* 4.4:
[Mailer] fix lowest allowed dependencies
Refresh original user in SwitchUserListener.
check if templating engine supports view
[Mime] Escape commas in address names
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Validator] Add Validation::createIsValidCallable() that returns a boolean instead of exception
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36820
| License | MIT
| Doc PR | tbd
This adds a `Validator::createValidCallable()` (I'm very open for other name suggestions) that returns a boolean instead of exceptions. This allows usingit in places where booleans are expected, for instance in the referenced OptionsResolver case:
```php
$resolver->setAllowedValues('name', Validation::createValidCallable(
new Assert\Length(['min' => 10 ])
));
```
Commits
-------
e731f5fda9 [Validator] Add createValidCallable() that returns a boolean
This PR was merged into the 4.4 branch.
Discussion
----------
[Mime] Escape commas in address names
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39416
| License | MIT
| Doc PR | --
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Before:
```php
$address = new Address('fabien@symfony.com', 'Fabien, Potencier');
$address->toString(); // Fabien, Potencier <fabien@symfony.com> -> Interpreted like two emails
```
After:
```php
$address = new Address('fabien@symfony.com', 'Fabien, Potencier');
$address->toString(); // "Fabien, Potencier" <fabien@symfony.com>
```
Commits
-------
39e9158999 [Mime] Escape commas in address names
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] improve exception message when required argument is added after an optional one
| Q | A
| ------------- | ---
| Branch? | 5.x <!-- see below -->
| Bug fix? | no
| New feature? | wouldn't say so, rather DX improvement <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#40302 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | n/a
Hello, this is my first contribution to Symfony Framework. It's time to pull my weight.
About the issue:
I did improve an error message to include passed argument's name and the latest optional argument's name.
![Screenshot at 2021-02-26 23-08-10](https://user-images.githubusercontent.com/79662742/109361609-8f011e80-7889-11eb-8700-cbbd388c0109.png)
An author also mentioned "But which command?", however this is shown twice as we can see on the screenshot above so I skipped that.
Commits
-------
9bddbbd7ed#40302 improve exception message when required argument is added after an optional one
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpFoundation] Use InputBag for POST requests too
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Partially revert #37265
| License | MIT
| Doc PR | -
#37265 was created as a fix for #37100. However, when #37327 was merged, the original bug was also fixed with a different solution (allowing null values on `InputBag::set`) and parts of #37265 are not needed anymore. By using only `InputBag` as the `$request` bag we can tighten the typehint again and make static analysis a bit more useful.
Commits
-------
381a0a19f7 use InputBag for POST requests too, added missing scalar type hints
This PR was merged into the 4.4 branch.
Discussion
----------
Check if templating engine supports given view
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Currently the `ControllerTrait::render` and `ControllerTrait::renderView` methods assume that when the `templating` service is available it can always render the given view via that service.
However, that might not be the case. For example if `framework.templating` is not configured to support the `twig` engine for example but only some other custom engine, e.g.
```yaml
framework:
templating:
engines:
- foobar
```
it will fail when the given view references a Twig template for instance and the configured engine cannot render that.
The `Symfony\Component\Templating\EngineInterface` which `templating` implements defines a `support` method:
2536e178b1/src/Symfony/Component/Templating/EngineInterface.php (L56-L63)
which should be used here, in order to make sure that `templating` actually does support rendering the given view.
Commits
-------
0f9434c189 check if templating engine supports view
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Add KernelTestCase::getContainer()
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/14731
There are at least 3 ways to get the container in a test class:
```php
class FooTest extends WebTestCase
{
public function testGetContainerA()
{
$kernel = self::bootKernel();
$container = $kernel->getContainer();
}
public function testGetContainerB()
{
self::bootKernel();
$container = self::$container;
}
public function testGetContainerC()
{
$client = self::createClient();
$container = $client->getContainer();
}
}
```
I suggest to add a fourth =)
Basically, in tests you should always use the `test.service_container`. It is hard to remove A and C, but I can deprecate C and add a helper function.
```php
class FooTest extends WebTestCase
{
public function testGetContainerTheOnlyWayYouShouldUse()
{
$container = $this->getContainer();
}
}
```
This new way will also boot your kernel if it is not already booted.
Commits
-------
f4c97240ff [FrameworkBundle] Add KernelTestCase::getContainer()
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] AnnotationsCacheWarmer should support doctrine/annotations:^1.13
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40353
| License | MIT
| Doc PR |
The `AnnotationsCacheWarmer` is creating a cached a `new CachedReader` in the `doWarmUp()`. But this will fail if doctrine/cache is not installed. In #40338 I added the `kernel.cache_warmer` tag on `annotations.cache_warmer` service even though the doctrine/cache is not installed.
This PR will make sure `AnnotationsCacheWarmer` is using the `PsrCacheReader` when available.
This bug was not found in the tests because doctrine/cache is always installed.
----------
Big golden star to @jrushlow because you test dev-master.
Commits
-------
fb1cc72b18 [FrameworkBundle] AnnotationsCacheWarmer should support doctrine/annotations:^1.13
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[WebProfilerBundle] Disable CSP if dumper was used
| Q | A
| ------------- | ---
| Branch? | 5.x for features
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#29084
| License | MIT
| Doc PR | -
Disables a configured Content Security Policy if the dumper was used to avoid breaking the toolbar. This is a less invasive alternative to #29155 which fixes#29084 (there is a project with a test case linked there).
Commits
-------
5dc2637263 [WebProfilerBundle] Disable CSP if dumper was used
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[twig-bridge] Allow NotificationEmail to be marked as public
| Q | A
| ------------- | ---
| Branch? | 5.x for features
| Bug fix? |no
| New feature? | yes
| Deprecations? |no
| Tickets | Fix#37879
| License | MIT
| Doc PR | -
Closes https://github.com/symfony/symfony/issues/37879
`NotificationEmail` can be created public from the `asPublicEmail` method in any context but with the Notifier component. In this case it is created by it as not public and therefore displays the importance in the subject of the email.
For end users, aka not admin, the importance in the subject's email is not necessary.
This PR will allow if needed to set a `NotificationEmail` as public even after being created, wherever it was created.
I am not sure how to handle the version in the changelog.
For the tests I don't know what's the policy so I just added a new case in each test case.
Commits
-------
8f753d27f2 [twig-bridge] Allow NotificationEmail to be marked as public
* 5.2:
bug #40427 [Console] Stop accepting ints as InputOption defaults
Fix fingerprint when context is not serializable
Fix `ConstraintViolation#getMessageTemplate()` to always return `string`
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix type of InputOption::$default
Options can also be `int`s. So add this type to the PHPDoc parameter
type annotation of `InputInterface::setOption` and the return type
annotation of `InputInterface::getOption`.
| Q | A
| ------------- | ---
| Branch? | 4.4 or 5.2 for bug fixes
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40427
| License | MIT
Commits
-------
3a2d1b4a0a bug #40427 [Console] Stop accepting ints as InputOption defaults
The types accepted and provided by `InputInterface::getOption`
and `setOption` do not include `int` (and passing something like
`--option=123` will set the option to the string `"123"`, not
to the integer `123`).
The `InputOption` default types should match this.
This PR was merged into the 5.2 branch.
Discussion
----------
Fix `ConstraintViolation#getMessageTemplate()` to always return `string`
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
`ConstraintViolation#getMessageTemplate()`'s inherited signature states that `string` is
to be returned by it at all times, yet the implementation returns `null` when no message
template had been provided at instantiation.
This patch obviates it, returning an empty string when the
message template is `null`.
Ref: https://github.com/symfony/symfony/pull/40415#issuecomment-792839512
Commits
-------
72a464e449 Fix `ConstraintViolation#getMessageTemplate()` to always return `string`
* 5.2:
Bump Symfony version to 5.2.6
Update VERSION for 5.2.5
Update CHANGELOG for 5.2.5
Update translations for Norwegian Nynorsk (nn) #38756
Fix eventListener initialization when eventSubscriber constructor dispatch an event
[FrameworkBundle] fix XSD
clear unchecked choice radio boxes even if clear missing is set to false
Fix `ConstraintViolation#getPropertyPath()` to always return `string`
[ErrorHandler] Added missing type annotations to FlattenException
[TwigBridge] Allow version 3 of the Twig extra packages
Fix FrameworkBundle PropertyAccess definition when not in debug
* 4.4:
Update translations for Norwegian Nynorsk (nn) #38756
Fix eventListener initialization when eventSubscriber constructor dispatch an event
clear unchecked choice radio boxes even if clear missing is set to false
[ErrorHandler] Added missing type annotations to FlattenException
[TwigBridge] Allow version 3 of the Twig extra packages
Fix FrameworkBundle PropertyAccess definition when not in debug
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Runtime] a new component to decouple applications from global state
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/15081
Follow up of #36652, see discussion there.
What if we could decouple the bootstrapping logic of our apps from any global state?
This PR makes it possible via a new proposed `symfony/runtime` component.
The immediate benefit this provides is easier maintenance of Symfony apps: code that is currently shipped by recipes will be able to move to `vendor/`. Read the previous sentence twice, this is big :)
Check the following PR to see how far this goes: https://github.com/symfony/recipes/pull/787
The longer-term benefit is being able to run the exact same app under several runtimes: PHP-FPM, CLI, but also PHP-PM and similar. Thanks to the proposed interface, this benefit could span to any PHP apps; not only to apps using the Symfony HttpKernel/HttpFoundation components. This part could be moved to `symfony/contracts` in the future.
Performance-wise, I measured no significant difference with the current way of running apps.
RuntimeInterface
----------------
The core of this component is the `RuntimeInterface` which describes a high-order
runtime logic.
It is designed to be totally generic and able to run any application outside of
the global state in 6 steps:
1. the main entry point returns a callable that wraps the application;
2. this callable is passed to `RuntimeInterface::getResolver()`, which returns a
`ResolverInterface`; this resolver returns an array with the (potentially
decorated) callable at index 0, and all its resolved arguments at index 1;
3. the callable is invoked with its arguments; it returns an object that
represents the application;
4. that object is passed to `RuntimeInterface::getRunner()`, which returns a
`RunnerInterface`: an instance that knows how to "run" the object;
5. that instance is `run()` and returns the exit status code as `int`;
6. the PHP engine is exited with this status code.
This process is extremely flexible as it allows implementations of
`RuntimeInterface` to hook into any critical steps.
