This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] compatibility with older Form component versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15711
| License | MIT
| Doc PR |
Commits
-------
01ad767 compatibility with older Form component versions
This PR was squashed before being merged into the 2.8 branch (closes#15738).
Discussion
----------
Implement service-based Resource (cache) validation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7230, #15692, #7782
| License | MIT
| Doc PR | symfony/symfony-docs#5136
### Overview
Currently, any metadata passed to `ConfigCache` (namely implementations of `ResourceInterface`) is serialized to disk. When the `ConfigCache` is validated, the metadata is unserialized and queried through `ResourceInterface::isFresh()` to determine whether the cache is fresh. That way, `ResourceInterface` implementations cannot interact with services, for example a database connection.
This PR introduces the new concept of `ResourceCheckers`. Services implementing `ResourceCheckerInterface` can be tagged as `config_cache.resource_checker` with an optional priority.
Clients that wish to use `ConfigCache` can then obtain an instance from the `config_cache_factory` service (which implements `ConfigCacheFactoryInterface`). The factory will take care of injecting resource checkers into the `ConfigCache` instance so that they can be used for cache validation.
Checking cache metadata is easy for `ResourceCheckers`:
* First, the `ResourceCheckerInterface::supports()` implementation is passed the metadata object in question. If the checker cannot handle the type of resource passed, `supports()` should return `false`.
* Otherwise, the `ResourceCheckerInterface::isFresh()` method will be called and given the resource as well as the timestamp at which the cache was initialized. If that method returns `false`, the cache is considered stale. If it returns `true`, the resource is considered unchanged and will *not* be passed to any additional checkers.
### BC and migration path
This PR does not (intend to) break BC but it comes with deprecations. The main reason is that `ResourceInterface` contains an `isFresh()` method that does not make sense in the general case of resources.
Thus, `ResourceInterface::isFresh()` is marked as deprecated and should be removed in Symfony 3.0. Resource implementations that can (or wish to) be validated in that simple manner can implement the `SelfCheckingResourceInterface` sub-interface that still contains (and will keep) the `isFresh()` method. The change should be as simple as changing the `extends` list.
Apart from that, `ResourceInterface` will be kept as the base interface for resource implementations. It is used in several `@api` interfaces and thus cannot easily be substituted.
For the Symfony 2.x series, a `BCResourceInterfaceChecker` will be kept that performs validation through `ResourceInterface::isFresh()` but will trigger a deprecation warning. The remedy is to either implement a custom ResourceChecker with a priority higher than -1000; or to switch to the aforementioned `SelfCheckingResourceInterface` which is used at a priority of -990 (without deprecation warning).
The `ConfigCache` and `ConfigCacheFactory` classes can be used as previously but do not feature checker-based cache validation.
### Outlook and closing remarks:
This PR supersedes #7230, #15692 and works at least in parts towards the goal of #7176.
The `ResourceCheckerInterface`, `...ConfigCache` and `...ConfigCacheFactory` no longer need to be aware of the `debug` flag. The different validation rules applied previously are now just a matter of `ResourceChecker` configuration (i. e. "no checkers" in `prod`).
It might be possible to remove the `debug` flag from Symfony's `Router` and/or `Translator` classes in the future as well because it was only passed on to the `ConfigCache` there.
Commits
-------
20d3722 Implement service-based Resource (cache) validation
* 2.8: (29 commits)
Updating AbstractVoter so that the method receives the TokenInterface
Adding the necessary files so that Guard can be its own installable component
Fix syntax in a test
Normalize the way we check versions
Avoid errors when generating the logout URL when there is no firewall key
Removing unnecessary override
fabbot
Adding a new exception and throwing it when the User changes
Fixing a bug where having an authentication failure would log you out.
Tweaks thanks to Wouter
Adding logging on this step and switching the order - not for any huge reason
Adding a base class to assist with form login authentication
Allowing for other authenticators to be checked
meaningless author and license changes
Adding missing factory registration
Thanks again fabbot!
A few more changes thanks to @iltar
Splitting the getting of the user and checking credentials into two steps
Tweaking docblock on interface thanks to @iltar
Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
...
