* 3.4:
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
[ProxyManagerBridge] Fixed support of private services
[Cache] Fix typo in comment.
Fix bad method call with guard authentication + session migration
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Properties added on child classes of `ArrayObject` and `ArrayIterator`, or dynamic properties added on instances of them were now properly dumped. This fixes it.
![image](https://user-images.githubusercontent.com/243674/41349429-2660cbc6-6f10-11e8-8015-a3d6ad8b0c9c.png)
Commits
-------
3ecabfc36e [VarDumper] Fix dumping ArrayObject and ArrayIterator instances
This PR was merged into the 4.1 branch.
Discussion
----------
[FrameworkBundle] give access to non-shared services when using test.service_container
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27488
| License | MIT
| Doc PR | -
Commits
-------
516ff5a985 [FrameworkBundle] give access to non-shared services when using test.service_container
* 4.0:
fixed CS
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
fixed CS
Avoid migration on stateless firewalls
[Serializer] deserialize from xml: Fix a collection that contains the only one element
[PhpUnitBridge] Fix error on some Windows OS
[DI] Deduplicate generated proxy classes
* 3.4:
fixed CS
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
fixed CS
Avoid migration on stateless firewalls
[Serializer] deserialize from xml: Fix a collection that contains the only one element
[PhpUnitBridge] Fix error on some Windows OS
[DI] Deduplicate generated proxy classes
This PR was squashed before being merged into the 3.4 branch (closes#27556).
Discussion
----------
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is the sister PR to #27452, which covered all the other authentication listeners.
Commits
-------
c06f3229de Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
This PR was squashed before being merged into the 2.8 branch (closes#27452).
Discussion
----------
Avoid migration on stateless firewalls
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is a proof-of-concept. Once we agree / are happy, I need to add this to all of the other authentication mechanisms that recently got the session migration code & add tests.
Basically, this avoids migrating the session if the firewall is stateless. There were 2 options to do this:
A) Make the `SessionAuthenticationStrategy` aware of all stateless firewalls. **This is the current approach**
or
B) Make each individual authentication listener aware whether or not *its* firewall is stateless.
Commits
-------
cca73bb564 Avoid migration on stateless firewalls
This PR was squashed before being merged into the 3.4 branch (closes#27326).
Discussion
----------
[Serializer] deserialize from xml: Fix a collection that contains the only one element
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27279
| License | MIT
| Doc PR |
In xml when parent node (`restaurants`) contains several children nodes with the same tag (`restaurant`) it is clear that the children form a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
0 = {array} [2]
name = "Some restaurant name"
type = "Chinese"
1 = {array} [2]
name = "Another restaurant name"
type = "Italian"
```
Afterwards the object denormalizer has no problem to create a collection of restaurants.
But when there is only one child (`restaurant`) the decoded normalized array will not contain a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
name = "Some restaurant name"
type = "Chinese"
```
In this situation the object denormalizer threw unexpected exception. This PR modifies `AbstractObjectNormalizer` that is it will fill a collection containing the sole element properly.
Commits
-------
1f346f446d [Serializer] deserialize from xml: Fix a collection that contains the only one element
* 4.0:
[FrameworkBundle] decouple some cache-warmer's test from internal details
bug #27405 [Cache] TagAwareAdapter should not corrupt memcached connection in ascii mode
Remove released semaphore
* 3.4:
[FrameworkBundle] decouple some cache-warmer's test from internal details
bug #27405 [Cache] TagAwareAdapter should not corrupt memcached connection in ascii mode
Remove released semaphore
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Remove released semaphore
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27356
| License | MIT
| Doc PR | NA
This PR remove the semaphore with `sem_remove`. By removing without releasing the semaphore, all pending blocking acquiring will fail that's why the acquire method has also been update to handle such case
Commits
-------
77b9f90a32 Remove released semaphore
This PR was merged into the 3.4 branch.
Discussion
----------
TagAwareAdapter over non-binary memcached connections corrupts memcache
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #27405
| License | MIT
| Doc PR |
TagAwareAdapter uses non-ascii symbols in key names. It breaks memcached connections in non-binary mode.
Commits
-------
67d4e6dd29 bug #27405 [Cache] TagAwareAdapter should not corrupt memcached connection in ascii mode
* 4.0:
[Cache][Security] Use Throwable where possible
revert #27545
Update Finder.php
[FrameworkBundle] remove dead code in CachePoolClearerPass
Fix security-core cross-dependencies, fixes#27507
Pass previous exception to FatalErrorException
Corrected return type which causes following error with (psalm)[https://getpsalm.org/]
```
ERROR: PossiblyInvalidArgument - src/Command/Utils/CheckVendorDependencies.php:170:62 - Argument 1 of iterator_to_array expects Traversable, possibly different type array<mixed, Symfony\Component\Finder\SplFileInfo>|Iterator provided $directories = array_map($closure, iterator_to_array($finder->getIterator()));
```
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Pass previous exception to FatalErrorException
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27483
| License | MIT
Add a previous parameter to FatalErrorException.