Autoloading
-----------
This package registers itself as a Composer plugin to generate a
`vendor/autoload_runtime.php` file. This file shall be required instead of the
usual `vendor/autoload.php` in front-controllers that leverage this component
and return a callable.
Before requiring the `vendor/autoload_runtime.php` file, set the
`$_SERVER['APP_RUNTIME']` variable to a class that implements `RuntimeInterface`
and that should be used to run the returned callable.
Alternatively, the class of the runtime can be defined in the `extra.runtime.class`
entry of the `composer.json` file.
A `SymfonyRuntime` is used by default. It knows the conventions to run
Symfony and native PHP applications.
Examples
--------
This `public/index.php` is a "Hello World" that handles a "name" query parameter:
```php
<?php
require_once dirname(__DIR__).'/vendor/autoload_runtime.php';
return function (array $request, array $context): void {
// $request holds keys "query", "body", "files" and "session",
// which map to $_GET, $_POST, $_FILES and &$_SESSION respectively
// $context maps to $_SERVER
$name = $request['query']['name'] ?? 'World';
$time = $context['REQUEST_TIME'];
echo sprintf('Hello %s, the current Unix timestamp is %s.', $name, $time);
};
```
This `bin/console.php` is a single-command "Hello World" application
(run `composer require symfony/console` before launching it):
```php
<?php
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
require_once dirname(__DIR__).'/vendor/autoload_runtime.php';
return function (Command $command) {
$command->addArgument('name', null, 'Who should I greet?', 'World');
return $command->setCode(function (InputInterface $input, OutputInterface $output) {
$name = $input->getArgument('name');
$output->writeln(sprintf('Hello <comment>%s</>', $name));
});
};
```
The `SymfonyRuntime` can resolve and handle many types related to the
`symfony/http-foundation` and `symfony/console` components.
Check its source code for more information.
Commits
-------
61b32ab2a3 [Runtime] a new component to decouple applications from global state
This PR was merged into the 5.3-dev branch.
Discussion
----------
Don't use sprintf in trigger_deprecation() calls
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Old habits die hard :)
Commits
-------
9ba8f0567d Don't use sprintf in trigger_deprecation() calls
`ConstraintViolation#getMessageTemplate()`'s inherited signature states that `string` is
to be returned by it at all times, yet the implementation returns `null` when no message
template had been provided at instantiation.
This patch obviates it, returning an empty string when the
message template is `null`.
Ref: https://github.com/symfony/symfony/pull/40415#issuecomment-792839512
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Add support an integer return for default_index_method
| Q | A
| ------------- | ---
| Branch? | 5.x for features
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #40319
| License | MIT
| Doc PR | TODO
Commits
-------
f0922c70d6 [DependencyInjection] Add support an integer return for default_index_method
This PR was merged into the 5.2 branch.
Discussion
----------
Fix `ConstraintViolation#getPropertyPath()` to always return `string`
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
`ConstraintViolation#getPropertyPath()`'s inherited signature states that `string` is
to be returned by it at all times, yet the implementation returns `null` when no property
path had been provided at instantiation.
This patch obviates it, returning an empty string when the
property path is `null`.
Commits
-------
7d1029b907 Fix `ConstraintViolation#getPropertyPath()` to always return `string`
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Fix PropertyAccess definition when not in debug
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
The signature of the `PropertyAccessor::createCache()` method specifies that the first argument must be a string but in the `FameworkBundle` configures its DIC with a first argument to `null`. Replacing `null` by `''` allows to respect the contact of `PropertyAccessor::createCache()` and removes the following error when the `symfony/framework-bundle` is blocked in `4.4` but the symfony/property-access goes up to `5.2`.
```
Argument 3 passed to Symfony\Component\PropertyAccess\PropertyAccessor::createCache() must be of the type string, null given, called in /usr/src/app/var/cache/prod/ContainerDX7KWI4/getCache_PropertyAccessService.php on line 12
```
Commits
-------
116c54a554 Fix FrameworkBundle PropertyAccess definition when not in debug
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] clear unchecked choice radio boxes even if clear missing is set to false
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#16802
| License | MIT
| Doc PR |
Commits
-------
e7b4851ea0 clear unchecked choice radio boxes even if clear missing is set to false
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PropertyAccess] use bitwise flags to configure when the property accessor should throw
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | Fix#31126
| License | MIT
| Doc PR |
Commits
-------
a50cfcb49d use bitwise flags to configure when the property accessor should throw
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Cache] boost perf by wrapping keys validity checks with `assert()`
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
PSR-6 has one perf hog: checking the validity of keys.
But in practice, an invalid key should never happen in production: encoding/cleanup is a must-have, and it's a step that should be identified *during dev*.
That's why I think we're safe wrapping these checks with `assert()`.
On an `ArrayAdapter`, this doubles the throughput of the pool when getting items.
I didn't use `assert()` in constructors when not on the hot path.
This PR also makes some callable properties static, as they should be from the beginning.
Commits
-------
8f03a1f555 [Cache] boost perf by wrapping keys validity checks with `assert()`
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Added missing type annotations to FlattenException
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40385
| License | MIT
| Doc PR | N/A
This class has no constructor where the properties' types could be inferred from. If we want potential contributors (and our serializer, see #40385) to read that code, I think it's only fair that we document the property types via doc blocks.
Commits
-------
d68832e1b9 [ErrorHandler] Added missing type annotations to FlattenException
Motivations for this change:
* Avoid an unneded preg call, explode+implode is faster
* The previous regex created to suboptimal expressions,
due to the pipe that caused empty to be matched.
That means an input like `foo:bar`
was translated into `foo[^:]*[^:]*:bar[^:]*[^:]*`
instead of simply `foo[^:]*:bar[^:]*`
`ConstraintViolation#getPropertyPath()`'s inherited signature states that `string` is
to be returned by it at all times, yet the implementation returns `null` when no property
path had been provided at instantiation.
This patch obviates it, returning an empty string when the
property path is `null`.
* 5.2:
[WebLink] Removed unused property
Fix method name compare in ResolveControllerNameSubscriber
add uz security validator and form validator file
uzb translation
* 4.4:
[WebLink] Removed unused property
Fix method name compare in ResolveControllerNameSubscriber
add uz security validator and form validator file
uzb translation
This PR was merged into the 4.4 branch.
Discussion
----------
[WebLink] Removed unused property
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
In `Link::withHref()`, a property `templated` is written, that is never declared or access anywhere else. I assume that this is dead code.
Commits
-------
848972e830 [WebLink] Removed unused property
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] [4.4]: Fix method name compare in ResolveControllerNameSubscriber
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | <!-- required for new features -->
The left side to `strtolower` was not actually lowercased, so it would be always `false`.
The bug was introduced in 6c109c71a9 (https://github.com/symfony/symfony/pull/31938)
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Commits
-------
69431a3db3 Fix method name compare in ResolveControllerNameSubscriber
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Decouple passwords from UserInterface
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | #23081, helps with #39308
| License | MIT
| Doc PR | todo
This PR addresses a long-standing issue of the Security component: UserInterface is coupled to passwords.
It does it by moving the `getPassword()` method from `UserInterface` to a `PasswordAuthenticatedUserInterface`, and the `getSalt()` method to a `LegacyPasswordAuthenticatedUserInterface`.
Steps:
- In 5.3, we add the new interface and, at places where password-based authentication happens, trigger deprecation notices when a `UserInterface` object does not implement the new interface(s). The UserInterface is kept as-is until 6.0.
- In 6.0, we can remove the methods from `UserInterface` as well as support for using password authentication with user objects not implementing the new interface(s).
As a side-effect, some password-related interfaces (`UserPasswordHasherInterface` and `PasswordUpgraderInterface`) must change their signatures to type-hint against the new interface.
That is done in a BC way, which is to make the concerned methods virtual until 6.0, with deprecation notices triggered from callers and concrete implementations.
Benefits:
In 6.0, applications that use password-less authentication (e.g. login links) won't need to write no-op `getPassword()` and `getSalt()` in order to fulfil the `UserInterface` contract.
For applications that do use password-based authentication, they will need to opt-in explicitly by implementing the relevant interface(s).
This build on great discussions with @wouterj and @nicolas-grekas, and it is part of the overall rework of the Security component.
Commits
-------
2764225a38 [Security] Decouple passwords from UserInterface
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Notifier] [OvhCloud] Add "sender"
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features --> (I'm waiting to see if the feature is accepted )
Add "sender" option to the DSN that allows configuring the sender of the message.
OVHCloud manages two cases for sending sms according to the [doc](https://docs.ovh.com/fr/sms/envoyer_des_sms_avec_lapi_ovh_en_php/):
> The senderForResponse parameter will allow the use of a short number, which allows you to send SMS directly without having to create an alphanumeric sender (for example: your name).
> Short numbers also allow you to receive responses from the recipients of your SMS, which can be useful for a satisfaction survey, a voting application, a game, etc.
![CleanShot 2021-03-05 at 13 26 33](https://user-images.githubusercontent.com/523981/110115554-84c5af80-7db6-11eb-815d-7e8bafa81e5d.png)
This PR introduces the management of these 2 cases with a new option `sender`:
* if `sender` is set, we use it
* if `sender` is not set, we use `senderForResponse` to get a short number (current behavior)
I took the logic implementedin the old official SDK : 52d279e112/src/Message.php (L161)
Commits
-------
c5a9b252ab [Notifier] [OvhCloud] Add "sender"
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Implement psr/container 1.1
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
The `psr/container` interfaces have been updated with type declarations. The lack of those is what kept us from adding property type declarations to the `get()` and `has()` methods of our own `ContainerInterface`.
A small BC break is that we have never prevented calling code from passing `null` as the service ID. Even without strict types, this will cause a `TypeError` after my changes. I already had to update `AutowirePass` because of that.
On the other hand, it was neither documented that we allow `null` here nor did the container do anything useful (`has(null)` always resulted in `false` and `get(null)` always returned `null`).
Commits
-------
d9095aa892 [DependencyInjection] Implement psr/container 1.1
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBridge] Render email once
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39718
| License | MIT
| Doc PR | -
When `\Symfony\Component\Mailer\Mailer` send an email via the Bus (async) it dispatches an `MessageEvent`, then the consumer call the `\Symfony\Component\Mailer\Transport\AbstractTransport::send` method which also dispatches an `MessageEvent`.