Conflicts:
UPGRADE-2.8.md
src/Symfony/Bridge/Twig/Tests/Node/DumpNodeTest.php
src/Symfony/Bundle/FrameworkBundle/Command/ServerCommand.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractComparisonValidatorTestCase.php
src/Symfony/Component/Validator/Tests/Constraints/IdenticalToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/RangeValidatorTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
New Guard Authentication System (e.g. putting the joy back into security)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more
| License | MIT
| Doc PR | symfony/symfony-docs#5265
Hi guys!
Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot.
### How it works
With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of.
For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple.
This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45
I've also tested with "remember me" and "switch user" - no problems with either.
I hope you like it :).
### What's Needed
1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases.
2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky.
### Deprecations?
This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication.
Thanks!
Commits
-------
a01ed35 Adding the necessary files so that Guard can be its own installable component
d763134 Removing unnecessary override
e353833 fabbot
dd485f4 Adding a new exception and throwing it when the User changes
302235e Fixing a bug where having an authentication failure would log you out.
396a162 Tweaks thanks to Wouter
c9d9430 Adding logging on this step and switching the order - not for any huge reason
31f9cae Adding a base class to assist with form login authentication
0501761 Allowing for other authenticators to be checked
293c8a1 meaningless author and license changes
81432f9 Adding missing factory registration
7a94994 Thanks again fabbot!
7de05be A few more changes thanks to @iltar
ffdbc66 Splitting the getting of the user and checking credentials into two steps
6edb9e1 Tweaking docblock on interface thanks to @iltar
d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant
c73c32e Thanks fabbot!
6c180c7 Adding an edge case - this should not happen anyways
180e2c7 Properly handles "post auth" tokens that have become not authenticated
873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
a0bceb4 adding Guard tests
05af97c Initial commit (but after some polished work) of the new Guard authentication system
330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
This PR was merged into the 3.0-dev branch.
Discussion
----------
[HttpKernel] Add better error message when controller action isn't callable
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
In the `ControllerResolver`, if a controller isn't callable, try to give a better description of what went wrong
Commits
-------
e0e19f6 Add better error message when controller action isn't callable
This PR was squashed before being merged into the 2.8 branch (closes#15861).
Discussion
----------
Avoid errors when generating the logout URL when there is no firewall key
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15853
| License | MIT
| Doc PR | -
Commits
-------
a811912 Avoid errors when generating the logout URL when there is no firewall key
* 2.8:
Added the right revision date for status code registry
[Config] Fix enum default value in Yaml dumper
fixed typo.
[Translation][File dumper] allow get file content without writing in file.
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[DomCrawler] Optimize the regex used to find namespace prefixes
[VarDumper] Add EnumStub for dumping virtual collections with casters
[Finder] Deprecate adapters and related classes
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
[WebProfilerBundle] added btn-link.
Remove duplication of the handling of regex filters in the Finder
Default to stderr for console helpers (only merge if #15794 gets merged)
Conflicts:
src/Symfony/Component/Console/Tests/Helper/LegacyProgressHelperTest.php
src/Symfony/Component/EventDispatcher/EventDispatcher.php
src/Symfony/Component/VarDumper/Tests/CliDumperTest.php
src/Symfony/Component/VarDumper/Tests/HtmlDumperTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] fixed cursor as pointer when hovering over link.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | ~
| Tests pass? | yes
| License | MIT
Commits
-------
ac7591f [WebProfilerBundle] added btn-link.
* 2.8:
[Finder] Fix recursive filter iterator
[Translator][FileDumper] deprecated format method in favor of formatCatalogue.
bug #15811 use of twig deprecated sameas test
Improve the structure of the Finder testsuite
Remove minimum width for web profiler content view
[VarDumper] Fix HtmlDumper constructor calling CliDumper's
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Validate the extended type for lazy-loaded type extensions
Exclude files based on path before applying the sorting
fixed composer.json
[Console] fix phpdoc of DialogHelper
[Translation][Dumper] added XLIFF 2.0 support.
[XLIFF 2.0] added support for target attributes.
apply some fixes.
update changelog.
[Translation][Loader] added XLIFF 2.0 support.
