This PR was merged into the 2.7 branch.
Discussion
----------
Added null as explicit return type (?TokenInterface)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23882#discussion_r140704737
| License | MIT
| Doc PR | ~
This fixes the returntype in the `ContextListener` so it can be merged upwards.
/cc @chalasr
Commits
-------
1ba4dd9 Added null as explicit return type (?TokenInterface)
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Preserving line breaks between sentences according to the exception message
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24212
| License | MIT
| Doc PR | -
Commits
-------
e2d4904 Render all line breaks according to the exception message
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] remove confusing code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This code is a no-op. I guess the intention was to resolve a parametrized alias target, yet this never worked and we don't want to make it work.
Commits
-------
3da645efed [DI] remove confusing code
This PR was squashed before being merged into the 2.7 branch (closes#24230).
Discussion
----------
[Validator] Clarify UUID validator behavior
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24209
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
TLDR; after some investigation this is now a doc update.
This fixes the variant detection of a UUID, in strict validation, as described by https://tools.ietf.org/html/rfc4122#section-4.1.1
Tested variant UUID's taken from [ramsey/uuid](https://github.com/ramsey/uuid/blob/master/tests/UuidTest.php#L506). I cannot produce an invalid variant UUID anymore, as i believe by now anything would be variant 3 (future reserved).
/cc @backbone87
Commits
-------
cde5a47 [Validator] Clarify UUID validator behavior
This PR was squashed before being merged into the 2.7 branch (closes#22321).
Discussion
----------
[Filesystem] Fixed makePathRelative
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Updating to Symfony 3.2.7 @agoat noticed a bug with `Filesystem::makePathRelative()` in contao/core-bundle#751:
- In Symfony 3.2.6 `makePathRelative('aa/cc', 'bb/cc')` returned correctly `../../aa/cc`
- In Symfony 3.2.7 the same method call returns `./`
I think this issue was introduced with #22133.
While working on the fix I noticed some other issues too:
- An unnecessary if construct that did nothing, fc745f45949fdb8d5aa590618ec73537721f99b4
- Missing normalization of `./` path segments, 15982d4b083723555cfa149368eaaae9609d0e22
- `../` got ignored at the beginning of relative paths, 9586e880d69f613b10e23dd53cea877e622b221a
- The documentation of the method only allowed absolute paths, but there are already unit tests ([FilesystemTest.php:1097](ab93feae3f/src/Symfony/Component/Filesystem/Tests/FilesystemTest.php (L1097))) that test the behavior of relative paths, cec473eeb099c074b5883e7187f74663402f9d87
This pull request fixes all these issues and adds tests for them.
Commits
-------
2bc11505f4 [Filesystem] Fixed makePathRelative
This PR was squashed before being merged into the 2.7 branch (closes#23473).
Discussion
----------
[Filesystem] mirror - fix copying content with same name as source/target.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23472
| License | MIT
| Doc PR |
Uses `substr()` and lengths in `Filesystem::mirror()` rather than `str_replace()` to avoid multiple replacements.
Commits
-------
b524c84ce1 [Filesystem] mirror - fix copying content with same name as source/target.
This PR was squashed before being merged into the 2.7 branch (closes#24149).
Discussion
----------
[CS] Apply phpdoc_annotation_without_dot
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Rule was manually applied here : https://github.com/symfony/symfony/pull/19198
In same PR, fixer for this rule was requested, later implementation was approved by Symfony in https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/2020 .
Rule is converting single sentence to not a sentence, dropping final dot and lowercasing first word.
If there are multiple sentences, it doesn't make any changes.
Status quo is that some annotation are in the middle - having first word uppercased, but no final stop.
Let us fix grammar by finishing applying the rule.
If, for some reason, you don't want to follow that rule that was requested by Symfony, please provide reasoning. If it's to some edge-case bug, simply raise that bug issue. If due to some other reasons, please send a PR to drop it from `@Symfony` ruleset.
Info: I did manually reviewed every single change of this PR.
Commits
-------
7a97b49436 [CS] Apply phpdoc_annotation_without_dot
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] check permissions if dump target dir is missing
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24097
| License | MIT
| Doc PR |
`is_dir()` returns `false` if the parent directory misses the executable
bit even when the directory itself is present.
Commits
-------
a0f9f2c537 check permissions if dump target dir is missing
This PR was merged into the 2.7 branch.
Discussion
----------
[ExpressionLanguage] throws an exception on calling uncallable method
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When we evaluate an expression, if a callable is incorrect (not exists or not accessible) a warning is printed.
This PR handles this case and throws a \RuntimeException when `is_callable()` returns `false` :
```php
$el = new ExpressionLanguage();
$el->evaluate('foo.myfunction()', array('foo' => new \stdClass()));
```
**Before:**
`Warning: call_user_func_array() expects parameter 1 to be a valid callback, class 'stdClass' does not have a method 'myfunction' in /home/.../src/Symfony/Component/ExpressionLanguage/Node/GetAttrNode.php on line 84`
**After:**
`Fatal error: Uncaught RuntimeException: Unable to call method "myfunction" of object "stdClass". in /home/.../src/Symfony/Component/ExpressionLanguage/Node/GetAttrNode.php:81`
Commits
-------
c8b65aeb8b [ExpressionLanguage] throws an exception on calling uncallable method
This PR was squashed before being merged into the 2.7 branch (closes#23730).
Discussion
----------
Fixed the escaping of back slashes and << in console output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18481
| License | MIT
| Doc PR | -
Not sure if it's a valid solution, but this is my attempt to solve #18481.
