the patch in #9525 to the 2.3 branch.
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | have not tried yet
| License | MIT
| Fixed tickets | further fixes#1431
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this? If this sounds reasonable i'll do further enhancements and check tests.
Commits
-------
00d79d5 Adjusting CacheClear Warmup method to namespaced kernels
* 2.4:
[HttpKernel] fixed regression introduced in 2.4 in the base DataCollector class. Added more unit tests coverage for the RequestDataCollector object.
Fixed mistake in upgrade docu
bumped Symfony version to 2.4.0
updated VERSION for 2.4.0-RC1
updated CHANGELOG for 2.4.0-RC1
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
Fix an issue when overriding Client::setServerParameters() and using the getContainer() method in it.
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3:
Fixed mistake in upgrade docu
Container::camelize also takes backslashes into consideration
fixed typos
fixed @expectedException class names
fixed some typos
fixed @expectedException class names
Typo and better wording for german validator translation
* 2.3: (24 commits)
Add german translation for several validators (Greater/Equal/Less)
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Removed useless check if self::$trustProxies is set
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
[Intl] fixed datetime test as described in #9455
bumped Symfony version to 2.3.8
updated VERSION for 2.3.7
updated CHANGELOG for 2.3.7
re-factor Propel1 ModelChoiceList
[Form] Added method Form::getClickedButton() to remove memory leak in FormValidator
[Locale] fixed the failing test described in #9455
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php
src/Symfony/Bridge/Propel1/Tests/Form/ChoiceList/ModelChoiceListTest.php
src/Symfony/Bridge/Propel1/Tests/Propel1TestCase.php
src/Symfony/Component/Form/Tests/CompoundFormTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/Process.php
* 2.2:
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
re-factor Propel1 ModelChoiceList
[Locale] fixed the failing test described in #9455
[Process] fix phpdoc and timeout of 0
bug #9445 [BrowserKit] fixed protocol-relative url redirection
Conflicts:
src/Symfony/Component/BrowserKit/Tests/ClientTest.php
src/Symfony/Component/Locale/Tests/Stub/StubIntlDateFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
[SecurityBundle] Added csrf_token_generator and csrf_token_id as new
names for csrf_provider and intention options
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #9176
| License | MIT
| Doc PR | n/a
Commits
-------
f2f15f5 [SecurityBundle] Added csrf_token_generator and csrf_token_id as new names for csrf_provider and intention options
This PR was merged into the master branch.
Discussion
----------
Cache Warmup Breaks Namespaced Kernel
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | have not tried yet
| License | MIT
| Fixed tickets | further fixes#1431
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this? If this sounds reasonable i'll do further enhancements and check tests.
Commits
-------
9e7788e Cache Warmup Breaks Namespaced Kernel
This PR was merged into the master branch.
Discussion
----------
unify constructor initialization style throughout symfony
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
In almost all classes symfony uses property initialization when the value is static. Constructor initialization is only used for things that actually have logic, like passed parameters or dynamic values. IMHO it makes the code much more readable because property definition, phpdoc and default value is in one place. Also one can easily see what the constructor implements for logic like overridden default value of a parent class. Otherwise the real deal is just hidden behind 10 property initializations. One more advantage is that it requires less code. As you can see, the code was almost cut in half (210 additions and 395 deletions).
I unified it accordingly across symfony. Sometimes it was [not even consistent within one class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Config/Definition/BaseNode.php#L32). At the same time I recognized some errors like missing parent constructor call, or undefined properties or private properties that are not even used.
I then realized that a few Kernel tests were not passing because they were deeply implementation specific like modifying booted flag with a custom `KernelForTest->setIsBooted();`. I improved and refactored the kernel tests in the __second commit__.
__Third commit__ unifies short ternary operator, e.g. `$foo ?: new Foo()`. __Forth commit__ unifies missing parentheses, e.g. `new Foo()`.
Commits
-------
077a089 unify missing parentheses
2888594 unify short ternary operator
2a9daff [HttpKernel] better written kernel tests
111ac18 unify constructor initialization style throughout symfony
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] use the new request_stack service in the GlobalVariables object
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
9c2ce49 [FrameworkBundle] use the new request_stack object in the GlobalVariables object
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2e07338 [FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
This PR was merged into the 2.2 branch.
Discussion
----------
CS fix
I hope this is not BC break though handler_id checking should be done with identical comparison operator I believe.
Commits
-------
1b6b1e9 if handler_id is identical to null fix
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this?
* 2.3: (25 commits)
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
Fixed bug with lazy services
[Translation] fixed the error in the dumper test as described in #9475
deleted mixing string concatenation inside a sprintf
"__call()" should be displayed only if $this->magicCall is true
[Console] fix phpdoc and constructor default value
Add media-query for printing: Do not print the toolbar.
Fix ProgressHelper redraw when redrawFreq is greater than 1
Update toolbar.css.twig
slovenian translations fixed
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
[Form] fix and unify phpdoc
...
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
adjust doctrine dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9384, #9385
| License | MIT
| Doc PR | -
I went through all components/bundles/bridges in symfony and searched for doctrine dependencies. Then looked if it only requires a subset (annotations instead of common for example).
Commits
-------
7366901 adjust doctrine dependencies
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfilerBundle] Small bugfix in CSS: don't make links bold.
If the CSS in your application has something like `a { font-weight: bold; }` to make links bold by default, they will also show up **bold** in the profilers toolbar, which doesn't look right. This patch explicitly sets the font-weight to 'normal', as it should be.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
984566d Add media-query for printing: Do not print the toolbar.
cf1b7cf Update toolbar.css.twig
b6738b6 Set the font-weight for links to 'normal', to prevent ugly bold links.
* 2.2:
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
update CONTRIBUTORS
added content length header to BinaryFileResponse
[Routing] added working test case for issue #5135
This PR was merged into the master branch.
Discussion
----------
Add X-Debug-Url profiler url header
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | None
Hey, working with rest APIs I find it way more convenient to have the profiler url directly in the header ... We human are used to deal with hypermedia!
A little bit of hateoas in symfony :)
Commits
-------
2f09754 Add X-Debug-Url profiler url header
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] Update deprecation message
Small addition to (doc string only):
https://github.com/symfony/symfony/pull/9252
Commits
-------
b057fab [FrameworkBundle] Update deprecation message
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
The removal of the Profiler dependency on the TraceableEventDispatcher (#9170) allows to remerge the patch from #9068 that fixes#6686.
This PR also cleans up how profiles are stored. A Profile is now always stored only once.
The fix will only be available on 2.4+ as the changes are too deep to be backported to 2.2 and 2.3.
Commits
-------
1e1835e [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was squashed before being merged into the master branch (closes#9252).
Discussion
----------
[FrameworkBundle] Only enable CSRF protection when enabled in config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe?
| Deprecations? | no
| Tests pass? | I hope, master was already broken here
| License | MIT
bf85e8365a introduced new service configuration for CSRF protection in the frameworkbundle. It is always enabled even if you don't use it. Since it also depends on enabling the session that's not so nice.
Commits
-------
60dce14 [FrameworkBundle] Only enable CSRF protection when enabled in config
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
Added missing "@throws" PHPdoc comments in controllers
Updated deprecated reference to Symfony\Component\HttpKernel\Debug\ExceptionHandler to use Symfony\Component\Debug\ExceptionHandler instead
* 2.3:
bumped Symfony version to 2.3.7
updated VERSION for 2.3.6
updated CHANGELOG for 2.3.6
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
[HttpKernel] Fixed a test (compiler pass class name has been changed).
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/Pbkdf2PasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
src/Symfony/Component/Security/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
* 2.2:
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
* 2.3:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
remove MinCount and MaxCount contraints. It has been replaced by Count constraints.
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Bridge/Propel1/Tests/Form/PropelTypeGuesserTest.php
* 2.2:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
[Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9210
| License | MIT
| Doc PR | -
This is a follow-up PR of #6554 that splits the CsrfTokenGenerator into two separate classes for generating and managing CSRF tokens. As a consequence, it is now possible to explicitly remove or refresh CSRF tokens if they should be used only once. See #9210 for more information.
Commits
-------
d4bb5f4 [Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
Commits
-------
31c6c62 [FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
* 2.3:
Fix: duplicate usage of Symfony\Component\HttpFoundation\Response
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
Revert "merged branch Tobion/flattenexception (PR #9111)"
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
This PR was squashed before being merged into the master branch (closes#7887).
Discussion
----------
[FrameworkBundle] adds routing/container descriptors
The goal of this PR is to add descriptors (as in #7454) for routing and container. This will permit add a `--format` option to `router:debug` and `container:debug` commands (with `txt`, `json`, `xml` and `md` formats).
Commits
-------
22f9bc8 [FrameworkBundle] adds routing/container descriptors
This PR was squashed before being merged into the master branch (closes#8927).
Discussion
----------
[Templating] fix logic regarding template references and many phpdocs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
this clarifies the expected types and exceptions by much. and it fixes some logic flaws.
- missing info/methods in interfaces
- respecting Twig_LoaderInterface only accepting strings, not objects
related to fabpot/Twig#1183 but does not depend on it
Commits
-------
f6c12bd [Templating] fix logic regarding template references and many phpdocs
This PR was merged into the master branch.
Discussion
----------
Decoupled TraceableEventDispatcher from the Profiler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR removes the Profiler dependency on the TraceableEventDispatcher. That makes things more decoupled and cleaner. This PR also cleans up how profiles are stored; a Profile is now always stored only once.
I've created a `LateDataCollectorInterface` that is implemented for data collector that needs to get information from data that are available very late in the request process (when the request and the response are not even available anymore). The `lateCollect()` method is called just before the profile is stored.
We have 3 data collectors that implement that interface:
* Time: As the traceable event dipsatcher gets inject timing information via the stopwatch about all events (including the `terminate` one), we need to get events from the stopwatch as late as possible.
* Event: The traceable event dispatcher gathers all called listeners to determine non-called ones. To be able to accurately do that for all events (including the `terminate` one), we need to get the data as late as possible.
* Memory: We want to get the memory as late as possible to get the most accurate number as possible
I'm not very happy with the name and as always, better suggestions would be much appreciated.
This is an extract from #9168
Commits
-------
5cedea2 [HttpKernel] added LateDataCollectorInterface
9c4bc9a [HttpKernel] decoupled TraceableEventDispatcher and Profiler
This PR was merged into the master branch.
Discussion
----------
[Security] Added Security\Csrf sub-component with better token generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
**Update September 27, 2013**
This PR simplifies the CSRF mechanism to generate completely random tokens. A random token is generated once per ~~intention~~ token ID and then stored in the session. Tokens are valid until the session expires.
Since the CSRF token generator depends on `StringUtils` and `SecureRandom` from Security\Core, and since Security\Http currently depends on the Form component for token generation, I decided to add a new Security\Csrf sub-component that contains the improved CSRF token generator. Consequences:
* Security\Http now depends on Security\Csrf instead of Form
* Form now optionally depends on Security\Csrf
* The configuration for the "security.secure_random" service and the "security.csrf.*" services was moved to FrameworkBundle to guarantee BC
In the new Security\Csrf sub-component, I tried to improve the naming where I could do so without breaking BC:
* CSRF "providers" are now called "token generators"
* CSRF "intentions" are now called "token IDs", because that's really what they are
##### TODO
- [ ] The documentation needs to be checked for references to the configuration of the application secret. Remarks that the secret is used for CSRF protection need to be removed.
- [ ] Add aliases "csrf_token_generator" and "csrf_token_id" for "csrf_provider" and "intention" in the SecurityBundle configuration
- [x] Make sure `SecureRandom` never blocks for `CsrfTokenGenerator`
Commits
-------
7f02304 [Security] Added missing PHPDoc tag
2e04e32 Updated Composer dependencies to require the Security\Csrf component where necessary
bf85e83 [FrameworkBundle][SecurityBundle] Added service configuration for the new Security CSRF sub-component
2048cf6 [Form] Deprecated the CSRF implementation and added an optional dependency to the Security CSRF sub-component instead
85d4959 [Security] Changed Security HTTP sub-component to depend on CSRF sub-component instead of Form
1bf1640 [Security] Added CSRF sub-component
This PR was merged into the master branch.
Discussion
----------
[Form] Rewrite boolean attributes to match HTML spec
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #7856
> 'The presence of a boolean attribute on an element represents the true value, and the absence of the attribute represents the false value.' - http://www.w3.org/html/wg/drafts/html/master/infrastructure.html#boolean-attribute
This commit modifies widget_container_attributes and widget_attributes so that:
* `true` values render as the attribute name with the attribute name repeated as the value
* `false` values are not rendered
The comparison is strict using sames() in twig.
Previously `false` values would have been rendered as `some-attribute=""` which according to the spec would actually make them a boolean attribute and therefore equal to true.
Commits
-------
b85577b [Form] Improved test coverage of widget_attributes and widget_container_attributes blocks
8e4c2a7 [Form] Rewrite boolean attributes to match HTML spec
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
This PR was merged into the master branch.
Discussion
----------
[Translation] Added support for JSON format (both loader and dumper).
Based on `IniFileLoader\Dumper`.
Q | A
--- | ---
Bug fix? |no
New feature? | yes
BC breaks?| no
Deprecations? |no
Tests pass? | yes
Fixed tickets | -
License | MIT
Doc | this component don't have docs
Commits
-------
fcef021 [Translation] Added support for JSON format (both loader and dumper).
* 2.3:
Run all tests in parallel.
Fixed an entity class name.
[HttpKernel] fix usage of deprecated FlattenException
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
* 2.3:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
* 2.2:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
Conflicts:
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/Locale/Stub/StubNumberFormatter.php
src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
This PR was merged into the master branch.
Discussion
----------
[ExpressionLanguage] made minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9087
| License | MIT
| Doc PR | n/a
* made ExpressionLanguage::parse return an ParsedExpression instance
* optimized the size of the serialization of expressions
Commits
-------
e869136 [ExpressionLanguage] renamed addFunction() to register()
5076ec7 [ExpressionLanguage] optimized serialization of nodes and expressions
60b9f85 [ExpressionLanguage] made ExpressionLanguage::parse return an ParsedExpression instance
This PR was merged into the master branch.
Discussion
----------
New Component: Expression Language
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8850, #7352
| License | MIT
| Doc PR | not yet
TODO:
- [ ] write documentation
- [x] add tests for the new component
- [x] implement expression support for access rules in the security component
- [x] find a better character/convention for expressions in the YAML format
- [x] check the performance of the evaluation mode
- [x] better error messages in the evaluation mode
- [x] add support in the Routing
- [x] add support in the Validator
The ExpressionLanguage component provides an engine that can compile and
evaluate expressions.
An expression is a one-liner that returns a value (mostly, but not limited to, Booleans).
It is a strip-down version of Twig (only the expression part of it is
implemented.) Like Twig, the expression is lexed, parsed, and
compiled/evaluated. So, it is immune to external injections by design.
If we compare it to Twig, here are the main big differences:
* only support for Twig expressions
* no ambiguity for calls (foo.bar is only valid for properties, foo['bar'] is only valid for array calls, and foo.bar() is required for method calls)
* no support for naming conventions in method calls (if the method is named getFoo(), you must use getFoo() and not foo())
* no notion of a line for errors, but a cursor (we are mostly talking about one-liners here)
* removed everything specific to the templating engine (like output escaping or filters)
* no support for named arguments in method calls
* only one extension point with functions (no possibility to define new operators, ...)
* and probably even more I don't remember right now
* there is no need for a runtime environment, the compiled PHP string is self-sufficient
An open question is whether we keep the difference betweens arrays and hashes.
The other big difference with Twig is that it can work in two modes (possible
because of the restrictions described above):
* compilation: the expression is compiled to PHP and is self-sufficient
* evaluation: the expression is evaluated without being compiled to PHP (the node tree produced by the parser can be serialized and evaluated afterwards -- so it can be saved on disk or in a database to speed up things when needed)
Let's see a simple example:
```php
$language = new ExpressionLanguage();
echo $language->evaluate('1 + 1');
// will echo 2
echo $language->compile('1 + 2');
// will echo "(1 + 2)"
```
The language supports:
* all basic math operators (with precedence rules):
* unary: not, !, -, +
* binary: or, ||, and, &&, b-or, b-xor, b-and, ==, ===, !=, !==, <, >, >=, <=, not in, in, .., +, -, ~, *, /, %, **
* all literals supported by Twig: strings, numbers, arrays (`[1, 2]`), hashes
(`{a: "b"}`), Booleans, and null.
* simple variables (`foo`), array accesses (`foo[1]`), property accesses
(`foo.bar`), and method calls (`foo.bar(1, 2)`).
* the ternary operator: `true ? true : false` (and all the shortcuts
implemented in Twig).
* function calls (`constant('FOO')` -- `constant` is the only built-in
functions).
* and of course, any combination of the above.
The compilation is better for performances as the end result is just a plain PHP string without any runtime. For the evaluation, we need to tokenize, parse, and evaluate the nodes on the fly. This can be optimized by using a `ParsedExpression` or a `SerializedParsedExpression` instead:
```php
$nodes = $language->parse($expr, $names);
$expression = new SerializedParsedExpression($expr, serialize($nodes));
// You can now store the expression in a DB for later reuse
// a SerializedParsedExpression can be evaluated like any other expressions,
// but under the hood, the lexer and the parser won't be used at all, so it''s much faster.
$language->evaluate($expression);
```
That's all folks!
I can see many use cases for this new component, and we have two use cases in
Symfony that we can implement right away.
## Using Expressions in the Service Container
The first one is expression support in the service container (it would replace
#8850) -- anywhere you can pass an argument in the service container, you can
use an expression:
```php
$c->register('foo', 'Foo')->addArgument(new Expression('bar.getvalue()'));
```
You have access to the service container via `this`:
container.get("bar").getvalue(container.getParameter("value"))
The implementation comes with two functions that simplifies expressions
(`service()` to get a service, and `parameter` to get a parameter value). The
previous example can be simplified to:
service("bar").getvalue(parameter("value"))
Here is how to use it in XML:
```xml
<parameters>
<parameter key="value">foobar</parameter>
</parameters>
<services>
<service id="foo" class="Foo">
<argument type="expression">service('bar').getvalue(parameter('value'))</argument>
</service>
<service id="bar" class="Bar" />
</services>
```
and in YAML (I chose the syntax randomly ;)):
```yaml
parameters:
value: foobar
services:
bar:
class: Bar
foo:
class: Foo
arguments: [@=service("bar").getvalue(parameter("value"))]
```
When using the container builder, Symfony uses the evaluator, but with the PHP
dumper, the compiler is used, and there is no overhead as the expression
engine is not needed at runtime. The expression above would be compiled to:
```php
$this->get("bar")->getvalue($this->getParameter("value"))
```
## Using Expression for Security Access Control Rules
The second use case in Symfony is for access rules.
As we all know, the way to configure the security access control rules is confusing, which might lead to insecure applications (see http://symfony.com/blog/security-access-control-documentation-issue for more information).
Here is how the new `allow_if` works:
```yaml
access_control:
- { path: ^/_internal/secure, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" }
```
This one restricts the URLs starting with `/_internal/secure` to people browsing from the localhost. Here, `request` is the current Request instance. In the expression, there is access to the following variables:
* `request`
* `token`
* `user`
And to the following functions:
* `is_anonymous`
* `is_authenticated`
* `is_fully_authenticated`
* `is_rememberme`
* `has_role`
You can also use expressions in Twig, which works well with the `is_granted` function:
```jinja
{% if is_granted(expression('has_role("FOO")')) %}
...
{% endif %}
```
## Using Expressions in the Routing
Out of the box, Symfony can only match an incoming request based on some pre-determined variables (like the path info, the method, the scheme, ...). But some people want to be able to match on more complex logic, based on other information of the Request object. That's why we introduced `RequestMatcherInterface` recently (but we no default implementation in Symfony itself).
The first change I've made (not related to expression support) is implement this interface for the default `UrlMatcher`. It was simple enough.
Then, I've added a new `condition` configuration for Route objects, which allow you to add any valid expression. An expression has access to the `request` and to the routing `context`.
Here is how one would configure it in a YAML file:
```yaml
hello:
path: /hello/{name}
condition: "context.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
Why do I keep the context as all the data are also available in the request? Because you can also use the condition without using the RequestMatcherInterface, in which case, you don't have access to the request. So, the previous example is equivalent to:
```yaml
hello:
path: /hello/{name}
condition: "request.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
When using the PHP dumper, there is no overhead as the condition is compiled. Here is how it looks like:
```php
// hello
if (0 === strpos($pathinfo, '/hello') && preg_match('#^/hello/(?P<name>[^/]++)$#s', $pathinfo, $matches) && (in_array($context->getMethod(), array(0 => "GET", 1 => "HEAD")) && preg_match("/firefox/i", $request->headers->get("User-Agent")))) {
return $this->mergeDefaults(array_replace($matches, array('_route' => 'hello')), array ());
}
```
Be warned that conditions are not taken into account when generating a URL.
## Using Expressions in the Validator
There is a new Expression constraint that you can put on a class. The expression is then evaluated for validation:
```php
use Symfony\Component\Validator\Constraints as Assert;
/**
* @Assert\Condition(condition="this.getFoo() == 'fo'", message="Not good!")
*/
class Obj
{
public function getFoo()
{
return 'foo';
}
}
```
In the expression, you get access to the current object via the `this` variable.
## Dynamic annotations
The expression language component is also very useful in annotations. the SensoLabs FrameworkExtraBundle leverages this possibility to implement HTTP validation caching in the `@Cache` annotation and to add a new `@Security` annotation (see sensiolabs/SensioFrameworkExtraBundle#238.)
Commits
-------
d4ebbfd [Validator] Renamed Condition to Expression and added possibility to set it onto properties
a3b3a78 [Validator] added a constraint that runs an expression
1bcfb40 added optimized versions of expressions
984bd38 mades things more consistent for the end user
d477f15 [Routing] added support for expression conditions in routes
86ac8d7 [ExpressionLanguage] improved performance
e369d14 added a Twig extension to create Expression instances
38b7fde added support for expression in control access rules
2777ac7 [HttpFoundation] added ExpressionRequestMatcher
c25abd9 [DependencyInjection] added support for expressions in the service container
3a41781 [ExpressionLanguage] added support for regexes
9d98fa2 [ExpressionLanguage] added the component
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fix typo and remove unused logger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a33cc51 [Security] remove unused logger
62de9c1 [Security] fix typo
* 2.3:
fixed phpdoc
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
* 2.2:
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Command/Command.php
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/README.md
src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
This PR was squashed before being merged into the 2.2 branch (closes#9067).
Discussion
----------
Fix some annotates
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
send those fixes in branch 2.2
This pr includes #9065
Commits
-------
de39bd5 Fix some annotates
This PR was merged into the 2.2 branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
Commits
-------
f65a526 [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was merged into the master branch.
Discussion
----------
[Security] Split the component into 3 sub-components Core, ACL, HTTP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9047, #8848
| License | MIT
| Doc PR | -
The rationale behind this PR is to be able to use any of the sub components without requiring all the dependencies of the other sub components. Specifically, I'd like to use the core utils for an improved CSRF protection mechanism (#6554).
Commits
-------
14e9f46 [Security] removed unneeded hard dependencies in Core
5dbec8a [Security] fixed README files
62bda79 [Security] copied the Resources/ directory to Core/Resources/
7826781 [Security] Split the component into 3 sub-components Core, ACL, HTTP
This PR was squashed before being merged into the master branch (closes#8635).
Discussion
----------
[Config] Create XML Reference Dumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Only Yaml was supported. This PR adds support for XML. This makes it easier to test XML schema's (see symfony-cmf/MenuBundle#114 ), helps us at the docs with our configuration reference and helps others using XML with symfony.
## Todo
- [x] Prototyped arrays don't work properly
- [x] Add comments (see Yaml dumper)
- [x] Add namespaces support
## Side effects
I've moved the reference dumpers to their own namespace and renamed the original reference dumper to `YamlReferenceDumper`. The old one is kept for BC, but deprecated.