Allowed extensions to inline compiler passes
Conflicts:
UPGRADE-2.8.md
src/Symfony/Component/Console/Helper/DialogHelper.php
src/Symfony/Component/Form/composer.json
* 2.8: (31 commits)
[DomCrawler] Invalid uri created from forms if base tag present
[VarDumper] Add caster for OuterIterator objects
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
Use stderr by default when a specific output is not injected
fixed bad merge
[Debug] Fix case mismatch detection
[HttpKernel] Add entry point to more easily create/configure the DI extension
[DX] Added a logout link in the security panel of the web debug toolbar
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
fixed CS
removed non-working tests
[WIP] #15502 Make template shortcuts be usable without Templating component
Redesigned the Symfony Profiler
[Yaml] Fix the parsing of float keys
Make the exception output visible even in quiet mode, fixes#15680
Convert Output::write's type to an options arg where verbosity can be passed in as well
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
...
* 2.7:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
Use stderr by default when a specific output is not injected
[Debug] Fix case mismatch detection
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
[HttpKernel] fix DumpDataCollector compat with Twig 2.0
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[Translator][warmup][fallback locales] fixed missing cache file generation.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
* 2.3:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
This PR was squashed before being merged into the 2.8 branch (closes#14378).
Discussion
----------
[DX] Added a logout link in the security panel of the web debug toolbar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While developing applications, it's common to login/logout users continuously to test security features. I usually type `/logout` in the URL, but this is boring and, depending on the application, not always works.
This PR adds a small *Logout* link in the security panel when you are logged in the application:
![logged](https://cloud.githubusercontent.com/assets/73419/7184976/6c66831a-e460-11e4-86a9-eb5a48c9aa4c.png)
Anonymous users won't see anything:
![anonymous](https://cloud.githubusercontent.com/assets/73419/7184982/74a95b60-e460-11e4-8b35-72d8336355fb.png)
Commits
-------
192523a [DX] Added a logout link in the security panel of the web debug toolbar
This PR was squashed before being merged into the 2.8 branch (closes#15620).
Discussion
----------
[WIP] #15502 Make template shortcuts be usable without Templating component
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #15502
| License | MIT
| Doc PR | -
Commits
-------
d547ec0 [WIP] #15502 Make template shortcuts be usable without Templating component
This PR was merged into the 2.3 branch.
Discussion
----------
[framework-bundle] Add Test for TranslationUpdateCommand
Added the test script as per the discussion in PR #15562
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
232f6fd [framework-bundle] Add Test for TranslationUpdateCommand
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Move required RequestStack args as first arguments
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Since we planned to make RequestStack required, we have to move it as first arguments.
Commits
-------
84ba05b [HttpKernel] Move required RequestStack args as first arguments
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The change removes the animation in the "sf-toolbar-block-ajax" when the request state was "ok".
When a form type provides a BC layer with old form names (all core types
do), the form registry will ask for type extensions registered on the
legacy name for BC, and trigger a warning if it finds any.
The DependencyInjectionExtension should not trigger warnings on its own
when being asked for such extensions (especially when it has none
registered).
Core extensions are also registered using the proper extended type
rather than legacy names.
* 2.8:
[2.8] Cleanup
allow more versions of the ACL package
[Translator] Added missing changelog notes.
[2.7] Clean deprecated interfaces
use new repo location in some readme.md
[Validator] Cleanup a test
[translation][framework-bundle] Deprecated DiffOperation
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/ORMQueryBuilderLoaderTest.php
src/Symfony/Bridge/ProxyManager/LazyProxy/PhpDumper/ProxyDumper.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/DependencyInjection/IntrospectableContainerInterface.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/CachingFactoryDecoratorTest.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/DefaultChoiceListFactoryTest.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/PropertyAccessDecoratorTest.php
src/Symfony/Component/Form/Tests/ChoiceList/LegacyChoiceListAdapterTest.php
src/Symfony/Component/Validator/Tests/Validator/AbstractLegacyApiTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[SecurityBundle] allow more versions of the ACL package
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This actually is the version that is required when using the Symfony SE
(`symfony/symfony` requires `symfony/security-acl` in version `~2.7`).
Commits
-------
3a15921 allow more versions of the ACL package
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] Deprecate IntrospectableContainerInterface
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Patch on Security is required for tests compat with 3.0, see #15684
IntrospectableContainerInterface is already deprecated in master.
Commits
-------
c2b94a1 [2.8] Cleanup
This PR was merged into the 2.8 branch.
Discussion
----------
[translation] Deprecated DiffOperation
## Summary:
The ``DiffOperation`` class has been deprecated and ``TargetOperation``
should be used instead, because ``DiffOperation`` has nothing to do
with 'diff', thus its class name is misleading.