Commits
-------
d5cb1fe711 Fixed the escaping of back slashes and << in console output
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Enhance docblock to tell about AbstractDumper::dumpLine(-1)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23992
| License | MIT
| Doc PR | -
Commits
-------
0164038998 [VarDumper] Enhance docblock to tell about AbstractDumper::dumpLine(-1)
This PR was squashed before being merged into the 2.7 branch (closes#23925).
Discussion
----------
[Validator] Fix use of GroupSequenceProvider in child classes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | not in real cases
| Deprecations? | no
| Tests pass? | yes
| License | MIT
For example validation of doctrine proxy objects fails.
Commits
-------
8d7b203d80 [Validator] Fix use of GroupSequenceProvider in child classes
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Add a property tag for File::$maxSize
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | Not confirmed (because minor change)
| Fixed tickets | -
| License | MIT
| Doc PR | -
For helping IDE to static analyze.
Commits
-------
b72ced22ad [Validator] Add a property tag for File::$maxSize
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Clean test directory on tear down
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've been bitten by this leftover too often.
Commits
-------
0a3dc11 [HttpKernel] Clean test directory on tear down
This PR was merged into the 2.7 branch.
Discussion
----------
Ignore memcached missing key error on session destroy
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18574
| License | MIT
| Doc PR | NA
Since PHP 7 session_regenerate_id triggers a warning when the session is not started.
This PR, changes the behaviours of session_destroy in the `MemcachedSessionHandler` by returning true when the user try to delete a non-existing session.
Other handler:
- LegacyPdoSessionHandler => don't check if key exists
- MongoDbSessionHandler => don't check if key exists
- NullSessionHandler => always true
- PdoSessionHandler => don't check if key exists
Commits
-------
29538b621c Ignore memcached missing key error on dession destroy
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Generate safe fallback filename for wrongly encoded filename
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This handles the case where the encoding of a random string cannot be detected. Until now this causes a PHP Warning `mb_strlen(): Unknown encoding ""`.
Commits
-------
8fd5569 [HttpFoundation] Generate safe fallback filename for wrongly encoded filename
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix passing options with defaultCommand
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Seems like overwriting input for the default command is not needed (anymore?). I don't know where the removed comment comes from originally.
Use case: i want to call default command and use options at the same time:
app/console --abc=true
Commits
-------
761de99552 Fix passing options with defaultCommand
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Add some phpdocs for IDE autocompletion and better SCA
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
@ogizanagi I've tryed add single phpdoc `@method FormInterface[] getIterator()` to `FormInterface` but it not works correctly in PHPStorm. Have you any ideas?
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the 3.4,
legacy code removals go to the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
d30c751781 Add some phpdocs for IDE autocompletion and better SCA
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Missing escape in debug output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When pretty-printing an exception, the debug handler does not properly escape array keys.
The problem only occurs when debug output is enabled, so this is not considered a [security issue](http://symfony.com/doc/current/contributing/code/security.html) (according to @fabpot), because the debug tools [should not be used in production](https://symfony.com/doc/current/components/debug.html#usage).
A test for this is included in my patch for #18722.
Commits
-------
636777d [Debug] HTML-escape array key
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] use assertStringEqualsFile when possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
To make failure reporting more accurate, and maintaining tests easier (assertStringEqualsFile is already heavily used in the same file.)
Commits
-------
eebae7e [DI] use assertStringEqualsFile when possible
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Resolve aliases earlier
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Not a bug fix because a compiler pass already resolves aliases, but makes reasoning locally about the code easier.
Commits
-------
9922827cc2 [DI] Resolve aliases earlier
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] validate empty passwords again
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/23341#issuecomment-315341226
| License | MIT
| Doc PR |
It looks like this part of #23341 causes serious security issues for some users who rely on the validator to also compare the empty string with their user's password (see for example https://github.com/symfony/symfony/pull/23341#issuecomment-315341226). Thus I suggest to revert this part of #23341.
Commits
-------
878198cefa [Security] validate empty passwords again
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Remove irrelevant comment from container
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Spotted in #22811
Commits
-------
595a225a0f [DI] Remove irrelevant comment from container
This PR was squashed before being merged into the 2.7 branch (closes#23468).
Discussion
----------
[DI] Handle root namespace in service definitions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Fixes
```
Cannot dump definition because of invalid class name ('\\stdClass')
```
for
```yaml
services:
foo: {class: '\stdClass' }
```
`ContainerBuilder` allows it, so `PhpDumper` should as well.
Commits
-------
05170c8 [DI] Handle root namespace in service definitions
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix authentication.failure event not dispatched on AccountStatusException
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/18807
| License | MIT
| Doc PR | n/a
Authentication fails if the user exists but its account is disabled/expired/locked, the failure event should be dispatched in this case, so that you can hook into as for any authentication exception.
Commits
-------
64c2efd [Security] Fix authentication.failure event not dispatched on AccountStatusException
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Dont copy perms when origin is remote
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23312
| License | MIT
| Doc PR | -
Commits
-------
7b442211dc [Filesystem] Dont copy perms when origin is remote
This PR was merged into the 2.7 branch.
Discussion
----------
[DoctrineBridge][Security][Validator] do not validate empty values
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23319
| License | MIT
| Doc PR |
Nearly all validators operating on scalar values (except for some special constraints) do ignore empty values. If you want to forbid them, you have to use the `NotBlank` constraint instead.
Commits
-------
fd7ad234bc do not validate empty values
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Throw exception on Comparison constraints null options
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | no. There is no bug, but the constraint can be silently created in an invalid state.
