This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Php function json_encode/decode with option JSON_PARTIAL_OUTPUT_ON_ERROR return result on error, but if have is error json_last_error() always return error code even if there is a result and it is not false. Because of this is impossible set JSON_PARTIAL_OUTPUT_ON_ERROR option across variable $context.
Current fix solves this problem.
Verification on the false is completely correct, since json_encode / decode returns false only on error if not set JSON_PARTIAL_OUTPUT_ON_ERROR option.
Such have a problem e.g when encoding data is not utf-8 (emoji from facebook).
Commits
-------
e7e410b [Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fail gracefully if the security token cannot be unserialized from the session
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).
This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)
Commits
-------
053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix access to root object when using composite constraint
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12315, #20477, #21706
| License | MIT
| Doc PR |
Commits
-------
b18cdcf417 [Validator] Fix access to root object when using composite constraint
This PR was merged into the 2.7 branch.
Discussion
----------
Update LICENSE year... forever
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
By using the same trick than Facebook: https://github.com/facebook/react/blob/master/LICENSE
Commits
-------
8ce8bd5 Update LICENSE year... forever
This PR was squashed before being merged into the 2.7 branch (closes#25652).
Discussion
----------
Clean up
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've removed all white spaces and extra lines from our `markdown` files. Recently [I did it in our documentation](https://github.com/symfony/symfony-docs/pull/8944), and thought would be interesting to replicate here 😄
Commits
-------
acd0d7c Clean up
This PR was squashed before being merged into the 2.7 branch (closes#25430).
Discussion
----------
Fixes for Oracle in PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #18305 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
<!--
Fixes missing session data for Oracle in PdoSessionHandler
-->
Commits
-------
e7a4002b4f Fixes for Oracle in PdoSessionHandler
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][DX] Use constant message contextualisation for deprecations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Since many projects are using this mechanism for deprecating feature, it is sometimes difficult to understand which vendor triggers a deprecation.
Sometimes we're using `since Symfony x.y` format, sometimes we are using `since x.y`. I propose to always use `since Symfony x.y` format.
Commits
-------
c2338cbd7a [2.7][DX] Use constant message contextualisation for deprecations
This PR was squashed before being merged into the 2.7 branch (closes#25599).
Discussion
----------
Add application/ld+json format associated to json
| Q | A
| ------------- | ---
| Branch? | 2.7 up to 4.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Add `application/ld+json` Content-Type as json format in Request.
Commits
-------
0917c4c Add application/ld+json format associated to json
| Q | A
| ------------- | ---
| Branch? | 2.1 to 4.0
| Bug fix? | yes (comment only)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | na
| Fixed tickets | na
| License | MIT
| Doc PR |
DocBlock comment referred to `NormalizableInterface` but code was using `DenormalizableInterface`
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Commands with an alias should not be recognized as ambiguous
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | no <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
When having two commands with the same starting name and an alias equal to the starting name, we should not have an ambiguous error because we are setting the alias.
Commits
-------
863f632 [Console] Commands with an alias should not be recognized as ambiguous
This PR was merged into the 2.7 branch.
Discussion
----------
Add php_unit_dedicate_assert to PHPCS
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25420
| License | MIT
| Doc PR | -
Forgot to add this in #25420😅
Commits
-------
e913b68 Add php_unit_dedicate_assert to PHPCS
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] fix a bug when you are passing a default value and passing -n would output the index
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25470
| License | MIT
| Doc PR |
We are fixing a bug when you are using a default value with -n, it would output the index instead of the value.
Simple reproducer 5079dd19d5 (diff-77efcc28bc5309e1af9ac07a1e073009R40)
Commits
-------
41ffc69 [Console] fix a bug when you are passing a default value and passing -n would ouput the index
Not much has changed in data we actually use in Symfony.
However, the extension compiled for ICU 60.2 behaves slightly differently in some cases.
This can be observed on one assertion that had to be disabled. There's no point in keeping it since the Symfony implementation does not support the behaviour.
This PR was squashed before being merged into the 2.7 branch (closes#25427).
Discussion
----------
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While investigating #25373, I found that when the *dumped* `UrlMatcher` performs redirections due to missing trailing slashes on URLs, it does so using an url*de*coded URL.
This is wrong, as it may lead to wrong interpretations of URLs upon the next request. For example, think of an URL that contains `%23` in the middle of the path info. Upon redirection, this will be turned into `#` with an obvious effect.
Commits
-------
8146510304 Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge][Form] Fix hidden currency element with Bootstrap 3 theme
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When using a `MoneyType` field, one can pass `currency=false` option to hide the currency symbol. This does not work well when using the Bootstrap 3 theme: the symbol is not displayed but HTML elements that are supposed to contain it are still rendered.