Also added detailed documents for all operation interface and classes.
## Background:
The following names should have consistent meanings for all operations:
The name of ``intersection`` is temporarily introduced here to explain this issue.
* [x] ``intersection`` = source ∩ target = {x: x ∈ source ∧ x ∈ target}
* [x] ``all`` = **result of the operation, depends on the operation.**
* [x] ``new`` = all ∖ source = {x: x ∈ all ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ all}
The following analysis explains why ``DiffOperation`` should be deprecated.
## Logic of ``MergeOperation``:
* [x] ``all`` = source ∪ target = {x: x ∈ source ∨ x ∈ target}
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ source ∧ x ∉ target} = ∅
This absolutely makes sense.
## Logic of ``DiffOperation``:
* [ ] ``all`` = intersection ∪ (target ∖ intersection) = target
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = source ∖ target = {x: x ∈ source ∧ x ∉ target}
The ``all`` part is confusing because 'diff' should either mean 'relative complement' or 'symmetric difference' operation:
### Relative Complement:
* ``all`` = source ∖ target = {x: x ∈ source ∧ x ∉ target}
### Symmetric Difference:
* ``all`` = (source ∖ target) ∪ (target ∖ source) = {x: x ∈ source ∧ x ∉ target ∨ x ∈ target ∧ x ∉ source}
### Current Logic has Nothing to do with "Diff":
* ``all`` = intersection ∪ (target ∖ intersection) = target
So the name of ``DiffOperation`` is misleading and inappropriate.
Unfortunately, there is no corresponding set operation for this class,
so it's hard to give it an apppriate name.
From my point of view, I believe the most accurate name for this class
should be ``TargetOperation`` because its result is same as the target set.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
353c94d [translation][framework-bundle] Deprecated DiffOperation
* 2.8:
[travis] Add PHP 7 to allowed failures until segfaults are fixed
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
Require symfony/intl ~2.4 when Locale::setDefault() is used
[Form][2.7][ Choice type] fixed groups with empty array.
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[Config] Prototypes info
[console] Use the description when no help is available
Conflicts:
.travis.yml
CHANGELOG-2.3.md
src/Symfony/Component/Form/composer.json
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php
src/Symfony/Component/Translation/composer.json
src/Symfony/Component/Validator/composer.json
* 2.7:
[travis] Add PHP 7 to allowed failures until segfaults are fixed
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[console] Use the description when no help is available
* 2.3:
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[console] Use the description when no help is available
Conflicts:
src/Symfony/Component/Console/Tests/Fixtures/application_asxml1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_asxml2.txt
src/Symfony/Component/HttpKernel/Kernel.php
Added the test script as per the discussion in PR #15562
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The ``DiffOperation`` class has been deprecated and ``TargetOperation``
should be used instead, because ``DiffOperation`` has nothing to do
with 'diff', thus its class name is misleading.
Also added detailed documents for all operation interface and classes.
The following names should have consistent meanings for all operations:
The name of ``intersection`` is temporarily introduced here to explain this issue.
* [x] ``intersection`` = source ∩ target = {x: x ∈ source ∧ x ∈ target}
* [x] ``all`` = **result of the operation, depends on the operation.**
* [x] ``new`` = all ∖ source = {x: x ∈ all ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ all}
The following analysis explains why ``DiffOperation`` should be deprecated.
* [x] ``all`` = source ∪ target = {x: x ∈ source ∨ x ∈ target}
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ source ∧ x ∉ target} = ∅
This absolutely makes sense.
* [ ] ``all`` = intersection ∪ (target ∖ intersection) = target
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = source ∖ target = {x: x ∈ source ∧ x ∉ target}
The ``all`` part is confusing because 'diff' should either mean 'relative complement' or 'symmetric difference' operation:
* ``all`` = source ∖ target = {x: x ∈ source ∧ x ∉ target}
* ``all`` = (source ∖ target) ∪ (target ∖ source) = {x: x ∈ source ∧ x ∉ target ∨ x ∈ target ∧ x ∉ source}
* ``all`` = intersection ∪ (target ∖ intersection) = target
So the name of ``DiffOperation`` is misleading and inappropriate.
Unfortunately, there is no corresponding set operation for this class,
so it's hard to give it an apppriate name.