This event is listened by `\Symfony\Bridge\Twig\Mime\BodyRenderer::render` which rendered twice an email.
I'm not sure why the event is send twice, and if we could safely remove one of them (or maybe deprecating the `MessageEvent`, in favor of `SendMessageEvent` + `AsyncMessageEvent`)
This PR store a flag in the Message to avoid rendering it twice.
Commits
-------
186ea59180 Render email once
* 5.2:
Backport psr/container 1.1/2.0 compatibility
Update notifier_transports.php
Dont lock tables or start transactions
Bump Symfony version to 5.2.5
Update VERSION for 5.2.4
Update CHANGELOG for 5.2.4
Bump Symfony version to 4.4.21
Update VERSION for 4.4.20
Update CONTRIBUTORS for 4.4.20
Update CHANGELOG for 4.4.20
* 4.4:
Backport psr/container 1.1/2.0 compatibility
Bump Symfony version to 4.4.21
Update VERSION for 4.4.20
Update CONTRIBUTORS for 4.4.20
Update CHANGELOG for 4.4.20
This PR was merged into the 5.2 branch.
Discussion
----------
[Messenger] Don't lock tables or start transactions
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
I was so sure my PR #40336 fixed the doctrine-messenger issue once and for all. But it had a very silent bug..
This has been tricky to debug and find because the `PDO` behaves differently in PHP 7.4 compared to PHP 8.
| Scenario | Command | Is executed in transaction | Method that calls `PostgreSqlConnection::getTriggerSql()` |
| --| -- | -- | -- |
| A | `messenger:setup-transports` | No | `setup()`
| B| `doctrine:schema:create` | No | `getExtraSetupSqlForTable()`
| C | `doctrine:migration:diff` | Yes by default, but it can be configured | `getExtraSetupSqlForTable()`
PR #40055 fixed scenario C on PHP 8, but that also broke scenario B on PHP 7.4 and PHP 8.
In PR #40336 I was wrong claiming:
> We don't need COMMIT because the transaction will commit itself when we close the connection.
The result was the we removed all the errors messages from the 3 scenarios. But scenario B will produce some SQL that is actually never committed. IE it will silently fail.
I've been trying to figure out a good solution to how or when to start a transaction. I tried out @fbourigault [suggestion](https://github.com/symfony/symfony/pull/40336#issuecomment-790622951) but that would be the same fix as #40055.
---------------
We need a transaction because the SQL includes a `LOCK TABLE`, however, I cannot see a strict need for it. This PR removes `LOCK TABLE` and all transaction juggling. It all seams to work.
I would be happy to get thorough feedback on this PR so we can end the chapter of constantly adding bugs to this part of the component.
@dunglas, you added `LOCK TABLE` in your initial version of this class in https://github.com/symfony/symfony/pull/35485, could you share some knowledge if this is a good or bad idea?
Commits
-------
26061a131d Dont lock tables or start transactions
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle][Translation] Extract translation IDs from all of src
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Related to #39126 possibly #35082 as well
| License | MIT
| Doc PR | TBD
This PR allows extracting (`bin/console translation:update`) and debugging (`bin/console debug:translation`) translations using Translatable messages.
Currently we only check classes that include the `TranslatorInterface`, but this no longer covers all instances of this.
Current considerations:
- Should this be treated as a bug fix or a new feature? On one hand, text extraction would no longer work if moving to TranslatableMessages (like we're doing) on the other, it wasn't intended to search all PHP files. As a bug fix would get this into Symfony faster, as a feature would mean having to wait until 5.3 is released.
- Is there a better way to get the source directory that doesn't involve hardcoding `/src`?
- Adding this in on a project with ~12k LOC in `/src` takes these operations from about 3s to 5s, but I feel like this is reasonable considering this command isn't likely called constantly. I can provide more accurate stats as requested.
Commits
-------
b02ae5050c [FrameworkBundle][Translation] Extract translation IDs from all of src
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Re-add accidentally removed property declarations
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
spotted while playing with psalm locally, mistake made in #39802
Commits
-------
bccf736b99 [Security] Readd accidentally removed property declarations
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Messenger] Doctrine setup with migrations
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? |
| Deprecations? | no
| Tickets | Fix#40130
| License | MIT
| Doc PR |
This PR reverts parts of #40055.
When running these commands, You do need to be in a transaction:
- `doctrine:schema:create`
- `messenger:setup-transports`
- `doctrine:migrations:diff` and `doctrine:migrations:migrate`
Commits
-------
3371e1cf39 [Messenger] Doctrine setup with migrations
This PR was merged into the 4.4 branch.
Discussion
----------
Add missing translations for Belarusian
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#38727 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | N/A <!-- required for new features -->
Add translations for Belarusian
Commits
-------
1b84d5d23b Add translation for Belarusian
8e1d3285ed Adding templates for Belarusian
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Add support for doctrine/annotations:1.13 || 2.0
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR |
This PR will deprecate passing any other values that "none", "php_array" and "file" to `framework.annotation.cache`. It will also support `doctrine/annotations:^1.13 || ^2.0`. It will use the PSR-6 cache if possible.
Commits
-------
91e844b517 [FrameworkBundle] Add support for doctrine/annotations:1.13 || 2.0
This PR was merged into the 5.3-dev branch.
Discussion
----------
[TwigBridge][TwigBundle] Twig serialize filter
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#40227
| License | MIT
| Doc PR | symfony/symfony-docs#15039
Adds a new `serialize` filter for Twig utilizing the Serializer component. As suggested in #40227 - would allow you to pass a serialized object to the front end without needing to make an ajax call.
Commits
-------
abb534ab56 implement twig serialize filter
This PR was merged into the 5.3-dev branch.
Discussion
----------
[RateLimiter][Security] Add a `login_throttling.interval` (in `security.firewalls`) option to change the default throttling interval.
| Q | A
| ------------- | ---
| Branch | 5.x
| Bug fix | no
| New feature | yes
| Deprecations | no
| License | MIT
| Doc PR | ⚠️ no doc
The only way to customize the default rate-limiter's options of the login_throttling (means fixed_window / 1 minute / 5 tokens) are through a custom limiter, which implies to declare a rate-limiter factory in the "framework.rate_limiter", a service which use this factory etc. It's really heavy just for changing an interval (moreover, 1 minute can be discutable).
In this PullRequest, I just propose to allow an `interval` option.
Example :
```yaml
security:
firewalls:
main:
login_throttling:
max_attempts: 5
interval: '15 minutes'
```
See functional tests.
🤷🏻♂️ This pull-request is a copy of [this pull-request ](https://github.com/symfony/symfony/pull/39927) that I've created some weeks ago. On the original PR, I just needed to rebase on 5.x to pass the tests (fabbot etc.) but the rebase I've tried runs in a loop of conflicts and I'm stuck. I've never experienced this before... SORRY.
Commits
-------
d1a0342e1e Fix tests
cc7409502a changes rebased
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] zero parts can be omitted in date interval input
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35820
| License | MIT
| Doc PR |
Commits
-------
c316708669 zero parts can be omitted in date interval input
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpKernel] Handle multi-attribute controller arguments
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | todo
Currently, the `ArgumentMetadata` class used for controller argument value resolution can only hold one attribute per controller argument, while a method argument can take multiple attributes.
This allows accessing all attributes for a given argument, and deprecates the `ArgumentInterface` because it is not needed.
Spotted by @nicolas-grekas.
Commits
-------
d771e449ec [HttpKernel] Handle multi-attribute controller arguments
This PR was merged into the 4.4 branch.
Discussion
----------
MockResponse total_time should not be simulated when provided
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When you provide a `total_time` to a MockResponse, it is overriden. It should be simulated only when it is not provided I guess.
Ex: `new MockResponse('{"foo":"bar"}', ['total_time' => 0.4])`
Commits
-------
8dada95cbf fix: MockResponse total_time should not be simulated when provided
This PR was merged into the 5.3-dev branch.
Discussion
----------
[RateLimiter][Security] Allow to use no lock in the rate limiter/login throttling
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix -
| License | MIT
| Doc PR | tbd
This PR adds support for disabling lock in rate limiters. This was brought up by @Seldaek. In most cases (e.g. login throttling), it's not critical to strictly avoid even a single overflow of the window/token. At least, it's probably not always worth the extra load on the lock storage (e.g. redis).
It also directly disables locking by default for login throttling. I'm not sure about this, but I feel like this fits the 80% case where it's definitely not needed (and it's easier to use if you don't need to set-up locking first).
Commits
-------
45be875e84 [Security][RateLimiter] Allow to use no lock in the rate limiter/login throttling
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Messenger] Add `rediss://` DSN scheme support for TLS to Redis transport
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR |
This adds a support for `rediss://` DSN (as discussed in https://github.com/symfony/symfony/pull/39599) and deprecates the use of `tls` parameter introduced in https://github.com/symfony/symfony/pull/35503 so it can be standardized to single format.
Commits
-------
28e7b74b47 [Messenger] Add `rediss://` DSN scheme support for TLS to Redis transport
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Add server-commands support for Predis Replication Environments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35867
| License | MIT
| Doc PR |
This fix is for predis MasterSlaveConnections which don't allow to run server commands.
Due to that it's not possible to e.g. clear a cache with cache:pool:clear.
PhpRedis and Predis do not have the same interface, so have to check which implementation is used.
Furthermore, the getClientFor('master') works only for replicated redis instances.
Commits
-------
2ae5c33c80 [Cache] Add server-commands support for Predis Replication Environments
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
Fix deprecation messages
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
The wrong namespace is used in the deprecation messages
Commits
-------
4aca3edb9e Fix deprecation messages
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpClient] Add `HttpClientInterface::withOptions()`
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I've been thinking about this method for a few months already.
We miss a way to configure an HTTP client in a generic way.
This is useful when eg building an API client as this allows configuring default options once for a consumer, eg in the constructor.
```php
$this->client = $client->withOptions(['base_uri' => 'https://...']);
// [...]
$response = $this->client->request('GET', '/relative-url');
```
Commits
-------
439742ff33 [HttpClient] Add `HttpClientInterface::withOptions()`
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Configure `session.cookie_secure` earlier
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40221
| License | MIT
| Doc PR | N/A
This PR does what @stof had suggested in #40221, allow me to quote him directly:
> 1. avoid setting auto as a value for the ini setting in the NativeSessionStorage initialization
> 2. ensuring that SessionListener resolves the auto value by the time the SessionListener runs, and not by the time the getSession() method is called in the Request session factory callback
Commits
-------
e82918cd60 [HttpKernel] Configure `session.cookie_secure` earlier
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Uid] Add Generate and Inspect commands
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
After some time using the component, I realized I often needed to quickly generate new ulids or to convert them from one format to another so I thought having those commands would be useful.