Commits
-------
c5af7fd938 Fix hidden currency element with Bootstrap 3 theme
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix catching fatal errors in case of nested error handlers
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8703, #16980
| License | MIT
| Doc PR | -
Fixing a bug from 2013 :)
Commits
-------
27dc9a6c7c [Debug] Fix catching fatal errors in case of nested error handlers
This PR was squashed before being merged into the 2.7 branch (closes#25330).
Discussion
----------
[HttpFoundation] Support 0 bit netmask in IPv6 (`::/0`)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
Proxy settings allow `0.0.0.0/0` but not `::/0`. This PR adds IpUtils support for 0 masked bits in IPv6.
Tests pass in the sense that results before and after are unchanged on my local PHP 7.2 / macOS setup. The IpUtils test cases were extended for the changes in this PR.
I've rebased on 2.7, but the issue is present up to 4.0 and master.
Commits
-------
9f1c9bd964 [HttpFoundation] Support 0 bit netmask in IPv6 ()
This PR was merged into the 2.7 branch.
Discussion
----------
[ExpressionLanguage] throw an SyntaxError instead of an undefined index notice
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25214
| License | MIT
| Doc PR | none
I think this is a bug when the components throws a notice instead of an exception.
it's too early and too dark to see something outside so here is my couch :
![img_2915-2](https://user-images.githubusercontent.com/3451634/33592448-6b514050-d98b-11e7-8086-bc6e6b6e6e82.jpg)
Commits
-------
78abc89648 [ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
This PR was squashed before being merged into the 2.7 branch (closes#25152).
Discussion
----------
[Form] Don't rely on `Symfony\Component\HttpFoundation\File\File` if http-foundation isn't in FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | may need discussion
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Currently `FileType` may depend on `Symfony\Component\HttpFoundation\File\File` regardless `http-foundation` has been installed or not.
It leads to occur the class-not-found error.
(Attached the screen capture, please see below and I provided the representation [here](https://github.com/issei-m/form-bug-representation/issues/1) for your information)
So I ensure `Symfony\Component\HttpFoundation\File\File` does exist, and if not, we don't specify any classes for this type.
While setting no specified class to `data_class` means making [property path behavior changed](7234bfd56a/src/Symfony/Component/Form/Form.php (L229-L231)),
[NativeRequestHandler](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/NativeRequestHandler.php) which is usually expected to be used in non-full-stack env handles a pure array like `$_FILES` holds, fully intended behavior AFAIK.
![image](https://user-images.githubusercontent.com/1135118/33216654-14706a56-d178-11e7-8e4b-c38c14ec7532.png)
Commits
-------
a264238e8a [Form] Don't rely on if http-foundation isn't in FileType
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix global console flag when used in chain
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #23876
| License | MIT
| Doc PR |
Because SymfonyCon is great we can create pull request in it ! (this was preparer in the plane and I can push it just right now ;))
Finished in the #SymfonyConHackday2017
Commits
-------
1f8db73 [Console] Fix global console flag when used in chain
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] added ability for substitute aliases when mapping is on single line
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11569
| License | MIT
| Doc PR |
Commits
-------
dd26c80aa9 substitute aliases in inline mappings
675a3fe7f6 added ability for substitute aliases when mapping in YAML is on single line
This PR was squashed before being merged into the 2.7 branch (closes#25102).
Discussion
----------
[Form] Fixed ContextErrorException in FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25063
| License | MIT
| Doc PR | --
Fixed an issue that ContextErrorException occurs when multiple is enabled.
Commits
-------
1b408e6 [Form] Fixed ContextErrorException in FileType
This PR was merged into the 2.7 branch.
Discussion
----------
Replace array|\Traversable by iterable
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Replace `array|\Traversable` by `iterable`, favoring pure API (or less mixed at least :)) and be clear whenever phpdoc is replaced.
https://secure.php.net/manual/en/language.types.iterable.php
Commits
-------
278088931b Replace array|\Traversable by iterable
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Remove remaining dead code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Since they are always re-thrown, no need to catch `\Error` instances at all.
Commits
-------
3822c07f65 [Console] Remove remaining dead code
This PR was merged into the 2.7 branch.
Discussion
----------
Fix ambiguous pattern
[Validator][Constraints][UrlValidator] Fix domain name pattern.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`\pS` is a unicode character class, `\pS-\.` pretends to be a range which is not. This pattern fails with PCRE2.
Thanks.
Commits
-------
059f59a106 Fix ambiguous pattern
This PR was merged into the 2.7 branch.