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes (failure unrelated)
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
Commits
-------
2de59a7381 [Validator] Throw exception on Comparison constraints null options
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] fix switch user _exit without having current token
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22729
| License | MIT
| Doc PR | -
Attempting to `_exit` from a switched user caused an error when not having any token in the storage (for example happens when not logged in + disallowing anonymous users on that firewall):
`[1] Symfony\Component\Debug\Exception\FatalThrowableError: Type error: Argument 1 passed to Symfony\Component\Security\Http\Firewall\SwitchUserListener::getOriginalToken()
must be an instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface, null given, called in
symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php on line 164`
Commits
-------
16da6861be [Security] fix switch user _exit without having current token
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Fix XmlFileLoader exception message
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
When an `XmlFileLoader` encounters an unknown tag it throws an exception with message like `Unknown tag "foo" used in file "bar". Expected "default", "requirement" or "option".`. A proper message should be `Unknown tag "foo" used in file "bar". Expected "default", "requirement", "option" or "condition".`
Commits
-------
f6a94cb56f [Routing] Fix XmlFileLoader exception message
This PR was squashed before being merged into the 2.7 branch (closes#23129).
Discussion
----------
Fix two edge cases in ResponseCacheStrategy
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While reviewing how `ResponseCacheStrategy` calculates the caching-related headers for responses that embed subrequests, I came across two cases that I think are currently implemented incorrectly.
a) When the main response is public and cacheable with an expiration time, but it embeds (via ESI) a controller that does not set any caching-related headers, this embedded response is more constrained. So, the resulting (combined) response must not be cacheable, especially it may not keep the s-maxage.
b) When the main response is public and cacheable with an expiration time, but it embeds (via ESI) a controller that explicitly creates a "private" response, the resulting (combined) response must be private as well.
Commits
-------
c6e8c07e4d Fix two edge cases in ResponseCacheStrategy
This PR was squashed before being merged into the 2.7 branch (closes#23092).
Discussion
----------
[Filesystem] added workaround in Filesystem::rename for PHP bug
[Filesystem] added workaround in Filesystem::rename for https://bugs.php.net/bug.php?id=54097
Standard PHP rename() of dirs across devices/mounted filesystems produces confusing copy error & throws IOException in Filesystem::rename. I got it during console cache:clear in the Docker environment. This PR possible fixes https://github.com/symfony/symfony/issues/19851 and other environment related issues.
Workaround is on \rename() fails try to Filesystem::mirror & Filesystem::remove if $origin is directory
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
3ccbc479da [Filesystem] added workaround in Filesystem::rename for PHP bug
This PR was squashed before being merged into the 2.7 branch (closes#23123).
Discussion
----------
Add tests for ResponseCacheStrategy to document some more edge cases
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Adds some test cases for possible combinations of master/subrequest responses to better document behaviour in edge cases. Should now cover the entire `ResponseCacheStrategy`.
I hope 2.7 is the right target branch because having more tests for all releases should be a good thing™️.
Commits
-------
69e84633dd Add tests for ResponseCacheStrategy to document some more edge cases
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] fix for Support for new 7.1 session options
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21606
| License | MIT
| Doc PR | n/a
Commits
-------
71c1b6f5bffixes#21606
This PR was merged into the 2.7 branch.
Discussion
----------
[FormBuilderInterface] Fixed PHPdoc return references
| Q | A
| ------------- | ---
| Branch? | 2.7 and higher
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | N/A (phpdoc)
| License | MIT
In a case where the method `createFormBuilder()` was used where the methods `add()` and `getForm()` were chained onto it, the final resulting object was no longer a FormBuilder object as the `add()` and `remove()` methods was using a return variable that didn't work.
Should reference `self` as interfaces do not have a `$this` object.
Commits
-------
2f350d1d38 Fixed PHPdoc return references in FormBuilderInterface
This PR was squashed before being merged into the 2.7 branch (closes#22931).
Discussion
----------
SCA with Php Inspections (EA Extended): 2.7
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended): dead code and control flow tweaks.
Commits
-------
598ae56cc9 SCA with Php Inspections (EA Extended): 2.7
This PR was merged into the 2.7 branch.
Discussion
----------
Cache ipCheck (2.7)
In our app we use trusted proxies. Using Blackfire we found `IpUtils::checkIp` was being called 454 times taking 3.15ms.
Caching the result saves those 3ms.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
bcb80569cb Cache ipCheck
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Mix attr option between guessed options and user options
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19871
| License | MIT
Commits
-------
84f5de902d mix attr options between type-guess options and user options
This PR was squashed before being merged into the 2.7 branch (closes#22847).
Discussion
----------
[Console] ChoiceQuestion must have choices
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22842
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
![image](https://cloud.githubusercontent.com/assets/1047696/26301309/1bfa52ca-3ee1-11e7-883b-f627f16e9d2f.png)
-->
Commits
-------
96e307fd5c [Console] ChoiceQuestion must have choices
This PR was squashed before being merged into the 2.7 branch (closes#22718).
Discussion
----------
[Console] Fixed different behaviour of key and value user inputs in multiple choice question
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22706
| License | MIT
| Doc PR | -
Fixed a bug when value from multiple choice list could not be selected by user's input
while it could be selected by typing its index in the list.
Commits
-------
2861bd7b01 [Console] Fixed different behaviour of key and value user inputs in multiple choice question
This PR was merged into the 2.7 branch.
Discussion
----------
Fix missing abstract key in XmlDumper
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
Unless I'm missing something, the abstract key was missing in the XmlDumper. I noticed it when using `debug:container some_abstract_service` and was seeing "no" for abstract.