# Usage
## Generate a ULID - outputs N ULID(s) separated by new lines in base 32, base 58 or RFC 4122 format
### Generate 1 ULID now
`php bin/console ulid:generate`
### Generate 1 ULID with a specific timestamp
`php bin/console ulid:generate --time="2021-02-02 14:00:00"`
### Generate 2 ULIDs and ouput the RFC4122 format
`php bin/console ulid:generate --count=2 --format=rfc4122`
## Generate a UUID - outputs N UUID(s) separated by new lines in RFC 4122, base 58 or base 32 format
### Generate 1 UUID (defaults from the underlying factory)
`php bin/console uuid:generate`
### Generate 1 time-based UUID now
`php bin/console uuid:generate --time-based=now`
### Generate 1 time-based UUID with a specific timestamp
`php bin/console uuid:generate --time-based="2021-02-02 14:00:00"`
### Generate 1 time-based UUID with a specific node
`php bin/console uuid:generate --time-based=now --node=fb3502dc-137e-4849-8886-ac90d07f64a7`
### Generate 1 name-based UUID (there must be a default namespace in the underlying factory)
`php bin/console uuid:generate --name-based=foo`
### Generate 1 name-based UUID with a specific namespace (overrides the default namespace from the underlying factory)
`php bin/console uuid:generate --name-based=foo --namespace=fb3502dc-137e-4849-8886-ac90d07f64a7`
### Generate 1 random-based UUID
`php bin/console uuid:generate --random-based`
### Generate 2 UUIDs and output their base 58 format
`php bin/console uuid:generate --count=2 --format=base58`
## Inspect a ULID - outputs base32, base58 and RFC 4122 formats of a ULID and its humand readable timestamp if it is time-based
`php bin/console ulid:inspect 01EWAKBCMWQ2C94EXNN60ZBS0Q`
`php bin/console ulid:inspect 1BVdfLn3ERmbjYBLCdaaLW`
`php bin/console ulid:inspect 01771535-b29c-b898-923b-b5a981f5e417`
## Inspect a UUID - outputs RFC 4122, base 58 and base 32 formats of a UUID and its human readable timestamp
`php bin/console uuid:inspect a7613e0a-5986-11eb-a861-2bf05af69e52`
`php bin/console uuid:inspect MfnmaUvvQ1h8B14vTwt6dX`
`php bin/console uuid:inspect 57C4Z0MPC627NTGR9BY1DFD7JJ`
# Register the commands
## YAML
```yaml
# services.yaml
services:
Symfony\Component\Uid\Command\GenerateUlidCommand: ~
Symfony\Component\Uid\Command\GenerateUuidCommand: ~
Symfony\Component\Uid\Command\InspectUlidCommand: ~
Symfony\Component\Uid\Command\InspectUuidCommand: ~
```
## PHP
```php
<?php
// services.php
namespace Symfony\Component\DependencyInjection\Loader\Configurator;
use Symfony\Component\Uid\Command\GenerateUlidCommand;
use Symfony\Component\Uid\Command\GenerateUuidCommand;
use Symfony\Component\Uid\Command\InspectUlidCommand;
use Symfony\Component\Uid\Command\InspectUuidCommand;
return static function (ContainerConfigurator $configurator): void {
$services = $configurator->services()
->defaults()
->autowire()
->autoconfigure();
$services
->set(GenerateUlidCommand::class)
->set(GenerateUuidCommand::class)
->set(InspectUlidCommand::class)
->set(InspectUuidCommand::class);
};
```
Commits
-------
223421b6ca [Uid] Add Generate and Inspect commands
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Add ContainerBuilder::willBeAvailable() to help with conditional configuration
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#40136, fix#39356
| License | MIT
| Doc PR | no need to
Leverages https://github.com/composer/composer/pull/9682 to ignore dev-packages when configuring the container.
Commits
-------
47c471e2c4 [DependencyInjection] Add ContainerBuilder::willBeAvailable() to help with conditional configuration
* 5.2:
[TwigBridge] Install symfony/intl to run tests on Travis
[Translation] Make `name` attribute optional in xliff2
[Security] #[CurrentUser] argument should resolve to null when it is anonymous
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Routing] Construct Route annotations using named arguments
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | Not needed
This PR proposes to bump the `doctrine/annotations` library to 1.12 to gain access to its emulation layer for named arguments. Furthermore, constructing a `Route` annotation the old way by passing an array of parameters is deprecated.
### Reasons for this change
The constructors of our annotation classes have become unnecessarily complicated because we have to support two ways of calling them:
* An array of parameters, passed as first argument, because that's the default behavior `doctrine/annotations`.
* A set of named arguments because that's how PHP 8 attributes work.
Since we can now tell the Doctrine annotation reader to use named arguments as well, we can simplify the constructors of our annotations significantly.
### Drawback
After this change, there is no easy way anymore to construct instances of the `Route` annotation class directly on PHP 7. The PR has been built under the assumption that instances of this class are usually created using either Doctrine annotations or a PHP 8 attribute. Thus, most applications should be unaffected by this change.
Commits
-------
29b0f96046 [Routing] Construct Route annotations using named arguments
This PR was merged into the 5.3-dev branch.
Discussion
----------
Deprecate passing null as $message or $code to exceptions
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Follow-up to #40271.
Following the example of the PHP core, this PR introduces deprecation warnings that are triggered if a developer attempts to pass null as `$code` or `$message` to an exception constructor.
Commits
-------
8e3058d95a Deprecate passing null as $message or $code to exceptions
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] #[CurrentUser] arguments should resolve to null for "anon."
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The UserValueResolver should only resolve `UserInterface` (or subtype) typed arguments:
bc9e946a56/src/Symfony/Component/Security/Http/Controller/UserValueResolver.php (L54-L55)
When using the `#CurrentUser` attribute with an AnonymousToken in the storage, the resolved argument value is `anon.`. This PR fixes it.
/cc @jvasseur
Commits
-------
8d3078dd35 [Security] #[CurrentUser] argument should resolve to null when it is anonymous
* 5.2:
Move github templates at the org level
[Cache] Fix Redis TLS scheme `rediss` for Redis connection
In calls to mb_ functions, silently transform arg into string
Switched to non-null defaults in exception constructors
[Routing] fix conflict with param named class in attribute
[Cache] fix setting items' metadata on commit()
* 4.4:
Move github templates at the org level
[Cache] Fix Redis TLS scheme `rediss` for Redis connection
In calls to mb_ functions, silently transform arg into string
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Handle calls to mb_ functions with non string arguments
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40200
| License | MIT
| Doc PR | no
In PHP8.1, a number of functions who were accepting null arguments will only accept
string ones.
(see https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg)
In the polyfill, mb_* functions are already declared with a strict type checking of "string".
Therefore, it is necessary to get rid of the use of non string arguments when calling mb_* functions,
so that it won't break when either using the polyfill,or future php8 versions.
In every call where the argument may not be a string, this commit enforces the string type of the argument (with transtyping)
--- For reviewers
* I generally don't like transtyping, but found it was the more "secure" way (on a non-BC point of view) here.
Specially in Console/Helper/Table.php, where $cell can be an object (there are 2 "$cell instanceof ... tests)
However, where the argument can already be either null or string (and not anything else), there may a beter approach ?
* It's the first time I send a PR on symfony, so don't hesitate pointing me to thinks I've forgotten to done.
Commits
-------
ac45be2580 In calls to mb_ functions, silently transform arg into string
In PHP8, a number of functions who were accepting null arguments will only accept
string ones.
In the polyfill, mb_* functions are declared with a trict type checking of "string".
Therefore, we deprecate the use of non string arguments, so that it won't break when either using the polyfill,
or future php8 versions.
* 4.4:
Switched to non-null defaults in exception constructors
[Routing] fix conflict with param named class in attribute
[Cache] fix setting items' metadata on commit()
This PR was merged into the 4.4 branch.
Discussion
----------
Switched to non-null defaults in exception constructors
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
PHP 8.1 will trigger a deprecation warning if we pass `null` as `$message` or `$code` to the constructor of `\Exception`. However, many of our own exception accept `null` for those parameters and even use them as default.
This is unfortunate because code like the following snippet would trigger that deprecation although the code itself is perfectly fine:
```php
throw new NotFoundHttpException();
```
With this PR, I'd like to change our defaults to `''` and `0` while still allowing to pass `null` for BC. In a follow-up PR for the 5.x branch, I'd like to deprecate passing `null`, matching the future behavior of PHP.
This PR also adjust various PHPDoc blocks with inaccurate types.
Commits
-------
f8e10094a4 Switched to non-null defaults in exception constructors
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Routing] fix conflict with param named class in attribute
| Q | A
| ------------- | ---
| Branch | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40225
| License | MIT
| Doc PR | -
Fix conflict with AnnotationFileLoader and class PHP8 Attribute with param named "class"
Commits
-------
27bba684d8 [Routing] fix conflict with param named class in attribute
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] allow container/routing configurators to vary by env
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #40215
| License | MIT
| Doc PR | -
Inspired by https://github.com/symfony/webpack-encore/pull/900 and by a chat on Slack with @weaverryan
This aims at allowing conditional configuration, which would allow merging config files in one.
Using the PHP-DSL:
```php
$container
->when(env: 'prod')
->services()
->set(Foo::class)
//...
```
In Yaml:
```yaml
framework:
secret: '%env(APP_SECRET)%'
when@dev:
services:
App\FooForDev: ~
when@test:
framework:
test: true
session:
storage_factory_id: session.storage.mock_file
```
In XML (omitting namespaces):
```xml
<when env="test">
<framework test="true">
<!-- ... -->
</framework>
</when>
```
A similar syntax is also provided for routes, with support for annotations:
`@Route(env="prod")` defines a route that is enabled only on the "prod" env.