/cc @dantleech
Commits
-------
05e9ca7 [Config] Create XML Reference Dumper
* 2.3:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[DomCrawler] fixed HTML5 form attribute handling
Making tests pass on mac os x without this change tests would fail under mac os x at least in 10.8.2
[BrowserKit] Fixed the handling of parameters when redirecting
[Process] Properly close pipes after a Process::stop call
fixed bytes conversion when used on 32-bits systems
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Form] Fixed: "required" attribute is not added to <select> tag if no empty value
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.2:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[BrowserKit] Fixed the handling of parameters when redirecting
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/BrowserKit/Client.php
src/Symfony/Component/DomCrawler/Crawler.php
* 2.3:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
* 2.2:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
* 2.3:
[WebProfilerBundle] fixed toolbar for IE8 (refs #8380)
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
* 2.3:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
[Process] Fix process merge in 2.3
[Intl] made RegionBundle and LanguageBundle merge fallback data when using a country-specific locale
* 2.2:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
Conflicts:
src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/Process/Process.php
This PR was merged into the 2.2 branch.
Discussion
----------
Fixed registration of private event listeners/subscribers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6541
| License | MIT
| Doc PR | n/a
When registering a private event subscriber/listener, the listener was just ignored.
This PR does two things to fix the problem:
* the event listener pass is done earlier to get access to the private services
* when a private service is identified, a proper exception is thrown
Commits
-------
8444339 [HttpKernel] added a check for private event listeners/subscribers
427ee19 [FrameworkBundle] fixed registration of the register listener pass
* 2.3:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
Removed duplicate annotation
[HttpKernel] made code more reliable
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/GenericEntityChoiceListTest.php
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypeTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
This PR was squashed before being merged into the master branch (closes#8657).
Discussion
----------
Added option to show controllers optionally in the router:debug command
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Added option to show controllers in the router debug command as a convenience function.
app/console router:debug --show-controllers
Commits
-------
6fd32f3 Added option to show controllers optionally in the router:debug command
* 2.2:
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
* 2.3:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
removed unused variable
[Form] fix iterator typehint
typos
Button missing getErrorsAsString() fixes#8084 Debug: Not calling undefined method anymore. If the form contained a submit button the call would fail and the debug of the form wasn't possible. Now it will work in all cases. This fixes#8084
Use isset() instead of array_key_exists() in DIC
Fixed annotation
[BrowserKit] fixed method/files/content when redirecting a request
[BrowserKit] removed some headers when redirecting a request
[BrowserKit] fixed headers when redirecting if history is set to false (refs #8697)
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
[BrowserKit] Pass headers when `followRedirect()` is called
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
* 2.2:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
typos
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Console/Application.php
set logger in extension , so its only done in debug mode
add psr/log to suggest of templating
add test for setLogger and refactor tests to not depend that much an
deprecated functionality
* 2.3:
Clear lazy loading initializer after the service is successfully initialized
[FrameworkBundle] added support for double-quoted strings in the extractor (closes#8797)
[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
bumped Symfony version to 2.3.5-DEV
updated VERSION for 2.3.4
updated CHANGELOG for 2.3.4
bumped Symfony version to 2.2.7
updated VERSION for 2.2.6
update CONTRIBUTORS for 2.2.6
updated CHANGELOG for 2.2.6
clearToken exception is thrown at wrong place.
fix typo in test skipped message
[Form] Fixed Form::all() signature for PHP 5.3.3
[Form] Fixed Form::all() signature for PHP 5.3.3
[Locale] Fixed: Locale::setDefault() throws no exception when "en" is passed
[Locale] Fixed: StubLocale::setDefault() throws no exception when "en" is passed
[Translation] Grammar fix
[Yaml] fixed embedded folded string parsing
[Validator] fixed Boolean handling in XML constraint mappings (closes#5603)
[Translation] Fixed regression: When only one rule is passed to transChoice(), this rule should be used
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
[FrameworkBundle] added support for double-quoted strings in the extractor (closes#8797)
[SecurityBundle] Move format-dependent tests from SecurityExtensionTest
Conflicts:
src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
* 2.3:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Tests/Fragment/RoutableFragmentRendererTest.php
* 2.2:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
This PR was merged into the 2.2 branch.
Discussion
----------
fixed request format when forwarding a request
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6932
| License | MIT
| Doc PR | n/a
When calling forward() in a controller, the format is not the same as for the master request.
Commits
-------
7e87eb1 fixed request format when forwarding a request
This PR was merged into the master branch.
Discussion
----------
removed deps checks in unit tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As Composer is now widely used in the PHP world, having to run composer install before running the test suite is expected. This also has the nice benefit of removing a bunch of code, making things easier to maintain (there is only one place to declare a dev dependency), and probably more.
see fabpot/Silex#626 where we did the same a while ago for Silex.
Commits
-------
de50621 removed deps checks in unit tests
* 2.3:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Include untrusted host in the exception message
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
* 2.2:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Conflicts:
UPGRADE-3.0.md
src/Symfony/Component/Locale/Resources/data/build-data.php
This PR was merged into the 2.2 branch.
Discussion
----------
Sets _format attribute only if it wasn't set previously by the user
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8787, #8791
| License | MIT
| Doc PR |
Commits
-------
9bb7a3d fixed request format of sub-requests when explicitely set by the developer (closes#8787)
fa35597 Sets _format attribute only if it wasn't set previously by the user.
As Composer is now widely used in the PHP world, having to run composer
install before running the test suite is expected. This also has the
nice benefit of removing a bunch of code, making things easier to
maintain (there is only one place to declare a dev dependency), and
probably more.
* 2.3:
[Process] Revert change
[Process] Fix#8746 : slowness added in unit tests since #8741
[Process] Fix#8742 : Signal-terminated processes are not successful
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
[TwigBridge] removed superflous ; when rendering form_enctype() (closes#8660)
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Fix internal sub-request creation
[FrameworkBundle] made code more generic
[Form] Moved auto_initialize option to the BaseType
Use strstr instead of strpos
Make sure ContextErrorException is loaded during compile time errors
Fix empty process argument escaping on Windows
Ignore null value in comparison validators
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
src/Symfony/Component/Process/Process.php
* 2.2:
corrected English grammar (s/does not exists/does not exist)
[Process] Add more precision to Process::stop timeout
[Process] Avoid zombie process in case of unit tests failure
[Process] Fix#8739
[Process] Add failing test for #8739
[Process] Fix CS
Fixed documentation grammar for AuthenticationManagerInterface::authenticate()
[Validator] fixed the wrong isAbstract() check against the class (fixed#8589)
[TwigBridge] Prevent code extension to display warning
Use strstr instead of strpos
Conflicts:
src/Symfony/Component/Finder/Shell/Command.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
changed the ESI fragment renderer to be always registered
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This is an alternative implementation for #8427
Commits
-------
09f727b changed the ESI fragment renderer to be always registered
* 2.3:
added missing support for the new output API in PHP 5.4+
Fixed bug introduced in #8675
made the filesystem loader compatible with Twig 2.0
bumped Symfony version to 2.3.4-DEV
updated VERSION for 2.3.3
updated CHANGELOG for 2.3.3
bumped Symfony version to 2.2.6
updated VERSION for 2.2.5
update CONTRIBUTORS for 2.2.5
updated CHANGELOG for 2.2.5
[Intl] Updated stubs to reflect ICU 51.2
replaced deprecated Twig features
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
added missing support for the new output API in PHP 5.4+
Fixed bug introduced in #8675
made the filesystem loader compatible with Twig 2.0
bumped Symfony version to 2.2.6
updated VERSION for 2.2.5
update CONTRIBUTORS for 2.2.5
updated CHANGELOG for 2.2.5
replaced deprecated Twig features
Conflicts:
src/Symfony/Bridge/Twig/Extension/FormExtension.php
src/Symfony/Bridge/Twig/Extension/RoutingExtension.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
Adapt security collector template name to webprofiler conventions
| Q | A
| ------------- | ---
| Bug fix? | no, but syntax consistency & future compatibility(?)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | fabpot/Twig#1156 which was reverted but will be merged in the future
| License | MIT
Use Twig namespace syntax instead of bundle syntax for security webprofiler template to be consistent with @WebProfiler template names.
Commits
-------
66c792b Adapt security collector template name to webprofiler conventions
Without adding the exists() method, the code happens to work by chance,
just because the current implementation of Twig exits() method calls
findTemplate().
But we know that it won't be the case anymore as of Twig 2.0.
This PR was merged into the 2.2 branch.
Discussion
----------
replaced deprecated Twig features
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As Symfony depends on Twig 1.11+, removing the usage of deprecated features will allow Symfony 2.2+ to work with Twig 2.0.
Commits
-------
322f880 replaced deprecated Twig features
* 2.3:
moved some fixed dep versions from 2.2.* to ~2.2 (refs #8613)
[HttpKernel] added a missing dep for dev
[Form] fixed wrong call to setTimeZone() (closes#8644)
Fix issue with \DateTimeZone::UTC / 'UTC' for PHP 5.4
[Form] Fixed patched forms to be valid even if children are not submitted
Revert "[Form] Fix of "PATCH'ed forms are never valid""
[Form] Fixed: If a form is not present in a request, it is not automatically submitted
Fixes link indices
[Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
Revert "[Form] Remove "value" attribute on empty_value option"
[routing] added ability for apache matcher to handle array values
removed dead code and fixed CS
[Validator] fixed StaticMethodLoader trying to invoke methods of abstract classes (closes#8589)
* 2.2:
[HttpKernel] added a missing dep for dev
[Form] fixed wrong call to setTimeZone() (closes#8644)
Fix issue with \DateTimeZone::UTC / 'UTC' for PHP 5.4
[Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
[routing] added ability for apache matcher to handle array values
removed dead code and fixed CS
[Validator] fixed StaticMethodLoader trying to invoke methods of abstract classes (closes#8589)
Conflicts:
src/Symfony/Bundle/TwigBundle/TokenParser/RenderTokenParser.php
src/Symfony/Component/Form/FormConfigBuilder.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Validator/Tests/GraphWalkerTest.php
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] fixed regression where the command might have the wrong container if the application is reused several times
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This fixes a regression introduced in #8242. Before this PR, the commands were always getting the current container registered in the kernel. But as the commands are now registered only once, if the container changes, the commands were not aware of this change. That happens quite frequently in functional tests where the Kernel is booted and shutdown several times in the same process.
Commits
-------
1bd45b3 [FrameworkBundle] fixed regression where the command might have the wrong container if the application is reused several times
* 2.3:
[Form] fixes empty file-inputs get treated as extra field
return 0 if there is no valid data
[DependencyInjection] fixed regression where setting a service to null did not trigger a re-creation of the service when getting it
[DependencyInjection] fixed#8570
fixed file permission
The ignoreAttributes itself should be ignored, too.
[Tests] Tests on php 5.5 should pass
[Twig] fixed TwigEngine::exists() method when a template contains a syntax error (closes#88546)
* 2.3:
[Validator] fixed ConstraintViolation:: incorrect when nested
handle Optional and Required constraints from XML or YAML sources correctly
added missing comments to WebTestCase
Fixed#8455: PhpExecutableFinder::find() does not always return the correct binary
Added missing files .gitignore
[DependencyInjection] Fix Container::camelize to convert beginning and ending chars
[Validator] Fixed groups argument misplace for validateValue method from validator class
[Form] Fix of "PATCH'ed forms are never valid"
* 2.2:
[Validator] fixed ConstraintViolation:: incorrect when nested
handle Optional and Required constraints from XML or YAML sources correctly
added missing comments to WebTestCase
Fixed#8455: PhpExecutableFinder::find() does not always return the correct binary
[DependencyInjection] Fix Container::camelize to convert beginning and ending chars
[Validator] Fixed groups argument misplace for validateValue method from validator class
Conflicts:
src/Symfony/Component/Validator/Tests/Constraints/CollectionTest.php
src/Symfony/Component/Validator/Tests/GraphWalkerTest.php
* 2.3:
Update JsonResponse.php
[HttpKernel] fixed the inline renderer when passing objects as attributes (closes#7124)
CookieJar remove unneeded var, Client remove unneeded else
[DI] Fixed bug requesting non existing service from dumped frozen container
Update validators.sk.xlf
[WebProfiler] fix content-type parameter
Replace romaji period characters with Japanese style zenkaku period characters
fixed CS
fixed CS
[Console] Avoided an unnecessary check.
Added missing French validator translations
typo first->second
Passed the config when building the Configuration in ConfigurableExtension
removed unused code
Fixed variable name used in translation cache
Conflicts:
src/Symfony/Component/Console/Event/ConsoleCommandEvent.php
* 2.2:
Update JsonResponse.php
[HttpKernel] fixed the inline renderer when passing objects as attributes (closes#7124)
[WebProfiler] fix content-type parameter
Replace romaji period characters with Japanese style zenkaku period characters
Passed the config when building the Configuration in ConfigurableExtension
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Functional/Bundle/TestBundle/Resources/config/routing.yml
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
* 2.3: (33 commits)
[Form] fixed INF usage which does not work on Solaris (closes#8246)
Fix grammar
Removed PHP 5.5 from the allowed failures.
[Intl] Fixed tests failing on PHP 5.5
bumped Symfony version to 2.2.4
updated VERSION for 2.2.3
update CONTRIBUTORS for 2.2.3
updated CHANGELOG for 2.2.3
[DependencyInjection] Replaced try/catch block with an @expectedException annotation in a test.
[CssSelector] tweaked README file (closes#8287)
added a node about HTML extension in readme
[Console] Fixed the table rendering with multi-byte strings.
Feature/fix unit tests
[Process] Disable exception on stream_select timeout
[HttpFoundation] fixed issue with session_regenerate_id (closes#7380)
[DomCrawler] added a note about the default charset
Throw exception if value is passed to VALUE_NONE input, long syntax
fixed date type format pattern regex
[Security] fixed usage of the salt for the bcrypt encoder (refs #8210)
[FrameworkBundle] tweaked previous merge (refs #8242)
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
[Form] fixed INF usage which does not work on Solaris (closes#8246)
Fix grammar
bumped Symfony version to 2.2.4
updated VERSION for 2.2.3
update CONTRIBUTORS for 2.2.3
updated CHANGELOG for 2.2.3
[Process] Disable exception on stream_select timeout
[HttpFoundation] fixed issue with session_regenerate_id (closes#7380)
[DomCrawler] added a note about the default charset
[Console] fixed regression when calling a command foo:bar if there is another one like foo:bar:baz (closes#8245)
force the Content-Type to html in the web profiler controllers
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
[Templating|FrameworkBundle] Made DelegatingEngine::getEngine() public
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7254
| License | MIT
| Doc PR | -
As a bonus I've covered both classes with tests.
Commits
-------
a54cbff [FrameworkBundle] Made DelegatingEngine::getEngine() public.
3f84cd3 [Templating] Made DelegatingEngine::getEngine() public.
0a72a99 [FrameworkBundle] Added tests for the DelegatingEngine.
6c31ab2 [Templating] Added tests for the DelegatingEngine.
This PR was merged into the master branch.
Discussion
----------
[Security] Add simpler customization options
The goal of this is to provide a simpler extension point for people that don't have the time to dive into the whole security factory + authentication provider + user provider + authentication listener + token mess. As it stands, it gives you a way to just create one class that is handling all the security stuff in one (by implementing SimpleFormAuthenticatorInterface and UserProviderInterface) + one or more token classes.
I would like feedback on whether people think this makes sense or not before continuing and doing a SimpleHttpAuthenticatorInterface for non-form based stuff.
Just FYI that's how it would look in security.yml:
```yaml
security:
providers:
simple:
id: simple_authenticator
firewalls:
foo:
pattern: ^/
simple_form:
provider: simple
authenticator: simple_authenticator
```
/cc @atrauzzi (who posted a long rant on the ML about how hard this all is, and I can't agree more - I hope it's the right account on github?)
Commits
-------
74cfc84 marked some classes as being experimental in 2.3
471e5bc [Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user
01c913b moved the simple HTTP authenticator to a pre-auth one
887d9b8 fixed wrong Logger interface
65335ea [Security] Renamed simple_token to simple_http, added support for failure and success handler to both simple firewalls
f7a11a1 [Security] Add simple_token auth method
1fe2ed6 [Security] Add SimpleForm authentication
This PR was merged into the 2.2 branch.
Discussion
----------
[WebProfilerBundle] force the Content-Type to html in the web profiler controllers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | [](https://travis-ci.org/lsmith77/symfony)
| Fixed tickets | -
| License | MIT
| Doc PR | -
This just forces the Content-Type to match what will be returned, otherwise if the request format happens to be something else than HTML (which can be the case when building an app that only does JSON/XML with FOSRestBundle) it can happen that the Response class automatically sets a different Content-Type.
The approach taken here matches https://github.com/nelmio/NelmioApiDocBundle/blob/master/Controller/ApiDocController.php#L24
Commits
-------
6d2135b force the Content-Type to html in the web profiler controllers
* 2.2:
Throw exception if value is passed to VALUE_NONE input, long syntax
fixed date type format pattern regex
[FrameworkBundle] tweaked previous merge (refs #8242)
do not re-register commands each time a Console\Application is run
[Process] moved env check to the Process class (refs #8227)
fix issue where $_ENV contains array vals
[DomCrawler] Fix handling file:// without a host
[Form] corrected interface bind() method defined against in deprecation notice
[Finder] Fix SplFileInfo::getContents isn't working with ssh2 protocol
Conflicts:
src/Symfony/Component/Console/Tests/Input/ArgvInputTest.php
src/Symfony/Component/DomCrawler/Link.php
src/Symfony/Component/Form/Form.php
* 2.3: (33 commits)
Revert "[Console] ensure exit code between 0-254"
Added missing galician (gl) translations
fix many-to-many Propel1 ModelChoiceList
[Console] ensure exit code between 0-254
Added Greek translation
[DomCrawler] Fixed a fatal error when setting a value in a malformed field name.
[FrameworkBundle] Fixed OutOfBoundException when session handler_id is null
[DependencyInjection] Add support for aliases of aliases + regression test
[Console] fix status code when Exception::getCode returns something like 0.1
Fixed doc block on Filesystem::rename
Fixed exit code for exceptions with error code 0
[DependencyInjection] Rename ContainerBuilder::$aliases to avoid conflicting with the parent class
[DependencyInjection] Remove get*Alias*Service methods from compiled containers
[DependencyInjection] Fix aliased access of shared services, fixes#8096
instantiate valid commands only
bumped Symfony version to -DEV
updated VERSION for 2.3.0
updated CHANGELOG for 2.3.0
[Config] Added tests for the FileResource and DirectoryResource.
[Config] Fixed @covers annotation which ignored some of the methods from the code coverage.
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
When a null is provided for framework.session.handler_id the FrameworkExtension attempts to set the session storage to null for the 'session.storage.php_bridge' by altering the second argument. According to the session.xml service definition, there is no second argument, and it is in fact the first (read, 0 index) argument that should be changed.
* 2.3:
ErrorHandler and fixes
fixed typo in CS translation (closes#8069)
fix arab translation
Removed reference to Symfony\Component\Form\Extension\Core\Type\FormType in form.xml
slovenian validator translations updated
[FrameworkBundle] set the dispatcher in the console application
[Console] fix typehint for Application::setDispatcher
[Finder] Fixed a path in a test.
[Form] [Validator] Fixed post_max_size = 0 bug (Issue #8065)
This PR was merged into the 2.3 branch.
Discussion
----------
[FrameworkBundle] set the dispatcher in the console application
BC break: no
test pass: yes
Otherwise events are not dispatched in symfony frameworkbundle.
The first commit fixes a related typehint in the console.
Commits
-------
e93fc7a [FrameworkBundle] set the dispatcher in the console application
176a3d4 [Console] fix typehint for Application::setDispatcher
* 2.3: (37 commits)
[Console] renamed ConsoleForExceptionEvent into ConsoleExceptionEvent
Fix several instances of doubled words
[Security] Fixed the check if an interface exists.
Added missing slovak translations
[FrameworkBundle] removed HttpFoundation classes from HttpKernel cache
[Finder] Fix iteration fails with non-rewindable streams
[Finder] Fix unexpected duplicate sub path related AppendIterator issue
[Security] Added tests for the DefaultLogoutSuccessHandler.
[Security] Added tests for the DefaultAuthenticationSuccessHandler.
[ClassLoader] tiny refactoring
[Security] Added tests for the DefaultAuthenticationFailureHandler.
[Security] Added tests for the remember me ReponseListener.
[Security] Added tests for the SessionAuthenticationStrategy.
[Security] Added tests for the AccessMap.
[FrameworkBundle] removed deprecated method from cache:clear command
[WebProfiler] remove deprecated verbose option
fix logger in regards to DebugLoggerInterface
[Form] [2.3] removed old option
Added type of return value in VoterInterface.
[Console] Add namespace support back in to list command
...
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfiler] remove deprecated verbose option
test pass: yes
bc break: no
Commits
-------
8a4b91b [WebProfiler] remove deprecated verbose option
This PR was merged into the 2.3 branch.
Discussion
----------
[SecurityBundle] Added missing files for phpunit
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes and no (BC Break in RequestMatcher, symfony/http-foundation: 2.2.x)
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
11497f3 [SecurityBundle] Added missing files for phpunit
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfilerBundle] Fixed composer.json
Commits
-------
d4f5389 [WebProfilerBundle] Fixed composer.json
* 2.2:
fixed CS
Fixed XML syntax.
Fixed parsing of leading blank lines in folded scalars. Closes#7989.
[Form] Fixed a method name.
Added a test case for Loader::import().
Fixed Loader import
[Console] Added dedicated testcase for HelperSet class
[Serializer] fixed CS (refs #7971)
Fixed fatal error in normalize/denormalizeObject.
Fixed 2 namespaces
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
Code enhancement. $bundlesDir variable doesnt't need any bundle information for initialization. So it must be placed out of the loop to not process unnecessary operations.
* 2.2:
[BrowserKit] fixed BC break done recently
[Process] Fix#5594 : `termsig` must be used instead of `stopsig` in exceptions when a process is signaled
[Console] find command even if its name is a namespace too (closes#7860)
Rename misprint property (from warmer to finder)
Reset all catalogues when adding resource to fallback locale (#7715, #7819)
Added reloading of fallback catalogues when calling addResource() (#7715)
Re-added context information to log list
Add This field is missing RU translation
Conflicts:
src/Symfony/Component/Console/Tests/ApplicationTest.php
* 2.1:
[BrowserKit] fixed BC break done recently
[Process] Fix#5594 : `termsig` must be used instead of `stopsig` in exceptions when a process is signaled
Rename misprint property (from warmer to finder)
Add This field is missing RU translation
Conflicts:
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Validator/Resources/translations/validators.ru.xlf
Before:
enabled: true # the profiler is enabled and data are collected
enabled: false # the profiler is enabled but data are not collected (data can be collected on demand)
No way to disable the profiler
After:
enabled: true # the profiler is enabled and data are collected
collect: true
enabled: true # the profiler is enabled but data are not collected (data can be collected on demand)
collect: false
enabled: false # the profiler is disabled
This PR was merged into the master branch.
Discussion
----------
[Security] Outsource all the BCrypt heavy lifting to a library
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The [BCrypt bundle](https://github.com/elnur/ElnurBlowfishPasswordEncoderBundle) is already using the library.
This is a working implementation of #7247
Commits
-------
c83546d [Security] tweaked previous commit
b2e553a Outsource all the BCrypt heavy lifting to a library
This PR was merged into the master branch.
Discussion
----------
Add a way to create a short controller name (a🅱️c) from a fully qualify one (controller::action)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5865
| License | MIT
| Doc PR | n/a
Working implementation of #5865
Commits
-------
0795ea8 [FrameworkBundle] fixed implementation of previous merge (refs #5865)
91ebba4 new method to create shorthand name from full Controller name
This PR was merged into the master branch.
Discussion
----------
fixed Client implementation to return the right Response (closes#4475)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #4475
| License | MIT
| Doc PR | symfony/symfony-docs#2549
This PR addresses #4475 by trying to minimize the BC break impact.
Commits
-------
31cefc6 made some small tweaks
84ca34b alternate fix where we had accessor for the BrowerKit request/response instances
1005fd1 fixed Client implementation to return the right Response (closes#4475)
This PR was squashed before being merged into the master branch (closes#7753).
Discussion
----------
Mitigate dependency upon ConfigCache
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes (refactoring)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | todo, issue is symfony/symfony-docs#2531
Some clients use ConfigCache only for its ability to atomically write into a file.