When this merges to 3.3, the `services-abstract.xml` will need to change to this:
```xml
<?xml version="1.0" encoding="utf-8"?>
<container xmlns="http://symfony.com/schema/dic/services" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://symfony.com/schema/dic/serviceshttp://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
<service id="service_container" class="Symfony\Component\DependencyInjection\ContainerInterface" synthetic="true"/>
<service id="foo" class="Foo" abstract="true"/>
<service id="Psr\Container\ContainerInterface" alias="service_container" public="false"/>
<service id="Symfony\Component\DependencyInjection\ContainerInterface" alias="service_container" public="false"/>
</services>
</container>
```
Commits
-------
40f60ec60d Fixing missing abstract attribute in XmlDumper
This PR was squashed before being merged into the 2.7 branch (closes#22748).
Discussion
----------
[Intl] Fix bin/common.php PHP7 compatibility
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22735
| License | MIT
Created for Symfony 2.7 version which is the oldest maintained impacted branch.
Commits
-------
c2ccf36 [Intl] Fix bin/common.php PHP7 compatibility
This PR was squashed before being merged into the 2.7 branch (closes#22627).
Discussion
----------
[Intl] Update ICU data to 59.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The [GMT timezone has been split from the UTC](http://site.icu-project.org/download/59) timezone [in CLDR](http://cldr.unicode.org/index/downloads/cldr-31) (which ICU is based on).
For example, the code blow:
* before ICU 59.1 would return "GMT" in all cases
* with ICU 59.1 it returns "UTC" for the first three ('z', 'zz', 'zzz')
and "Coordinated Universal Time" for the last two ('zzzz', 'zzzzz').
```php
foreach (['z', 'zz', 'zzz', 'zzzz', 'zzzzz'] as $pattern) {
$formatter = new \IntlDateFormatter('en', IntlDateFormatter::MEDIUM, IntlDateFormatter::SHORT, new \DateTimeZone('UTC'), IntlDateFormatter::GREGORIAN, $pattern);
var_dump($formatter->format(new \DateTime('@0')));
}
```
Similarly Form's `DateTimeToLocalizedStringTransformer` is also affected:
```php
$transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, \IntlDateFormatter::FULL);
var_dump($transformer->transform(new \DateTime('2010-02-03 04:05:06 UTC')));
// ICU 58.2: '03.02.2010, 04:05:06 GMT'
// ICU 59.1: '03.02.2010, 04:05:06 Koordinierte Weltzeit'
```
Refer to added and modified test cases for more changes. I split this PR in two commits for easier review. First commit updates ICU data (generated files), the second updates code and test cases to be compatible with updated data.
Commits
-------
5d3d1b25e0 [Intl][Form] Update tests, TimeZoneTransformer, and DateTimeToLocalizedStringTransformer for the GMT and UTC split in ICU
00acb37205 [Intl] Update ICU data to 59.1
The [GMT timezone has been split from the UTC](http://site.icu-project.org/download/59) timezone [in CLDR](http://cldr.unicode.org/index/downloads/cldr-31) (which ICU is based on).
For example, the code blow:
* before ICU 59.1 would return "GMT" in all cases
* with ICU 59.1 it returns "UTC" for the first three ('z', 'zz', 'zzz')
and "Coordinated Universal Time" for the last two ('zzzz', 'zzzzz').
```php
foreach (['z', 'zz', 'zzz', 'zzzz', 'zzzzz'] as $pattern) {
$formatter = new \IntlDateFormatter('en', IntlDateFormatter::MEDIUM, IntlDateFormatter::SHORT, new \DateTimeZone('UTC'), IntlDateFormatter::GREGORIAN, $pattern);
var_dump($formatter->format(new \DateTime('@0')));
}
```
Similarly Form's `DateTimeToLocalizedStringTransformer` is also affected:
```php
$transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, \IntlDateFormatter::FULL);
var_dump($transformer->transform(new \DateTime('2010-02-03 04:05:06 UTC')));
// ICU 58.2: '03.02.2010, 04:05:06 GMT'
// ICU 59.1: '03.02.2010, 04:05:06 Koordinierte Weltzeit'
```
Refer to added and modified test cases for more changes. I split this PR in two commits for easier review. First commit updates ICU data (generated files), the second updates code and test cases to be compatible with updated data.
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Avoid unnecessary route lookup for empty logout path
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no-ish
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
i first included this with #22572 where having `logout: { path: ~ }` makes more sense for disabling logout path matching/generation. But currently it's already allowed and causes an unneeded route lookup and url generation.
Commits
-------
2967807b14 [Security] Avoid unnecessary route lookup for empty logout path
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Do not duplicate Helper::strlen() code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
01c2c099a4 [Console] Do not duplicate Helper::strlen() code
Tests that require network access can be problematic, because they
depend on some external state not under your control. That can lead to
"random" failures when the code in question actually works fine. The
Filesystem component has one such test, and this commit adds it to the
"network" group (for PHPUnit).
Doing so lets the user skip that particular test, by running phpunit
with the --exclude-group flag. We take advantage of this in Gentoo,
where every user has the ability to run the test suite but network
access is forbidden.
This PR was squashed before being merged into the 2.7 branch (closes#22453).
Discussion
----------
Fix minor phpdoc mismatches with the code(detected by phan)
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | no
Fix minor mismatches between phpdoc and the type of the code itself, detected by etsy/phan (Prevent confusion in the future)
The actual return types of a few functions have changed from int to bool where preg_match or `&` was used.
Fix optional param before required param in src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php
The config used and the rest of the output is at https://gist.github.com/TysonAndre/91bed0e16583301f1e6e5cc2a4807081 (Uses some patches to etsy/phan that weren't merged to master yet)
Commits
-------
12f1239565 Fix minor phpdoc mismatches with the code(detected by phan)
This PR was squashed before being merged into the 2.7 branch (closes#22528).
Discussion
----------
[Asset] Starting slash should indicate no basePath wanted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish... and no-ish
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
**Important** View the second commit for an accurate diff. The first commit just renames some strings in a test for clarity.