Call \ErrorException with this parameter.
Update parent::__constructor for inherited classes with default parameters and the new one
Commits
-------
7f9780b5df Pass previous exception to FatalErrorException
This PR was merged into the 3.4 branch.
Discussion
----------
Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27212
| License | MIT
| Doc PR | -
This reverts commit b213c5a758, reversing
changes made to 61af0e3a25.
This breaks BC and is more like a new feature, let's move this on master.
Commits
-------
c6acad719d Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
This PR was squashed before being merged into the 4.1 branch (closes#27472).
Discussion
----------
[DI] Ignore missing tree root nodes on validate
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | technically yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #27450
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
b3cdfc64b5 [DI] Ignore missing tree root nodes on validate
This PR was merged into the 4.1 branch.
Discussion
----------
[Routing] Don't reorder past variable-length placeholders
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #27491
| License | MIT
Commits
-------
44616d9bcc [Router] regression when matching a route
7a750d4508 [Routing] Don't reorder past variable-length placeholders
* 4.0:
[HttpKernel] Fix restoring trusted proxies in tests
Update UPGRADE-4.0.md
CODEOWNERS: some more rules
removed unneeded comments in tests
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] fix registering IDE links
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
[Serializer] Fix serializer tries to denormalize null values on nullable properties
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
* 3.4:
[HttpKernel] Fix restoring trusted proxies in tests
Update UPGRADE-4.0.md
CODEOWNERS: some more rules
removed unneeded comments in tests
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] fix registering IDE links
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
[Serializer] Fix serializer tries to denormalize null values on nullable properties
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
* 2.8:
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27259
| License | MIT
| Doc PR | no
Hello!
There is fix for #27259 issue. It changes priority of `AddConsoleCommandPass` to `TYPE_BEFORE_REMOVING` as @chalasr advised. I'm not sure about side effects by that.
Commits
-------
e36099503f [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
This PR was squashed before being merged into the 2.8 branch (closes#26973).
Discussion
----------
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | improvement
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ---
| License | MIT
| Doc PR | ---
SubRequest used in `InlineFragmentRendered` explicitly sets `$server['REMOTE_ADDR']` to `127.0.0.1`. Therefore, it's required to configure `127.0.0.1` address in TRUSTED_PROXIES environment variable. Without that, `Request::isFromTrustedProxy()` will return false.
The current behavior might be a little bit problematic, for instance, in case where images are rendered through subrequests. These might end-up with an incorrect schema in URL (`http` instead of `https`).
Commits
-------
18f55feef8 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
This PR was squashed before being merged into the 2.8 branch (closes#27303).
Discussion
----------
[Process] Consider "executable" suffixes first on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Executable finder should consider "executable" suffixes first on Windows because we basically ignore executability on Windows (on the lines below changed), which leads, for example, to finding usually-non-executable `phpunit` file first where both `phpunit` and `phpunit.bat` are present.
I may miss something here, so please tell me if this makes any sense.
Same change against master: #27301
Commits
-------
9372e7a813 [Process] Consider \"executable\" suffixes first on Windows
* 4.0:
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
bumped Symfony version to 4.0.12
[DI] never inline lazy services
updated VERSION for 4.0.11
updated CHANGELOG for 4.0.11
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
[HttpFoundation] Fix cookie test with xdebug
[Serializer] Check the value of enable_max_depth if defined
[DI] remove dead code
[PhpUnitBridge] silence some stderr outputs
[Validator] Update sl translation
* 3.4:
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
[DI] never inline lazy services
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
[HttpFoundation] Fix cookie test with xdebug
[Serializer] Check the value of enable_max_depth if defined
[DI] remove dead code
[PhpUnitBridge] silence some stderr outputs
[Validator] Update sl translation
* 2.8:
Add code of Conduct links in our README
[DI] never inline lazy services
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
This PR was squashed before being merged into the 3.4 branch (closes#27344).
Discussion
----------
[HttpKernel] reset kernel start time on reboot
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27319
| License | MIT
| Doc PR | n/a
I created branch from 3.4, since the furthest thing I could find for the reboot feature was a4fc49294e and it originated during stabilization phase of 3.4.
ping @nicolas-grekas
Commits
-------
b7feef00ae [HttpKernel] reset kernel start time on reboot
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Update sl translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This patch updates Slovenian sl_SI translation for the 3.4 branches and up to master.