From my point of view, I believe the most accurate name for this class
should be ``TargetOperation`` because its result is same as the target set.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* 2.8:
Mark deprecated Twig functions as deprecated with the Twig feature
[appveyor] PHP 5.3.11 for Symfony 2.7
[HttpKernel] Group deprecation notices
[Translation] added <tool> element metadata to XliffFileDumper
Conflicts:
appveyor.yml
src/Symfony/Bridge/Twig/AppVariable.php
src/Symfony/Bridge/Twig/Extension/AssetExtension.php
src/Symfony/Bridge/Twig/Extension/FormExtension.php
* 2.7:
Mark deprecated Twig functions as deprecated with the Twig feature
[appveyor] PHP 5.3.11 for Symfony 2.7
[HttpKernel] Group deprecation notices
Conflicts:
appveyor.yml
* 2.8:
bumped minimal version in appveyor to 5.3.9
[VarDumper] Fix missing support for dumping PHP7 return type
Require security-acl 2.7 for BC
[travis] disable symfony_debug ext when deps!=no
Require actual version of ACL component until ACL/2.8 branch released
Do not normalize the kernel root directory path (see symfony/symfony#15474).
Don't trigger deprecation on interfaces
[Debug] Ignore silencing for deprecations
[ci] Run minimal versions on appveyor only
Deprecated Security ClassUtils in favor of Acl ClassUtils
Fix appveyor file
consistently use str_replace to unify directory separators (remaining)
* 2.7:
[VarDumper] Fix missing support for dumping PHP7 return type
[travis] disable symfony_debug ext when deps!=no
Do not normalize the kernel root directory path (see symfony/symfony#15474).
Don't trigger deprecation on interfaces
[Debug] Ignore silencing for deprecations
[ci] Run minimal versions on appveyor only
Fix appveyor file
consistently use str_replace to unify directory separators (remaining)
This PR was merged into the 2.7 branch.
Discussion
----------
consistently use str_replace to unify directory separators (2.7)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
Remaining ones from #15614
Commits
-------
17ce649 consistently use str_replace to unify directory separators (remaining)
* 2.8:
[Console] ProgressBarTest::testAnsiColorsAndEmojis() requires extension mbstring
[SecurityBundle] Skip SetAclCommandTest when sqlite is not available
[VarDumper] Windows compat for SplCasterTest
[Translation][Xliff loader] fixed check target node.
* 2.8: (21 commits)
Fix merge
Fix typo
Various fixes esp. on Windows
Fix the validation of form resources to register the default theme
Fix the retrieval of the value with property path when using a loader
[appveyor] minor enhancements
[Process] Disable failing tests on Windows
[Translation] Fix the string casting in the XliffFileLoader
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[VarDumper] fixed HtmlDumper to target specific the head tag
[travis] merge php: nightly and deps=high test-matrix lines
consistently use str_replace to unify directory separators
Support omitting the <target> node in an .xlf file.
Fix the handling of values for multiple choice types
moved PHP nightly to PHP 7.0
fixed tests using deprecation features
[Form] made deprecation notice more precise
fixed CS
Fix BC break after split of ACL from core
...
Conflicts:
.travis.yml
composer.json
src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php
src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
* 2.7:
Various fixes esp. on Windows
Fix the validation of form resources to register the default theme
Fix the retrieval of the value with property path when using a loader
[appveyor] minor enhancements
[Process] Disable failing tests on Windows
[Translation] Fix the string casting in the XliffFileLoader
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[VarDumper] fixed HtmlDumper to target specific the head tag
[travis] merge php: nightly and deps=high test-matrix lines
consistently use str_replace to unify directory separators
Support omitting the <target> node in an .xlf file.
Fix the handling of values for multiple choice types
moved PHP nightly to PHP 7.0
[Security] Add missing docblock in PreAuthenticatedToken
Conflicts:
.travis.yml
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the validation of form resources to register the default theme
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
https://github.com/symfony/symfony/pull/14173 made some wrong changes, changing the behavior of the code. This reverts to the right behavior in affected places
Commits
-------
ea92610 Fix the validation of form resources to register the default theme
* 2.7:
fixed CS
[DependencyInjection] Add missing file headers
fixed typo
made Symfony compatible with both Twig 1.x and 2.x
[FrameworkBundle] Fix precedence of xdebug.file_link_format
* 2.8: (22 commits)
[Form] fixed BC-break on grouped choice lists
[WebProfilerBundle] add import for Twig macro
made Symfony compatible with both Twig 1.x and 2.x
[VarDumper] Add caster for pgsql resources
[Debug/VarDumper] minor cleanups
[Form] only use PropertyPath if not already callable
[Form] fix reworked choice list phpdoc
[DoctrineBridge][Form] Add old tests to legacy group
Fixed warning when command alias is longer than command name
removed _self usage when not needed
Add support for target attributes.