The PR moves that code into the Filesystem component.
It's a pick off #7230.
__To-Do:__
- [ ] Update docs for the Filesystem component
Commits
-------
3158c41 Mitigate dependency upon ConfigCache
This PR was merged into the master branch.
Discussion
----------
[TwigBundle] Make twig extension handle custom template escaping guesser
I wanted to add a custom template escaping guesser for twig like in http://twig.sensiolabs.org/doc/recipes.html#using-the-template-name-to-set-the-default-escaping-strategy
This pull request allows you register a service id and a method as a custom guesser:
twig:
autoescape: my_service:guess
Documentation is missing for this PR and the unit tests are not that good. I´d work on it if this PR has any chance of getting merged?
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | (missing)
Commits
-------
c2c1ed0 make twig extension handle custom template escaping guesser
This PR was merged into the master branch.
Discussion
----------
make it possible to ignore route attributes in the RedirectContoller
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
```
_welcome:
pattern: /{path}
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: licenses_projects
ignoreAttributes: true
requirements:
path: .*
```
or
```
_welcome:
pattern: /{path}
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: licenses_projects
ignoreAttributes: [path]
requirements:
path: .*
```
Ensures that ``path`` isnt added as a GET parameter in case the ``licenses_projects`` doesnt have a path in the pattern.
Commits
-------
190abc1 add unit tests for $ignoreAttributes
0c7b65f inject the Request via the action signature, rather than fetching it from the DIC
49062aa make it possible to ignore route attributes in the RedirectContoller
This PR was squashed before being merged into the master branch (closes#7251).
Discussion
----------
[SecurityBundle] [HttpFoundation] Allow for multiple IP address in security access_control rules
Fixes#7249.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes (small)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7249
| License | MIT
| Doc PR | n/a
Commits
-------
650352d [SecurityBundle] [HttpFoundation] Allow for multiple IP address in security access_control rules
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] Allow to debug container parameters
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Fixes the following tickets: ~
Todo: -
License of the code: MIT
Documentation PR: ~
Hey!
This PR adds a new command which allows to debug container parameters. IMO, being able to list all available parameters is very useful. We can now know which parameters we can inject into our services.
Regards
Commits
-------
ceb401d Add parameters debug to the container:debug command
64388c1 [FrameworkBundle] Allow to debug container parameters
This PR was merged into the master branch.
Discussion
----------
[Form] Remove "value" attribute on empty_value option
Today we faced a very strange issue with the newest Blackberry 10 browser, it was not submitting our forms. Finally we found that in a ```select``` element, if you have a disabled option, it can't have a value or the HTML5 validator will crash and won't submit the form. Of course, setting the ```novalidate``` option for the whole form also solved the issue.
Although I know this must be an issue with the WebKit version the BB10 has, it can easily be solved in symfony with this change. In fact, it does make sense since we already have a disabled option with no value if the ```preferred_choices``` are not empty and a ```separator``` is set
Commits
-------
9e849eb [Form] Remove "value" attribute on empty_value option
This PR was merged into the master branch.
Discussion
----------
[2.3][Session] Give greater control over how and when session starts
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | na
| License | MIT
| Doc PR | symfony/symfony-docs#2475
Refs #6036
Gives control over how start on demand works: allowing to turn it on or off and to allow bag access when session is off.
Commits
-------
f431cb0 Fix tests
1f521d8 Coding standards
2583c26 [HttpFoundation][FrameworkBundle] Keep save auto_start behaviour as in 2.2 and make component values consistent with FrameworkBundle's configuration options.
ceaf69b [FrameworkBundle] Use more sophisticated validation and configuration.
af0a140 [FrameworkBundle] Add configuration to allow control over session start on demand.
8fc2397 [HttpFoundation] Give control over how session start on demand.
This PR was squashed before being merged into the master branch (closes#7571).
Discussion
----------
[2.3] Handle PHP sessions started outside of Symfony
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#2474
This PR brings a way to allow Symfony2 to manage a session started outside of Symfony in such a way that quite explicit. It also introduces more robust detection of previously started sessions under PHP 5.3 and supports real session status detection under PHP 5.4
Commits
-------
df99902 [2.3] Handle PHP sessions started outside of Symfony
This PR was merged into the master branch.
Discussion
----------
[2.3] [Form] Support buttons in forms
Bug fix: no
Feature addition: yes
Backwards compatibility break: yes
Symfony2 tests pass: yes
Fixes the following tickets: #5383
Todo: -
License of the code: MIT
Documentation PR: symfony/symfony-docs#2489
The general idea of this PR is to be able to add buttons to forms like so:
```php
$builder->add('clickme', 'submit');
```
You can then check in the controller whether the button was clicked:
```php
if ($form->get('clickme')->isClicked()) {
// do stuff
}
```
Button-specific validation groups are also supported:
```php
$builder->add('clickme', 'submit', array(
'validation_groups' => 'OnlyClickMe',
));
```
The validation group will then override the one defined in the form if that button is clicked.
This PR also introduces the disabling of form validation by passing the value `false` in the option `validation_groups`:
```php
$builder->add('clickme', 'submit', array(
'validation_groups' => false,
));
```
The same can be achieved (already before this PR) by passing an empty array:
```php
$builder->add('clickme', 'submit', array(
'validation_groups' => array(),
));
```
See the linked documentation for more information.
Commits
-------
faf8d7a [Form] Added upgrade information about setting "validation_groups" => false
d504732 [Form] Added leading backslashes to @exceptionMessage doc blocks
c8afa88 [Form] Removed deprecated code scheduled for removal in 2.3
36ca056 [Form] Simplified Twig code
ce29c70 [Form] Fixed incorrect doc comment
0bc7129 [Form] Fixed invalid use of FormException
600007b [Form] The option "validation_groups" can now be set to false to disable validation. This is identical to setting it to an empty array.
277d6df [Form] Fixed concatenation operator CS (see 7c47e34928)
7b07925 [Form] Changed isset() to array_key_exists() to be consistent with ParameterBag
7b438a8 [Form] Made submit buttons able to convey validation groups
cc2118d [Form] Implemented support for buttons
Today we faced a very strange issue with the newest Blackberry 10 browser, it was not submitting our forms. Finally we found that in a ```select``` element, if you have a disabled option, it can't have a value or the HTML5 validator will crash and not submit the form. Of course, setting the ```novalidate``` option for the whole form also solved the issue.
Although I know this must be an issue with the WebKit version the BB10 has it can easily be solved in symfony with this change. In fact, it does make sense since we already have a disabled option with no value if the ```preferred_choices``` are not empty and a ```separator``` is set
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] ConfigDataCollector: Add support for new Zend OPcache accelerator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Related: https://github.com/symfony/symfony/pull/7670
**From original pull request:**
More information: https://github.com/zend-dev/ZendOptimizerPlus
This extension is compatible with PHP 5.2-5.5. I'm using it with 5.5 and 5.4. The PHP developers plan to include this as opposed to APC in PHP 5.5 core. http://php.net/archive/2013.php#id2013-03-21-1
This does not really have to do with Zend Optimiser+. It has to do with the newly open sourced version, Zend OPcache.
I noticed a *similar* PR here https://github.com/symfony/symfony/pull/7087 but did not like that the unit test check for accelerators was completely removed. I also do not consider it necessary to add more code just for an extension check (I would consider that 'unnecessary re-factoring'). And finally, I have no idea what the final purpose of it is. Based on its title, it seemed like at first that it was for Zend Optimizer+ (the proprietary extension: http://files.zend.com/help/Zend-Server-6/zend-server.htm#zendoptimizerplus.html) but then it sort of changed to adding support for Zend OPcache (the recently open sourced version).
This does only Zend OPcache. Tested on PHP 5.5 and PHP 5.4, including unit tests.
Based on naming scheme, I decided to name the function `hasZendOpcache` (ignoring the abbreviation as with `hasApc`) as opposed to `hasZendOpCache` or other names. Not sure if this is the 'perfect name' (it gets called in all lower-case in the twig file anyway).
Commits
-------
8e9cb3b Add support for detection of Zend OPcache as an accelerator
* 2.2:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
Fix download over SSL using IE < 8 and binary file response
[Console] Fix merging of application definition, fixes#7068, replaces #7158
[HttpKernel] fixed the Kernel when the ClassLoader component is not available (closes#7406)
fixed output of bag values
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
[Console] fixed handling of "0" input on ask
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
fixed handling of "0" input on ask
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[PropertyAccess] Add objectives to pluralMap
[Security] Removed unused var
[HttpFoundation] getClientIp is fixed.
Conflicts:
src/Symfony/Component/Console/Tests/Command/CommandTest.php
src/Symfony/Component/Console/Tests/Input/ArgvInputTest.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.1:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[HttpFoundation] getClientIp is fixed.
Conflicts:
.travis.yml
src/Symfony/Component/Routing/Loader/XmlFileLoader.php
src/Symfony/Component/Routing/Loader/schema/routing/routing-1.0.xsd
src/Symfony/Component/Routing/Tests/Fixtures/validpattern.xml
src/Symfony/Component/Routing/Tests/Loader/XmlFileLoaderTest.php
This PR was squashed before being merged into the master branch (closes#7620).
Discussion
----------
Enforce sprintf for exceptions
| Q | A
| ------------- | ---
| Bug fix? |no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | [yes|no]
| Fixed tickets | n/a
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/2483
Changed format of exceptions which concatenate strings as follows
````
throw new \Exception('The '.$something.' needs the '.$foobar.' parameter');
````
to
````
throw new \Exception(sprintf('The %s needs the %s parameter', $something, $foobar));
````
This follows discussion on mailing list: https://groups.google.com/forum/?fromgroups#!topic/symfony-devs/tecj3UOAueM
Unit test results are pending...
Commits
-------
e655120 Enforce sprintf for exceptions
This PR was squashed before being merged into the master branch (closes#7507).
Discussion
----------
[FrameworkBundle] Enable possibility to run PHP bultin server in production env
See the referenced ticket for discussion;
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7430
| License | MIT
Commits
-------
12fce13 [FrameworkBundle] Enable possibility to run PHP bultin server in production env
* 2.2:
Fix finding ACLs from ObjectIdentity's with different types
[HttpKernel] tweaked previous merge
#7531: [HttpKernel][Config] FileLocator adds NULL as global resource path
Fix autocompletion of command names when namespaces conflict
Fix timeout in Process::stop method
fixed CS
Round stream_select fifth argument up.
Fix Process timeout
[HttpKernel] Remove args from 5.3 stack traces to avoid filling log files, fixes#7259
bumped Symfony version to 2.2.2-DEV
updated VERSION for 2.2.1
updated CHANGELOG for 2.2.1
Fixed phpdoc blocks to show that $uri can be passed as a string or ControllerReference (rather than just as a string)
[HttpFoundation] Fixed copy pasted comment from FlashBag in AttributeBag
[FrameworkBundle] fixed the discovery of the PHPUnit configuration file when using aggregate options like in -vc app/ (closes#7562)
[WebProfilerBundle] removed next pointer class in a template
fix overwriting of request's locale if attribute _locale is missing
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/EventListener/LocaleListener.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.1:
[HttpFoundation] Fixed copy pasted comment from FlashBag in AttributeBag
[FrameworkBundle] fixed the discovery of the PHPUnit configuration file when using aggregate options like in -vc app/ (closes#7562)
[WebProfilerBundle] removed next pointer class in a template
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] adds possibility to add attributes to hx:include tag
This PR follows #7439 and adds escaping to attributes.
This introduces 2 options to the `HIncludeFragmentRenderer::render()` method:
* `id`: an optional `id` attribute for the `hx:include` tag
* `attrs`: an optional array of attributes for the `hx:include` tag
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7439
Commits
-------
670a502 [HttpKernel] added escaping for hx:include tag attributes
342d089 Allow to set id + custom attributes to hinclude tag
* 2.2: (22 commits)
fixed doc references (closes#7515)
fixed doc references (closes#7515)
On OS X, sys_get_tmp_dir() returns /var/private/..., which really is below /private/var.
Doctrine cannot handle bare random non-utf8 strings
small changes
[SecurityBundle] Fixed configuration exemple
idAsIndex should be true with a smallint or bigint id field.
[PropertyAccess] Remove trailing periods from doc blocks
Fix param docs for PropertyAccessor read method
Fixed long multibyte parameter logging in DbalLogger:startQuery
Keep the file extension in the temporary copy and test that it exists (closes#7482)
bumped Symfony version to 2.1.10-DEV
[Validator][translation][japanese]replaced period to japanese one [Validator][translation][japanese]fixed japanese translation to more practical one [Validator][translation][japanese]fixed message ordering to be consistent with other languages [Validator][translation][japanese]added new validation messages in japanese translation
updated VERSION for 2.1.9
update CONTRIBUTORS for 2.1.9
updated CHANGELOG for 2.1.9
[Security] fixed wrong interface
Remove already defined arguments
Add missing use
[FrameworkBundle] Reuse definition variable in FormPass
...
Conflicts:
src/Symfony/Bridge/Doctrine/Logger/DbalLogger.php
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/config.html.twig
* 2.1:
fixed doc references (closes#7515)
small changes
[SecurityBundle] Fixed configuration exemple
idAsIndex should be true with a smallint or bigint id field.
Fixed long multibyte parameter logging in DbalLogger:startQuery
Keep the file extension in the temporary copy and test that it exists (closes#7482)
[Validator][translation][japanese]replaced period to japanese one [Validator][translation][japanese]fixed japanese translation to more practical one [Validator][translation][japanese]fixed message ordering to be consistent with other languages [Validator][translation][japanese]added new validation messages in japanese translation
Conflicts:
src/Symfony/Component/Validator/Resources/translations/validators.ja.xlf
* 2.1:
bumped Symfony version to 2.1.10-DEV
updated VERSION for 2.1.9
update CONTRIBUTORS for 2.1.9
updated CHANGELOG for 2.1.9
[FrameworkBundle] Reuse definition variable in FormPass
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
[2.3] [FrameworkBundle] [Templating] added Stopwatch support to the PHP engine
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I did not include tests nor documentation because there weren't any for TimedTwigEngine (I took it as an example). If I'm mistaken and they are needed, I'll gladly write them.
Commits
-------
3c3d34d [FrameworkBundle] [Templating] added Stopwatch support to the PHP engine
This PR was merged into the master branch.
Discussion
----------
[2.2] [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: [](http://travis-ci.org/adrienbrault/symfony)
Fixes the following tickets: #3703
Todo: Add this option to the symfony doc security configuration reference
License of the code: MIT
Documentation PR: N/A
As stated in #3703, all authentication listeners that inherit from AbstractAuthenticationListener, only work when a previous session has been created.
This PR allows to change the default behavior in the security.yml file.
Example:
```yml
security:
firewalls:
secured_area:
pattern: ^/demo/secured/
form_login:
check_path: /demo/secured/login_check
login_path: /demo/secured/login
require_previous_session: false # The default value is true
logout:
path: /demo/secured/logout
target: /demo/
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
```
PS: While removing my old commit, it closed the #4774 PR ...
Commits
-------
0562463 [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
This PR was merged into the master branch.
Discussion
----------
[2.3] [WIP] Synchronized services...
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5300, #6756
| License | MIT
| Doc PR | symfony/symfony-docs#2343
Todo:
- [x] update documentation
- [x] find a better name than contagious (synchronized)?
refs #6932, refs #5012
This PR is a proof of concept that tries to find a solution for some problems we have with scopes and services depending on scoped services (mostly the request service in Symfony).
Basically, whenever you want to inject the Request into a service, you have two possibilities:
* put your own service into the request scope (a new service will be created whenever a sub-request is run, and the service is not available outside the request scope);
* set the request service reference as non-strict (your service is always available but the request you have depends on when the service is created the first time).
This PR addresses this issue by allowing to use the second option but you service still always has the right Request service (see below for a longer explanation on how it works).
There is another issue that this PR fixes: edge cases and weird behaviors. There are several bug reports about some weird behaviors, and most of the time, this is related to the sub-requests. That's because the Request is injected into several Symfony objects without being updated correctly when leaving the request scope. Let me explain that: when a listener for instance needs the Request object, it can listen to the `kernel.request` event and store the request somewhere. So, whenever you enter a sub-request, the listener will get the new one. But when the sub-request ends, the listener has no way to know that it needs to reset the request to the master one. In practice, that's not really an issue, but let me show you an example of this issue in practice:
* You have a controller that is called with the English locale;
* The controller (probably via a template) renders a sub-request that uses the French locale;
* After the rendering, and from the controller, you try to generate a URL. Which locale the router will use? Yes, the French locale, which is wrong.
To fix these issues, this PR introduces a new notion in the DIC: synchronized services. When a service is marked as synchronized, all method calls involving this service will be called each time this service is set. When in a scope, methods are also called to restore the previous version of the service when the scope leaves.
If you have a look at the router or the locale listener, you will see that there is now a `setRequest` method that will called whenever the request service changes (because the `Container::set()` method is called or because the service is changed by a scope change).
Commits
-------
17269e1 [DependencyInjection] fixed management of scoped services with an invalid behavior set to null
bb83b3e [HttpKernel] added a safeguard for when a fragment is rendered outside the context of a master request
5d7b835 [FrameworkBundle] added some functional tests
ff9d688 fixed Request management for FragmentHandler
1b98ad3 fixed Request management for LocaleListener
a7b2b7e fixed Request management for RequestListener
0892135 [HttpKernel] ensured that the Request is null when outside of the Request scope
2ffcfb9 [FrameworkBundle] made the Request service synchronized
ec1e7ca [DependencyInjection] added a way to automatically update scoped services
This PR was merged into the master branch.
Discussion
----------
moved the request scope creation to the ContainerAwareHttpKernel class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#2343
While updating the scope documentation, I realized that the request scope was created in the FrameworkBundle while the HttpKernel that manages it was in the HttpKernel component. So, this PR makes things more consistent.
Commits
-------
cec98c1 [DependencyInjection] fixed PHP notice when the scope is not defined
550df5a moved the request scope creation to the ContainerAwareHttpKernel class
This PR was merged into the master branch.
Discussion
----------
[2.3][TwigBundle] Use display instead of visibility for exception page icons
Originally spawned from #6612, this allows us to get rid of the ugly margins for the open and close icons on the exception page.
Commits
-------
e66bd14 [TwigBundle] Use display instead of visibility for exception page icons
This change allows any service to depend on the Request (via a method
call) and always have the right Request instance without the need for
the service to be in the request scope (you still need to set the
Request reference as non-strict).
* 2.2: (70 commits)
change wrapped exception message to be more usefull
updated VERSION for 2.0.23
update CONTRIBUTORS for 2.0.23
updated CHANGELOG for 2.0.23
[Form] fixed failing test
[DomCrawler] added support for query string with slash
Fixed invalid file path for hiddeninput.exe on Windows.
fix xsd definition for strict-requirements
[WebProfilerBundle] Fixed the toolbar styles to apply them in IE8
[ClassLoader] fixed heredocs handling
fixed handling of heredocs
Add a public modifier to an interface method
removing xdebug extension
[HttpRequest] fixes Request::getLanguages() bug
[HttpCache] added a test (cached content should be kept after purging)
[DoctrineBridge] Fixed non-utf-8 recognition
[Security] fixed HttpUtils class tests
replaced new occurences of 'Request::create()' with '::create()'
changed sub-requests creation to '::create()'
fixed merge issue
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/TranslationUpdateCommand.php
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig
src/Symfony/Component/DomCrawler/Link.php
src/Symfony/Component/Translation/Translator.php
This PR was merged into the master branch.
Commits
-------
a011842 [HttpKernel] fixed memory collector
def2ccb Add PHP memory_limit to WDT
Discussion
----------
[HttpKernel] fixed memory collector
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7037
---------------------------------------------------------------------------
by vicb at 2013-03-15T20:21:55Z
OT, that's great to see many contributions for you @jfsimon, thanks !
---------------------------------------------------------------------------
by jfsimon at 2013-03-18T09:35:54Z
Thanks @vicb, this is so lovely :)
* 2.1:
sub-requests are now created with the same class as their parent
[FrameworkBundle] removed BC break
[FrameworkBundle] changed temp kernel name in cache:clear
[DoctrineBridge] Avoids blob values to be logged by doctrine
[Security] use current request attributes to generate redirect url?
[Validator] fix showing wrong max file size for upload errors
[TwigBridge] removed double var initialization (refs #7344)
[2.1][TwigBridge] Fixes Issue #7342 in TwigBridge
[FrameworkBundle] fixed cahe:clear command's warmup
[TwigBridge] now enter/leave scope on Twig_Node_Module
[TwigBridge] fixed fixed scope & trans_default_domain node visitor
[TwigBridge] fixed non probant tests & added new one
[BrowserKit] added ability to ignored malformed set-cookie header
[Translation] removed wriong 'use'
[Translation] added xliff loader/dumper with resname support
[TwigBridge] fixes
Conflicts:
src/Symfony/Bundle/FrameworkBundle/HttpKernel.php
src/Symfony/Component/Security/Http/HttpUtils.php
src/Symfony/Component/Translation/Loader/XliffFileLoader.php
src/Symfony/Component/Translation/Tests/Loader/XliffFileLoaderTest.php
* 2.1:
[FrameworkBundle] Fix code status in dockblock
Fixed test to use Reflection
[Finder] fixed a potential issue on Solaris where INF value is wrong (refs #7269)
Update RouteCompiler.php
[FrameworkBundle] avoids cache:clear to break if new/old folders already exist
[HttpKernel] Fixed possible profiler token collision (closes#7272, closes#7171)
[ClassLoader] tweaked test
[ClassLoader] made DebugClassLoader idempotent
[DomCrawler] Fix relative path handling in links
Conflicts:
src/Symfony/Component/DomCrawler/Link.php
src/Symfony/Component/Finder/Iterator/DepthRangeFilterIterator.php
src/Symfony/Component/Routing/RouteCompiler.php
This PR was squashed before being merged into the master branch (closes#7202).
Commits
-------
817453c [2.2] add http_method_override option to ease setup
Discussion
----------
[2.2] add http_method_override option to ease setup
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR was squashed before being merged into the 2.1 branch (closes#7260).
Commits
-------
1d3da29 [FrameworkBundle] avoids cache:clear to break if new/old folders already exist
Discussion
----------
[FrameworkBundle] avoids cache:clear to break if new/old folders already exist
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6502
---------------------------------------------------------------------------
by mahmouds at 2013-03-04T19:07:20Z
👍
* 2.2: (26 commits)
[FrameworkBundle] Fixes invalid serialized objects in cache
remove dead code in yaml component
Fixed typo in UPGRADE-2.2
fixed typo
RedisProfilerStorage wrong db-number/index-number selected
[DependencyInjection] added a test for the previous merge (refs #7261)
Unset loading[$id] in ContainerBuilder on exception
Default validation message translation fix.
remove() should not use deprecated getParent() so it does not trigger deprecation internally
adjust routing tests to not use prefix in addCollection
add test for uniqueness of resources
added tests for addDefaults, addRequirements, addOptions
adjust RouteCollectionTest for the addCollection change and refactor the tests to only skip the part that really needs the config component
added tests for remove() that wasnt covered yet and special route name
refactor interator test that was still assuming a tree
adjust tests to no use addPrefix with options
adjusted tests to not use RouteCollection::getPrefix
[Routing] trigger deprecation warning for deprecated features that will be removed in 2.3
[Console] fixed StringInput binding
[Console] added string input test
...
This PR was merged into the master branch.
Commits
-------
0ef08f5 [Translator] fixed inconsistency in Translator
Discussion
----------
[2.3] [Translator] fixed inconsistency in Translator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by stof at 2013-02-17T20:44:32Z
shouldn't you make ``setFallbackLocale`` call ``setFallbackLocales`` ?
---------------------------------------------------------------------------
by fabpot at 2013-02-18T14:04:39Z
@stof: done
---------------------------------------------------------------------------
by stof at 2013-02-18T14:18:10Z
shoudn't you also update the place where the method is used (in FrameworkBundle probably) to use the non-deprecated one ?
This PR was merged into the master branch.