Commits
-------
108375b068 [FrameworkBundle] allow container/routing configurators to vary by env
* 5.2:
[Form] Ignoring invalid forms from delete_empty behavior in CollectionType
Add Symfony Armenian Translations
cs fix
Add different header notations to tests
* 4.4:
[Form] Ignoring invalid forms from delete_empty behavior in CollectionType
Add Symfony Armenian Translations
cs fix
Add different header notations to tests
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Form] Ignoring invalid forms from delete_empty behavior in CollectionType
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37660
| License | MIT
| Doc PR | -
As expained on linked issue, empty forms cannot be removed if they are invalid upon submitting (e.g. transformation failures). Thus, form errors can be displayed properly to the end user.
Commits
-------
e4911554e3 [Form] Ignoring invalid forms from delete_empty behavior in CollectionType
This PR was merged into the 4.4 branch.
Discussion
----------
Add Symfony Armenian Translations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40204
| License | MIT
| Doc PR |
Added missing armenian translations for Form components
Commits
-------
d1c3e21eff Add Symfony Armenian Translations
This PR was merged into the 4.4 branch.
Discussion
----------
[BrowserKit] Add different header notations to tests
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#29736
| License | MIT
| Doc PR | -
In the past there was a issue #29736 that the header wasn't processed correctly. To reproduce and prevent this behaviour i extended the tests for this. At the end everything is fine, also in 5.x branch. See bf03d6889d.
Commits
-------
251ce8f924 Add different header notations to tests
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] Add `ConsoleCommand` attribute for declaring commands on PHP 8
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Builds on #39851
On PHP8, this PR will allow using an attribute instead of the public static properties for the name and the description.
```php
#[ConsoleCommand(
name: 'app:my-command',
description: '🌈',
hidden: true,
aliases: ['🌈'],
)]
class MyCommand extends Command
{
}
```
Commits
-------
0cbc9cc672 [Console] Add `ConsoleCommand` attribute for declaring commands on PHP 8
* 5.2:
Stop using deprecated ArrayCache from Doctrine
[EventDispatcher] fix registering subscribers twice on edge-case
[Intl] fix Locale::getFallback() throwing exception on long $locale
* 5.2:
install compatible versions of mongodb/mongodb only
fix taking error message from the correct violation
fix resolving parent/self/static type annotations
[Console] fix QuestionHelper::getHiddenResponse() not working with space in project directory name
[WebLink] Escape double quotes in attributes values
[String] Check if function exists before declaring it
* 4.4:
install compatible versions of mongodb/mongodb only
fix resolving parent/self/static type annotations
[Console] fix QuestionHelper::getHiddenResponse() not working with space in project directory name
[WebLink] Escape double quotes in attributes values
This PR was merged into the 4.4 branch.
Discussion
----------
[PropertyInfo] fix resolving self to name of the analyzed class
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37149
| License | MIT
| Doc PR |
Commits
-------
e9f2ece991 fix resolving parent/self/static type annotations
This PR was merged into the 4.4 branch.
Discussion
----------
[WebLink] Escape double quotes in attributes values
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
If the attribute value contains a double quote, the serialized value is invalid: `</foo>; rel="alternate"; title="foo " bar"`. Ideally we would use `addcslashes` but we can't because users that already pass escaped values would then be impacted.
Commits
-------
7946be2b95 [WebLink] Escape double quotes in attributes values
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[String] Check if function exists before declaring it
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
If you installed a command line tool like `psalm` with composer and then try to run it on a project that included the String component you will get an error like:
> Fatal error: Cannot redeclare Symfony\Component\String\u() (previously declared in /Workspace/symfony/src/Symfony/Component/String/Resources/functions.php:14) in /user/.composer/vendor/symfony/string/Resources/functions.php on line 14
That is because we are loading two installations of the string component.
Commits
-------
cc00e0eb78 [String] Check if function exists before declaring it
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Add `#[Autoconfigure]` to help define autoconfiguration rules
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Being inspired by the discussion with @derrabus in #39776.
This PR allows declaring autoconfiguration rules using an attribute on classes/interfaces, eg:
`#[Autoconfigure(bind: ['$foo' => 'bar'], tags: [...], calls: [...])]`
This should typically be added on a base class/interface to tell *how* implementations of such a base type should be autoconfigured. The attribute is parsed when autoconfiguration is enabled, except when a definition has the `container.ignore_attributes` tag, which allows opting out from this behavior.
As usual, the corresponding rules are applied only to services that have autoconfiguration enabled.
In practice, this means that this enables auto-tagging of all implementations of this interface:
```php
#[Autoconfigure(tags: ['my_tag'])]
interface MyInterface {...}
```
Of course, all auto-configurable settings are handled (calls, bindings, etc.)
This PR adds another attribute: `#[AutoconfigureTag()]`.
It extends `#[Autoconfigure]` and allows for specifically defining tags to attach by autoconfiguration.
The name of the tag is optional and defaults to the name of the tagged type (typically the FQCN of an interface). This should ease with writing locators/iterators of tagged services.
```php
#[AutoconfigureTag()]
interface MyInterface {...}
```
Commits
-------
64ab6a2850 [DependencyInjection] Add `#[Autoconfigure]` to help define autoconfiguration rules
* 5.2:
Ignore indirect deprecation triggered by doctrine/orm
Symfony Armenian Translations
[Translation] Allow using dashes in locale when linting Xliff files
use the right context for properties defined in traits
* 4.4:
Ignore indirect deprecation triggered by doctrine/orm
Symfony Armenian Translations
[Translation] Allow using dashes in locale when linting Xliff files
use the right context for properties defined in traits
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Mailer] AWS SES transport Source ARN header support
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | need help (this part was never mentioned in docs)
AWS SES API has [FromEmailAddressIdentityArn](https://docs.aws.amazon.com/ses/latest/APIReference-V2/API_SendEmail.html#SES-SendEmail-request-FromEmailAddressIdentityArn) field which is necessary for using identities verified by different AWS account.
With this PR I am adding ability to set this field via setting `X-SES-SOURCE-ARN` header.
I've added support for this API field in the same way as it was done before for `X-SES-CONFIGURATION-SET`. It was never documented, but you can use header `X-SES-CONFIGURATION-SET` to set `ConfigurationSetName` API param.
Commits
-------
d7225db7d5 [Mailer] AWS SES transport Source ARN header support
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Framework] Add tag assets.package to register asset packages
Replaces #38366
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#14962
To configure asset packages in an application, we have to declare it in the `framework` configuration ([doc for assets config](https://symfony.com/doc/current/reference/configuration/framework.html#assets)). In some case we cannot use this configuration:
- To use a custom class as package
- To register an asset package in a shared bundle (my use-case).
This PR adds the `assets.package` tag. This tag is use to collect and inject package services into the `assets.packages` service, that is the registry for all packages. Since every package needs a name, the `package` attribute of the tag is used (same naming convention that the `console.command` tag).
Main changes:
- the packages defined in the `framework.assets` configuration are injected into the `assets.packages` using the tag instead of being directly injected in service declaration.
- changed signature of `Symfony\Components\Assets\Packages` constructor to accept an iterator (backward compatible).
- a new alias `assets._default_package` is defined even if assets are not configured.
### Example in `symfony/demo` ([commit](e5e5a8fff0...GromNaN:assets-package-tag)):
In `config/services.yaml`:
```yaml
avatar.strategy:
class: Symfony\Component\Asset\VersionStrategy\JsonManifestVersionStrategy
arguments:
- '%kernel.project_dir%/public/build/manifest.json'
avatar.package:
class: Symfony\Component\Asset\Package
arguments:
- '@avatar.strategy'
- '@assets.context'
tags:
- { name: assets.package, package: avatars }
```
Then we can use the package anywhere
```twig
<img src="{{ asset('anna.jpg', 'avatars') }}">
```
### Alternative using autoconfiguration with a custom class:
With a custom class implementing the `PackageInterface`, the package name can be provided by a the static method `getDefaultPackageName`. Autowiring and autoconfiguration will import the package.
```php
namespace App\Asset;
use Symfony\Component\Asset\PackageInterface;
class AvatarPackage implements PackageInterface
{
public static function getDefaultPackageName(): string
{
return 'avatars';
}
// ... Implements the interface
}
```
Commits
-------
6217ff7b6f [Asset] Add tag assets.package to register asset packages
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Serializer] Allow to provide (de)normalization context in mapping
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39039 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | TODO <!-- required for new features -->
As explained in the linked feature request, this brings the ability to configure context on a per-property basis, using Serializer mapping.
Considering:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' })
*/
public \DateTime $date;
public \DateTime $anotherDate;
}
```
`$date` will be formatted with a specific format, while `$anotherDate` will use the default configured one (or the one provided in the context while calling `->serialize()` / `->normalize()`).
It can also differentiate normalization and denormalization contexts:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context(
* normalizationContext = { DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' },
* denormalizationContext = { DateTimeNormalizer::FORMAT_KEY = \DateTime::COOKIE },
* )
*/
public \DateTime $date;
}
```
As well as act differently depending on groups:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Groups({ "extended" })
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339 })
* @Serializer\Context(
* context = { DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339_EXTENDED },
* groups = {"extended"},
* )
*/
public \DateTime $date;
}
```
The annotation can be repeated as much as you want to handle the different cases.
Context without groups is always applied first, then context for groups are merged in the provided order.
Context provided when calling `->serialize()` / `->normalize()` acts as the defaults for the properties without context provided in the metadata.
XML mapping (see tests) is a lot verbose due to the required structure to handle groups.
Such metadata contexts are also forwarded to name converters, max depth handlers, callbacks, ...
Of course, PHP 8 attributes are also supported:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
#[Serializer\Groups(["extended"])]
#[Serializer\Context([DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339])]
#[Serializer\Context(
context: [DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339_EXTENDED],
groups: ["extended"],
)]
public \DateTime $date;
}
```
The PR should be ready for first batch of reviews / discussions.
- [x] Make Fabbot happy in 5.2
- [x] Missing `@Context` unit tests
- [x] rework xml & phpize values
- [x] Fix lowest build issue with annotations => bumped doctrine annotations to 1.7, as for other components
Commits
-------
7229fa1d8f [Serializer] Allow to provide (de)normalization context in mapping
This PR was merged into the 4.4 branch.