Implement the support of timezone objects in the stub IntlDateFormatter
typofix - https://github.com/vlajos/misspell_fixer
make doctrine mappings compiler pass exception message more understandable
fix debug-ext 003.phpt
[Yaml] Nested merge keys
[FrameworkBundle] [Command] removed unused variable.
[FrameworkBundle] fix serializer config check
[Debug] Enhance DebugClassLoader performance on MacOSX
Add support for variadic arguments in the GetSetNormalizer
...
* 2.7:
[Form] fixed BC-break on grouped choice lists
[WebProfilerBundle] add import for Twig macro
made Symfony compatible with both Twig 1.x and 2.x
[Debug/VarDumper] minor cleanups
[Form] only use PropertyPath if not already callable
[Form] fix reworked choice list phpdoc
[DoctrineBridge][Form] Add old tests to legacy group
Fixed warning when command alias is longer than command name
removed _self usage when not needed
Implement the support of timezone objects in the stub IntlDateFormatter
typofix - https://github.com/vlajos/misspell_fixer
make doctrine mappings compiler pass exception message more understandable
fix debug-ext 003.phpt
[Yaml] Nested merge keys
[FrameworkBundle] [Command] removed unused variable.
[Debug] Enhance DebugClassLoader performance on MacOSX
Add support for variadic arguments in the GetSetNormalizer
[DoctrineBridge][Form] Fix IdReader when indexing by primary foreign key
[DoctrineBridge][Form] Fix EntityChoiceList when indexing by primary foreign key
This PR was merged into the 2.7 branch.
Discussion
----------
removed _self usage when not needed
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As those calls are macros, there are already imported via the `from` call, so accessing them directly is not need, nor desired.
Commits
-------
3d0577d removed _self usage when not needed
* 2.8:
[travis] Build standalone phpunit without symfony/yaml
Clean wrong whitespaces
[travis] Build phpunit with local components
[Console] Handle false return value from readline
do not remove space between attributes
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
Allow to define Enum nodes with 1 single element
Fix "[Form] Add flexibility for EntityType"
Remove the duplicated rendering of deprecation messages in the profiler
Fix the retrieval of the default value for variadic arguments
Annotated routes with a variadic parameter
[Locale] Fix Intl requirement
Fixing DbalSessionHandler to work with a Oracle "limitation" or bug?
Update EngineInterface.php
[Form] Add flexibility for EntityType
[Console] Fix Symfony coding standards violations
[Console] Use readline for user input when available
Better Iban Validation
Added a way to define the priority of service decoration
let Travis builds fail when PHP 7 jobs fail
Conflicts:
.travis.yml
UPGRADE-2.8.md
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Component/Locale/composer.json
* 2.8:
[Locale] Add missing @group legacy annotations
[Form] Add missing @group legacy annotations
[Form] Use FQCN form types
Fix security-acl deps
Fix typo
[Security] Removed security-acl from the core
fixed typos
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
fix issue #15377
Skip ::class constant
[Config] type specific check for emptiness
[Form] Deprecated FormTypeInterface::getName() and passing of type instances
Conflicts:
UPGRADE-2.8.md
composer.json
src/Symfony/Bridge/Doctrine/composer.json
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/ClassLoader/ClassMapGenerator.php
src/Symfony/Component/DependencyInjection/Tests/ContainerTest.php
src/Symfony/Component/Form/Tests/AbstractExtensionTest.php
src/Symfony/Component/Form/Tests/AbstractLayoutTest.php
src/Symfony/Component/Form/Tests/SimpleFormTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php
src/Symfony/Component/Security/Acl/README.md
src/Symfony/Component/Security/Acl/composer.json
* 2.7:
[Locale] Add missing @group legacy annotations
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
fix issue #15377
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/TimeTypeTest.php
* 2.3:
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/Config/Tests/Definition/ScalarNodeTest.php
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/containers/container9.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php
src/Symfony/Component/Validator/Tests/Constraints/CountryValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/CurrencyValidatorTest.php
This PR was squashed before being merged into the 2.8 branch (closes#15013).