Commits
-------
a7a1325eab [Validator] Update sl translation
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] Check the value of enable_max_depth if defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Because it confuses some users that `['enable_max_depth' => false]` actually triggers the check.
Commits
-------
e88e0f30f1 [Serializer] Check the value of enable_max_depth if defined
This PR was merged into the 4.1 branch.
Discussion
----------
[Security] Fix missing use in UserInterface
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Fix missing `Role` use used in the `getRoles` return type.
Commits
-------
3e0a0f4cb5 Fix missing use in UserInterface
This PR was merged into the 4.1 branch.
Discussion
----------
[HttpKernel] fix deprecation in AbstractTestSessionListener
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
After #26564 functional tests began to emit a deprecation warning because of `getSession()` being called without verifying the existence of a session.
Commits
-------
0ecaefe179 [HttpKernel] fix deprecation in AbstractTestSessionListener
This PR was merged into the 4.1 branch.
Discussion
----------
Tweak Argon2 test config
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Memory cost 8 seems to be lowest value accepted on my machine
```
Testing Symfony\Component\Security\Core\Tests\Encoder\Argon2iPasswordEncoderTest
E.... 5 / 5 (100%)
Time: 114 ms, Memory: 4.00MB
There was 1 error:
1) Symfony\Component\Security\Core\Tests\Encoder\Argon2iPasswordEncoderTest::testValidationWithConfig
password_hash(): Memory cost is outside of allowed memory range
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php:105
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php:67
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Tests/Encoder/Argon2iPasswordEncoderTest.php:34
```
Commits
-------
0e74f73af5 Tweak Argon2 test config
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix bad exception on uninitialized references to non-shared services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27360
| License | MIT
| Doc PR | -
This restriction is unneeded complexity that prevents legit use cases (see linked issue #27360).
Commits
-------
8bba68f811 [DI] Fix bad exception on uninitialized references to non-shared services
Memory cost 8 seems to be lowest value accepted on my machine
```
Testing Symfony\Component\Security\Core\Tests\Encoder\Argon2iPasswordEncoderTest
E.... 5 / 5 (100%)
Time: 114 ms, Memory: 4.00MB
There was 1 error:
1) Symfony\Component\Security\Core\Tests\Encoder\Argon2iPasswordEncoderTest::testValidationWithConfig
password_hash(): Memory cost is outside of allowed memory range
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php:105
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Encoder/Argon2iPasswordEncoder.php:67
/home/gadelat/PhpstormProjects/symfony/src/Symfony/Component/Security/Core/Tests/Encoder/Argon2iPasswordEncoderTest.php:34
```
* 3.4:
migrating session for UsernamePasswordJsonAuthenticationListener
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
* 4.0:
migrating session for UsernamePasswordJsonAuthenticationListener
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
* 3.4:
migrating session for UsernamePasswordJsonAuthenticationListener
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
* 4.0:
Fixed content trace CSS in profiler
[Form] fix tests on old phpunit versions
[FrameworkBundle] fix typo in CacheClearCommand
bumped Symfony version to 4.0.11
updated VERSION for 4.0.10
updated CHANGELOG for 4.0.10
bumped Symfony version to 3.4.11
updated VERSION for 3.4.10
updated CHANGELOG for 3.4.10
bumped Symfony version to 2.8.41
updated VERSION for 2.8.40
updated CHANGELOG for 2.8.40
bumped Symfony version to 2.7.48
updated VERSION for 2.7.47
update CONTRIBUTORS for 2.7.47
updated CHANGELOG for 2.7.47
fixed test
* 3.4:
[Form] fix tests on old phpunit versions
[FrameworkBundle] fix typo in CacheClearCommand
bumped Symfony version to 3.4.11
updated VERSION for 3.4.10
updated CHANGELOG for 3.4.10
fixed test
This PR was squashed before being merged into the 4.1 branch (closes#27292).
Discussion
----------
[Serializer] Fix and improve constraintViolationListNormalizer's RFC7807 compliance
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | https://github.com/symfony/symfony/pull/22150#discussion_r188674031
| License | MIT
| Doc PR | todo
This PR fixes and improves [RFC 7807](https://tools.ietf.org/html/rfc7807#section-3.2) compliance of `ConstraintViolationListNormalizer` (introduced in 4.1):
* As recommended, use a specific namespace for Symfony validation error (`http://symfony.com/doc/current/validation.html`, because it already exists and gives information about the error.