When we moved `PathPackage` from `Templating` to `Asset`, we actually changed its behavior. Assume that we're deployed under a `/subdir` subdirectory:
**Before** `{{ asset('/main.css') }}` would *not* have the base path prefixed -> `/main.css`
**After** `{{ asset('/main.css') }}` *does* have the base path prefixed -> `/subdir/main.css`
3adff11d72/src/Symfony/Component/Templating/Asset/PathPackage.php (L61-L63)
This PR simply reverses that, to the *previous* behavior. This *is* a BC break... and also arguably a bug fix :). Interestingly, when we changed the behavior the first time (i.e. broke BC), I don't think that anyone noticed. It should only affect users deployed under a subdirectory.
Why do I care? I'm using the new `JsonManifestVersionStrategy` with a library that is outputting paths that *already* include my subdirectory:
```json
{
"build/main.css": "/subdir/build/main.abc123.css"
}
```
So, I do not want Symfony to detect the `/subdir` and apply it a second time.
Commits
-------
3cc096b540 [Asset] Starting slash should indicate no basePath wanted
This PR was merged into the 2.7 branch.
Discussion
----------
[Asset] Preventing the base path or absolute URL from being prefixed incorrectly
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes an edge case (which I need) where the version strategy returns an absolute URL. Currently, if this happens, the baseUrl or basePath is prefixed - giving `https://baseurl.com/https://pathreturnedfromversioning.com` or `/basePath/https://pathreturnedfromversioning.com`.
I don't see any reason to prevent an absolute URL from being returned by the version strategy. And it's not a BC break, because the previous paths that were returned were nonsense.
Cheers!
Commits
-------
746c91eea4 Preventing the base path or absolute URL from being prefixed incorrectly on an absolute URL
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] XmlEncoder: fix negative int and large numbers handling
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #22329, #22333 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Alternative to #22333.
* Negative integers are now handled
* Float are now handled
* Large numbers are converted to float (as the `JsonEncoder` and native PHP functions like `ceil` do)
@vlastv, I've adapted your test. Can you check if it fixes your problem?
Commits
-------
1eeadb0c98 [Serializer] XmlEncoder: fix negative int and large numbers handling
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Add throws PHPDoc in Application::run()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | /
| License | MIT
| Doc PR | /
Same idea than merged #22411.
Commits
-------
28332afb38 Add trhows PHPDoc in Application::run
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Set exit status to 255 on error
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes (no easily testable in fact)
| Fixed tickets | #20775
| License | MIT
| Doc PR | -
Commits
-------
67e249dc81 [Debug] Set exit status to 255 on error
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add `use_strict_mode` in validOptions for session
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9258
| License | MIT
| Doc PR |
PHP ini `session.use_strict_mode` was added in PHP 5.5.2 so I didn't target 2.8 as this still uses PHP 5.3. https://secure.php.net/manual/en/session.configuration.php#ini.session.use-strict-mode
Commits
-------
130ee327d4 Add `use_strict_mode` in validOptions for session
This PR was submitted for the 2.8 branch but it was merged into the 2.7 branch instead (closes#22307).
Discussion
----------
[Debug] Fix php notice
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Of course autoloading of an empty string should not actually happen (fixed that in https://github.com/twigphp/Twig/pull/2438) but if it does happen it should not throw a php notice.
```
Notice: Uninitialized string offset 0
```
Commits
-------
e333a1a [Debug] Fix php notice
This PR was merged into the 2.7 branch.
Discussion
----------
fix some more risky tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Continuation of #22066 fixing the tests for the following components:
* Config
* Form
* HttpFoundation
* Security
Commits
-------
fffcd247b2 fix some risky tests
This PR was merged into the 2.7 branch.
Discussion
----------
[ExpressionLanguage] Provide the expression in syntax errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19445
| License | MIT
| Doc PR | n/a
This finishes the PR #19449.
Commits
-------
7cd744133d Complete the injection of the expression in all syntax errors
dc55db2a9d add expression text to SyntaxError
This PR was squashed before being merged into the 2.7 branch (closes#22232).
Discussion
----------
CS: Remove invisible chars
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
I found out that we have 2 non-visible in regular IDE chars in codebase.
One is just inside a comment, it could be safely removed.
But second is inside a real code, I have replaced it with `pack`, so one won't accidentally replace non-breaking space with regular space.
Commits
-------
0f623f4 CS: Remove invisible chars
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Improve the exceptions when trying to get the data in a PRE_SET_DATA listener and the data has not already been set
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22103
| License | MIT
| Doc PR | -
Commits
-------
ef39b704cc [Form] Improve the exceptions when trying to get the data in a PRE_SET_DATA listener and the data has not already been set
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix table cell styling
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | tiny one
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Fixes an issue with newlines and table cells. Remembered this little trick from @chalasr as we had it before with style blocks i believe..
```php
$table = new Table($output);
$table->setRows(array(
array(new TableCell('<error>Dont break'."\n".'here</error>', array('colspan' => 2))),
new TableSeparator(),
array('foo', new TableCell('<error>Dont break'."\n".'here</error>', array('rowspan' => 2))),
array('bar'),
));
$table->render();
```
Before
![image](https://cloud.githubusercontent.com/assets/1047696/24467857/74dacc9e-14b6-11e7-8f62-3831508ac949.png)
After
![image](https://cloud.githubusercontent.com/assets/1047696/24467923/bb578f0e-14b6-11e7-85ed-039cd73b81a0.png)
Commits
-------
53ecf8393e [Console] Fix table cell styling
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] CommandTester: disable color support detection
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
By default, the command tester relies on [color support guessing](3fe419cf66/src/Symfony/Component/Console/Output/StreamOutput.php (L91)) to enable output decoration.