Discussion
----------
Validate redirect targets using the session cookie domain
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
52b06f1c21 [Security] Validate redirect targets using the session cookie domain
This PR was merged into the 2.7 branch.
Discussion
----------
Prevent bundle readers from breaking out of paths
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
c8f9f916b4 prevent bundle readers from breaking out of paths
This PR was merged into the 2.7 branch.
Discussion
----------
Ensure that submitted data are uploaded files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
f9e210cc7b ensure that submitted data are uploaded files
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] remove dead code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Part of #24961 for 2.7
Commits
-------
65f2b13 [Console] remove dead code
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] fix method name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
b862168 fix method name
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix traversable autocomplete values
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
`Question::setAutocompleterValues` implies passing a `\Traversable` value is allowed, yet it doesnt work :) It also restricts the traversable to be countable, which is not really needed (blocking pure API / iterable type as of 4.0).
Commits
-------
965b5b5f8d [Console] Fix traversable autocomplete values
This PR was squashed before being merged into the 2.7 branch (closes#24909).
Discussion
----------
[Intl] Update ICU data to 60.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
http://site.icu-project.org/download/60
All tests are passing, including those from the intl-data group.
Commits
-------
cf04e7cefe [Intl] Update ICU data to 60.1
This PR was squashed before being merged into the 2.7 branch (closes#24900).
Discussion
----------
[Validator] Fix Costa Rica IBAN format
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Fix Costa Rica IBAN format: https://bank.codes/iban/structure/costa-rica/
Commits
-------
b9b5e18f8b [Validator] Fix Costa Rica IBAN format
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Nullable FormInterface::getPropertyPath()
| Q | A
| ------------- | ---
| Branch? | 4.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24560
| License | MIT
| Doc PR |
`Symfony\Component\Form\Form::getPropertyPath()` returns `null` when the form has an empty name. It allows for unprefixed children.
```php
<?php
namespace App\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Form\Extension\Core\Type\TextType;
class IndexController extends AbstractController
{
/**
* @Route(name="index")
* @Template()
*/
public function indexAction()
{
$form = $this->get('form.factory')
->createNamedBuilder('')
->add('text', TextType::class)
->getForm();
return [
'form' => $form->createView(),
];
}
}
```
```html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Welcome!</title>
</head>
<body>
<form name="" method="post">
<label for="text">Text</label>
<input type="text" id="text" name="text">
</form>
</body>
</html>
```
But the return type of the `Symfony\Component\Form\FormInterface::getPropertyPath()` is not nullable.
We cannot change the behaviour, obviously. At least it's useful in API controllers.
So I decided to change the doc block of the interface.
Commits
-------
d56632a45f FormInterface::getPropertyPath(): PropertyPathInterface|null
This PR was squashed before being merged into the 2.7 branch (closes#24814).
Discussion
----------
[Intl] Make intl-data tests pass and save language aliases again
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Due to changes in ICU 5.5 aliases were not being saved since that version.
Commits
-------
661a4b6 [Intl] Make intl-data tests pass and save language aliases again
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor docblock fixes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As found in #24611
Commits
-------
0c9edaf [DI] minor docblock fixes
Fixessymfony/symfony#24652
Trailing backslash, being unescaped, used to escape closing formatting
tag and, thus, formatting tag appeared in autocompletion
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fixed auth provider authenticate() cannot return void
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (arguably)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The `AuthenticationManagerInterface` [requires](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Security/Core/Authentication/AuthenticationManagerInterface.php#L30) that `authenticate()` must return a TokenInterface, never null. Several authentication providers are violating this. Changed to throw exception instead.
See discussion in earlier PR https://github.com/symfony/symfony/pull/24585 which was changing the docblock rather than the implementations.
Commits
-------
6e18b56b77 [Security] Fixed auth provider authenticate() cannot return void
This PR was merged into the 2.7 branch.
Discussion
----------
declare type AcceptHeaderItem for array_map
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In `array_filter` , argument type is declared.
https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/HttpFoundation/AcceptHeader.php#L133
So It's natural to do so in `array_map` too.
Commits
-------
ab8f5be40c declare argument type
The AuthenticationManagerInterface requires that authenticate() must return a TokenInterface, never null.
Several authentication providers are violating this. Changed to throw exception instead.
This PR was merged into the 2.7 branch.
Discussion
----------
content can be a resource
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes (bug in a comment)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
c63742daef content can be a resource
This PR was merged into the 2.7 branch.
Discussion
----------
Username and password in basic auth are allowed to contain '.'
Initially reported by Fede Isas in https://github.com/beberlei/assert/pull/234
| Q | A
| ------------- | ---
| Branch? | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
e5d57dd050 Username and password in basic auth are allowed to contain '.'