* Allow to set all properties defined in the RFC using the serialization context
* Remove the `detail` key if no detail is provided (according to the spec)
* Change the Symfony specific extension to use the same terminology than the RFC itself (type and title)
* Use the proper `urn:uuid` scheme (RFC 4122) for the UUID code (more standard, and improve hypermedia capabilities).
ping @teohhanhui
Commits
-------
3c789c610a [Serializer] Fix and improve constraintViolationListNormalizer's RFC7807 compliance
* 4.0:
do not mock the session in token storage tests
[DependencyInjection] resolve array env vars
Add Occitan plural rule
Fix security/* cross-dependencies
[Lock] Skip test if posix extension is not installed
[DI] Allow defining bindings on ChildDefinition
use strict compare in url validator
Disallow illegal characters like "." in session.name
[HttpKernel] do file_exists() check instead of silent notice
fix rounding from string
* 3.4:
do not mock the session in token storage tests
[DependencyInjection] resolve array env vars
Add Occitan plural rule
Fix security/* cross-dependencies
[Lock] Skip test if posix extension is not installed
[DI] Allow defining bindings on ChildDefinition
use strict compare in url validator
Disallow illegal characters like "." in session.name
[HttpKernel] do file_exists() check instead of silent notice
fix rounding from string
* 2.8:
do not mock the session in token storage tests
Add Occitan plural rule
Fix security/* cross-dependencies
Disallow illegal characters like "." in session.name
fix rounding from string
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] do file_exists() check instead of silent notice
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27234
| License | MIT
| Doc PR | -
Commits
-------
f8cde70ba1 [HttpKernel] do file_exists() check instead of silent notice
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Use strict type in URL validator
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Fixed tickets | -
| License | MIT
| Doc PR | -
Using `checkDNS` option with value `true` generate error `Warning: checkdnsrr(): Type '1' not supported`.
In SF 3.4 it was mark as depreciation and silently converted to `ANY` https://github.com/symfony/symfony/blob/v3.4.9/src/Symfony/Component/Validator/Constraints/UrlValidator.php#L79
~~Test are failing on `Symfony\Component\HttpKernel\Tests\ControllerMetadata\ArgumentMetadataFactoryTest::testSignature1` - I think its not related~~
Commits
-------
2400e71962 use strict compare in url validator
This PR was squashed before being merged into the 3.4 branch (closes#27267).
Discussion
----------
[DependencyInjection] resolve array env vars
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27239
| License | MIT
| Doc PR | n/a
## Why
This bugfix solves a problem where environment variables resolved as an array would cause an error while compiling the container if they aren't the last parameter in the ParameterBag: the next parameter to be resolved would fail at the `stripos()` check. More information about the bug is available at #27239
## Tests
- This PR modifies existing ContainerBuilder tests to make use of the EnvVarProcessor to resolve json strings into arrays, instead of relying upon a TestingEnvPlaceholderParameterBag class.
- I would liked to have kept EnvVarProcessor logic out of the ContainerBuilder tests, but it was the interaction between the ContainerBuilder and EnvVarProcessor that caused the bug
- This PR adds a new ContainerBuilder test to verify that an environment variable resolved into an array doesn't cause an error when the next variable attempts to be resolved
## Code
- ~This PR adds an `\is_string()` sanity check before the `stripos()` method call so that only a string are passed into `stripos()`~
- This PR also adds a `$completed` flag so that completely resolved environment variables (currently only determined by `$placeholder === $value`) can break out of the loop early (handled via `break 2;`
Commits
-------
4c3b950dc2 [DependencyInjection] resolve array env vars
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Skip test if posix extension is not installed
This isn't installed by default on Fedora
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
97cbea0 [Lock] Skip test if posix extension is not installed
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR |
Related issue https://github.com/symfony/symfony/issues/21026.
Previous PR https://github.com/symfony/symfony/pull/24036.
Similar fix for `transform()` method.
Commits
-------
f94b7aadd3 fix rounding from string
This PR was merged into the 4.1 branch.
Discussion
----------
[Routing] Fix adding name prefix to canonical route names
| Q | A
| ------------- | ---
| Branch? | 4.1 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? |no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #27244 <!-- #-prefixed issue number(s), if any -->
| License | MIT
This PR resolve the [bug](https://github.com/symfony/symfony/issues/27244) in the [prefix imported routes name](https://symfony.com/blog/new-in-symfony-4-1-prefix-imported-route-names) feature. Reviews are always welcomed moreover as I touch a key element ( the `_canonical_route` attribute ). I need an expert in the Routing component to avoid side effect
Thanks
Commits
-------
cb5ce8f32e fix bug when imported routes are prefixed