Commits
-------
439b8bc [WebProfilerBundle] Draw retina canvas if devicePixelRatio is bigger than 1
Discussion
----------
[2.3] [WebProfilerBundle] Draw retina canvas elements
When using a MacBook Pro Retina the default canvas is fuzzy and ugly, this scales the elements for a higher DPI so they will look sharp and crisp.
This PR was merged into the master branch.
Commits
-------
b0bca01 add status text to web profiler response panel
Discussion
----------
[2.3] add status text to web profiler response panel
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | cosmetic
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Add the status text to the web profiler response panel
---------------------------------------------------------------------------
by Burgov at 2013-02-17T11:08:37Z
The response object allows for setting a custom status message, so displaying the predefined one could be confusing.
E.g. ```$reponse->setStatusCode(403, "You can't go here!")```
However, there is no getter for it to be read... Perhaps it should be added?
---------------------------------------------------------------------------
by fabpot at 2013-02-17T11:32:37Z
I think displaying the default text is good enough. I suppose that the intent is to easily remember what a given status code means. There is no getter for the status text as it has no real meaning in terms of HTTP.
---------------------------------------------------------------------------
by gimler at 2013-02-17T16:50:47Z
Yes this was my intention. But i think this is a good point the response should have a `getStatusText` method.
So actual to only point where the status text is use is when the response is converted to string.
@fabpot i would add the `getStatusText` method to the `response` class and modify the PR to use this text. Do you agree with that?
---------------------------------------------------------------------------
by fabpot at 2013-02-17T17:13:07Z
Ad I said in my previous comment, not having a `getStatusText()` was in fact intentional.
* 2.2: (24 commits)
Options small typo
[Console] fixed unparsed StringInput tokens
Mask PHP_AUTH_PW header in profiler
[TwigBridge] fixed trans twig extractor
[Finder] adds adapter selection/unselection capabilities
[DomCrawler] fix handling of schemes by Link::getUri()
[Console] Fixed comment
[TwigBridge] fixed the translator extractor that were not trimming the text in trans tags (closes#7056)
Fixed handling absent href attribute in base tag
fixed paths/notPaths regex for shell adapters
fix issue 4911
Adds expandable globs support to shell adapters
[HttpFoundation] Fixed messed up headers
Fixes AppCache + ESI + Stopwatch problem
added a DebuClassLoader::findFile() method to make the wrapping less invasive
bumped Symfony version to 2.2.0-RC4-DEV
updated VERSION for 2.2.0-RC3
updated CHANGELOG for 2.2.0-RC3
fixed CHANGELOG
bumped Symfony version to 2.1.9-DEV
...
* 2.1:
Options small typo
[Console] fixed unparsed StringInput tokens
[TwigBridge] fixed trans twig extractor
[DomCrawler] fix handling of schemes by Link::getUri()
[Console] Fixed comment
[TwigBridge] fixed the translator extractor that were not trimming the text in trans tags (closes#7056)
Fixed handling absent href attribute in base tag
added a DebuClassLoader::findFile() method to make the wrapping less invasive
fixed CHANGELOG
bumped Symfony version to 2.1.9-DEV
updated VERSION for 2.1.8
updated CHANGELOG for 2.1.8
StringInput resets the given options.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
Defined stable version point of Doctrine.
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Update composer.json
[Form] Fixed TimeType not to render a "size" attribute in select tags
[Form] Added test for "label" option to accept the value "0"
Expanded fault-tolerance for unusual cookie dates
Fix docblock type
[Form] Fixed "label" option to accept the value "0"
Added greek translation
merged branch jfcixmedia/2.1 (PR #5838)
added a note about a BC break for the path info of sub-request (closes#7138)
[DomCrawler] lowered parsed protocol string (fixes#6986)
[FrameworkBundle] Fix a BC for Hinclude global template
[HttpKernel] fixed locale management when exiting sub-requests
fixed HInclude renderer (closes#7113)
Removed some leaking deprecation warning in the Form component
[HttpKernel] hinclude fragment renderer must escape URIs properly to return valid html
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Security/composer.json
* 2.1:
Defined stable version point of Doctrine.
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Update composer.json
[Form] Fixed TimeType not to render a "size" attribute in select tags
[Form] Added test for "label" option to accept the value "0"
Expanded fault-tolerance for unusual cookie dates
Fix docblock type
[Form] Fixed "label" option to accept the value "0"
merged branch jfcixmedia/2.1 (PR #5838)
[DomCrawler] lowered parsed protocol string (fixes#6986)
Conflicts:
composer.json
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/time_widget.html.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
src/Symfony/Component/Routing/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Validator/composer.json
* 2.2: (22 commits)
[Process] Fix regression introduced in #6620 / 880da01c49, fixes#7082
[HttpKernel] added a unit for the previous commit (closes#7025)
[HttpFoundation] fixed, overwritten CONTENT_TYPE
[BrowserKit] fixed test added in the previous merge (refs #7059)
[FrameworkBundle] tweaked reference dumper command (see #7093)
Remove unnecessary comment and change test name
[Config] tweaked dumper to indent multi-line info
[HttpKernel] added some tests for previous merge
Fix REMOTE_ADDR for cached subrequests
[FrameworkBundle] CSRF should be on by default
[WebProfilerBundle] removed dependency on FrameworkBundle (closes#6949)
[HttpKernel] added error display suppression when using the ErrorHandler (if not, errors are displayed twice, refs #6254)
[HttpFoundation] tweaked previous merge
[HttpFoundation] Added getter for httpMethodParameterOverride state
Create validators.lv.xlf
[Process] Warn user with a useful message when tmpfile() failed
[BrowserKit] added a test to make sure HTTP authentication is preserved when submitting a form
Remove array type hint from GetResponseForControllerResultEvent::setControllerResult()
bumped Symfony version to 2.2.0-DEV
Revert "merged branch povilas/issue_6101 (PR #6708)"
...
This PR was merged into the 2.2 branch.
Commits
-------
a313188 added a proper setter for the templating servicein HInclude
Discussion
----------
added a proper setter for the templating servicein HInclude
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by stof at 2013-02-17T12:44:40Z
👍
* 2.2:
Fixed XmlFileLoaderTest::testLoadThrowsExceptionWithInvalidFileEvenWithoutSchemaValidation
moved file hash calculation to own method
[Validator] Add check for existing metadata on property
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
replaced usage of the deprecated pattern routing key (replaced with path)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
This PR was merged into the 2.2 branch.
Commits
-------
73aa7d1 replaced usage of the deprecated pattern routing key (replaced with path)
Discussion
----------
replaced usage of the deprecated pattern routing key (replaced with path)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by lsmith77 at 2013-02-07T13:35:54Z
do we have tests to cover the BC behavior?
---------------------------------------------------------------------------
by fabpot at 2013-02-07T16:30:31Z
I've just added some tests for the legacy way.
* 2.2: (30 commits)
[HttpFoundation] Added support for partial ranges in the BinaryFileResponse.
[HttpFoundation] Fixed byte ranges in the BinaryFileResponse.
updated required versions when depending on the HttpFoundation component
updated required versions when depending on the HttpKernel component
updated required versions when depending on the Config component
updated required versions when depending on the Form component
updated required versions when depending on the DependencyInjection component
updated required versions when depending on the Validator component
updated required versions when depending on the Translation component
updated required versions when depending on the Routing component
updated required versions when depending on the EventDispatcher component
updated required versions when depending on the OptionsResolver component
updated required versions when depending on the PropertyAccess component
updated required versions when depending on the Security component
updated required versions when depending on the Templating component
updated required versions when depending on the Stopwatch component
updated required versions when depending on the Process component
updated required versions when depending on the Finder component
updated required versions when depending on the Dom Crawler component
use ~2.0 when depending on the Dom Crawler component
...
* 2.2:
[HttpFoundation] fixed Request::create() method
[HttpKernel] fixed the creation of the Profiler directory
[HttpKernel] fixed the hinclude fragment renderer when the template is empty
bumped Symfony version to 2.2.0-RC2-DEV
[DependencyInjection] enhanced some error messages
[FrameworkBundle] fixed typo
fixed typo
tweaked previous merge
[Security] fixed interface implementation (closes#6974)
Add "'property_path' => false" deprecation message for forms
fixed CS
Added BCrypt password encoder.
updated VERSION for 2.2.0-RC1
Removed underscores from test method names to be consistent with other components.
[Security] fixed session creation when none is needed (closes#6917)
[FrameworkBundle] removed obsolete comment (see 2e356c1)
Micro-optimization
[FrameworkBundle] removed extra whitespaces
[Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
[FrameworkBundle] fixed wrong indentation on route debug output
* 2.1:
[HttpKernel] fixed the creation of the Profiler directory
[Security] fixed session creation when none is needed (closes#6917)
[FrameworkBundle] removed obsolete comment (see 2e356c1)
This PR was merged into the 2.2 branch.
Commits
-------
35b62ac [Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
Discussion
----------
[Security] renamed Constraint namespace to Constraints for validator classes in order to be consistent with the whole current validator API.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes (for people already using the ``UserPassword`` constraint class in their code)
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
* 2.2:
fixed regression in the Finder component (it was possible to use it without using exec before, closes#6357)
fixed a circular call (closes#6864)
typo
[Security] [Tests] added unit tests for the UserPasswordValidator class and made the validator service for the UserPassword constraint configurable.
fixed wrong indentation
tweaked previous commit
[HttpKernel] Fix the URI signer (closes#6801)
Add Arabic translations.
[HttpKernel] fixed regression when rendering an inline controller and passing some objects (closes#6822)
[FrameworkBundle] fixed typo
renamed some classes and Twig functions to more descriptive names (refs #6871)
Classcollectionloader: fix traits + enhancements
Fix a deprecated method call in the tests
Update `composer.json` files: - to allow versions ~2.2 (>=2.2,<3.0) of Doctrine DBAL, ORM & Common - fixed Propel1 versions difference between main and bridge files - fixed Twig versions difference between main and bridge files - to allow versions ~1.11 (>=1.11,<2.0) of Twig - fixed Locale ext-intl version to accept all, not non-existing version
Correct comment in NativeSessionStorage regarding session.save_handler
[Security] Add PHPDoc to AuthenticationEvents
HttpContentRenderer has been renamed to FragmentHandler.
The RendererStrategy subnamespace has been renamed to Fragment.
The strategy classes now have Fragment in their names.
ProxyRouterListener has been renamed to FragmentListener
The router_proxy configuration entry has been renamed to fragments.
This PR was squashed before being merged into the master branch (closes#6852).
Commits
-------
fde7585 [DIC] Better handling of enableable configurations
Discussion
----------
[DIC] Better handling of enableable configurations
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no, this feature has not been released yet
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
My definition of bug fix might be discussable. The thing which I think is not discussable is that this PR fixes the semantic - and I think it is important for a "semantic configuration": before this PR, some nodes had `->canBeDisabled` for nodes that were actually disabled by default. Those nodes now have `->canBeEnabled` which sounds right.
**Edit: Jan 28, 2013** - history:
See [the related comments](https://github.com/symfony/symfony/pull/6829#discussion_r2727742).
I think Symfony **must** get the configuration right as we can expect of lot of devs to use this as a template when writting their own configuration.
@schmittjoh could you please give me your feedback on [this change](https://github.com/symfony/symfony/pull/6852/files#L4R224) considering [the rationale](https://github.com/symfony/symfony/pull/6852/files#L3R7).
---------------------------------------------------------------------------
by stof at 2013-01-23T16:10:33Z
@vicb your links are broken as they are pointing to the PR creation page
---------------------------------------------------------------------------
by stof at 2013-01-23T16:10:55Z
and to create a TODO list, it has to be a list first
---------------------------------------------------------------------------
by vicb at 2013-01-23T16:31:10Z
@stof thanks for reporting the broken links, they are fixed /cc @schmittjoh
---------------------------------------------------------------------------
by vicb at 2013-01-23T16:31:50Z
@Tobion please submit a PR to my repo, I don't have much time to work on this. Thanks !
---------------------------------------------------------------------------
by vicb at 2013-01-25T15:14:47Z
@fabpot @schmittjoh I'd like your feedback on the latest commit, rationale is in the method phpDoc. It better matches what we do now and seem the most sensible thing to do.
edit: with this you can no more disable the node explicitly, I have to find a better solution
---------------------------------------------------------------------------
by schmittjoh at 2013-01-25T15:20:13Z
Looks good.
On Fri, Jan 25, 2013 at 4:15 PM, Victor Berchet <notifications@github.com>wrote:
> @fabpot <https://github.com/fabpot> @schmittjoh<https://github.com/schmittjoh>I'd like your feedback on the latest commit, rationale is in the method
> phpDoc. It better matches what we do now and seem the most sensible thing
> to do.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/6852#issuecomment-12704585>.
>
>
---------------------------------------------------------------------------
by vicb at 2013-01-28T14:37:57Z
@fabpot I know I keep insisting on this one and I am sorry for that but I think this should be considered as a bug fix (see the PR header for details) and should be merged in 2.2. I think the Symfony core should be exemplary as it is used by many developers as a template when creating their own bundle. *This PR is no more a WIP and can be merged right now*.
In addition to fixing the enableable nodes, this PR contain new UTs and some fixes to the code / tests.
---------------------------------------------------------------------------
by fabpot at 2013-01-28T16:43:42Z
@vicb As explained in a comment, this is not a BC break as this feature does not exist in 2.1. So, I can make the change to the CHANGELOG if you want after merging, or I can let you make the change.
---------------------------------------------------------------------------
by vicb at 2013-01-28T16:46:33Z
I am going to change it right now !
---------------------------------------------------------------------------
by vicb at 2013-01-28T16:46:56Z
(and thanks for having checked this)
---------------------------------------------------------------------------
by vicb at 2013-01-28T16:54:37Z
@fabpot I have updated the changelog and the PR header.
I am not sure if the commits should be squashed or not. On one side the multiple commits can help understand the changes but on the other side that's a lot of small commits which could pollute history. I let you choose what to do.
* 2.1:
[DependencyInjection] fixed the creation of synthetic services in ContainerBuilder
[Security] PHPDoc in SecurityEvents
Fix typos in README
Added an error message in the DebugClassLoader when using / instead of \.
KNOWN_ISSUES with php 5.3.16
[FrameworkBundle] fixed Client::doRequest that must call its parent method (closes#6737)
[Yaml] fixed ignored text when parsing an inlined mapping or sequence (closes#6786)
[Yaml] fixed#6773
[Yaml] fixed#6770
bumped Symfony version to 2.1.8-DEV
bumped Symfony version to 2.0.23-DEV
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Client.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was squashed before being merged into the master branch (closes#6734).
Commits
-------
4d51ec0 Fix for hardcode (#6384) in choice widget
Discussion
----------
Fix for hardcode (#6384) in choice widget
empty_value should not be disabled if field is not required!
#6384
---------------------------------------------------------------------------
by sstok at 2013-01-15T15:51:08Z
You need to revert the file mode changes (100644 → 100755)
---------------------------------------------------------------------------
by MaksSlesarenko at 2013-01-18T16:44:42Z
fixed tests
---------------------------------------------------------------------------
by MaksSlesarenko at 2013-01-21T15:36:59Z
ping @fabpot
---------------------------------------------------------------------------
by fabpot at 2013-01-21T15:58:26Z
ping @bschussek
---------------------------------------------------------------------------
by MaksSlesarenko at 2013-01-23T11:15:37Z
ping @fabpot @bschussek
---------------------------------------------------------------------------
by Tobion at 2013-01-23T12:08:19Z
I think it's good to squash and merge.
---------------------------------------------------------------------------
by fabpot at 2013-01-23T12:16:37Z
Can you rebase and squash before I merge? Thanks.
---------------------------------------------------------------------------
by MaksSlesarenko at 2013-01-23T19:51:36Z
@fabpot done
* 2.0:
[DependencyInjection] fixed the creation of synthetic services in ContainerBuilder
[Security] PHPDoc in SecurityEvents
[FrameworkBundle] fixed Client::doRequest that must call its parent method (closes#6737)
[Yaml] fixed ignored text when parsing an inlined mapping or sequence (closes#6786)
[Yaml] fixed#6773
[Yaml] fixed#6770
bumped Symfony version to 2.0.23-DEV
Conflicts:
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Yaml/Inline.php
src/Symfony/Component/Yaml/Tests/InlineTest.php
As explained in #6775, this has been done for the following reasons:
1. It's also Request::getHost()
2. The term hostname has been obsoleted in
http://tools.ietf.org/html/rfc3986#appendix-D.2 and uses the host only
3. hostname in the RFC was defined as the registered domain name, but we
probably also want to match IP-Adresses with the pattern which is the
host = IP-literal / IPv4address / reg-name for.
This PR was merged into the master branch.
Commits
-------
d5e73e5 [SecurityBundle] changed includes to use the new Twig notation
Discussion
----------
[SecurityBundle] changed includes to use the new Twig notation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no - couple of unrelated failures
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
* 2.1:
[Yaml] fixed default value
Added Yaml\Dumper::setIndentation() method to allow a custom indentation level of nested nodes.
added a way to enable/disable object support when parsing/dumping
added a way to enable/disable PHP support when parsing a YAML input via Yaml::parse()
fixed CS
[Process] Fix docblocks, remove `return` from `PhpProcess#start()` as parent returns nothing, cleaned up `ExecutableFinder`
fixes a bug when output/error output contains a % character
[Console] fixed input bug when the value of an option is empty (closes#6649, closes#6689)
[Profiler] [Redis] Fix sort of profiler rows.
Fix version_compare() calls for PHP 5.5.
Removed underscores from test method names to be consistent with other components.
[Process] In edge cases `getcwd()` can return `false`, then `proc_open()` should get `null` to use default value (the working dir of the current PHP process)
Fix version_compare() calls for PHP 5.5.
Handle the deprecation of IntlDateFormatter::setTimeZoneId() in PHP 5.5.
removed the .gitattributes files (closes#6605, reverts #5674)
[HttpKernel] Clarify misleading comment in ExceptionListener
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_style.html.twig
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/TimeTypeTest.php
src/Symfony/Component/Form/Tests/Util/PropertyPathTest.php
src/Symfony/Component/HttpKernel/Profiler/RedisProfilerStorage.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Commits
-------
9fc7def added the UPGRADE file for Symfony 3.0
e84cad2 [Routing] updated CHANGELOG
65eca8a [Routing] added new schemes and methods options to the annotation loader
5082994 [Routing] renamed pattern to path
b357caf [Routing] renamed hostname pattern to just hostname
e803f46 made schemes and methods available in XmlFileLoader
d374e70 made schemes and methods available in YamlFileLoader
2834e7e added scheme and method setter in RouteCollection
10183de make scheme and method requirements first-class citizen in Route
Discussion
----------
Routing options
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #5989, #5990, #6049
| License | MIT
In #5989, it has unanimously been decided to renamed `hostname_pattern` to `hostname` and `pattern` to `path`. That makes a lot of sense and I would like to do the renaming now as `hostname_pattern` is new in Symfony 2.2, so I'd like to avoid breaking BC just after the release. As we are modifying the route options, I've also included changes introduced by @Tobion in #6049 which were discussed in #5990.
As everything is BC, I think it's wise to include that in 2.2. What do you think?
---------------------------------------------------------------------------
by Tobion at 2013-01-14T18:25:53Z
I agree it should be done in 2.2. Thanks for working on it.
---------------------------------------------------------------------------
by vicb at 2013-01-14T23:11:12Z
@fabpot "Everything is BC" until it breaks BC in 3.0, that's why I'd like to see [deprecations in PR summary](https://github.com/symfony/symfony-docs/pull/2116) what do you think ?
---------------------------------------------------------------------------
by vicb at 2013-01-14T23:16:40Z
it would also be great to update the CHANGELOG with deprecations (it could also help people answering your question)
---------------------------------------------------------------------------
by fabpot at 2013-01-15T07:07:03Z
@vicb: I've just updated the CHANGELOG and created the UPGRADE file for 3.0.
---------------------------------------------------------------------------
by vicb at 2013-01-15T07:15:32Z
@fabpot thanks.
This PR was merged into the master branch.
Commits
-------
76fefe3 updated CHANGELOG and UPGRADE files
f7da1f0 added some unit tests (and fixed some bugs)
f17f586 moved the container aware HTTP kernel to the HttpKernel component
2eea768 moved the deprecation logic calls outside the new HttpContentRenderer class
bd102c5 made the content renderer work even when ESI is disabled or when no templating engine is available (the latter being mostly useful when testing)
a8ea4e4 [FrameworkBundle] deprecated HttpKernel::forward() (it is only used once now and not part of any interface anyway)
1240690 [HttpKernel] made the strategy a regular parameter in HttpContentRenderer::render()
adc067e [FrameworkBundle] made some services private
1f1392d [HttpKernel] simplified and enhanced code managing the hinclude strategy
403bb06 [HttpKernel] added missing phpdoc and tweaked existing ones
892f00f [HttpKernel] added a URL signer mechanism for hincludes
a0c49c3 [TwigBridge] added a render_* function to ease usage of custom rendering strategies
9aaceb1 moved the logic from HttpKernel in FrameworkBundle to the HttpKernel component
Discussion
----------
[WIP] Kernel refactor
Currently, the handling of sub-requests (including ESI and hinclude) is mostly done in FrameworkBundle. It makes these important features harder to implement for people using only HttpKernel (like Drupal and Silex for instance).
This PR moves the code to HttpKernel instead. The code has also been refactored to allow easier integration of other rendering strategies (refs #6108).
The internal route has been re-introduced but it can only be used for trusted IPs (so for the internal rendering which is managed by Symfony itself, or by a trusted reverse proxy like Varnish for ESI handling). For the hinclude strategy, when using a controller, the URL is automatically signed (see #6463).
The usage of a listener instead of a controller to handle internal sub-requests speeds up things quite a lot as it saves one sub-request handling. In Symfony 2.0 and 2.1, the handling of a sub-request actually creates two sub-requests.
Rendering a sub-request from a controller can be done with the following code:
```jinja
{# default strategy #}
{{ render(path("partial")) }}
{{ render(controller("SomeBundle:Controller:partial")) }}
{# ESI strategy #}
{{ render(path("partial"), { strategy: 'esi' }) }}
{{ render(controller("SomeBundle:Controller:partial"), { strategy: 'esi' }) }}
{# hinclude strategy #}
{{ render(path("default1"), { strategy: 'hinclude' }) }}
```
The second commit allows to simplify the calls a little bit thanks to some nice syntactic sugar:
```jinja
{# default strategy #}
{{ render(path("partial")) }}
{{ render(controller("SomeBundle:Controller:partial")) }}
{# ESI strategy #}
{{ render_esi(path("partial")) }}
{{ render_esi(controller("SomeBundle:Controller:partial")) }}
{# hinclude strategy #}
{{ render_hinclude(path("default1")) }}
```
---------------------------------------------------------------------------
by fabpot at 2013-01-03T17:58:49Z
I've just pushed a new version of the code that actually works in my browser (but I've not yet written any unit tests). I've updated the PR description accordingly.
All comments welcome!
---------------------------------------------------------------------------
by Koc at 2013-01-03T20:11:43Z
what about `render(controller="SomeBundle:Controller:partial", strategy="esi")`?
---------------------------------------------------------------------------
by stof at 2013-01-04T09:01:01Z
shouldn't we have interfaces for the UriSigner and the HttpContentRenderer ?
---------------------------------------------------------------------------
by lsmith77 at 2013-01-04T19:28:09Z
btw .. as mentioned in #6213 i think it would make sense to refactor the HttpCache to use a cache layer to allow more flexibility in where to cache the data (including clustering) and better invalidation. as such if you are refactoring HttpKernel .. it might also make sense to explore splitting off HttpCache.
---------------------------------------------------------------------------
by fabpot at 2013-01-04T19:30:07Z
@lsmith77 This is a totally different topic. This PR is just about moving things from FrameworkBundle to HttpKernel to make them more reusable outside of the full-stack framework.
---------------------------------------------------------------------------
by fabpot at 2013-01-05T09:39:52Z
I think this PR is almost ready now. I still need to update the docs and add some unit tests. Any other comments on the whole approach? The class names? The `controller` function thingy? The URI signer mechanism? The proxy protection for the internal controller? The proxy to handle internal routes?