Discussion
----------
[PropertyInfo] use the right context for properties defined in traits
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28732, #34191
| License | MIT
| Doc PR |
Commits
-------
1572491a8a use the right context for properties defined in traits
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Translation] Allow using dashes in locale when linting Xliff files
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fixes#40170
| License | MIT
| Doc PR | n/a
This pull request
* [x] asserts that the `XliffLintCommand` succeeds linting an Xliff file where both the the target language and the locale in the file name use dashes as separators
* [x] adjusts the `XliffLintCommand` to allow using the same value for target language and locale in the corresponding file name
Commits
-------
d106aa3f2d [Translation] Allow using dashes in locale when linting Xliff files
* 5.2:
[Workflow] Re-add InvalidTokenConfigurationException for BC
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
[HttpFoundation] Fix typo in exception message
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
[Worflow] Fixed GuardListener when using the new Security system
keep valid submitted choices when additional choices are submitted
* 4.4:
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
keep valid submitted choices when additional choices are submitted
This PR was merged into the 5.2 branch.
Discussion
----------
[Worflow] Fixed GuardListener when using the new Security system
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39505
| License | MIT
| Doc PR |
Commits
-------
bd26a79461 [Worflow] Fixed GuardListener when using the new Security system
This PR was merged into the 4.4 branch.
Discussion
----------
Fix: Article
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] fixes usages of the indefinite article `a` where `an` should be used instead
Commits
-------
34b320ba97 Fix: Article
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix PHP 8.1 null error for preg_match flag
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since PHP 8.1, `null` is no longer accepted as `$flags` in `preg_match`, default integer `0` value should be used instead.
Commits
-------
52f02e529a [Console] Fix PHP 8.1 null error for preg_match flag
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PasswordHasher] Fix: Use algorithm instead of algo
| Q | A
| ------------- | ---
| Branch? | 5.5
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] renames fields, variables, and parameters using `algos` or `algo` (which appear to be entirely made-up words) to `algorithms` and `algorithm` respectively
Commits
-------
a4dd14b478 Fix: Use algorithm instead of algo
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Deprecate session.storage service
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | TODO
Following the deprecation of `session` service, this PR deprecate other services that contains state: `session.storage`
- `session.storage`
- `session.storage.native`, `session.storage.php_bridge` and `session.storage.mock_file`
- `session.storage.metadata_bag`
Because people can inject / decorate override all these services, providing a migration path like I did with `session` would have been very hard. That's why, I added a new `opt-in` flag:
When people use `framework.session: true` or `framework.session.storage_id` the previous behavior is kept and deprecation are triggered when accessing the services.
But when people use the new `framework.session.storage_factory_id` configuration, the previous services (`session.storage.*`) are deleted (in case people would try to inject the legacy `session.storage*` services and would have expect to manipulate the same objects as the object injected in the session)
Commits
-------
37c591516a Deprecate session.storage
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Extract password hashing from security-core - with proper wording
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#39698
| License | MIT
| Doc PR | todo
This PR renames password "encoders" to password _hashers_ (naming widely used, see e.g. django or laravel).
This also takes the opportunity to extract the logic related to password hashing from security-core, moving it to a new password-hasher component.
Nowadays, many modern web apps and APIs don't deal with passwords at all, that's why splitting makes sense as a step towards making security-core not tied to the password concept.
For upgrading, applications will have to use `passwords_hashers` instead of `encoders` in their security configuration, and type-hint against `PasswordHasherInterface` (and related) instead of `PasswordEncoderInterface`.
The proposed API is not much different from the encoder one regarding behavior and signatures, and it is slightly more close to the PHP built-in password hashing API:
```php
namespace Symfony\Component\PasswordHasher;
interface PasswordHasherInterface
{
public function hash(string $plainPassword): string;
public function verify(string $hashedPassword, string $plainPassword): bool;
public function needsRehash(string $hashedPassword): bool;
}
```
Commits
-------
c5c981c559 [Security] Extract password hashing from security-core - using the right naming
* 5.2:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used
* 4.4:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] Use a lazyIterator to close files descriptors when no longer used
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix#35508
| License | MIT
| Doc PR | -
The `RecursiveDirectoryIterator` class open the file on `__construct`.
Because we Inject an instance of `RecursiveDirectoryIterator` inside the \AppendIterator` class, php opens a lot of file even before iterating on it.
This PR adds a new `LazyIterator` class that instantiate the decorated class only when something starts iterating on it.
When the iteration is over, it unset the variable to close let the decorated class clean things (ie. close the files)
Commits
-------
7117e1a798 Use a lazyintertor to close files descriptors when no longer used
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpFoundation] Fix consistency in sessions not found exceptions
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40112
| License | MIT
| Doc PR | -
Make `Request::getSession` thrown a `SessionNotFoundException` and make `SessionNotFoundException` extends `\BadMethodCallException` for backward compatibility and
Commits
-------
7fcb76d367 Fix consistency in sessions not found exceptions
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Filesystem] Remove dirs atomically if possible
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#27578
| License | MIT
| Doc PR | no need to
Commits
-------
17bccca9c6 [Filesystem] remove dirs atomically if possible
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle][Messenger] Added RouterContextMiddleware
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
When handling a message in async, we, sometimes need the Router Context to generate absolute URL. ie:
- sending an email when the message contains only the template
- generating a PDF
People can use the configuration `router.default_uri` to workaround and fix the issue, but this does not work when the web application servers several domains.
This PR provide a new middleware that store the current router context in a stamp, and restore the context when processing the message.
Commits
-------
8fe8b96921 [Messenger] Added RouterContextMiddleware
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[RateLimiter] Fix sliding_window misbehaving with stale records
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Currently the SlidingWindow RateLimiter returns a negative value for getHitCount if the previous SlidingWindow was too long ago. This results in a really high value from `SlidingWindowLimiter::getAvailableTokens()` which is higher than the configured limit.
This limits the value of percentOfCurrentTimeframe in `SlidingWindow::getHitCount()` to 1 so it can't result in a negative hitcount.
The 2nd fix fixes the SlidingWindow instance (essentially) not storing hits if the previous instance is way in the past, as the next instance will still be "in the past". This causes RateLimit to behave as if it were disabled until it has caught up again, which could take a long time when it is configured with a small window size.
Commits
-------
57033164c6 [RateLimiter] Fix sliding_window misbehaving with stale records
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Notifier] [Firebase] Add data field to options
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/40078
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
The Firebase Notifier must comply to the specifications at https://firebase.google.com/docs/cloud-messaging/xmpp-server-ref.html#notification-payload-support .
The options are missing the `data` field which is a common field for all types of notifications: web, ios and android.
Commits
-------
fa8064bbd3 [Notifier] [Firebase] Add data field to options
* 5.2:
[HttpKernel] fix transient test
[FrameworkBundle] Fix freshness checks with boolean parameters on routes
forward the label_html option to expanded choice fields
[FrameworkBundle] fix registering "annotations.cache" on the "container.hot_path"
Add some information about the username in CONTRIBUTORS
* 4.4:
[HttpKernel] fix transient test
[FrameworkBundle] Fix freshness checks with boolean parameters on routes
[FrameworkBundle] fix registering "annotations.cache" on the "container.hot_path"
Add some information about the username in CONTRIBUTORS
* 5.2:
merge translation parameters with value configured for parent form
scan directories for translations sequentially
Fix kafka tests
Fix "provide" declarations
Provide implemented packages of replaced dependencies
Always autoload string functions on symfony/symfony
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DoctrineBridge] Make subscriber and listeners prioritizable
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#28090
| License | MIT
| Doc PR | -
handle Doctrine's eventSubscriber and eventListener priority (listener exposed by the eventSubscriber will have the same priority than the eventListener)
Commits
-------
14a613b5e0 Make subscriber and listeners prioritizable
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] [Kernel] Silence failed deprecations logs writes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
When `->buildContainer()` throws because the cache directory cannot be created, we still try to write the deprecations logs inside the cache directory. In this case, the final exception is `Warning: file_put_contents(/app/var/cache/dev/App_KernelDevDebugContainerDeprecations.log): failed to open stream: No such file or directory` instead of `Unable to create the "cache" directory (/app/var/cache/dev).`.
Alternative:
```php
try {
// ...
} catch (\RuntimeException $e)
} finally {
if (isset($e)) {
throw $e;
}
// ...
}
```
Commits
-------
b7100b6909 [HttpKernel] [Kernel] Silence deprecations logs writes
This PR was merged into the 4.4 branch.
Discussion
----------
Allow psr/cache v3 but on symfony/cache
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Consumers of PSR-6 are compatible with v1|2|3.
Implementations aren't until they add explicit return types, which is not possible without a BC break.
Commits
-------
bf23c44a07 Allow psr/cache v3 but on symfony/cache
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpKernel] Show full URI when route not found
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? |no
| New feature? | yes
| Deprecations? | no
| License | MIT
When accessing a route that does not exist, Symfony throws a `NotFoundHttpException` that says `No route found for "POST /path"`.
On some projects this might be good enough to find the root cause, but on projects that have lots of routes on different hosts, it becomes hard to understand how the request was initiated. Was it done over HTTP or HTTPS? What was the hostname? Did the user specify a port?
To make this easier, we now show the full URI of the path, like this: `No route found for "POST https://www.symfony.com/path"`.
Commits
-------
6f5c9ab80b Show full URI when route not found
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] Setting `REQUEST_TIME_FLOAT` when constructing a Request object
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38019
| License | MIT
| Doc PR | -
When creating a new Request object `REQUEST_TIME_FLOAT` was not set by default.
Replaces broken 39952 PR :(
Commits
-------
c52c1e0b9b [HttpFoundation] Setting `REQUEST_TIME_FLOAT` when constructing a Request object
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PhpUnitBridge] Add SYMFONY_PHPUNIT_REQUIRE env variable
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#39387
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/14913
As discussed on #39387, this PR adds a new `SYMFONY_PHPUNIT_REQUIRE` env variable to add packages to the phpunit bridge installation. This is useful for adding phpunit plugins (ie: https://github.com/phpspec/prophecy-phpunit) without having to add them directly to the main app composer.json.
On my `phpunit.xml.dist` file I can now add
```xml
<server name="SYMFONY_PHPUNIT_REQUIRE" value="phpspec/prophecy-phpunit"/>
```
And the `phpspec/prophecy-phpunit` will be installed along the rest of the phpunit packages
Commits
-------
94e1d877eb Add SYMFONY_PHPUNIT_REQUIRE env variable Fixes#39387
This PR was merged into the 5.3-dev branch.