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix same vendor detection in class loader
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fix about same vendor detection in ClassLoader. Actually, detected namespace for `Doctrine\ORM\Configuration` is `Doctrine\ORM` instead of `Doctrine\`. So deprecations are triggered for classes in same namespace.
Commits
-------
d2ab0d8019 [Debug] Fix same vendor detection in class loader
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Reject remember-me token if UserCheckerInterface::checkPostAuth() fails
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24525
| License | MIT
| Doc PR | -
I think this is a security hole - a user can remain logged in with a remember me cookie even though they can no longer pass `UserCheckInterface::checkPostAuth()` (could be disabled).
This is a small BC break but shouldn't be an issue as I think it is a bug. I don't think this requires a BC layer but if so, I can add.
Commits
-------
fe190b6ee9 reject remember-me token if user check fails
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] never match invalid IP addresses
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24424
| License | MIT
| Doc PR |
Commits
-------
8ad32f0ef5 never match invalid IP addresses
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Combine Cache-Control headers
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If multiple `Cache-Control` headers are added to a `ResponseHeaderBag`, only the first is returned by `$bag->get('Cache-Control')`.
Commits
-------
1f76a70b6f [HttpFoundation] Combine Cache-Control headers
This PR was merged into the 2.7 branch.
Discussion
----------
Fix support for PHP 7.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #23671
| License | MIT
| Doc PR | -
There are still the deprecation problem with phpunit since it use `each()`.
There are 3 tests linked to session that I don't know how to fix / what to do, do you have any idea @nicolas-grekas ?
Commits
-------
fdf285b5c9 Fix 7.2 compat layer
e229dd0302 Fix PHP 7.2 support
This PR was squashed before being merged into the 2.7 branch (closes#23980).
Discussion
----------
Tests and fix for issue in array model data in EntityType field with multiple=true
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| License | MIT
| Fixed tickets | #23927
Provided some tests and the fix for #23927.
Rebased to 2.7, replaces #23930
Commits
-------
aaba6b4c2b Tests and fix for issue in array model data in EntityType field with multiple=true
This PR was squashed before being merged into the 2.7 branch (closes#22586).
Discussion
----------
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes-ish
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | <!-- #-prefixed issue number(s), if any -->
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Implements the same behaviour that `NumberToLocalizedStringTransformer` in order to accept both comma and dot implemented in #5941
Commits
-------
f96a7f81b8 [Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
This PR was merged into the 2.7 branch.
Discussion
----------
[Intl] Fixed support of Locale::getFallback
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24154
| License | MIT
| Doc PR |
Commits
-------
256055218e [Intl] Fixed support of Locale::getFallback
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix file upload multiple with no files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
```php
<form method="post" enctype="multipart/form-data">
<input type="file" multiple name="img[]">
<input type="submit">
</form>
<?php
$loader = require __DIR__ . '/../app/autoload.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
var_export($request->files->all()['img']);
}
```
Expected result when I send the form without any files:
```
array ()
```
Actual result:
```
array ( 0 => NULL, )
```
This causes a problem later when using FileType with multiple option - if no files are sent the form data are `[0 => '']` instead of `[]`.
Of course I need to add a test for this.
Commits
-------
d4f6039dcd [HttpFoundation] Fix file upload multiple with no files
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions and multiplications
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| License | MIT
There is a [PHP Bug](https://bugs.php.net/bug.php?id=75004) with the accuracy of divisions and multiplications when `/=` and `*=` are used.
Here is the proof: https://3v4l.org/u1DkX
It would be better to use `bcmul()` and `bcdiv()` in the `MoneyToLocalizedStringTransformer.php` to prevent this bug.
Commits
-------
ab47c7878e Added improvement for accuracy in MoneyToLocalizedStringTransformer.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] minor translation text fix
Update validators.cs.xlf - Fix czech translation for "This field was not expected"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | none
| License | none
| Doc PR | none
This commit fixes grammatical issue for czech translation only.
Commits
-------
fbe7148000 Fix translation for "This field was not expected"
This PR was squashed before being merged into the 2.7 branch (closes#24243).
Discussion
----------
HttpCache does not consider ESI resources in HEAD requests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Due to this shortcut:
3b42d8859e/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php (L634-L642)
... the `HttpCache` never looks at the response body for `HEAD` requests. This makes it completely miss ESI-related tweaks like computing the correct TTL, removing validation headers or updating the `Content-Length`.
From RFC2616 (https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.4):
> The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request.
Although it says "SHOULD", I think it can be misleading at best when HEAD requests do, for example, return different (greater) `s-maxage` values than a corresponding GET request.
Commits
-------
4dd0e53171 HttpCache does not consider ESI resources in HEAD requests