---------------------------------------------------------------------------
by sstok at 2013-01-05T10:08:25Z
Looks good to me 👍
---------------------------------------------------------------------------
by sdboyer at 2013-01-07T18:17:08Z
@Crell asked me to weigh in, since i'm one of the Drupal folks who's likely to work most with this.
i think i've grokked about 60% of the big picture here, and i'm generally happy with what i see. the assumption that the HInclude strategy makes about working with templates probably isn't one that we'll be able to use (and so, would need to write our own), but that's not a big deal since the whole goal here is to make strategies pluggable.
so, yeah. +1.
---------------------------------------------------------------------------
by winzou at 2013-01-09T20:21:44Z
Just for my information: will this PR be merged for 2.2 version? Thanks.
---------------------------------------------------------------------------
by stof at 2013-01-09T20:41:04Z
@winzou according to the blog post announcing the beta 1 release, yes. It is explicitly listed as being one of the reason to make it a beta instead of the first RC.
---------------------------------------------------------------------------
by winzou at 2013-01-09T20:49:36Z
OK thanks, I've totally skipped this blog post.
---------------------------------------------------------------------------
by fabpot at 2013-01-10T15:26:15Z
I've just added a bunch of unit tests and fix some bugs I found while writing the tests.
This PR was merged into the master branch.
Commits
-------
6b1652e [PropertyAccess] Property path, small refactoring, read/writeProperty to read/write Property/Index.
1bae7b2 [PropertyAccess] Extracted PropertyAccess component out of Form
Discussion
----------
[PropertyAccess] Extracted PropertyAccess component out of Form
Bug fix: no
Feature addition: no
Backwards compatibility break: yes
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
TODO: adapt DoctrineBundle/PropelBundle to pass the "property_accessor" service to EntityType/ModelType
Usage:
```php
$accessor = PropertyAccess::getPropertyAccessor();
// equivalent to $object->getFoo()->setBar('value')
$accessor->setValue($object, 'foo.bar', 'value');
// equivalent to $object->getFoo()->getBar()
$accessor->getValue($object, 'foo.bar');
// equivalent to $object->getFoo()['bar']
$accessor->getValue($object, 'foo[bar]');
// equivalent to $array['foo']->setBar('value')
$accessor->setValue($array, '[foo].bar', 'value');
// equivalent to $array['foo']['bar']
$accessor->getValue($array, '[foo][bar]');
```
Later on, once we have generation and caching of class-specific accessors, configuration will be something like this (consistent with the Form and Validator component):
```php
$accessor = PropertyAccess::getPropertyAccessorBuilder()
->setCacheDirectory(__DIR__ . '/cache')
->setCacheLifeTime(86400)
->enableMagicGetSet()
->enableMagicCall()
->getPropertyAccessor();
```
or
```php
$accessor = PropertyAccess::getPropertyAccessorBuilder()
->setCache($cache)
->getPropertyAccessor();
```
etc.
---------------------------------------------------------------------------
by Burgov at 2013-01-07T08:48:15Z
+1. I use this feature outside of the Form context a lot
---------------------------------------------------------------------------
by stof at 2013-01-07T08:49:34Z
The classes in the Form component should be kept for BC (and deprecated) for people using the feature
---------------------------------------------------------------------------
by michelsalib at 2013-01-07T10:02:19Z
YES YES YES 👍. Sorry for my enthusiasm, but I already copy pasted the PropertyPath class to some of my libraries to avoid linking to the whole Form component. I thus will be glad to officially use this component into my libraries via composer.
---------------------------------------------------------------------------
by norzechowicz at 2013-01-07T10:17:39Z
Same as @michelsalib to avoid linking full Form component I was using copied parts of code. Can't wait to use this component in my lib. 👍
---------------------------------------------------------------------------
by bschussek at 2013-01-07T10:43:41Z
I split away `getValue()` and `setValue()` from `PropertyPath` into a new class `ReflectionGraph`. The component is also named ReflectionGraph now.
---------------------------------------------------------------------------
by michelsalib at 2013-01-07T10:47:10Z
I am not found of the name. What do you intend to do in the component more than what PropertyPath does ?
---------------------------------------------------------------------------
by bschussek at 2013-01-07T10:58:59Z
@michelsalib A `PropertyPath` is simply a string like `foo.bar[baz]`. `getValue()` and `setValue()` interpret this path. There may be different interpretations for the same path, so these methods were split into a new class.
I chose the name `ReflectionGraph` because the functionality is very similar to `ReflectionProperty`.
```php
$reflProperty = new ReflectionProperty('Vendor/Class', 'property');
$reflProperty->setValue($object, 'foo');
$reflGraph = new ReflectionGraph();
$reflGraph->setValue($object, 'property.path', 'foo');
```
---------------------------------------------------------------------------
by michelsalib at 2013-01-07T11:00:42Z
What about naming it `Reflection`, maybe sometime we will want to add more reflection tools for classes, interfaces... ?
---------------------------------------------------------------------------
by bschussek at 2013-01-07T11:02:32Z
@michelsalib I doubt that we will do that. PHP's implementation is sufficient.
---------------------------------------------------------------------------
by vicb at 2013-01-07T11:03:57Z
> Backwards compatibility break: no
Really ?
---------------------------------------------------------------------------
by michelsalib at 2013-01-07T11:05:07Z
Well, that is just a suggestion. If I am the only one to oppose, I won't complain.
---------------------------------------------------------------------------
by bschussek at 2013-01-07T11:09:08Z
> Really ?
@vicb Would you please refrain from such meanginless comments in the future? I'm getting a bit tired of them. If you think that BC is broken somewhere, tell me where so that I can fix it.
---------------------------------------------------------------------------
by stof at 2013-01-07T11:09:43Z
@vicb There is no BC break as he kept deprecated classes for BC
---------------------------------------------------------------------------
by norzechowicz at 2013-01-07T11:13:12Z
@bschussek what do you think about some kind of factory for Reflection? This will prevent creating new Reflection objects each time you want to access properties values.
---------------------------------------------------------------------------
by vicb at 2013-01-07T11:18:47Z
@bschussek my point is that my comment is no more meaningless than closing #6453 because it will break BC.We could also keep BC by extending the classes in the new ns but in both cases BC will ultimately be broken (when the legacy classes are removed)
---------------------------------------------------------------------------
by vicb at 2013-01-07T12:23:45Z
@bschussek @stof I think that modifying the constructor signatures of `EntityChoiceList`, `FormType` are BC breaks (this is not an exhaustive list)
---------------------------------------------------------------------------
by bschussek at 2013-01-07T12:35:13Z
@vicb You are right. I added corresponding entries to the CHANGELOG and adapted the above description.
---------------------------------------------------------------------------
by vicb at 2013-01-08T13:39:13Z
@bschussek looking at this PR, I was wondering if an alternate syntax would make sense:
```php
<?php
$reflGraph = new ReflectionGraph($object);
// equivalent to $object->getFoo()->setBar('value')
$reflGraph['foo.bar'] = 'value';
// equivalent to $object->getFoo()->getBar()
$reflGraph['foo.bar'];
```
_Sorry for the off topic_
---------------------------------------------------------------------------
by vicb at 2013-01-08T13:49:46Z
The advantage of using such a `ReflectionGraph` factory is that it might be easier to return specialized reflection graphs, ie optimized instances (that would be cached).
---------------------------------------------------------------------------
by Toflar at 2013-01-08T14:49:54Z
I was also puzzled by the fact that there will be many `ReflectionGraph` instances although they don't have to. I'm with @vicb and I'd also vote for using the constructor to set the subject you're working on. Otherwise you'll repeat yourself over and over again by passing the subject - say `$object` - to `getValue()` or `setValue()`. If however you don't like the constructor thing then why do we have to have an instance of `ReflectionGraph` rather than just go for static methods and use `ReflectionGraph::getValue()` and `ReflectionGraph::setValue()`?
In my opinion there are a few methods that could be static anyway (especially some private ones) :)
But probably I misunderstood something as I'm just about to discover the SF components and don't have any experience working with them (so basically I just read the PR because of @bschussek's tweet :D)
Couldn't come up with any intuitive name for the component though :(
Generally when we talk about "getting" and "setting" values we call those things "mutators"...so `GraphMutator` might be more intuitive than the word `Reflection` :)
---------------------------------------------------------------------------
by Taluu at 2013-01-08T14:57:42Z
I like the last proposition made by @vicb (implementing `ArrayAccess` on `ReflectionGraph` - or whatever name will be chosen (`PathMutator` for example :D), and also specify which object should be worked on in the constructor rather than in each method).
Would this also be used in the `Validator` component ?
---------------------------------------------------------------------------
by stof at 2013-01-08T15:16:12Z
@Toflar A static ``ReflectionGraph::getValue()`` means you have a coupling to the implementation (as with any static call). The current implementation allows you to replace it with your own implementation as long as you implement the interface as it follows the DI pattern (as done in other places in Symfony).
@vicb The issue with ``$reflGraph = new ReflectionGraph($object);`` is that you cannot inject the ReflectionGraph anymore, as you need a new one each time. This would mean adding a ``ReflectionGraphFactory`` to be injected (and which could then be replaced by a factory using code generation). Using the constructor directly would not allow using a replacement based on code generation later. So the resulting code would more likely be
```php
$reflGraph = new ReflectionGraph();
$mutator = $reflGraph->getMutator($object);
// equivalent to $object->getFoo()->setBar('value')
$mutator['foo.bar'] = 'value';
// equivalent to $object->getFoo()->getBar()
$mutator['foo.bar'];
```
Btw, writing this, I find the naming Mutator suggested by @Taluu good when it concerns the setter, but quite weird when getting the value.
---------------------------------------------------------------------------
by Taluu at 2013-01-08T15:21:00Z
I was not the one to suggest though, it was @everzet. But then something like `PathAccessor`, as it is both a mutator and a getter ? I also like @stof suggestion, still in the idea of avoiding to have to put the object as an argument and also allowing to use an `ArrayAccess` interface..
---------------------------------------------------------------------------
by vicb at 2013-01-08T15:21:54Z
@stof your remark makes sense.
What about `Accessor`, the benefit being that it might well be the name of a coming PHP feature: https://wiki.php.net/rfc/propertygetsetsyntax-v1.2
---------------------------------------------------------------------------
by everzet at 2013-01-08T15:27:02Z
```php
$manager = new PropertyManager(new PropertyPath());
$num = $manager->getValue($object, 'foo.num');
$manager->setValue($object, 'foo.num', $num + 1);
$objectManager = new ObjectPropertyManager($object[, $manager]);
$num = $objectManager->getValue('foo.num');
$objectManager->setValue('foo.num', $num + 1);
$objectManager['foo.num'] += 1;
```
---------------------------------------------------------------------------
by bschussek at 2013-01-08T15:28:01Z
It might be me, but I don't like `ArrayAccess` to be misused for features like that. If I access a key in an array access structure, I expect it to be something like a collection, an associative array or a key value store. This class is neither.
Putting that aside, an accessor for a specific object might make sense, but I'm not sure about that yet.
```php
$reflObject->setValue('foo.bar', 'value');
$reflObject->getValue('foo.bar');
```
---------------------------------------------------------------------------
by stof at 2013-01-08T15:28:52Z
@vicb I would vote for PathAccessor then, as we are not doing simple accessor but accessors through a path in an object graph.
In my snippet above, we would then have a ReflectionGraph instance and a PathAccessor instance (``$mutator``).
Btw, I would also keep the methods ``setValue`` and ``getValue``. I find it more clear.
---------------------------------------------------------------------------
by bschussek at 2013-01-08T15:32:07Z
@stof But then we're rather left with the question of ReflectionGraph **vs.** PathAccessor. I don't think that the tiny interface difference (one global, one object-based) justifies the big naming difference.
---------------------------------------------------------------------------
by vicb at 2013-01-08T15:33:24Z
> This class is neither.
It might be `$pa['foo.bar[baz]'] = $pa['foo.bar']['baz'];` I don't know if it would help though.
---------------------------------------------------------------------------
by stof at 2013-01-08T15:35:51Z
@bschussek In my suggestion, ``ReflectionGraph`` is a factory for the PathAccessor objects. It is not accessing anymore itself (which would probably continue to cause issues to implement it with code generation). But the naming could indeed be changed to something else.
This PR was merged into the master branch.
Commits
-------
67d7423 Remove use of deprecated HttpKernel LoggerInterface
dca4528 [HttpKernel] Extend psr/log's NullLogger class
1e5a890 [Monolog] Mark old non-PSR3 methods as deprecated
91a86f8 [HttpKernel][Monolog] Add PSR-3 support to the LoggerInterface
Discussion
----------
[HttpKernel][MonologBridge] PSR-3 support
This enables PSR-3 support and monolog 1.3+. The first commit is the main part. The rest deals with deprecation of short-hand methods (warn/err/crit/emerg) that are fully expanded in PSR-3 (warning/error/critical/emergency).
The downside of deprecating them is that for bundles it's a bit harder to support older and newer versions. If that is too much of a hassle you can drop that for now and cherry pick the first commit.
The upside is that it forces people to move towards PSR-3 compatible stuff, which means eventually we could completely drop the LoggerInterface from the framework. In any case I think the documentation should only mention the `Psr\Log\LoggerInterface` and people should start hinting against that. The change should be done in core as well I suppose.
Anyway I wanted to throw this out there as it is to get feedback.
---------------------------------------------------------------------------
by stof at 2013-01-09T09:15:15Z
@Seldaek I also think you should change the typehint to use the PSR LoggerInterface in all classes using the logger
---------------------------------------------------------------------------
by Seldaek at 2013-01-09T09:54:55Z
OK updated according to all the feedback. I tested it in an app and it still seems to work so there shouldn't be any major issues.
---------------------------------------------------------------------------
by Seldaek at 2013-01-09T09:59:55Z
@fabpot if you merge please merge also the bundle PR, otherwise it won't be possible to update without conflict.
---------------------------------------------------------------------------
by frosas at 2013-01-10T14:59:20Z
I'm trying to understand why a `composer update` of a Symfony 2.1.* resulted in a fatal error. Shouldn't a stable version don't break like this?
As @olaurendeau points, why Symfony depends 1.* instead of 1.2.*? Or why Monolog 1.3 breaks its public interface (EDIT: I'm not sure about it)? Or why isn't this PR being merged (into branch 2.1) at the same time Monolog 1.3 is released?
Please, understand I'm not looking for who to blame, it's just I want to know if this situation is unexpected or if otherwise a `composer update` on a stable branch is not as innocent as it seems.
---------------------------------------------------------------------------
by stof at 2013-01-10T15:06:51Z
@frosas it cannot be merged into 2.1 as it is a BC break. The 2.1 branch has been updated to forbid Monolog 1.3 already
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T15:11:58Z
@frosas you can blame me for releasing as 1.3.0 and not 2.0, but technically for monolog this isn't really a BC break, I just added an interface. The problem is due to the way it's used in symfony, it ended up as a fatal error. In any case the situation is now sorted out I think.
---------------------------------------------------------------------------
by frosas at 2013-01-10T15:26:43Z
@stof now I see this `>=1.0,<1.3-dev` change in the 2.1 branch. Now, shouldn't a new (2.1.7) version be released for all of us not in the dev minimum-stability?
@Seldaek then do you see feasible to rely only in X.Y.* versions to avoid this kind of errors?
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T15:45:22Z
@frosas relying on X.Y.* is painful because you always need to wait until someone updates the constraint to get the new version. Of course using ~1.3 like in this PR means if I fuck up and break BC people will update to it, but that's a less likely occurrence than the alternative I think, so I would rather not use X.Y.*
---------------------------------------------------------------------------
by frosas at 2013-01-10T15:50:50Z
@Seldaek you are right about this, but I was thinking more in changing it only for the stable versions. EDIT: I mean, how often do you need a new feature in a branch you only apply fixes to?
---------------------------------------------------------------------------
by stof at 2013-01-10T15:57:32Z
@frosas Monolog and Symfony have separate release cycles. Foorcing Symfony users to use an old version of Monolog until they update to a new version of Symfony whereas the newer Monolog is compatible is a bad idea. Thus, as Monolog keeps BC, it does not maintain bugfix releases for all older versions (just like Twig does too). So it would also forbid you to get the fixes done in newer Monolog versions.
The incompatibility between Symfony 2.1 LoggerInterface and PSR-3 (whereas they expect exactly the same behavior and signature for methods with the same name) is unfortunate and is the reason why we get some issues here.
---------------------------------------------------------------------------
by frosas at 2013-01-10T16:21:06Z
@stof I appreciate you prefer to allow newer versions at the price of having to be constantly monitoring its changes to avoid breaks.
Another similar but safer strategy would be to stick to X.Y.* versions and upgrade to X.Y+1.* once the new version integration is tested, but I understand this is discutible in projects as close to Symfony as Monolog.
Returning to the issue, what do you say to release this 2.1.7 version? Or is it only me who is having issues here?
---------------------------------------------------------------------------
by stof at 2013-01-10T16:26:20Z
@frosas a minor release should not break BC when following smeantic versionning (Symfony warned about the fact it is not strictly followed for the first releases of 2.x). But as far as monolog is concerned, 1.3 is BC with 1.2.
---------------------------------------------------------------------------
by Seldaek at 2013-01-10T16:49:55Z
@frosas sorry I didn't get you still had the problem. I tagged a 2.1.7 of monologbundle which hopefully fixes your issue.
This PR was merged into the master branch.
Commits
-------
73db84f [Security] Move translations file to 'security' domain
324703a [Security] Switch to English messages as message keys
aa74769 [Security] Fix CS + unreachable code
2d7a7ba [Security] Fix `AuthenticationException` serialization
50d5724 [Security] Introduced `UsernameNotFoundException#get/setUsername`
39da27a [Security] Removed `get/setExtraInformation`, added `get/set(Token|User)`
837ae15 [Security] Add note about changed constructor to changelog
d6c57cf [FrameworkBundle] Register security exception translations
d7129b9 [Security] Fix exception constructors called in `UserChecker`
0038fbb [Security] Add initial translations for AccountStatusException childs
50e2cfc [Security] Add custom `getMessageKey` AccountStatusException childs
1147977 [Security] Fix InsufficientAuthenticationException constructor calls
79430b8 [Security] Fix AuthenticationServiceException constructor calls
42cced4 [Security] Fix AuthenticationException constructor calls
963a1d7 [Security] Add initial translations for the exceptions
ed6eed4 [Security] Add `getMessageKey` and `getMessageData` to auth exceptions
694c47c [Security] Change signature of `AuthenticationException` to match `\Exception`
Discussion
----------
[2.2][Security] AuthenticationException enhancements
Bug fix: semi
Feature addition: yes
Backwards compatibility break: yes
Symfony2 tests pass: [](http://travis-ci.org/asm89/symfony)
Fixes the following tickets: #837
License of the code: MIT
This PR adds the functionality discussed in #837 and changes the constructor of the `AuthenticationException` to match that of `\Exception`. This PR will allow developers to show a translated (save) authentication exception message to the user. :)
*Todo:*
- Add some functional test to check that the exceptions can indeed be translated?
- Get feedback on the current English messages
---------------------------------------------------------------------------
by asm89 at 2012-07-15T14:04:11Z
ping @schmittjoh
---------------------------------------------------------------------------
by schmittjoh at 2012-07-15T14:57:32Z
Looks good to me.
While you are at the exceptions, I think we can also get rid of the "extra information" thing and replace it by explicit getters/setters. Mostly that will mean adding set/getToken, set/getUser, set/getUsername. Bundles might add custom exceptions which have other data. This will make it a bit more useful and predictable.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T15:40:45Z
@schmittjoh I removed the `get/setExtraInformation` and added the more explicit getters/setters as you suggested.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T19:33:15Z
@fabpot Did you reschedule this for 2.2? Why? It was originally a 2.1 ticket. I think it is an important one because at the moment there is no reliable way to show users the cause of an `AuthenticationException` without the threat of exposing sensitive information. This issue has been around for a while, see the original issue this PR refers to, or for example [this TODO comment in FOSUB](https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Controller/SecurityController.php#L37).
The PR itself is ready to merge now. My only question that remains is about whether the actual translations should be functional tested?
---------------------------------------------------------------------------
by fabpot at 2012-07-15T19:43:19Z
We need to stop at some point. If not, we never release anything. beta3 was scheduled for today and I don't plan any other one before the first RC and I won't have time to review this PR next week. So, if you, @schmittjoh, @vicb, @stof, and a few other core devs "validate" this PR, I might consider merging it before 2.1.
---------------------------------------------------------------------------
by asm89 at 2012-07-15T19:46:09Z
@fabpot I totally agree with your point of view. I just have been trying to pickup some security issues that were still open. :)
---------------------------------------------------------------------------
by stof at 2012-07-15T19:50:29Z
This looks good to me
---------------------------------------------------------------------------
by asm89 at 2012-08-12T09:06:24Z
Since the beta period is over I assume the window was missed to get this security related PR in 2.1. If I have feedback from @fabpot I'll still try to make it mergeable asap though.
---------------------------------------------------------------------------
by fabpot at 2012-08-13T10:10:32Z
@asm89 This would indeed be considered for merging in 2.2.
---------------------------------------------------------------------------
by Antek88 at 2012-10-03T10:30:46Z
+1
---------------------------------------------------------------------------
by stof at 2012-10-04T21:27:15Z
@asm89 could you rebase this PR ? It conflicts with master
---------------------------------------------------------------------------
by fabpot at 2012-10-05T17:16:44Z
What's the status of this PR? @asm89 Have you taken all the feedback into account?
---------------------------------------------------------------------------
by stof at 2012-10-13T17:48:48Z
@asm89 ping
---------------------------------------------------------------------------
by fabpot at 2012-10-29T09:48:40Z
@asm89 If you don't have time, I can finish the work on this PR, but can you just tell me what's left?
---------------------------------------------------------------------------
by asm89 at 2012-10-29T10:02:22Z
I can pick this up, but I have two outstanding questions:
- One about adding `::create()`? https://github.com/symfony/symfony/pull/4935#discussion_r1358297
- And what is the final verdict on the messages? https://github.com/symfony/symfony/pull/4935#discussion_r1165701 The initial idea was that the exception itself have an exception message which is plain english and informative for the developer. If you want to display the 'safe' user messages you have the optional dependency on the translator. There is a comparison made with the Validator component, but in my opinion that's a different case because the violations always contain the message directed at the user and have no plain english message for the developer. Apart from that the Validator component contains it's own code for replacing `{{ }}` variables in messages (duplication? not as flexible as the translator). Concluding I'd opt for: optional dependency on translator component if you want to show 'safe' user messages + message keys.
@schmittjoh Any things to add?
---------------------------------------------------------------------------
by schmittjoh at 2012-10-29T10:14:09Z
Message keys sound good to me. I wouldn't add the ``create`` method for now.
On Mon, Oct 29, 2012 at 11:02 AM, Alexander <notifications@github.com>wrote:
> I can pick this up, but I have two outstanding questions:
>
> - One about adding ::create()? symfony/symfony#4935<https://github.com/symfony/symfony/issues/4935#discussion_r1358297>
> - And what is the final verdict on the messages? symfony/symfony#4935<https://github.com/symfony/symfony/issues/4935#discussion_r1165701>The initial idea was that the exception itself have an exception message
> which is plain english and informative for the developer. If you want to
> display the 'safe' user messages you have the optional dependency on the
> translator. There is a comparison made with the Validator component, but in
> my opinion that's a different case because the violations always contain
> the message directed at the user and have no plain english message for the
> developer. Apart from that the Validator component contains it's own code
> for replacing {{ }} variables in messages (duplication? not as
> flexible as the translator). Concluding I'd opt for: optional dependency on
> translator component if you want to show 'safe' user messages + message
> keys.
>
> @schmittjoh <https://github.com/schmittjoh> Any things to add?
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/4935#issuecomment-9861016>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-10-29T10:27:37Z
As I said in the discussion about the translations, I'm -1 for the message keys to be consistent with how we manage translations everywhere else in the framework.
---------------------------------------------------------------------------
by stof at 2012-10-29T10:30:50Z
@fabpot When we changed the English translation for the validation errors in 2.1, we had to tag the commit as a BC rbeak as it was changing the source for all other translations. And if you look at the state of the files now, you will see that we are *not* using the English as source anymore in some places as some validation errors have a pluralized translation but the source has not been changed.