Discussion
----------
[Security] Removed security-acl from the core
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | part of #14718
| License | MIT
| Doc PR | ~
The `Security\Acl` is removed from the core and is loaded from its own repository. All tests were passing and this is fully backwards compatible. I have removed all but the Test files in the first step and added the dependency to verify the Test were still working with the package dependency. The second step was to remove the remaining test files and tests are still running for both the Bundle and the Framework. Once the Read-Only repository is a full standalone repository, this PR can be merged.
- [x] Remove component from the core
- [ ] Remove read-only from https://github.com/symfony/security-acl
Once this PR is merged, I can start working on splitting the SecurityBundle and extracting the ACL part to the AclBundle.
/cc @fabpot
Commits
-------
b26a449 [Security] Removed security-acl from the core
* 2.8: (63 commits)
[Debug] Deprecate ExceptionHandler::createResponse
[Debug] cleanup ExceptionHandlerTest
Reordered the toolbar elements via service priorities
bumped Symfony version to 2.7.4
Increased the z-index of .sf-toolbar-info
Removed an unused media query
updated VERSION for 2.7.3
updated CHANGELOG for 2.7.3
Redesigned "abbr" elements
Restored the old behavior for toolbars with lots of elements
Tweaks and bug fixes
Added some upgrade notes about the new toolbar design
fixed typo in translation keys
Fix the return value on error for intl methods returning arrays
Removed an useless CSS class and added styles for <hr>
Added a new profiler_markup_version to improve BC of the new toolbar
Fix merge
Removed an unused import
Reverted the feature to display different toolbar versions
Minor JavaScript optimizations
...
Conflicts:
CHANGELOG-2.7.md
UPGRADE-2.8.md
src/Symfony/Bundle/FrameworkBundle/Resources/config/collectors.xml
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Deprecated FormTypeInterface::getName() and passing of type instances
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #5321, #15008
| License | MIT
| Doc PR | TODO
#### Type Names
This PR deprecates the definition of the `getName()` method of form types. See #15008 for a more detailed description.
Before:
```php
class MyType extends AbstractType
{
public function getName()
{
return 'mytype';
}
// ...
}
```
After:
```php
class MyType extends AbstractType
{
// ...
}
```
You should always reference other types by their fully-qualified class names. Thanks to PHP 5.5, that's easy:
Before:
```php
$form = $this->createFormBuilder()
->add('name', 'text')
->add('age', 'integer')
->getForm();
```
After:
```php
$form = $this->createFormBuilder()
->add('name', TextType::class)
->add('age', IntegerType::class)
->getForm();
```
#### Type Instances
Furthermore, passing of type instances is deprecated.
Before:
```php
$form = $this->createForm(new AuthorType());
```
After:
```php
$form = $this->createForm(AuthorType::class);
```
#### DIC Aliases
When registering a type in the DIC, you should omit the "alias" attribute now.
Before:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" alias="mytype" />
<argument type="service" id="some.service.id" />
</service>
```
After:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" />
<argument type="service" id="some.service.id" />
</service>
```
Types without dependencies don't need to be registered in the DIC as they can be instantiated right away.
#### Template Block Prefixes
By default, the class name of the type in underscore notation minus "Type" suffix is used as Twig template block prefix (e.g. `UserProfileType` => `user_profile_*`). If you want to customize that, overwrite the new `getBlockPrefix()` method in your type:
```php
class UserProfileType extends AbstractType
{
public function getBlockPrefix()
{
return 'profile';
}
// ...
}
```
Commits
-------
3d9e5de [Form] Deprecated FormTypeInterface::getName() and passing of type instances
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][FrameworkBundle] Allow parameter use_cookies in session configuration
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13668
| License | MIT
| Doc PR | none
This PR adds support for the `use_cookies` parameter to the session configuration of Symfony's FrameworkBundle. It is a rebase of #13671 against the 2.8 branch.
Commits
-------
08bf50a Allow parameter use_cookies in session configuration.
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Change the default value of cookie_httponly
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15303
| License | MIT
| Doc PR | symfony/symfony-docs#5561
Commits
-------
a7bef1e Change the default value of cookie_httponly to fix#15303