Discussion
----------
Updated README.md
fixed typo in url
| Q | A
| ------------- | ---
| Branch? | 5.x for features / 4.4, 5.1 or 5.2 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Commits
-------
309d2ac5f5 Update README.md
* 5.2:
[SecurityBundle] role_names variable instead of roles
[PhpUnitBridge] fix reporting deprecations when they come from DebugClassLoader
Fix Request with DNS issue not retried
Bump Symfony version to 5.2.4
Update VERSION for 5.2.3
Update CHANGELOG for 5.2.3
[ErrorHandler] fix parsing return types in DebugClassLoader
[ErrorHandler] fix handling messages with null bytes from anonymous classes
Restore priority for eventSubscribers
This PR was merged into the 5.2 branch.
Discussion
----------
Fix Request with DNS issue not retried
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix #
| License | MIT
| Doc PR | -
When the client failed to resolve the DNS, the RetryableHttpClient should retry the request. But because `$chunk->isLast()` is used later, the original exception is thrown.
/cc @nikophil
Commits
-------
216abd0307 Fix Request with DNS issue not retried
* 4.4:
[SecurityBundle] role_names variable instead of roles
[PhpUnitBridge] fix reporting deprecations when they come from DebugClassLoader
[ErrorHandler] fix parsing return types in DebugClassLoader
[ErrorHandler] fix handling messages with null bytes from anonymous classes
Restore priority for eventSubscribers
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] role_names variable instead of roles
replaced the roles variable with role_names in order to fix cache warming
introduced @ d64372df8c
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40087
| License | MIT
| Doc PR | symfony/symfony-docs#14923
Commits
-------
58bb614abd [SecurityBundle] role_names variable instead of roles
This PR was merged into the 4.4 branch.
Discussion
----------
[Doctrine] Restore priority for EventSubscribers
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix#40031
| License | MIT
| Doc PR | -
Since #39990, lazy subscribers are called AFTER listeners (which is the opposite of previous implementation).
This PR restore the previous behavior.
Note: ordered subscribers is implemented in #39978 but is considered as a new feature.
Commits
-------
94eac1b83f Restore priority for eventSubscribers
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] fix parsing return types in DebugClassLoader
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In 5.3, we might want to make `SYMFONY_PATCH_TYPE_DECLARATIONS=deprecations=1` the default, so that ppl know when they're missing some return types when they inherit some classes from vendors. This would fix https://github.com/orgs/symfony/projects/1#card-30856423
On 4.4, we have to disable this mode of reporting until these PRs are merged:
- https://github.com/twigphp/Twig/pull/3481
- https://github.com/doctrine/collections/pull/269
- https://github.com/predis/predis/pull/678
Commits
-------
58e32b3c2a [ErrorHandler] fix parsing return types in DebugClassLoader
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] fix handling messages with null bytes from anonymous classes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
PHP truncates error messages at null bytes before calling userland error handlers (known behavior in PHP, marked as "won't fix".)
This doesn't play well with anonymous classes.
This PR works around the issue by getting the message from the stack trace.
Commits
-------
ac94746dc7 [ErrorHandler] fix handling messages with null bytes from anonymous classes
This PR was merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] fix reporting deprecations when they come from DebugClassLoader
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Best reviewed [ignoring whitespaces](https://github.com/symfony/symfony/pull/40067/files?w=1).
Commits
-------
6a4312deac [PhpUnitBridge] fix reporting deprecations when they come from DebugClassLoader
* 5.2:
Streamline dataproviders
fix validator when we have a false current element
[Mailer][Mime] Fix case-sensitive handling of header names
[Mime] Fix case-sensitive handling in Headers::isUniqueHeader()
[Messenger] Fix Doctrine setup when using a migration
[yaml] Delelte unused comparison operation
* 4.4:
Streamline dataproviders
fix validator when we have a false current element
[Mime] Fix case-sensitive handling in Headers::isUniqueHeader()
[yaml] Delelte unused comparison operation
This PR was merged into the 4.4 branch.
Discussion
----------
fix validator when we have false returned by the current element of the iterator
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40057
| License | MIT
Commits
-------
a9e9359581 fix validator when we have a false current element
This PR was merged into the 4.4 branch.
Discussion
----------
Streamline dataproviders
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
No need to create extra PR's on other branches, no more occurrences 👍
Commits
-------
025079b051 Streamline dataproviders
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Mailer][Mime] Fix case-sensitive handling of header names
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39953
| License | MIT
| Doc PR | -
Fixes case-sensitive handling of header names in "Mime" and "Mailer" component, more in the [ticket](https://github.com/symfony/symfony/issues/39953).
Commits
-------
d563c846f6 [Mailer][Mime] Fix case-sensitive handling of header names
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DoctineBridge] Remove UuidV*Generator classes
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
There is no benefit in using these classes over creating the UUIDs inline.
Let's keep things simple.
For `UlidGenerator`, I'm keeping it as it will provide something useful once #39507 and https://github.com/doctrine/DoctrineBundle/pull/1284 are finished.
Commits
-------
3c296bd2f5 [DoctineBridge] Remove UuidV*Generator
When accessing a route that does not exist, Symfony throws a `NotFoundHttpException` that says `No route found for "POST /path"`.
On some projects this might be good enough to find the root cause, but on projects that have lots of routes on different hosts, it becomes hard to understand how the request was initiated. Was it done over HTTP or HTTPS? What was the hostname? Did the user specify a port?
To make this easier, we now show the full URI of the path, like this: `No route found for "POST https://www.symfony.com/path"`.
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Console] Add bright colors to console.
| Q | A
| ------------- | ---
| Branch? | 5.x <!-- see below -->
| Bug fix? |no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? |no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39869 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#14884 <!-- required for new features -->
Add the "bright" ANSI colours to symfony/console. This adds ANSI escape codes 90-97 and 100-107.
<!--
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Commits
-------
dbb94524ba [Console] Add bright colors to console.
* 5.2:
Use createMock() instead of a getter
[ErrorHandler] Fix strpos error when trying to call a method without a name
use proper keys to not override appended files
take into account all label related options
Fix console logger according to PSR-3
* 4.4:
Use createMock() instead of a getter
[ErrorHandler] Fix strpos error when trying to call a method without a name
use proper keys to not override appended files
Fix console logger according to PSR-3
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix console logger according to PSR-3
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39050, #29138
| License | MIT
`Symfony\Component\HttpKernel\EventListener\ErrorListener` logs non-HTTP exceptions at `LogLevel::CRITICAL`.
`Symfony\Component\Messenger\Worker` logs unrecoverable exceptions at `LogLevel::CRITICAL`.
`Symfony\Component\Console\EventListener\ErrorListener` logs exceptions at `LogLevel::ERROR`.
As per PSR-3, unexpected and unrecoverable exceptions should be logged at `LogLevel::CRITICAL`.
Commits
-------
69fcd075eb Fix console logger according to PSR-3
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Use createMock() instead of a getter
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
Before I go on, are you interested in such change @nicolas-grekas ?
Commits
-------
9629dafa66 Use createMock() instead of a getter
This PR was merged into the 5.2 branch.
Discussion
----------
[TwigBridge] take into account all label related options
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40007
| License | MIT
| Doc PR |
Commits
-------
adb0fd1c7d take into account all label related options
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] use proper keys to not override appended files
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40022
| License | MIT
| Doc PR |
Commits
-------
036c8d71fd use proper keys to not override appended files
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Fix strpos error when trying to call a method without a name
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None (direct fix)
| License | MIT
| Doc PR | None
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
When running the following code:
```php
class Foo
{
// Some code here
}
$str = ''; // this should not happen, but for some reason, it did.
$foo->{$str}();
```
a fatal error occurs because the method name to execute is empty, but Symfony's error enhancer fails to parse it:
![Error screenshot](https://user-images.githubusercontent.com/7600265/106108704-ec019b80-6148-11eb-82bc-f7801e30fea4.png)
In this PR, I propose a fix with a more clear error to inform the developer about what happened.
Commits
-------
66be87bffc [ErrorHandler] Fix strpos error when trying to call a method without a name
This PR was merged into the 5.2 branch.
Discussion
----------
[Uid] Fix time to float conversion
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
On 32b systems, when the timestamp is before the UNIX epoch, the result is currently shifted by 1. Inverting all the bits is not enough, we need to add 1. I guess https://en.wikipedia.org/wiki/Two%27s_complement is relevant here?
Alternative:
```php
$time = -1 * self::toBase(self::add($time ^ "\xff\xff\xff\xff\xff\xff\xff\xff", "\x00\x00\x00\x00\x00\x00\x00\x01"), self::BASE10);
```
Commits
-------
9680a27246 [Uid] Fix time to float conversion
* 5.2:
Replace "branch-version" by "versions" in composer.json
Bump Symfony version to 5.2.3
Update VERSION for 5.2.2
Update CHANGELOG for 5.2.2
Bump Symfony version to 4.4.20
Update VERSION for 4.4.19
Update CONTRIBUTORS for 4.4.19
Update CHANGELOG for 4.4.19
Use import instead of FQCN
* 4.4:
Replace "branch-version" by "versions" in composer.json
Bump Symfony version to 4.4.20
Update VERSION for 4.4.19
Update CONTRIBUTORS for 4.4.19
Update CHANGELOG for 4.4.19
This PR was merged into the 4.4 branch.