So I think using a key is more future-proof.
---------------------------------------------------------------------------
by asm89 at 2012-10-30T19:44:49Z
Any final decision on this? On one hand I have @stof and @schmittjoh +1 on message keys, on the other @fabpot -1. I guess it's your call @fabpot.
Edit: also @vicb seemed to be +1 on message keys earlier on.
---------------------------------------------------------------------------
by drak at 2012-11-01T20:19:00Z
I am also -1, I agree with @fabpot
---------------------------------------------------------------------------
by asm89 at 2012-11-12T09:38:51Z
@fabpot Can you please give a definite answer on this? I personally think @stof and @vicb have good points to do message keys, but with all these different people +1 and -1'ing the PR I'm lost on what it should actually do.
---------------------------------------------------------------------------
by asm89 at 2012-11-14T09:59:06Z
ping @fabpot
---------------------------------------------------------------------------
by asm89 at 2012-11-26T10:01:27Z
ping @fabpot We talked about this in Berlin. Any final thoughts on the PR? :) One idea was to do message keys + opt depend on the translator component if you want to use them, or use your own implementation.
---------------------------------------------------------------------------
by fabpot at 2012-11-26T14:01:37Z
The conclusion is: keep using plain English.
On Mon, Nov 26, 2012 at 11:01 AM, Alexander <notifications@github.com>wrote:
> ping @fabpot <https://github.com/fabpot> We talked about this in Berlin.
> Any final thoughts on the PR? :) One idea was to do message keys + opt
> depend on the translator component if you want to use them, or use your own
> implementation.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/4935#issuecomment-10709997>.
>
>
---------------------------------------------------------------------------
by Inori at 2012-11-26T15:00:22Z
is this final? if not, then +1 for message keys
---------------------------------------------------------------------------
by vicb at 2012-11-27T22:33:47Z
@fabpot I can't understand why we keep discussing this for months as this implementation use *both* keys and plain Englis, ie using keys is optional ( if it was not it would not be an issue according to #6129)
---------------------------------------------------------------------------
by asm89 at 2013-01-02T21:43:46Z
@fabpot @vicb I'll rebase this PR, fix the comments and refactor the message keys to use plain English + {{ }} syntax for the placeholders.
---------------------------------------------------------------------------
by asm89 at 2013-01-07T15:00:58Z
@fabpot If I fix this tonight, will it make the beta?
---------------------------------------------------------------------------
by fabpot at 2013-01-07T15:53:00Z
yes, definitely.
---------------------------------------------------------------------------
by asm89 at 2013-01-07T20:13:38Z
@fabpot I switched the implementation to English messages instead of message keys and fixed the final comments + rebased. Anything you want me to do after this?
Still happy with `getMessageKey()`?
This PR was merged into the master branch.
Commits
-------
6703fb5 added changelog entries
1997e2e fix phpdoc of UrlGeneratorInterface that missed some exceptions and improve language of exception message
f0415ed [Routing] made reference type fully BC and improved phpdoc considerably
7db07d9 [Routing] added tests for generating relative paths and network paths
75f59eb [Routing] add support for path-relative and scheme-relative URL generation
Discussion
----------
[2.2] [Routing] add support for path-relative URL generation
Tests pass: yes
Feature addition: yes
BC break: <del>tiny (see below)</del> NO
deprecations: NO
At the moment the Routing component only supports absolute and domain-relative URLs, e.g.
`http://example.org/user-slug/article-slug/comments` and
`/user-slug/article-slug/comments`.
But there are two link types missing: schema-relative URLs and path-relative URLs.
schema-relative: e.g. `//example.org/user-slug/article-slug/comments`
path-relative: e.g. `comments`.
Both of them would now be possible with this PR. I think it closes a huge gap in the Routing component.
Use cases are pretty common. Schema-relative URLs are for example used when you want to include assets (scripts, images etc) in a secured website with HTTPS. Path-relative URLs are the only option when you want to generate static files (e.g. documentation) that can be downloaded as an HTML archive. Such use-cases are currently not possible with symfony.
The calculation of the relative path based on the request path and target path is hightly unit tested. So it is really equivalent. I found several implemenations on the internet but none of them worked in all cases. Mine is pretty short and works.
I also added an optional parameter to the twig `path` function, so this feature can also be used in twig templates.
Ref: This implements path-relative URLs as suggested in #3908.
<del>[BC BREAK] The signature of UrlGeneratorInterface::generate changed to support scheme-relative and path-relative URLs. The core UrlGenerator is BC and does not break anything, but users who implemented their own UrlGenerator need to be aware of this change. See UrlGenerator::convertReferenceType.</del>
---------------------------------------------------------------------------
by jalliot at 2012-04-16T09:56:56Z
@Tobion For completeness, you should add the option to the `url` and `asset` twig functions/template helpers.
---------------------------------------------------------------------------
by stof at 2012-04-16T10:46:06Z
@jalliot adding the option to ``url`` does not make any sense. The difference between ``path`` and ``url`` is that ``path`` generates a path and ``url`` generates an absolute url (thus including the scheme and the hostname)
---------------------------------------------------------------------------
by Tobion at 2012-04-16T12:27:49Z
@stof I guess jalliot meant we could then generate scheme-relative URLs with `url`. Otherwise this would have no equivalent in twig.
---------------------------------------------------------------------------
by jalliot at 2012-04-16T12:34:08Z
@stof Yep I meant what @Tobion said :)
---------------------------------------------------------------------------
by Tobion at 2012-04-18T11:57:04Z
The $relative parameter I added besides the existing $absolute parameter of the `->generate` method was not clear enough. So I merged those into a different parameter `referenceType`. I adjusted all parts of symfony to use the new signature. And also made the default `UrlGenerator` implementation BC with the old style. So almost nobody will recognize a change. The only BC break would be for somebody who implemented his own `UrlGenerator` and did not call the parent default generator.
Using `referenceType` instead of a simple Boolean is much more flexible. It will for example allow a custom generator to support a new reference type like http://en.wikipedia.org/wiki/CURIE
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:34:58Z
ping @schmittjoh considering your https://github.com/schmittjoh/JMSI18nRoutingBundle/blob/master/Router/I18nRouter.php would need a tiny change
---------------------------------------------------------------------------
by schmittjoh at 2012-04-18T13:37:39Z
Can you elaborate the necessary change?
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:51:10Z
This PR changes the signature of `generate` to be able to generate path-relative and scheme-relative URLs. So it needs to be
`public function generate($name, $parameters = array(), $referenceType = self::ABSOLUTE_PATH)` and your implementation would need to change `if ($absolute && $this->hostMap) {` to `if (self::ABSOLUTE_URL === $referenceType && $this->hostMap) {`
I can do a PR if this gets merged.
---------------------------------------------------------------------------
by schmittjoh at 2012-04-18T13:52:14Z
If I understand correctly, the old parameter still works, no?
edit: Ah, ok I see what you mean now.
---------------------------------------------------------------------------
by Tobion at 2012-04-18T13:56:33Z
Yeah the old parameter still works but $absolute would also evaluate to true (a string) in your case for non-absolute URLs, i.e. paths.
---------------------------------------------------------------------------
by Tobion at 2012-04-19T21:09:46Z
ping @fabpot
---------------------------------------------------------------------------
by fabpot at 2012-04-20T04:30:18Z
Let's discuss that feature for 2.2.
---------------------------------------------------------------------------
by Tobion at 2012-04-20T10:40:59Z
What are your objections against it? It's already implemented, it works and it adds support for things that are part of a web standard. The BC break is tiny at the moment (almost nobody is affected) because the core UrlGenerator works as before. But if we waited for 2.2 it will be much harder to make the transition because 2.1 is LTS. So I think is makes sense to add it now. Furthermore it makes it much more future-proof as custom generators can more easiliy add support for other link types like CURIE. At the moment a Boolean for absolute URLs is simply too limited and also somehow inconsistent because $absolute = false stands for an absolute path. You see the awkwardness in this naming.
Btw, I added a note in the changelog. And I will add documentation of this feature in symfony-docs once this is merged.
---------------------------------------------------------------------------
by fabpot at 2012-04-20T12:14:32Z
nobody has ever said that 2.1 would be LTS. Actually, I think we are going to wait for 2.3 for LTS.
---------------------------------------------------------------------------
by Tobion at 2012-04-20T12:27:18Z
Well what I meant is, the longer we wait with this, the harder to apply it.
In 04ac1fdba2 you modified `generate` signature for better extensibility that is not even made use of. I think changing `$abolute` param goes in the same direction and has direct use.
I'd like to know your reason to wait for 2.2. Not enough time to review it, or afraid of breaking something, or marketing for 2.2?
---------------------------------------------------------------------------
by stof at 2012-04-20T16:28:27Z
@Tobion the issue is that merging new features forces to postpone the release so that it is tested by enough devs first to be sure there is no blocking bug in it. Big changes cannot be merged when we are hunting the remaining bugs to be able to release.
---------------------------------------------------------------------------
by schmittjoh at 2012-04-20T16:42:11Z
Considering the changes that have been made to the Form component, and are still being made, I think this is in comparison to that a fairly minor change.
Maybe a clearer guideline on the release process, or the direction would help, and avoid confusion, or wrong expectations on contributors' part.
---------------------------------------------------------------------------
by Tobion at 2012-10-05T13:52:11Z
@fabpot this is ready. So if you agree with it, I would create a documentation PR.
---------------------------------------------------------------------------
by stof at 2012-10-13T16:09:47Z
@fabpot what do you think about this PR ?
---------------------------------------------------------------------------
by Crell at 2012-11-01T16:05:01Z
This feels like it's overloading the generate() method to do double duty: One, make a URl based on a route. Two, make a URI based on a URI snippet. Those are two separate operations. Why not just add a second method that does the second operation and avoid the conditionals? (We're likely to do that in Drupal for our own generator as well.)
---------------------------------------------------------------------------
by Tobion at 2012-11-01T16:38:39Z
@crell: No, you must have misunderstood something. The generate method still only generates a URI based on a route. The returned URI reference can now also be a relative path and a network path. Thats all.
---------------------------------------------------------------------------
by Tobion at 2012-12-13T18:30:28Z
@fabpot this is ready. It is fully BC! I also improved phpdoc considerably.
---------------------------------------------------------------------------
by Tobion at 2012-12-14T20:51:38Z
@fabpot Do you want me to write documentation for it? I would also be interested to write about the new features of the routing component in general. I wanted to do that anyway and it would probably be a good fit for your "new in symfony" articles.
---------------------------------------------------------------------------
by fabpot at 2012-12-14T20:58:16Z
Im' going to review this PR in the next coming days. And to answer your second question, more documentation or better documentation is always a good thing, so go for it.
---------------------------------------------------------------------------
by Tobion at 2013-01-02T21:50:20Z
@fabpot ping. I added changelog entries.
This PR was merged into the master branch.
Commits
-------
586a16e [Validator] Changed DefaultTranslator::getLocale() to always return 'en'
58bfd60 [Validator] Improved the inline documentation of DefaultTranslator
cd662cc [Validator] Added ExceptionInterface, BadMethodCallException and InvalidArgumentException
e00e5ec [Validator] Fixed failing test
cc0df0a [Validator] Changed validator to support pluralized messages by default
56d61eb [Form][Validator] Added BC breaks in unstable code to the CHANGELOG
1e34e91 [Form] Added upgrade instructions to the UPGRADE file
b94a256 [DoctrineBridge] Adapted DoctrineBridge to translator integration in the validator
c96a051 [FrameworkBundle] Adapted FrameworkBundle to translator integration in the validator
92a3b27 [TwigBridge] Adapted TwigBridge to translator integration in the validator
e7eb5b0 [Form] Adapted Form component to translator integration in the validator
46f751c [Validator] Extracted message interpolation logic of ConstraintViolation and used the Translation component for that
Discussion
----------
[Validator] Integrated the Translator in the Validator component
Bug fix: no
Feature addition: no
Backwards compatibility break: yes
Symfony2 tests pass: yes
Fixes the following tickets: #5844, #6117
Todo: -
License of the code: MIT
Documentation PR: -
This PR allows to replace the default message substitution strategy in the validator (`strtr()`) by passing an implementation of `Symfony\Component\Translation\TranslatorInterface`. The motivation for this are both #5844 and the need to replace the translation strategy in Drupal's integration of the Validator.
In the stand-alone usage of the validator, both the translator and the default translation domain can now be passed to `ValidatorBuilderInterface`:
```php
$validator = Validation::createValidatorBuilder()
->setTranslator(new MyTranslator())
->setTranslationDomain('validators')
->getValidator();
```
References:
* #5844
* #6117
* #6129
* [Add a validation framework to Drupal 8](http://drupal.org/node/1845546)
* [Add the symfony validator component to core despite Symfony potentially releasing BC-breaking updates after 2.3.](http://drupal.org/node/1849564)
---------------------------------------------------------------------------
by Tobion at 2012-11-28T08:53:25Z
no BC break? Looking at ValidatorBuilderInterface there is definitely one.
---------------------------------------------------------------------------
by bschussek at 2012-11-28T08:55:01Z
ValidatorBuilderInterface is not part of the stable API. You are not supposed to implement this interface.
---------------------------------------------------------------------------
by Tobion at 2012-11-28T09:01:07Z
We're not only documenting bc breaks for stable API, otherwise we could remove 90% of the upgrade file since few methods are tagged with API.
An interface that nobody should implement?
---------------------------------------------------------------------------
by bschussek at 2012-11-28T09:30:02Z
The question is what to consider a BC break. Something will always break for someone. Should we consequently mark everything as BC break? I don't think so.
For example, since 2.1, you are supposed to use `Validation::createValidator*()` for creating a validator. Because of that, I won't consider changing the constructor signature of `Validator` a BC break anymore from 2.1 on.
The same for the unstable interfaces. These are currently meant to be used only, that is, type hint against them and call their methods. But we don't guarantee that we won't add methods to them.
---------------------------------------------------------------------------
by Tobion at 2012-11-28T09:38:19Z
I agree that almost any change could be considered a BC break. So we probably need to better define what a BC break is and what not. Otherwise Symfony will stop evolving after 2.3 because from then on Fabien wanted to prevent BC breaks which is almost impossible in a strict definition of bc break.
---------------------------------------------------------------------------
by fabpot at 2012-11-28T11:37:22Z
BC breaks should always be documented, and we guarantee BC only for things tagged with @api. I'm going to update the docs to make things clearer.
---------------------------------------------------------------------------
by bschussek at 2012-11-28T13:09:57Z
@fabpot I documented these changes now in the CHANGELOG: af99ebb1206ac92889b7193ba1ecc12bf2617e85
Are we sure we want to document *all* BC breaks from now on, even in non-@api code? This could rather scare people looking at our changelogs (lots of BC BREAKS there).
---------------------------------------------------------------------------
by fago at 2012-11-28T17:29:58Z
Unfortunately, it turns out the symfony translator interface does not mach the Drupal translation system as well as we initally thought, see http://drupal.org/node/1852106. Given that, this would integrating the validator component into Drupal even harder, because it introduces the dependency on the (unwanted) translation component. :(
---------------------------------------------------------------------------
by stof at 2012-11-28T18:19:36Z
If this does not help Drupal anyway, maybe #5844 is a better way to manage translations for people using the validator outside forms ?
and the Drupal guys would simply follow a similar approach, but based on their own translator instead of the symfony one.
---------------------------------------------------------------------------
by fago at 2012-11-28T18:50:12Z
Yeah. The only problem I see with the approach of #5844 is that *after* validation only the translated messages are available. We'd need to have access to the untranslated messages also.
---------------------------------------------------------------------------
by fago at 2012-11-29T09:49:47Z
As our translation system handles translating pluralized messages differently, the current ExecutionContextInterface::addViolation() method poses a problem also. We need to pass on - both the single and plural - message, as the message gets chosen during translation, see http://api.drupal.org/api/drupal/core!includes!common.inc/function/format_plural/8
So maybe, we could allow adding an already created ConstraintViolation object also? Then, we could implement a "PluralConstraintViolation" class that takes both message templates.
---------------------------------------------------------------------------
by bschussek at 2012-12-03T15:52:36Z
I updated this PR to support pluralized messages by default in the validator. This should solve the problem of the Drupal guys, because their implementation of `TranslatorInterface::transChoice($id, $number, ...)` can now simply split the $id by pipes (`|`) and pass the parts to their own `format_plural($count, $singular, $plural, ...)` function.
For us, it breaks BC because translation catalog sources had to be adapted.
---------------------------------------------------------------------------
by fabpot at 2012-12-03T16:25:52Z
Most of the XLF files are broken (the end is missing now).
IIUC, we now have a hard dependency on the Translation component, which is something we wanted to avoid.
---------------------------------------------------------------------------
by fabpot at 2012-12-03T16:27:56Z
Oops, clicked on the "comment" button too fast.
So, the dependency is hard (you need to install the dep) but light as we only rely on the translation interface from the component (when using the default translator). It looks acceptable to me, especially because we now use Composer to manage dependencies.
---------------------------------------------------------------------------
by bschussek at 2012-12-03T16:54:10Z
@fabpot Thanks for the hint. Going to fix this.
---------------------------------------------------------------------------
by bschussek at 2012-12-04T11:34:43Z
@fabpot Fixed.
---------------------------------------------------------------------------
by bschussek at 2012-12-07T12:40:24Z
Is there anything missing for this PR to be merged?
* 2.1:
[Console] Fix style escaping parsing
[Console] Make style formatter matching less greedy to avoid having to escape when not needed
[Bundle] [FrameworkBundle] fixed indentation in esi.xml services file.
[Component] [Security] fixed PSR-2 coding violation in ClassUtilsTest class.
[Form] Fixed EntityChoiceList when loading objects with negative integer IDs
[TwigBundle] There is no CSS visibility of display, should be visible instead
[Form] corrected source node for a Danish translation
[DependencyInjection] fixed a bug where the strict flag on references were lost (closes#6607)
[HttpFoundation] Check if required shell functions for `FileBinaryMimeTypeGuesser` are not disabled
[CssSelector] added css selector with empty string
[HttpFoundation] Docblock for Request::isXmlHttpRequest() now points to Wikipedia
[DependencyInjection] refactored code to avoid logic duplication
[Form] Deleted references in FormBuilder::getFormConfig() to improve performance
[HttpFoundation] Update docblock for non-working method
Conflicts:
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/trace.html.twig
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/traces.html.twig
* 2.0:
[Bundle] [FrameworkBundle] fixed indentation in esi.xml services file.
[TwigBundle] There is no CSS visibility of display, should be visible instead
[DependencyInjection] fixed a bug where the strict flag on references were lost (closes#6607)
[HttpFoundation] Check if required shell functions for `FileBinaryMimeTypeGuesser` are not disabled
[CssSelector] added css selector with empty string
[HttpFoundation] Docblock for Request::isXmlHttpRequest() now points to Wikipedia
[DependencyInjection] refactored code to avoid logic duplication
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/esi.xml
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpFoundation/File/MimeType/FileBinaryMimeTypeGuesser.php
* 2.1: (24 commits)
updated license year
Update src/Symfony/Component/HttpFoundation/Response.php
[Form] Fixed inheritance of "error_bubbling" in RepeatedType
[Form] Fixed DateType when used with the intl extension disabled.
[HttpFoundation] fix return types and handling of zero in Response
[HttpFoundation] better fix for non-parseable Expires header date
Fixed missing plural message in portuguese validator
Fix Expires when the header is -1
[DoctrineBridge] Allowing memcache port to be 0 to support memcache unix domain sockets.
[Console] fixed unitialized properties (closes#5935)
[Process] Prevented test from failing when pcntl extension is not enabled.
Revert "[DoctrineBridge] Improved performance of the EntityType when used with the "query_builder" option"
[Form] Fixed failing tests for DateTimeToStringTransformer.
[Locale] Fixed the StubLocaleTest for ICU versions lower than 4.8.
[Bundle] [FrameworkBundle] fixed typo in phpdoc of the SessionListener.
[Form] Fixed test regression introduced in #6440
[Tests] Fix namespaces
Fixed php doc of GenericEvent::__construct
HttpUtils must handle RequestMatcher too
use preferred_choices in favor of preferred_query
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
* 2.0:
updated license year
Update src/Symfony/Component/HttpFoundation/Response.php
[Console] fixed unitialized properties (closes#5935)
[Bundle] [FrameworkBundle] fixed typo in phpdoc of the SessionListener.
bumped Symfony version to 2.0.21-DEV
updated VERSION for 2.0.21
updated CHANGELOG for 2.0.21
Conflicts:
src/Symfony/Bundle/SwiftmailerBundle/LICENSE
src/Symfony/Component/Filesystem/LICENSE
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Commits
-------
5e359d3 made the kernel optional in all data collectors
Discussion
----------
made the kernel optional in all data collectors
This PR was merged into the master branch.
Commits
-------
bf9e238 [Form] Add options with_minutes to DateTimeType & TimeType
Discussion
----------
[Form] Add option with_minutes to the DateTimeType & TimeType
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Fixes the following tickets: -
Todo: -
Hey,
One of my project requires the datetime usage only with hours. I have submit a patch allowing to disable minutes like seconds are disabled.
---------------------------------------------------------------------------
by stloyd at 2012-04-09T16:26:11Z
You should also extend tests for those `Types`
---------------------------------------------------------------------------
by egeloen at 2012-04-09T16:31:51Z
Oups, I have looked at tests but I didn't find it at my first reading. I will do it :)
---------------------------------------------------------------------------
by stloyd at 2012-04-09T16:34:42Z
@egeloen Here you can find tests for Form Types: https://github.com/symfony/symfony/tree/master/src/Symfony/Component/Form/Tests/Extension/Core/Type
---------------------------------------------------------------------------
by egeloen at 2012-04-09T16:42:42Z
@stloyd I have added tests. Can you give me some feedbacks ?
---------------------------------------------------------------------------
by stloyd at 2012-04-09T16:46:33Z
@egeloen I'm not sure if we should allow user to set `with_minutes=false` and `with_seconds=true`. But in overall seems quite ok.
---------------------------------------------------------------------------
by egeloen at 2012-04-09T16:51:37Z
Yes, you're right. But I'm unsure how can I do this following the good way.
---------------------------------------------------------------------------
by inanimatt at 2012-05-03T15:46:02Z
Just make it throw an InvalidConfigurationException.php exception, no? :)
---------------------------------------------------------------------------
by egeloen at 2012-06-09T18:27:41Z
I have updated the PR in order to throw an ``InvalidConfigurationException`` if we enable seconds & disable minutes.
---------------------------------------------------------------------------
by egeloen at 2012-07-09T19:08:11Z
@bschussek I have removed the useless code.
I think I have found an issue about my PR. I have added 3 tests in order to show it. It seems if we disable minutes, the text widget is broken.
---------------------------------------------------------------------------
by stof at 2012-10-13T16:00:43Z
@egeloen can you rebase your PR as it conflicts with master ?
---------------------------------------------------------------------------
by egeloen at 2012-10-13T17:15:22Z
@stof rebase
Like explain previously, my PR is still failling if we disable minutes & use the text widget.
---------------------------------------------------------------------------
by egeloen at 2012-10-13T18:09:03Z
I have fixed the last issue. IMO, the PR can now be merge.
---------------------------------------------------------------------------
by stof at 2012-10-13T18:20:00Z
@bschussek @fabpot ping
---------------------------------------------------------------------------
by egeloen at 2012-10-16T18:13:00Z
@bschussek Do yo think this PR can be merge?
---------------------------------------------------------------------------
by egeloen at 2012-10-30T19:14:00Z
@fabpot is there something missing before merging?
---------------------------------------------------------------------------
by fabpot at 2012-10-31T08:22:55Z
I'm waiting for @bschussek approval.
---------------------------------------------------------------------------
by geoffrey-brier at 2012-11-13T10:49:52Z
I really need the `with_minute => false` enhancement on a project as I don't want to write CSS/JS hacks, could @bschussek approve/disapprove it so that I can make a decision?
---------------------------------------------------------------------------
by henrikbjorn at 2012-11-13T10:52:12Z
@geoffrey-brier you could do you own FieldType that extends the current one and add the option your self.