This is an issue for tests in that guessing is done against the stream instance on Linux and against the actual environment running the test on Windows, so color support can be detected on Windows even when the used stream is a memory stream like here, resulting in non-deterministic tests.
This PR disables output decoration by default. This will only change behavior on Windows with color support, as guessing on Linux always detects color as not supported for memory streams anyway. Tests should enable decoration explicitly when they want to test it.
A better fix would be to actually detect that we are using a memory stream on Windows as well, but I'm not sure it's possible.
Commits
-------
3fe419cf66 Disable color support detection for tests
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should make 2.7 green again on Travis.
Commits
-------
ba8f46ad23 [HttpKernel] Fix test
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] normalize paths before making them relative
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22083
| License | MIT
| Doc PR |
Commits
-------
d50ffa1de7 normalize paths before making them relative
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][DX] MockArraySessionStorage: phpdocs update
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
967f7a7add MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fixed roles serialization on token from user object
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #14274 |
| License | MIT |
| Doc PR | - |
This PR fixes the serialization of tokens when using `Role` objects provided from the user. Indeed, there were actually a reference issue that can causes fatal errors like the following one:
```
FatalErrorException in RoleHierarchy.php line 43:
Error: Call to a member function getRole() on string
```
Here is a small code example to reproduce and its output:
``` php
$user = new Symfony\Component\Security\Core\User\User('name', 'password', [
new Symfony\Component\Security\Core\Role\Role('name')
]);
$token = new Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, 'password', 'providerKey', $user->getRoles());
$serialized = serialize($token);
$unserialized = unserialize($serialized);
var_dump($unserialized->getRoles());
```
Before:
```
array(1) { [0]=> bool(true) }
```
After:
```
array(1) { [0]=> object(Symfony\Component\Security\Core\Role\Role)#15 (1) {["role":"Symfony\Component\Security\Core\Role\Role":private]=> string(4) "name" } }
```
Thank you
Commits
-------
dfa7f5020e [Security] Fixed roles serialization on token from user object
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] simplify the SwitchUserListenerTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While working on #22048 I noticed that the `SwitchUserListenerTest` was more complicated than necessary by mocking a lot of stuff that didn't need to be mocked.
Commits
-------
923bbdbf9f [Security] simplify the SwitchUserListenerTest
This PR was squashed before being merged into the 2.7 branch (closes#21968).
Discussion
----------
Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21967
| License | MIT
| Doc PR |
With improper `strpos` result check calculated pathinfo for requests starting with '?' equals to request itself.
Correct pathinfo for those requests should be '/'.
Commits
-------
43297b45de Fixed pathinfo calculation for requests starting with a question mark.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The first "host" in the list provided by `X_FORWARDED_HOST` should be the one, not the last.
Already the case for "port" and "scheme".
Commits
-------
9a2b2de64f [HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was squashed before being merged into the 2.7 branch (closes#22099).
Discussion
----------
HttpCache: New test for revalidating responses with an expired TTL
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
See #22035, in particular [this and the following comments](https://github.com/symfony/symfony/pull/22035#issuecomment-287572234).
Commits
-------
067ab52ba0 HttpCache: New test for revalidating responses with an expired TTL
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] [XML] Ignore Process Instruction
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22005
| License | MIT
| Doc PR | N/A
This Pull request ignores Process instruction data in XML for decoding the data.
Commits
-------
0c741f5704 [Serializer] [XML] Ignore Process Instruction
This PR was merged into the 2.7 branch.
Discussion
----------
fix some risky tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
PHPUnit 6 marks tests as risky when they have no assertions (and are not marked as skipped or incomplete). This PR will update our test suite accordingly.
Component that still need to be covered:
- [ ] Config
- [ ] Form
- [ ] HttpFoundation
- [ ] Security
- [ ] Workflow
Commits
-------
abf1787dcc fix some risky tests
This PR was squashed before being merged into the 2.7 branch (closes#22012).
Discussion
----------
[DI] [YamlFileLoader] change error message of a non existing file
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22007
| License | MIT
| Doc PR | symfony/symfony-docs
This PR replaces the error message when non existing Yaml file is loaded. It gives more sense for the user.
Commits
-------
1c2ea97585 [DI] [YamlFileLoader] change error message of a non existing file
This PR was squashed before being merged into the 2.7 branch (closes#21523).
Discussion
----------
#20411 fix Yaml parsing for very long quoted strings
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20411
| License | MIT
| Doc PR | no
This is a second fix for the issue discussed in #20411. My first PR (#21279) didn't fix the bug in all cases, sorry.
If a YAML string has too many spaces in the value, it can trigger a `PREG_BACKTRACK_LIMIT_ERROR` error in the Yaml parser.
There should be no behavioural change other than the bug fix
I have included a test which fails before this fix and passes after this fix.
I have also added checks that detect other PCRE internal errors and throw a more descriptive exception. Before this patch, the YAML engine would often give incorrect results, rather than throwing, on a PCRE `PREG_BACKTRACK_LIMIT_ERROR` error.
Commits
-------
c9a1c09182#20411 fix Yaml parsing for very long quoted strings
This PR was merged into the 2.7 branch.
Discussion
----------
Use PHP functions as array_map callbacks when possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We already do that in 99% of the cases ... but there were 3 occurrences where we didn't do it.
Commits
-------
405bd4cc81 Use PHP functions as array_map callbacks when possible
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Use proper line endings in BufferedOutput
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
`BufferOutput` should be consistent with `StreamOutput` when writing newlines.
I faced an issue using this class in tests where the expected output was platform dependent (using `PHP_EOL` too).