Discussion
----------
Replace "branch-version" by "versions" in composer.json
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Accommodates for https://github.com/composer/composer/pull/9637
Commits
-------
b40e71f096 Replace "branch-version" by "versions" in composer.json
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Use createMock() and use import instead of FQCN
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
Commits
-------
e7e61ee551 Use createMock() and use import instead of FQCN
* 5.2:
Fix transient tests
Fix class resolution in Doctrine EventListenerPass
[SecurityBundle] Fix referencing aliases from RegisterEntryPointPass
[Serializer] Fix tests marked as incomplete
propagate the object being validated to sub-constraints
[Translator] fix handling plural for floating numbers
fix redis messenger options with dsn
Update ConsoleEvents.php
allow Doctrine persistence 2 too
[Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64
add doctrine/persistence as a dev requirement
Exclude non-initialized properties accessed with getters
* 5.1:
Fix transient tests
Fix class resolution in Doctrine EventListenerPass
[Serializer] Fix tests marked as incomplete
propagate the object being validated to sub-constraints
[Translator] fix handling plural for floating numbers
fix redis messenger options with dsn
Update ConsoleEvents.php
allow Doctrine persistence 2 too
[Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64
add doctrine/persistence as a dev requirement
Exclude non-initialized properties accessed with getters
* 4.4:
Fix transient tests
Fix class resolution in Doctrine EventListenerPass
[Serializer] Fix tests marked as incomplete
[Translator] fix handling plural for floating numbers
fix redis messenger options with dsn
Update ConsoleEvents.php
allow Doctrine persistence 2 too
[Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64
add doctrine/persistence as a dev requirement
Exclude non-initialized properties accessed with getters
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] Exclude non-initialized properties accessed with getters
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | no <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Allow to serialize
```php
final class Php74DummyPrivate
{
private string $uninitializedProperty;
private string $initializedProperty = 'defaultValue';
public function getUninitializedProperty(): string
{
return $this->uninitializedProperty;
}
public function getInitializedProperty(): string
{
return $this->initializedProperty;
}
}
```
Similar to #34791
Commits
-------
da9100320e Exclude non-initialized properties accessed with getters
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Command cache:pool:clear warns and fails when one of the pools fails to clear
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | fix#39890
| License | MIT
| Doc PR | -
Throw an exception when clear cache fails
Commits
-------
fc6424a0a2 Throw exception when clear failed
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] Fix tests wrongly marked as incomplete
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
https://github.com/symfony/symfony/pull/30907 has been merged meanwhile.
Commits
-------
e632302004 [Serializer] Fix tests marked as incomplete
This PR was merged into the 5.1 branch.
Discussion
----------
[Validator] propagate the object being validated to nested constraints
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39145
| License | MIT
| Doc PR |
Commits
-------
8c1bac90aa propagate the object being validated to sub-constraints
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Translator] fix handling plural for floating numbers
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30215
| License | MIT
Commits
-------
533cd7ef6c [Translator] fix handling plural for floating numbers
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33913
| License | MIT
| Doc PR | -
Replaces #33920
When using the Doctrine transport, sending emails with binary attachments currently requires a custom Messenger serializer because the "body" column is created for UTF-8 only.
In #33920, it is proposed to change the TEXT type to a BLOB. It leaves at least one problem unhandled: the conversion of existing messenger tables.
This PR takes a more conservative approach, by encoding messages to base 64, only if they are non-UTF8.
Compatibility with the existing format is preserved.
The drawback of this approach is that the size of eg email attachments is going to increase by 33% because of the extra encoding. I think this drawback is acceptable for 4.4, and that this PR is the most pragmatic way to make attachments just work.
Commits
-------
6fc9e51722 [Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Add notifier for Clickatell
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
Add notifier bridge for Clickatell
Commits
-------
c508732e95 [Notifier] Add notifier for Clickatell
This PR was merged into the 5.1 branch.
Discussion
----------
Changed private static array-properties to const (5.1)
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
This continues #39959 for 5.1
Just a few newly introduced readonly static array-properties.
/cc @nicolas-grekas
Commits
-------
f891fb2e5e Changed private static array-properties to const static properties newly introduced in 5.1
* 5.2:
[Uid] fix checking for valid UUIDs
[Validator] Fix DebugCommand
check parent types for label_format and translation_domain
[HttpKernel] Configure the ErrorHandler even when it is overriden
Allow relative path to composer cache
[RateLimiter] Fix infinite values with NoLimiter
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Check for MercureBundle in MercureTransportFactory
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
https://github.com/symfony/symfony/pull/39903 has removed the check for `MercureBundle` from the `FrameworkExtension`.
The following PR is re-adding that check but in the `MercureTransportFactory` class.
Commits
-------
49bbbc1ed5 [Notifier] Check for MercureBundle in Factory
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Randomize CSRF token to harden BREACH attacks
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
This PR randomize the CSRF token in each request in order to hardening the [BREACH attack](https://en.wikipedia.org/wiki/Cross-site_request_forgery)
Commits
-------
8b01095933 Randomize CSRF token to harden BREACH attacks
This PR was merged into the 5.2 branch.
Discussion
----------
[RateLimiter] Fix infinite values with NoLimiter
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39899
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
See #39899. I don't find any solution to convert `\INF` constant (which is a float value) to an integer.
Commits
-------
4f9eedfcf7 [RateLimiter] Fix infinite values with NoLimiter
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Validator] Fix DebugCommand
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Commits
-------
1eb13767fc [Validator] Fix DebugCommand
This PR was merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] Allow relative path to composer cache
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix#37652
| License | MIT
| Doc PR | -
When users defines a relative path in the `COMPOSER_CACHE_DIR` env variable,
The `simple-phpunit` code, by changing the directory (with `chdir`), give to composer a different context. At the end, composer stores its cache inside the `vendor/bin/.phpunit` folder, and inside the `vendor/bin/.phpunit/phpunit-X.Y.Z` folder.
This PR convert the relative path provided by the user into Absolute path.
Commits
-------
cde0ffdc83 Allow relative path to composer cache
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] Configure the ErrorHandler even when it is overriden
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Fixes the part of https://github.com/getsentry/sentry-symfony/issues/421 that is about `DebugHandlersListener`.
Commits
-------
31817b48e2 [HttpKernel] Configure the ErrorHandler even when it is overriden
* 5.2:
fix test
"export-ignore" contracts and phpunit-bridge
[Console][Command] Fix Closure code binding when it is a static anonymous function
Use class const in test
[Security] [HttpFoundation] Use class const in test
[Notifier] [OvhCloud] “Invalid signature” for message with slashes
Remove wrong test
[PropertyInfo] Fix breaking change with has*(arguments...) methods
[Uid] Unable to extend Uuid/Ulid and use fromString()
Fix typo in property name
* 5.1:
"export-ignore" contracts and phpunit-bridge
[Console][Command] Fix Closure code binding when it is a static anonymous function
Use class const in test
[Security] [HttpFoundation] Use class const in test
[PropertyInfo] Fix breaking change with has*(arguments...) methods
This PR was merged into the 5.1 branch.
Discussion
----------
[PropertyInfo] Fix breaking change with has*(arguments...) methods
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39885
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Until 5.0:
```php
class Dummy
{
private $elements;
public function hasElement($element): bool
{
// ...
}
}
$extractor = new ReflectionExtractor();
$extractor->isReadable('Dummy', 'element'); // false
```
After 5.0:
```php
class Dummy
{
private $elements;
public function hasElement($element): bool
{
// ...
}
}
$extractor = new ReflectionExtractor();
$extractor->isReadable('Dummy', 'element'); // true => BREAKING CHANGE
```
Commits
-------
37cc16e3d8 [PropertyInfo] Fix breaking change with has*(arguments...) methods
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] [Command] Fix Closure code binding when it is a static anonymous function
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I'm building a single command application and I did:
```php
->setCode(static function (InputInterface $input, OutputInterface $output): void {
// my code
})
```
and it results in a warning `Cannot bind an instance to a static closure` + an exception `You must override the execute() method in the concrete command class.` I guess we should silently fail here if the Closure is not bindable.
Commits
-------
18d426871e [Console][Command] Fix Closure code binding when it is a static anonymous function
This PR was merged into the 5.1 branch.
Discussion
----------
Use class const in test
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
super minor, same as #39930, but for `5.1`
I will finish this PR after #39930 is merged and upmerged
Commits
-------
4a98eeecdc [Security] [HttpFoundation] Use class const in test
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Notifier] [OvhCloud] “Invalid signature” for message with slashes
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39836 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
Test to show issue of invalid signature when message contains slash.
Commits
-------
9f01fb84b7 [Notifier] [OvhCloud] “Invalid signature” for message with slashes
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Fix HttpClient TransportException handling
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Right now, when exceptions are coming from HttpClient component, we always assume that there is a response and use it to throw a Notifier's `TransportException`.
But with this approach, `TransportExceptionInterface` and `DecodingExceptionInterface` aren't handled properly because they aren't containing a response at all.
This PR fix the exception handling when such exceptions are thrown.
Commits
-------
bb32beb488 [Notifier] Fix HttpClient TransportException handle
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] add option `--short` to the `list` command
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR is a follow up of https://github.com/symfony/symfony/pull/39851, triggered by @wouterj's comment at https://github.com/symfony/symfony/pull/39851#pullrequestreview-572147186.
This new option should enable creating fast shell auto-completion, by allowing the `list` command to run fast.
Commits
-------
81d5728f4a [Console] add option `--short` to the `list` command
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] do not fail when MercureBundle is not installed
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
8cdbdcb1c9 do not fail when MercureBundle is not installed
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] enable describing commands in ways that make the `list` command lazy
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33804
| License | MIT
| Doc PR | -
This PR improves the way one can describe a command so that the `list` command can be made lazy:
- when provided using the `$defaultName` property or the `console.command` tag, the name of a command is now exploded using the `|` character. The first name in the list defines the name of the command, the other ones its aliases. When the first name is the empty string, the second name is used instead, and the command is declared as hidden.
- a new `$defaultDescription` static property and a new `description` tag attribute allow for defining the commands' description while registering them.
Together, this is enough to make the `list` command lazy, because this command only accesses each command's name, aliases, hidden-status, and description.
On the implementation side, this PR adds a `LazyCommand` class that proxies regular commands to make them lazy for the target purpose.
This PR will enable support for attributes for configuring a command name+description+etc.
e.g. using the concepts in #39804:
`#[CommandAutoTag(name: 'foo:bar', desc: 'boo', hidden: true)]#`
The attribute could very well split the `hidden` and `aliases` settings apart - while the underlying code and pre-PHP8 apps would use the compact form, because dealing with many static properties + methods would be a maintenance pain imho.
Commits
-------
8a1a1b8171 [Console] enable describing commands in ways that make the `list` command lazy
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Notifier] Add mercure bridge
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36481
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/14840
Add a Notifier bridge for Mercure.
In this PR, Mercure is considered as a chatter (I'm still wondering if it's the most appropriate type).
The first approach for the DSN is `mercure://jwtToken@host:port/hubPath?topic=/foo/1&secure=false` with:
- `topic` optional (defaults to `null`)
- `secure` optional (defaults to `true`)
I'm not sure about the current way to deal with http/https. Maybe we can just replace the `mercure` scheme by `http|https`?
The notification representation is following [Activity Streams](https://www.w3.org/TR/activitystreams-core/#jsonld)
#SymfonyHackday
Commits
-------
19c6544f42 [Notifier] Add mercure bridge