---------------------------------------------------------------------------
by egeloen at 2012-11-13T13:20:44Z
@bschussek Yes... :) I have updated the PR according to your feedback.
I needed to update the `DateTimeToStringTransformer` because it tries to create a `DateTime` only from the value (with no format). In my case, the `'03'` value is not enougt to create it. So, if the date time creation fails, it then try to create the datetime from the format. I don't know if it is the best approach but it works well.
By the way, why does it first try to create a `DateTime` without format, **then only** try to use the format ?
---------------------------------------------------------------------------
by bschussek at 2012-11-13T14:20:13Z
@egeloen Good question, I think the transformer is a bit flawed there. I'm working on that. The rest of the PR looks good. Thank you!
---------------------------------------------------------------------------
by bschussek at 2012-12-13T18:14:58Z
I fixed the transformer in #6333. Once that is merged into 2.1, and once 2.1 is merged into master after that, you can rebase this PR on master. Then we can merge it.
---------------------------------------------------------------------------
by egeloen at 2012-12-22T14:54:38Z
I have rebased & squashed commits. The PR is ready to merge. ping @fabpot
If you want your code to work on both version, use the following syntax:
{% render url('foo') with {}, {'bar': 1} %}
where the empty array is not used in 2.2.
* 2.1:
fixed typo
[FrameworkBundle] fixed ESI calls
[FrameworkBundle] fixed ESI calls
bumped Symfony version to 2.1.6-DEV
updated VERSION for 2.1.5
updated CHANGELOG for 2.1.5
bumped Symfony version to 2.0.21-DEV
[FrameworkBundle] fixed trusted_proxies configuration for some edge cases
[FrameworkBundle] fixed XSD for the trusted-proxies setting
updated VERSION for 2.0.20
update CONTRIBUTORS for 2.0.20
updated CHANGELOG for 2.0.20
Conflicts:
src/Symfony/Bundle/FrameworkBundle/HttpKernel.php
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.0:
bumped Symfony version to 2.0.21-DEV
[FrameworkBundle] fixed trusted_proxies configuration for some edge cases
[FrameworkBundle] fixed XSD for the trusted-proxies setting
updated VERSION for 2.0.20
update CONTRIBUTORS for 2.0.20
updated CHANGELOG for 2.0.20
Conflicts:
CONTRIBUTORS.md
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
src/Symfony/Component/HttpKernel/Kernel.php
* 2.1:
[FrameworkBundle] added support for URIs as an argument to HttpKernel::render()
[FrameworkBundle] restricted the type of controllers that can be executed by InternalController
[Process] Allow non-blocking start with PhpProcess
Making it easier to grab the PR template.
[Locale] fixed a test
Fixed failing test
fix double-decoding in the routing system
Conflicts:
src/Symfony/Component/Process/PhpProcess.php
* 2.0:
[FrameworkBundle] added support for URIs as an argument to HttpKernel::render()
[FrameworkBundle] restricted the type of controllers that can be executed by InternalController
Making it easier to grab the PR template.
fix double-decoding in the routing system
Conflicts:
README.md
src/Symfony/Bundle/FrameworkBundle/EventListener/RouterListener.php
src/Symfony/Component/Security/Http/HttpUtils.php
This PR was merged into the 2.0 branch.
Commits
-------
8b2c17f fix double-decoding in the routing system
Discussion
----------
fix double-decoding in the routing system
@fabpot @vicb This should fix it. You know what ;) Don't want to leak more information.
And the good thing, it's no hack nor does it break BC.
This PR was merged into the master branch.
Commits
-------
163564b [WebProfilerBundle] replaced yaml_dump by json_encode to make the Web Profiler independent from the YAML component
1c92307 [WebProfilerBundle] fixed exception panel when no exception is thrown
00e08be [WebProfilerBundle] replaced usage of the render tag by the render function (to decouple the bundle from TwigBundle)
0e2418c [TwigBundle] added the HttpKernel extension to the default Twig loaded extensions
f0d9be0 [TwigBridge] added an extension for the HttpKernel component
Discussion
----------
Added an HttpKernelExtension in Twig bridge and used it in the WebProfiler
The first commit introduces a new HttpKernelExtension in the Twig bridge that allows the rendering of a sub-request from a template (the code mostly comes from Silex, and will replace the code there at some point).
The name `render` is probably not the best one as it does not really tell you what it does (the same goes for the `render` tag we have in Symfony2 by the way).
Here is a list of possible names:
* `render()`
* `render_request()`
* `request()`
* `subrequest()`
* `include_request()`
I don't really like the last one, but it is (perhaps) consistent with the `include` tag/function in Twig.
This new `render()` function is also a first step towards replacing the `render` tag (with support for ESI, SSI, ...). But it won't happen before we refactor the way it's managed now (a lot of the code is in the FrameworkBundle right now and that prevents Silex or Drupal to reuse it).
The other commits make use of this new extension to make the Web Profiler truly independent from TwigBundle and FrameworkBundle.
This PR was merged into the master branch.
Commits
-------
6efae29 [TwigBundle] fixed configuration to avoid key normalizations for paths and globals (closes#5998)
e31d4f1 [Config] allowed the disabling of key normalization on some array nodes
Discussion
----------
Config key normalization
This is a quick proof-of-concept for a better fix of #6086, where key normalizations can be disabled on specific nodes. The previous patch was not really useful as you were only able to disable key normalization globally for a configuration.
ping @lolautruche
The second commit fixes#5998.
---------------------------------------------------------------------------
by lolautruche at 2012-12-15T15:39:00Z
+1
The approach is neat and much better than my workaround. Gives better control and avoids magic 😃 (even if this *normalization* is still a bit obscure to me).
This PR was merged into the master branch.
Commits
-------
a498261 [Webprofiler] increased hitboxSize of the close button the webprofiler toolbar. Otherwise it's very hard to close it on a tablet
Discussion
----------
[Webprofiler] increased hitboxSize of the close button the webprofiler
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets:
Todo:
License of the code: MIT
Documentation PR:
Increased the hitbox Size of the close button on webprofiler, otherwise it's very hard to close it on a tablet. Apple recommends 40x40 pixels for touch stuff
see issue https://github.com/symfony/symfony/issues/6264
---------------------------------------------------------------------------
by nicam at 2012-12-16T13:45:36Z
@stloyd done
This PR was merged into the master branch.
Commits
-------
5a73d55 Added small test to check if time limit works
7f6e99b Fixed MongoDB storage missing time range. Fixed UI not searching properly. Removed unnecessary time query.
3a0ed58 Added ability to search by time when using the profiler
Discussion
----------
[WebProfilerBundle] [HttpKernel][Profiler] Added ability to search by time when using the profiler
Bug fix: no
Feature addition: yes
Backwards compatibility break: yes
Symfony2 tests pass: yes
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~
This PR adds the ability to search in a certain time range for profiles.
---------------------------------------------------------------------------
by fabpot at 2012-12-11T14:36:21Z
Anyone willing to help for the MongoDB support? ping @jmikola
---------------------------------------------------------------------------
by jmikola at 2012-12-11T18:42:00Z
Totally. I'm flying between Turkey and New York tomorrow and if I have wifi on the plane (good chance) I'll check this out. Otherwise, later in the week.
---------------------------------------------------------------------------
by dlsniper at 2012-12-11T22:42:19Z
I could have a look on this matter as well tomorrow but I'm not really sure about my schedule. Any help would be greatly appreciated. Thanks!
---------------------------------------------------------------------------
by jmikola at 2012-12-13T21:56:26Z
@dlsniper: Had no wifi on the plane, but I'm available to work on this now. How can we go about it?
Should I submit a PR against your branch? Then you can accept that and my commit should show up in this PR.
---------------------------------------------------------------------------
by dlsniper at 2012-12-13T22:05:21Z
@jmikola I haven't had too much time either but yes, that would be great.
The change should go here: b631cd989c/src/Symfony/Component/HttpKernel/Profiler/MongoDbProfilerStorage.php (L172) but I clearly lack the skill of making the necessary changes for it.
Thank you very much!
---------------------------------------------------------------------------
by dlsniper at 2012-12-15T21:39:39Z
I've fixed MongoDB driver, adjusted search by time like @jmikola suggested and fixed a UI bug. Can someone please validate this over?
Thanks!
---------------------------------------------------------------------------
by dlsniper at 2012-12-15T21:55:51Z
The tests seem to be failing because of some locale changes not related to these commits. I encounter the same problem on my laptop and I could try and fix it into a different branch but last time I've tried to fix it it was ok on my side and failing on Travis. Any hints for that?
* 2.1:
[FrameworkBundle] fixed broken tests
[FrameworkBundle] Fixed logic under test environment.
[Session] Added exception to save method
[Session] Fixed a bug with the TestListener
Added comment
[FrameworkBundle] Added tests for trusted_proxies configuration.
[FrameworkBundle] Added a check on file mime type for CodeHelper::fileExcerpt()
checked for a potentially missing key
[FrameworkBundle] used the new method for trusted proxies
remove realpath call
Conflicts:
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
* 2.0:
Added comment
[FrameworkBundle] Added tests for trusted_proxies configuration.
[FrameworkBundle] Added a check on file mime type for CodeHelper::fileExcerpt()
checked for a potentially missing key
[FrameworkBundle] used the new method for trusted proxies
remove realpath call
Conflicts:
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
This PR was merged into the 2.0 branch.
Commits
-------
f0743b1 Merge pull request #1 from pylebecq/2.0
555e777 [FrameworkBundle] Added tests for trusted_proxies configuration.
a0e2391 [FrameworkBundle] used the new method for trusted proxies
Discussion
----------
[FrameworkBundle] used the new method for trusted proxies
This makes the framework bundle using the new method from the request class.
---------------------------------------------------------------------------
by fabpot at 2012-12-05T10:38:20Z
As this is a sensitive issue, can you add some tests? Thanks.
---------------------------------------------------------------------------
by bamarni at 2012-12-06T13:00:24Z
Well I don't know why it fails on travis, I can't run the full test suite locally because of a segfault but ```phpunit src/Symfony/Bundle/``` marks all the tests as passing.
---------------------------------------------------------------------------
by fabpot at 2012-12-06T13:08:11Z
But it looks like the failing tests come from what you've changed.
---------------------------------------------------------------------------
by bamarni at 2012-12-06T13:29:33Z
Yes, I'm not saying it's not my fault but I can't reproduce this as locally it tells me they pass, I'll try to fix this this evening.
---------------------------------------------------------------------------
by bamarni at 2012-12-06T17:49:28Z
Apparently it fails only when running the whole testsuite, looking at other travis builds I can see this one on 2.0 : https://travis-ci.org/symfony/symfony/jobs/3495511 which fails in a similar way than here (https://travis-ci.org/symfony/symfony/jobs/3530928). Because of a place trying to access an undefined $_SERVER key : ```PHP Notice: Undefined index: SCRIPT_NAME ...``` but I can't find where, and the stack trace references some phpunit classes.
I'd be happy if someone could give me some pointers in here as I don't have any clue about how to fix this..
---------------------------------------------------------------------------
by bamarni at 2012-12-06T18:00:57Z
As a consulsion I'd say I can't run the whole testsuite locally (it fails even when I revert my commit), so there is no reliable way for me to fix this, if anyone is up for continuing this feel free.
---------------------------------------------------------------------------
by fabpot at 2012-12-11T09:47:48Z
@bamarni Can you just update this PR with the code change and no tests at all? I will then finish the PR. Thanks.
---------------------------------------------------------------------------
by bamarni at 2012-12-11T16:58:17Z
@fabpot: thanks for helping me out on this, hope you won't run into the same issue!
This PR was merged into the master branch.
Commits
-------
6b10550 Merge branch 'master' of github.com:symfony/symfony into deprecationErrors
1d82112 [Form] Fix two cases where deprecated methods were being used
b8cdbdc [Form] Catch deprecation errors that are caused by BC code
ebcb432 [Form] [FrameworkBundle] catch deprecation errors in tests
c21b12e [Form] handle BC use of deprecated stuff in non-test-methods.
fc2be6d [Form] catch deprecated errors in tests
800a032 [Form] replace bindRequest() with bind(), as bindRequest is deprecated
d5b2638 [Form] Trigger errors for deprecated methods in Form Component
f3d6966 [Validator] Stop using deprecated methods
d57ad32 [Form] Catch deprecation errors when using deprecated methods/classes in tests
3241157 [Validator] Trigger errors for deprecations
1f9eb7f return value of handleError
b35de9e Handle errors using a custom error handler
f49704b trigger errors for deprecated methods in HttpFoundation component
Discussion
----------
trigger_error() for deprecations
See also #6173 and #6139.
Started triggering errors in the HttpFoundation component.
It seems as if most of the time the error is just duplicating the text in the @deprecation comment.
Any opinions on if duplicating the text is acceptable, or if fetching the comment text to output the error makes sense?
---------------------------------------------------------------------------
by Seldaek at 2012-12-04T13:39:42Z
IMO it's fine to just duplicate the `@deprecated` note in the message, since anyway this code is meant to be completely deleted, this duplication should not do much harm.
---------------------------------------------------------------------------
by fabpot at 2012-12-06T08:22:21Z
@colinfrei I've merged PR #6173. Do you have time to implement the `trigger_error()` call everywhere? Thanks.
---------------------------------------------------------------------------
by colinfrei at 2012-12-06T08:36:55Z
Yep I'll finish that, probably until the beginning of next week.
---------------------------------------------------------------------------
by bschussek at 2012-12-10T10:15:12Z
Thank you for working on this!
---------------------------------------------------------------------------
by fabpot at 2012-12-12T11:08:53Z
@colinfrei: Is this PR finished? Can I merge it?
---------------------------------------------------------------------------
by colinfrei at 2012-12-12T12:09:19Z
@fabpot not quite - I lost some work due to a computer crash over the weekend. The only thing open is fixing the tests for the Form Component and catching the cases where the Form Component intentionally uses deprecated stuff.
---------------------------------------------------------------------------
by colinfrei at 2012-12-15T07:32:28Z
@fabpot - finished adding trigger_errors and catching them in Tests and as needed.
Travis is failing, but that seems to be master being broken due to the Finder changes?
I changed a few cases where the code was using deprecated methods which wasn't necessary in my eyes, specifically 1d8211249b, 800a032f07, f3d696636a
This PR was merged into the master branch.
Commits
-------
74a8fcf [FrameworkBundle] Added support for default templates per render tag
Discussion
----------
[FrameworkBundle] Added support for default templates per render tag
This commit allows you to specify default templates per render tag when using hinclude.
E.G:
The following will use the specific default template for the render:
```` {% render "AcmeDemoBundle:Controller:action" with {}, {"standalone" : "js", "default" : "AcmeDemoBundle:Default:content.html.twig"} %}````
or if you don't want to use a template for the default content but just a string, you can do the following
```` {% render "AcmeDemoBundle:Controller:action" with {}, {"standalone" : "js", "default" : "Loading..."} %}````
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Fixes the following tickets: #3356
Todo: -
Documentation
---------------------------------------------------------------------------
by fabpot at 2012-12-14T12:25:40Z
Looks good to me. Can you add a note in the CHANGELOG of the component and send a PR on symfony/symfony-docs about this new feature? Thanks.
---------------------------------------------------------------------------
by pierredup at 2012-12-14T14:30:00Z
@fabpot done, documentation PR symfony/symfony-docs#2021
* 2.1:
[Console] Add support for parsing terminal width/height on localized windows, fixes#5742
[Form] Fixed treatment of countables and traversables in Form::isEmpty()
refactor ControllerNameParser
[Form] Fixed FileType not to throw an exception when bound empty
- Test undefined index #
Maintain array structure
Check if key # is defined in $value
Update src/Symfony/Component/Validator/Resources/translations/validators.pl.xlf
This PR was merged into the master branch.
Commits
-------
d5426f0 [Form] Add tests to prove that label is not rendered when is marked as false
120547c [Form][TwigBridge] Don't set label attributes if is marked as not to be rendered [Form][FrameworkBundle] Add option to disable rendering of label for fields
36e4556 [Form] Option for not displaying a label by setting label to false. [Form] Fixed formatting & translation ..
Discussion
----------
[Form] Added option for not displaying a form-label by setting label to false
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Replaces: #5421
@fabpot @BenjaminBeck: I was just not sure what to do with "table based" forms, so I left `<td></td>` rendered when there is no label, because I'm not sure that we can hide it easily.
---------------------------------------------------------------------------
by XWB at 2012-12-11T09:30:14Z
👍
* 2.1:
fixed CS
fixed CS
[Security] fixed path info encoding (closes#6040, closes#5695)
[HttpFoundation] added some tests for the previous merge and removed dead code (closes#6037)
Improved Cache-Control header when no-cache is sent
removed unneeded comment
Fix to allow null values in labels array
fix date in changelog
removed the Travis icon (as this is not stable enough -- many false positive, closes#6186)
Revert "merged branch gajdaw/finder_splfileinfo_fpassthu (PR #4751)" (closes#6224)
Fixed a typo
Fixed: HeaderBag::parseCacheControl() not parsing quoted zero correctly
[Form] Fix const inside an anonymous function
[Config] Loader::import must return imported data
[DoctrineBridge] Fixed caching in DoctrineType when "choices" or "preferred_choices" is passed
[Form] Fixed the default value of "format" in DateType to DateType::DEFAULT_FORMAT if "widget" is not "single_text"
[HttpFoundation] fixed a small regression
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
This PR was squashed before being merged into the master branch (closes#6232).
Commits
-------
7428bf9 [WebProfilerBundle] Some eye candy for deprecated calls
Discussion
----------
[WebProfilerBundle] Some eye candy for deprecated calls
.
@fabpot is [`|raw`](https://github.com/symfony/symfony/pull/new/deprecated#L0R117) a twig defect ?
---------------------------------------------------------------------------
by Baachi at 2012-12-08T09:12:12Z
Really nice 👍
---------------------------------------------------------------------------
by vicb at 2012-12-11T10:00:24Z
should be ready now
This PR was merged into the master branch.
Commits
-------
abe244f [TwigBundle] Fixed tests on windows
Discussion
----------
[TwigBundle] Fixed tests on windows
This PR was merged into the master branch.
Commits
-------
f48b22a Added configuration pass that adds Twig Loaders
Discussion
----------
[Twig] [DI Pass] Added configuration pass that adds Twig Loaders
Bug fix: [no]
Feature addition: [yes]
Backwards compatibility break: [no]
Symfony2 tests pass: [yes]
Todo: Documentation?
License of the code: MIT
- Defined new Chain loader service with symfony Filesystem loader added
by default.
- Added compiler class which picks up any services tagged "twig.loader"
- If there are any instances of "twig.loader" the "twig.loader" alias is
set to the Twig_Loader_Chain service ID instead of the filesystem
loader.
I think I still like the explicitness of the other pull request, but I defer to your judgment :) This is certainly much easier for the developer.
---------------------------------------------------------------------------
by dantleech at 2012-12-03T08:31:08Z
Will update the PR later today / tomorrow
---------------------------------------------------------------------------
by dantleech at 2012-12-03T18:19:09Z
ok, updated. I throw a `Symfony\Component\DependencyInjection\Exception\LogicException` if there are no loaders -- not sure if that is the best thing to do, or if that is the best exception.
---------------------------------------------------------------------------
by fabpot at 2012-12-05T15:28:24Z
Looks good to me. Can you add a note in the CHANGELOG about this new possibility and update the documentation accordingly? Thanks.
---------------------------------------------------------------------------
by dantleech at 2012-12-05T17:50:37Z
ok. updated change log and changed both count() comparisons to be strict. @fabpot which documentation should I update? or should I add `cookbook/templating/registering_multiple_loaders.rst`?
---------------------------------------------------------------------------
by stof at 2012-12-05T20:07:37Z
@dantleech at least the DIC tags reference need to be updated to mention the new tag. I'm not sure a dedicated article is needed for it (but @weaverryan will decide if it is worth it)
---------------------------------------------------------------------------
by dantleech at 2012-12-06T17:57:20Z
Made a PR for documentation: https://github.com/symfony/symfony-docs/pull/2005
---------------------------------------------------------------------------
by dantleech at 2012-12-07T16:44:00Z
ok. have updated the correct CHANGELOG and squashed to one commit
- Added compiler class which picks up any services tagged "twig.loader"
- If there is one loader registered we set the alias to this loader
- If there is more than one we set the alias to a chain loader and all
the loaders to it
- If there is no loaders we throw an Exception
This PR was squashed before being merged into the master branch (closes#5860).
Commits
-------
d0057d0 Added failure_path_parameter to mirror target_path_parameter
Discussion
----------
Added failure_path_parameter to mirror target_path_parameter
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
Enable login failure redirect path can be assigned in a form field just like target path.
---------------------------------------------------------------------------
by stof at 2012-10-29T09:40:17Z
Please also open a PR to the doc repo to document this new feature
---------------------------------------------------------------------------
by leevigraham at 2012-10-29T09:56:29Z
@stof @fabpot Done.
This PR was merged into the master branch.
Commits
-------
7f16c1f [HttpKernel] Add DI extension configs as ressources when possible
Discussion
----------
[HttpKernel] Add DI extension configs as ressources when possible
/cc @rdohms @richardmiller
---------------------------------------------------------------------------
by vicb at 2012-11-30T11:57:48Z
btw @fabpot what about having a base class for `Extension` in the DI ? Would make it easier to re-use it when using standalone components, Di and (the suggested) Config as the greatest part of the class is not HttpKernel specific.
---------------------------------------------------------------------------
by fabpot at 2012-12-06T08:47:28Z
@vicb your suggestion makes sense.
Can you also explain the goal of this PR?
---------------------------------------------------------------------------
by vicb at 2012-12-06T09:01:58Z
The goal of this PR is to avoid having to sfcc when you modify a DI extension configuration. I think @rdohms got trapped.
---------------------------------------------------------------------------
by vicb at 2012-12-06T09:08:08Z
see https://twitter.com/rdohms/status/274059267428978688
---------------------------------------------------------------------------
by stof at 2012-12-06T09:20:54Z
I thought about it several times but never took time to implement it. It is annoying to have to clear the cache when you modify a default value in the Configuration class. So +1
This PR was squashed before being merged into the master branch (closes#6083).
Commits
-------
6236c18 [FrameworkBundle] Added caching to TemplateController
Discussion
----------
[FrameworkBundle] Added caching to TemplateController
Because the main purpose for the `TemplateController` seems to be to render static pages like "disclaimer" and such, it seems useful to allow caching.
imprint:
pattern: /imprint
defaults:
_controller: SymfonyFrameworkBundle:Template:template
template: "::pages/imprint.html.twig"
maxAge: 86400
---------------------------------------------------------------------------
by pierredup at 2012-11-21T20:24:53Z
IMHO I think the caching should be allowed to be set optionally
---------------------------------------------------------------------------
by KingCrunch at 2012-11-21T20:38:54Z
I wrote it this way, because I assume, that it will cover more use-cases, than the other way round, but you are right, that this will change the current behaviour. Would like to hear other opinions, because I don't think one uses this action for anything else than fully-static content (means: The current behaviour doesn't feel very useful to me).
---------------------------------------------------------------------------
by pierredup at 2012-11-21T20:48:19Z
I totally agree, but I would then suggest keep the caching on by default, but have the option to turn it off if necessary
---------------------------------------------------------------------------
by pierredup at 2012-11-21T20:52:01Z
Actually I think to have caching permanently enabled for static content would probably be the best scenario, but I like to think in terms of flexibility and specific user requirements. It would be great to get some opinions from others on this
---------------------------------------------------------------------------
by KingCrunch at 2012-11-23T21:12:45Z
I thought about it and I come to the conclusion, that it is probably a not so good idea to enable caching by default, because ... well, it's not possible to disable it again. I guess something like this
{{ render '@AcmeBundle:ArticleController:latest' with {count: 1} }}
may be not so uncommon as I suggested in the first commit.
---------------------------------------------------------------------------
by fabpot at 2012-12-03T22:18:51Z
Can you make a PR for the docs? (symfony/symfony-docs). Thanks.
This PR was squashed before being merged into the master branch (closes#6173).