Commits
-------
33946e69c0 Use proper line endings
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] context listener: hardening user provider handling
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #4498
| License | MIT
| Doc PR |
After the wrong fix in #21791 this is the second attempt to solve #4498. If more than one user provider support the user for the current context, all of them will be applied instead of returning prematurely when the first user provider does not find the logged in user.
Commits
-------
0fb09293fd context listener: hardening user provider handling
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] fix Kernel name when stored in a directory starting with a number
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20489
| License | MIT
| Doc PR | -
replaces #20750
Commits
-------
f244eb8414 [HttpKernel] fixed Kernel name when stored in a directory starting with a number
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed typo in a test after #21877
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Reviewing the diff on GitHub, I realized I've missed some typos in a new test of #21877. Sorry!
Commits
-------
b21a0978de [Form] Fixed typo in a test after #21877
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Hardened form type tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
This one the PRs to come targeting 2.7 needed to harden the code base before doing some changes in master.
It takes care of the form types tests part (even if some other tests will be added later, it will also be easier after it), and unlocks merging https://github.com/symfony/symfony/pull/21481.
It also back ports tests added in https://github.com/symfony/symfony/pull/18357 for the TextType.
Since it's very hard to merge branches when modifying tests because of BC, and making every test type extend the base type test would involve many function calls to get the tested type, the function `getTestedType` is no longer abstract and return a constant to override instead, it's much better for performance, I didn't change the call in the base type test to keep BC but I suggest to deprecate it in master. Even if those are tests I really think it is worth keeping BC here.
The constants also ease testing in the ecosystem of form related libraries that need to be compatible with Symfony 2.7 and 3. I think using "test" as both prefix and suffix on namespaces, classes and names of the constants should discourage using them in real application code. Since this is just about our test suite, I don't think this should be considered a feature, so tis change should be good for 2.7.
Two other PRs will follow to solve conflicts in 2.8 and 3.2.
I missed last month patches, I hope I won't this time :).
Commits
-------
8cfc3e92ed [Form] Hardened form type tests
This PR was squashed before being merged into the 2.7 branch (closes#21671).
Discussion
----------
[Serializer] Xml encoder throws exception for valid data
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21617
| License | MIT
| Doc PR | None
#21617 Xml encoder throws exception for valid data
- add tests for bool and object encoding
- fix encoding for object in array and field
Commits
-------
5c2d4c671e [Serializer] Xml encoder throws exception for valid data
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] fix Composer constraint
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The `MAX_USERNAME_LENGTH` constant introduced by #18733 that is used in the `UsernamePasswordFormAuthenticationListener` was first part of Symfony 2.7.13 and 2.8.6.
Commits
-------
69a572d [Security] fix Composer constraint
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] fix test class location
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Keeping the test file in the old location means that it is not available in the `symfony/security-http` subtree split.
Commits
-------
1ed0092 fix test class location
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Ignore hidden directories when loading routes from annotations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21497
| License | MIT
| Doc PR | -
The problem surfaced after implementing #18869. Therefore it doesn't exist on 2.7, but I'd still merge it there to avoid conflicts when merging between branches. Without this fix, the oldest branch the added test will fail is 3.2.
Commits
-------
ce9df0237c [Routing] Ignore hidden directories when loading routes from annotations
This PR was squashed before being merged into the 2.7 branch (closes#21267).
Discussion
----------
[Form] Fix ChoiceType to ensure submitted data is not nested unnecessarily
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fixed ChoiceType to protect against some problem caused by treating of array.
Let's say we have the choice-form like:
```php
$form = $factory->create(ChoiceType, null, [
'choices' => [
'A',
'B',
'C',
],
'expanded' => true,
'multiple' => true,
]);
```
Then, submit data like this:
```php
$form->submit([
[], // unnecessality nested
]);
```
(Yes, I agree in most cases these situation doesn't happen, but can be)
Then, we get `array_flip(): Can only flip STRING and INTEGER values!` error at [here](6babdb3296/src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php (L114)).
Even if form is not `multiple`, annoying `Array to string conversion` error occurs in [here](6babdb3296/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php (L144)) (via [ChoicesToValuesTransformer](5129c4cf7e/src/Symfony/Component/Form/Extension/Core/DataTransformer/ChoicesToValuesTransformer.php (L74))).
(As far as I know, non-multiple and non-expanded form has no problem, thanks to [ChoiceToValueTransformer](6babdb3296/src/Symfony/Component/Form/Extension/Core/DataTransformer/ChoiceToValueTransformer.php (L43)))
To resolve these problems, I just added a simple-validation listener to choice type.
Commits
-------
64d7a82d28 [Form] Fix ChoiceType to ensure submitted data is not nested unnecessarily
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] add tests for specific mapping keys
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | see https://github.com/symfony/symfony/pull/21643#discussion_r101703130
| License | MIT
| Doc PR |
Commits
-------
b8e0d705f6 [Yaml] add tests for specific mapping keys
This PR was merged into the 2.7 branch.
Discussion
----------
Fix emacs link
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes (minor)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
When an Emacs buffer is modified, by default Emacs automatically creates a
temporary symlink in the same directory as the file being edited (e.g. Controller.php):
```
.#Controller.php -> user@host.12345:1296583136
```
where '12345' is [the Emacs' PID][1].