Commits
-------
4878ec0 [HttpKernel] [WebProfilerBundle] Better handling of deprecated methods
Discussion
----------
[HttpKernel] [WebProfilerBundle] Better handling of deprecated methods
Bug fix: no
Feature addition: yes
Backwards compatibility break: yes, if you were expecting E_USER_DEPRECATED or E_DEPRECATED to throw an exception
Symfony2 tests pass: yes
Fixes the following tickets: #6139 partly, I'd go through and add the actual trigger_error() calls in another (or possibly one per component) PR
Todo: call trigger_error()
License of the code: MIT
Documentation PR: -
I added the deprecation count with the Exception icon in the Profiler Toolbar, and changed the color of it to be yellow for deprecations and red for exceptions (was yellow for exceptions).
---------------------------------------------------------------------------
by fabpot at 2012-12-03T09:43:09Z
Adding trigger_error calls should be done in one PR to ease the merging. thanks.
This PR was merged into the master branch.
Commits
-------
51223c0 added upgrade instructions
50e6259 adjusted tests
98f3ca8 [Routing] removed tree structure from RouteCollection
Discussion
----------
[Routing] removed tree structure from RouteCollection
BC break: yes (see below)
Deprecations: RouteCollection::getParent(); RouteCollection::getRoot()
tests pass: yes
The reason for this is so quite simple. The RouteCollection has been designed as a tree structure, but it cannot at all be used as one. There is no getter for a sub-collection at all. So you cannot access a sub-collection after you added it to the tree with `addCollection(new RouteCollection())`. In contrast to the form component, e.g. `$form->get('child')->get('grandchild')`.
So you can see the RouteCollection cannot be used as a tree and it should not, as the same can be achieved with a flat array!
Using a flat array removes all the need for recursive traversal and makes the code much faster, much lighter, less memory (big problem in CMS with many routes) and less error-prone.
BC break: there is only a BC break if somebody used the PHP API for defining RouteCollection and also added a Route to a collection after it has been added to another collection.
So
```
$rootCollection = new RouteCollection();
$subCollection = new RouteCollection();
$rootCollection->addCollection($subCollection);
$subCollection->add('foo', new Route('/foo'));
```
must be updated to the following (otherwise the 'foo' Route is not imported to the rootCollection)
```
$rootCollection = new RouteCollection();
$subCollection = new RouteCollection();
$subCollection->add('foo', new Route('/foo'));
$rootCollection->addCollection($subCollection);
```
Also one must call addCollection from the bottom to the top. So the correct sequence is the following (and not the reverse)
```
$childCollection->->addCollection($grandchildCollection);
$rootCollection->addCollection($childCollection);
```
Remeber, this is only needed when using PHP for defining routes and calling methods in a special order. There is no change required when using XML or YAML for definitions. Also, I'm pretty sure that neither the CMF, nor Drupal routing, nor Silex is relying on the tree stuff. So they should also still work.
cc @fabpot @crell @dbu
One more thing: RouteCollection wasn't an appropriate name for a tree anyway as a collection of routes (that it now is) is definitely not a tree.
Yet another point: The XML declaration of routes uses the `<import>` element, which is excatly what the new implementation of addCollection without the need of a tree does. So this is now also more analogous.
---------------------------------------------------------------------------
by Koc at 2012-11-26T17:34:15Z
What benefit of this?
---------------------------------------------------------------------------
by Tobion at 2012-11-26T17:56:53Z
@Koc Why did you not simply wait for the description? ^^
---------------------------------------------------------------------------
by dbu at 2012-11-26T18:33:09Z
i love PR that remove more code than they add whithout removing functionality.
---------------------------------------------------------------------------
by Crell at 2012-11-26T18:49:52Z
There's an issue somewhere in Drupal where we're trying to use addCollection() as a shorthand for iterating over one collection and calling add() on the other for each item. We can't do that, however, because the subcollections are not flattened properly when reading back and our current dumper can't cope with that. So this change would not harm Drupal at all, and would mean I don't have fix a bug in our dumper. :-) I cannot speak for any other projects, of course.
---------------------------------------------------------------------------
by Tobion at 2012-11-27T19:06:34Z
Ok, this is ready.
* 2.0:
[TwigBundle] Moved the registration of the app global to the environment
needs to use simpleContent in xsd to allow empty elements
bumped Symfony version to 2.0.19-DEV
removed wrong routing xsd statement `mixed="true"`
removed unused attribute from routing.xsd
updated VERSION for 2.0.19
update CONTRIBUTORS for 2.0.19
updated CHANGELOG for 2.0.19
Conflicts:
CONTRIBUTORS.md
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
src/Symfony/Bundle/TwigBundle/TwigEngine.php
src/Symfony/Component/HttpKernel/Kernel.php
This makes the app global variable available also when accessing the Twig
environment directly instead of using the TwigEngine.
Conflicts:
src/Symfony/Bridge/Twig/CHANGELOG.md
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
src/Symfony/Bundle/TwigBundle/TwigEngine.php
* 2.1: (29 commits)
[DependencyInjection] fixed composer.json
[Validator] Fix typos in validators.ru.xlf
Edited some minor grammar and style errors in russian validation file
Updated Bulgarian translation
[Form] improve error message with a "hasser" hint for PropertyAccessDeniedException
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
[Form] simplified a test from previous merge
Update src/Symfony/Component/Form/Extension/Core/Type/FileType.php
fixed CS
Xliff with other node than source or target are ignored
small fix of #5984 when the container param is not set
Filesystem Component mirror symlinked directory fix
[Process][Tests] fixed chainedCommandsOutput tests
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
info about session namespace
fix upgrade info about locale
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
...
* 2.0:
[DependencyInjection] fixed composer.json
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
fixed CS
small fix of #5984 when the container param is not set
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
[Security] remove escape charters from username provided by Digest DigestAuthenticationListener
[Security] added test extra for digest authentication
fixed CS
[Security] Fixed digest authentication
[Security] Fixed digest authentication
[SecurityBundle] Convert Http method to uppercase in the config
Use Norm Data instead of Data
Conflicts:
src/Symfony/Bridge/Doctrine/Form/EventListener/MergeCollectionListener.php
src/Symfony/Bundle/FrameworkBundle/Controller/RedirectController.php
src/Symfony/Component/DependencyInjection/composer.json
This PR was merged into the master branch.
Commits
-------
c8e65a2 [FrameworkBundle][Routing] Resolve placeholders in hostnamePattern rules
Discussion
----------
[FrameworkBundle][Routing] Resolve placeholders in hostnamePattern rules
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #6135
License of the code: MIT
Currently the placeholders in the `hostname_pattern` rule are not resolved, so that's why this PR is it for.
---------------------------------------------------------------------------
by nomack84 at 2012-11-28T14:18:02Z
@fabpot Could you please merge this? I really need this fix to be solve.
Thanks!
In the previous form of twig's service definitions, it was impossible to
use a chain loader correctly because the TwigBundle was registering paths
on the twig.loader service. This patch fixes that by creating a
twig.loader.filesystem definition and an alias twig.loader that points
to twig.loader.filesystem by default.
this can happen when the config for the router is unset, but this method
does not need to depend on routing. reading an unset config would raise an exception.
This PR was merged into the 2.0 branch.
Commits
-------
64b54dc Use better default ports in urlRedirectAction
64216f2 Add tests for urlRedirectAction
Discussion
----------
Default to current port in urlRedirectAction
I was a bit surprised when I used urlRedirectAction from a non-standard port (8000) it redirected me to port 80. I would argue that the default should be to use the current port instead. This is a simple patch to change that. This should only break in the case someone is relying on the current default to redirect from a non-standard port to the standard port, which should be a really rare case...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:29:54Z
The idea is right but the implementation not. Seems this patch is not as "simple" as you said.
When you're on HTTPS and want to redirect to $scheme = HTTP, then it still uses the current HTTPS port which is wrong.
---------------------------------------------------------------------------
by flojon at 2012-11-11T20:36:47Z
Ah, I see the problem. So I guess the correct behavior would be to use the current port if staying with the same scheme or go to standard port if switching scheme. Unless the user has specified a port which will always override...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:42:18Z
That would be the best solution that is currently possible but not the best solution that should be possible.
Because if you switch scheme but the other scheme does not use the standard port, it still doesn't work.
Ideally the Request class had an option that allows to define the ports symfony should use for HTTP and HTTPS.
This logic is in RequestContext, but it's not used here.
---------------------------------------------------------------------------
by flojon at 2012-11-11T21:32:55Z
Bummer, I forgot to check if the current port is a standard port...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T21:35:13Z
add some tests
---------------------------------------------------------------------------
by flojon at 2012-11-11T23:28:18Z
Added tests and fixed my previous error
---------------------------------------------------------------------------
by flojon at 2012-11-15T18:25:12Z
@Tobion is there anything else I needed for this?
---------------------------------------------------------------------------
by fabpot at 2012-11-19T12:56:04Z
To be consistent with how we manage HTTP ports elsewhere, I'd rather use the values of the `request_listener.http_port` and `request_listener.https_port`:
```php
if (null === $httpPort) {
$httpPort = $this->container->getParameter('request_listener.http_port');
}
if (null === $httpsPort) {
$httpsPort = $this->container->getParameter('request_listener.https_port');
}
```
This is done in the `security.authentication.retry_entry_point` service and for the `router_listener` listener.
The parameter name is probably not the best one, but that could be changed then in master.
---------------------------------------------------------------------------
by flojon at 2012-11-19T13:49:18Z
@fabpot But then you would need to set that parameter manually right? It wouldn't automatically redirect you to the same port, which was what I wanted to achieve...
Could this be the right order of preference:
If a value was specified in the route use that.
Otherwise use the current port
unless switching scheme then use the parameter value
---------------------------------------------------------------------------
by fabpot at 2012-11-19T13:52:17Z
Your order of preference looks good to me.
---------------------------------------------------------------------------
by flojon at 2012-11-19T19:13:19Z
Man this was more involved than I thought... :)
Changed the logic to use the parameters when not using the current port. Also tried clean up the tests a little bit... Enjoy!
This PR was merged into the master branch.
Commits
-------
9f1cd84 moved most static assets directly into the templates
Discussion
----------
moved most static assets directly into the templates
This has been done for several reasons:
* for consistency with the way we already manage the WDT and the
profiler icons;
* it makes the Exception independent from the location of the assets
(and from the asset() function)
* this is the second step to make the WebProfiler useable outside the
full-stack framework
see dbcd171dd3
---------------------------------------------------------------------------
by stof at 2012-11-13T17:52:39Z
the images blue_picto_more and blue_picto_less are also used in DoctrineBundle (and probably in JMSDebuggingBundle but I haven't checked). Could you submit a PR inlining the images too before removing them ?
---------------------------------------------------------------------------
by fabpot at 2012-11-13T18:02:18Z
Any image useful for other bundles should not be deleted. So, if DoctrineBundle is using the blue_pico_* images, I'm going to revert their deletion.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-13T18:07:02Z
I'm using them in two bundles, JMSDebuggingBundle and JMSJobQueueBundle (same for the exception related templates).
---------------------------------------------------------------------------
by dlsniper at 2012-11-13T22:22:29Z
Wouldn't it be better to have the encoded icons in a separate CSS file as different classes/background images?
---------------------------------------------------------------------------
by fabpot at 2012-11-14T11:28:24Z
ok, I've reverted the removal of the images that might be useful in third-party bundles.
This has been done for several reasons:
* for consistency with the way we already manage the WDT and the
profiler icons;
* it makes the Exception independent from the location of the assets
(and from the asset() function)
* this is the second step to make the WebProfiler useable outside the
full-stack framework
see dbcd171dd3
* 2.1: (24 commits)
forced Travis to use source to workaround their not-up-to-date Composer on PHP 5.3.3
[Routing] removed irrelevant string cast in Route
Fixed typo
Make YamlFileLoader and XmlFileLoader file loading extensible
[HttpKernel] fix typo
Fixed singularization of "prices"
[Form] Removed an exception that prevented valid formats from being passed, e.g. "h" for the hour, "L" for the month etc.
[HttpKernel] fixed Client when using StreamedResponses (closes#5370)
fixed PDO session handler for Oracle (closes#5829)
[HttpFoundation] fixed PDO session handler for Oracle (closes#5829)
[Locale] removed a check that is done too early (and it is done twice anyways)
Update src/Symfony/Component/Validator/Resources/translations/validators.fa.xlf
Adding new localized strings for farsi validation.
[HttpFoundation] moved the HTTP protocol check from StreamedResponse to Response (closes#5937)
[Form] Fixed forms not to be marked invalid if their children are already marked invalid
[Form] Excluded some tests in NumberToLocalizedStringTransformerTest which fail on ICU 4.4, but work on ICU 4.8
added missing tests from previous merge
[Form] Fixed NumberToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
Fix export-ignore on Windows
Show correct class name InputArgument in error message
...
Conflicts:
.travis.yml
src/Symfony/Component/Form/Extension/Core/DataTransformer/NumberToLocalizedStringTransformer.php
The goal is to make things more decoupled and more reusable across
different bundles.
There will be a PR for the distribution bundle too to simplify the code
based on this PR.
This PR was merged into the master branch.
Commits
-------
56fe8d1 duplicated the code helper code to the Twig bundle
Discussion
----------
moved code helper code to the Twig bundle
These helpers are very specific and are only used in TwigBundle for the
profiler and the exception templates.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T09:12:56Z
Is there a reason for this BC break other than a cosmetical tweak?
If not strictly necessary, I'd like to see these kind of changes being scheduled for 3.0.
---------------------------------------------------------------------------
by fabpot at 2012-11-12T09:29:35Z
Of course, I don't want to make this change without a reason and indeed, I forgot to mention the why of this change. Let me explain.
I've been working on the integration of the Symfony web profiler into other OSS that use HttpKernel like Silex and Drupal for quite some time now. That's why I developed the new namespace feature in Twig, that's why I've refactored the web profiler to only use Twig and not the templating component. One of the last step is this PR, which reduces the number of dependencies to be able to use the WebProfiler bundle.
So, this change is not cosmetic, but one more step towards the goal of making the web profiler more reusable.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T13:22:28Z
I see, makes sense. How about duplicating the code for now?
After looking through the history, it doesn't seem like it changes often
(the last real code change was a year ago). So, it should not be much more
maintenance effort, and we could keep BC here.
On Mon, Nov 12, 2012 at 10:29 AM, Fabien Potencier <notifications@github.com
> wrote:
> Of course, I don't want to make this change without a reason and indeed, I
> forgot to mention the why of this change. Let me explain.
>
> I've been working on the integration of the Symfony web profiler into
> other OSS that use HttpKernel like Silex and Drupal for quite some time
> now. That's why I developed the new namespace feature in Twig, that's why
> I've refactored the web profiler to only use Twig and not the templating
> component. One of the last step is this PR, which reduces the number of
> dependencies to be able to use the WebProfiler bundle.
>
> So, this change is not cosmetic, but one more step towards the goal of
> making the web profiler more reusable.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/5986#issuecomment-10281201>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-11-12T13:32:33Z
Of course, that's a possibility. But what for? I doubt that people are using this code. Are you using this code somewhere?
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T13:37:24Z
Yes, I believe that I'm using it both in JMSDebuggingBundle, and
JMSJobQueueBundle as both are rendering exception stack traces at some
point.
On Mon, Nov 12, 2012 at 2:32 PM, Fabien Potencier
<notifications@github.com>wrote:
> Of course, that's a possibility. But what for? I doubt that people are
> using this code. Are you using this code somewhere?
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/5986#issuecomment-10287353>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-11-12T14:11:50Z
ok, fair enough. The code is now in the framework bundle as well.
The code has been duplicated and not moved for BC reasons.
This code has been duplicated in the Twig bundle to be able to decouple
the web profiler and the exception templates.
* 2.1:
removed unused use statements
[Form] Adapted HTML5 format in DateTimeType as response to a closed ICU ticket
[2.1][HttpFoundation] Fixed Php doc in Request::get
bumped Symfony version to 2.1.4-DEV
updated VERSION for 2.1.3
update CONTRIBUTORS for 2.1.3
updated CHANGELOG for 2.1.3
merged branch jakzal/yamlDoubleQuotesDumperFix (PR #4320)
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Commits
-------
aecc9b1 fixed tests when OpenSsl is not enabled in PHP, renamed a missnamed test, added missing license doc blocks
ca567b5 fixed CS
5cdf696 added a SecureRandomInterface
234f725 rename String to StringUtils
5849855 moved the secure random dep for remember me as a constructor argument
248703f renamed Prng to SecureRandom
c0c8972 simplified the Prng code
e5dc7af moved the secure random class from JMSSecurityExtraBundle to Symfony (closes#3595)
Discussion
----------
[2.2][Security] Add a PRNG (closes#3595)
As per #3595, I have moved the secure random class from JMSSecurityExtraBundle to Symfony.
It has more impact than I expected ;)
As you will see, the implementation has been refactored a bit. The most notable change is that Doctrine support has been moved to the bridge with the addition of a proper Doctrine seed provider (Doctrine is not a special case anymore).
The Doctrine configuration has been moved to the DoctrineBundle: doctrine/DoctrineBundle#91schmittjoh/JMSSecurityExtraBundle#65 removes the code that has been moved.
---------------------------------------------------------------------------
by Seldaek at 2012-07-05T13:26:01Z
I'm all for more security features, and both the String class & the Prng class for wrapping openssl make a lot of sense IMO, but I fail to see the use of the rest.
If we just want a seed to have a fallback in case openssl is missing, I'd rather have a secret in the config.yml than a million classes to store the same secret in the DB. Maybe I'm missing something though? /cc @schmittjoh
---------------------------------------------------------------------------
by schmittjoh at 2012-07-05T16:32:10Z
Having the configuration in different places (SecurityBundle & DoctrineBundle) feels a bit weird. I would prefer an approach similar to ACL, or the user provider/firewall section with factories. The latter being a bit more work to implement and the former potentially asking for complaints about too tight coupling to Doctrine.
Regarding testing, we probably need to move the disableOpenSsl method to the SecureRandom class in order to allow OpenSSL to be disabled for testing and we also need to change the byte generation algorithm to produce the same output for the same starting seed. I agree that it does not make sense to introduce an interface for SecureRandom as only the seed providers should be replaced.
As for the seed itself, it is constantly updated and does not stay the same as in the beginning. Thus, we need a provider that we can write to, and not only read from. I'm also not sure about using OpenSSL on Windows as I have read enough resources which claimed that the entropy on Windows is not always good (including OpenSSL docs). Always using the custom seed provider at least always ensured proper entropy even if OpenSSL's speed issues have been fixed in newer PHP versions.
---------------------------------------------------------------------------
by stof at 2012-07-05T16:44:24Z
@schmittjoh everything is in SecurityBundle now as it does not use a database anymore
---------------------------------------------------------------------------
by stof at 2012-07-05T16:44:59Z
and there is no seed provider anymore either
---------------------------------------------------------------------------
by schmittjoh at 2012-07-05T16:53:39Z
Not having a seed provider is not such a good idea, but having a file-based seed provider is.
---------------------------------------------------------------------------
by Seldaek at 2012-07-05T17:01:18Z
@schmittjoh why would you need to replace the seed provider? Don't you think that people serious about security to the point that they would want a stronger seed provider would enable openssl instead?
---------------------------------------------------------------------------
by stof at 2012-07-05T17:06:50Z
Well, what I meant is that there is no interchangeable provider anymore. The Prng class uses the file directly.
And btw, I think the Prng class should be mockable for tests, so it should either have an interface or not be final (I vote for adding an interface)
---------------------------------------------------------------------------
by jalliot at 2012-07-09T18:46:12Z
@fabpot @schmittjoh What about using more fallbacks for `openssl_random_pseudo_bytes` like in @Seldaek's post ["Unpredictable hashes for humans"](http://seld.be/notes/unpredictable-hashes-for-humans)?
Trying `mcrypt_create_iv` first might also be faster.
---------------------------------------------------------------------------
by Seldaek at 2012-07-10T08:52:46Z
@jalliot I think mcrypt should be after if you make it use /dev/urandom, not 100% sure but openssl is probably higher quality than urandom.
---------------------------------------------------------------------------
by schmittjoh at 2012-07-10T09:12:07Z
The fallback algorithm that I added should be enough (it passes the
statistical randomness tests).
On Tue, Jul 10, 2012 at 10:52 AM, Jordi Boggiano <
reply@reply.github.com
> wrote:
> @jalliot I think mcrypt should be after if you make it use /dev/urandom,
> not 100% sure but openssl is probably higher quality than urandom.
>
> ---
> Reply to this email directly or view it on GitHub:
> https://github.com/symfony/symfony/pull/4763#issuecomment-6870145
>
---------------------------------------------------------------------------
by stof at 2012-10-13T17:20:06Z
@fabpot please send a PR to the doc so that this can be merged 😃
---------------------------------------------------------------------------
by stof at 2012-10-13T17:22:08Z
hmm, actually, some comments have not been taken into account yet so it is not ready to be merged
---------------------------------------------------------------------------
by stof at 2012-10-27T07:14:43Z
you forgot the SecureRandom file
---------------------------------------------------------------------------
by fabpot at 2012-10-27T08:49:54Z
I think I've addressed all the comments. If everyone agree with the current implementation, I'm going to start updating the documentation.
---------------------------------------------------------------------------
by fabpot at 2012-10-27T10:51:15Z
I've fixed the remaining CS issues.
---------------------------------------------------------------------------
by fabpot at 2012-10-28T07:00:31Z
Documentation is here: symfony/symfony-docs#1858
This PR was merged into the 2.1 branch.
Commits
-------
3553276 [ConfigDumpReference] avoid notice for variable nodes
Discussion
----------
[ConfigDumpReference] avoid notice for variable nodes
When a variable node has an array as default value, a notice occurs later on because of an "array to string conversion", which is turned to an exception in debug mode (mandatory in order to run this command).
* 2.1: (28 commits)
Delete use of CreationExeption
[Form] Fixed error message in PropertyPath to not advice to use a non-existing feature
[Form] Fixed creation of multiple money fields with different currencies
[Form] Fixed setting the "data" option to an object in "choice" and "entity" type
Fixed Serbian plural translations.
Fixed IPv6 Check in RequestMatcher
Fix typo
change what I think is a typo
[Console] Fix error when mode is not in PATH
[WebProfilerBundle] fixed macro usage (to be forward compatible with Twig 2.x)
Change monolog require-dev to use the branch alias instead of dev-master
[FrameworkBundle] partially reverted previous merge
[2.1] Added missing error return codes in commands
Made the router lazy when setting the context
[WebProfilerBundle] fixed typos
Fix incorrect variable in FileProfilerStorage
UnitTest fix
UnitTest fix
added a unit test
fixed#5384
...
This PR was squashed before being merged into the 2.1 branch (closes#5586).
Commits
-------
6b66bc3 [2.1] Added missing error return codes in commands
Discussion
----------
[2.1] Added missing error return codes in commands
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
See: #5585
---------------------------------------------------------------------------
by fabpot at 2012-09-24T12:10:47Z
Exit code values are standardized and some values have some well-defined meaning. Have a look here for more info: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Process/Process.php#L67
This PR was merged into the master branch.
Commits
-------
b31ae34 [WebProfilerBundle] Remove the now unneeded BC var and fixed a typo
d07ce03 [TwigBundle] Moved the registration of the app global to the environment
Discussion
----------
[TwigBundle] Moved the registration of the app global to the environment
This makes the app global variable available also when accessing the Twig
environment directly instead of using the TwigEngine.
The controllers are not relying on the DIC anymore and only Twig
is used for rendering (instead of the Templating component).
The Exception controller has not been updated yet as it relies on many
external dependencies (and other bundles).
This has been done for several reasons:
* for consistency with the way we already manage the WDT icons;
* it makes the WebProfiler independant from the location of the assets (and from the asset() function)
* this is the very first step to make the WebProfiler useable outside the full-stack framework (more commits soon)
There is still one asset() call though, which will be removed later on.
[Security] changed default iterations of Pbkdf2PasswordEncoder to 1000 instead of 5000
[Security] Improved description of PBKDF2 encoder
[SecurityBundle] added PBKDF2 PasswordEncoder
updated CHANGELOG.md
[Security] Use the build-in hash_pbkdf2() when available
[SecurityBundle] added information about hash_algorithm for configuration
[Security] always check algorithm and fixed CS