In this case Symfony breaks with a RuntimeException:
```
SplFileInfo::getMTime(): stat failed for ...Bundle/Controller/.#APIController.php
```
in
vendor/symfony/symfony/src/Symfony/Component/Config/Resource/DirectoryResource.php
at line 89
```
$newestMTime = max($file->getMTime(), $newestMTime);
```
[1]: https://www.gnu.org/software/emacs/manual/html_node/emacs/Interlocking.html
Commits
-------
c6f7ca6fa1 Fix RuntimeException when an Emacs buffer is modified
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Reduce nesting in YamlFileLoader
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We don't need to check if $this->classes is empty, because isset takes care of it in next call anyway
Diffs on GH are hard to read for this type of change, here is old and new code:
```php
public function loadClassMetadata(ClassMetadataInterface $classMetadata)
{
if (null === $this->classes) {
$this->classes = $this->getClassesFromYaml();
}
if (!$this->classes) {
return false;
}
if (isset($this->classes[$classMetadata->getName()])) {
$yaml = $this->classes[$classMetadata->getName()];
if (isset($yaml['attributes']) && is_array($yaml['attributes'])) {
...
}
return true;
}
return false;
}
```
```php
public function loadClassMetadata(ClassMetadataInterface $classMetadata)
{
if (null === $this->classes) {
$this->classes = $this->getClassesFromYaml();
}
if (!isset($this->classes[$classMetadata->getName()])) {
return false;
}
$yaml = $this->classes[$classMetadata->getName()];
if (isset($yaml['attributes']) && is_array($yaml['attributes'])) {
...
}
return true;
}
```
Commits
-------
45f0b16 [Serializer] Reduce nesting in YamlFileLoader
When an Emacs buffer is modified, by default Emacs automatically creates a
temporary symlink in the same directory as the file being edited (e.g. Controller.php):
```
.#Controller.php -> user@host.12345:1296583136
```
where '12345' is Emacs' PID.
In this case Symfony breaks with a RuntimeException:
```
SplFileInfo::getMTime(): stat failed for ...Bundle/Controller/.#APIController.php
```
in
vendor/symfony/symfony/src/Symfony/Component/Config/Resource/DirectoryResource.php
at line 89
```
$newestMTime = max($file->getMTime(), $newestMTime);
```
This PR was squashed before being merged into the 2.7 branch (closes#21790).
Discussion
----------
[Intl] Update ICU data to 58.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ICU 58.2 was released: http://site.icu-project.org/download/58
Commits
-------
d135e5cd2f [Intl] Make tests pass after the ICU data update
65faa1043d [Intl] Update ICU data to 58.2
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] do not guess getter method names
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5219, #18700
| License | MIT
| Doc PR | TODO
Commits
-------
bd3a90a0c3 [Validator] do not guess getter method names
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] check for circular refs caused by method calls
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19362
| License | MIT
| Doc PR |
Before we check for circular references, dependencies coming from method calls are not part of the dependency graph. That why the pass is not able to detect circular references like the one described in #19362 during compilation of the container.
If we add another check after all the optimisation passes have been processed, we should be able to detect these circular references too.
Commits
-------
fe4f7eccf7 check for circular refs caused by method calls
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] fix upper camel case conversion (see #21399)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21399
| License | MIT
Improve upper camel case support of CamelCaseToSnakeCaseConverter (`ThisIsATest` now converts to `this_is_a_test` instead of `_this_is_a_test`).
Commits
-------
81e771ca1a [Serializer] fix upper camel case conversion (see #21399)
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Updated phpdoc on return types
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The return type of “ask” is not necessarily a string (notice that “doAsk” may return mixed type).
Same for “validateAttempts” (validator may return something else than a string).
Commits
-------
442a304292 [Console] Updated phpdoc on return types
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Auto register extension configuration classes as a resource
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Auto-register an extension configuration class as a resource from a compiler pass; not implicitly by the base extension class.
Causing some extensions to register its configuration, whereas others dont (e.g. framework bundle).
Fixes consistent cache invalidation whenever a configuration definition changes.
Commits
-------
142416b7d4 [DI] Auto register extension configuration classes as a resource
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] property constraints can be added in child classes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21538, #21567
| License | MIT
| Doc PR |
This reverts the changes done in #21053 (and applies the test written by @angelk in #21538). I think trying to "fix" #15950 with the changes from #21053 was a mistake. Child classes should be able to refine validation constraints (I basically agree with @ro0NL's reasoning in https://github.com/symfony/symfony/issues/21567#issuecomment-278729990.
Commits
-------
9513a8aa52 property constraints can be added in child classes
a266ff799c added test for staticClassLoader in LazyLoadingMetadatafactory
This PR was squashed before being merged into the 2.7 branch (closes#21458).
Discussion
----------
[Config] Early return for DirectoryResource
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | sure?
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets |
| Related PRs | #21440
| License | MIT
| Doc PR | n/a
Alternate PR that implements an early return for `DirectoryResource` to increase the speed on large file sets. We can never return early with `true` without checking all assets within the resource, as the aforementioned referenced PR did; hence this PR takes the counter approach and returns `false` early where appropriate.
_Conversation about possible bug at https://github.com/symfony/symfony/pull/21458#discussion_r98366339._
Commits
-------
d5746ecfd2 fix directory resource considers same timestamp not fresh
96107e21f1 return false early from directory resource
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed DateType format option for single text widget
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
It's currently not possible to use a custom format with `DateType` when not using one of the three values day, month or year (i.e in my case "MM/yyyy").
The formatter handles it, it looks like this option check is wrong, this PR fixes it.
Commits
-------
9e0d531d36 [Form] Fixed DateType format option
This PR was squashed before being merged into the 2.7 branch (closes#21430).
Discussion
----------
Casting TableCell value to string.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21429
| License | MIT
| Doc PR |
PHP throws a catchable fatal error when the value from this method is
used in strstr in the Table class. This fixes the error by casting to a string before returning the value.
Commits
-------
1e5707fed3 Casting TableCell value to string.