This PR was submitted for the 3.3 branch but it was squashed and merged into the 4.1-dev branch instead (closes#23617).
Discussion
----------
[PropertyInfo] Add hassers for accessors prefixes
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | None
| License | MIT
| Doc PR | -
In the component PropertyInfo
In the class ReflectionExtractor Add hassers in the accessors prefixes
Because I think it's common to have readable properties with method like this:
hasChildren()
Commits
-------
03bce5e50c [PropertyInfo] Add hassers for accessors prefixes
This PR was submitted for the 3.4 branch but it was merged into the 4.1-dev branch instead (closes#23582).
Discussion
----------
[Console] Improve Table performance
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | might
| New feature? | might as well
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Little memory gain for console tables :)
`setRows(array_fill(0, 1000000, [str_repeat('x', 100)]))`
Before: +-20ms / +- 900mb
After: +- 20ms / +- 530mb
Next step could be to open public API for `iterable`, although we pre-iterate rows for calculation interally, it could be a nice feature :)
Commits
-------
2c9922e8af [Console] Improve Table performance
This PR was merged into the 4.1-dev branch.
Discussion
----------
[LocaleValidator] Use `Symfony\Component\Intl\Locale` instead of `\Locale` + read aliases from bundle only if it is required
|Q |A |
|--- |--- |
|Branch |master|
|Bug fix? |no |
|New feature? |no |
|BC breaks? |no |
|Deprecations?|no |
|Tests pass? |yes |
|Fixed tickets|n/a |
|License |MIT |
|Doc PR |n/a |
Commits
-------
63497e1761 Use `Symfony\Component\Intl\Locale` instead of `\Locale` + read aliases from bundle only if it is required
This PR was merged into the 4.1-dev branch.
Discussion
----------
Always show all deprecations except legacy ones when not weak
When using any mode but the weak mode, you want your build to fail on some or
all deprecations, but it is still nice to be able to see what you could
fix without having to change modes.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
9e37873860 Always show all deprecations except legacy ones
This PR was squashed before being merged into the 4.1-dev branch (closes#25582).
Discussion
----------
[Form] Support \DateTimeImmutable
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9508
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/8920
This PR implements `input=datetime_immutable`. Replaces #25273.
Commits
-------
034f8b2f23 [Form] Support \DateTimeImmutable
This PR was merged into the 4.1-dev branch.
Discussion
----------
[Workflow] Add PlantUML dumper to workflow:dump command
| Q | A
| ------------- | ---
| Branch | 4.1
| Bug fix | no
| New feature | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | Will do depending on the comments about that PR
Hello,
`workflow:dump` exports workflows in `dot` format. To me, this format is not the easiest and not the simplest to use. Styles and logic are mixed together which makes it hard to read.
[PlantUML](http://plantuml.com/) is a tool based on Graphviz like Dot but that
generates nicer diagrams, more readable and most of all easier to adapt to your
documentation. Just copy and paste the PUML on the website you will see the rendering live.
Also, there is a [PHPStorm Plugin](https://plugins.jetbrains.com/plugin/7017-plantuml-integration) and [plenty of integration](http://plantuml.com/running) of this format.
This PR adds 2 options
* a `--dump-format=puml` option to the `workflow:dump` command to generate the workflows in PlantUML.
* a `--puml-transition-format=square|arrow` option to the `workflow:dump` command to generate the workflows in PlantUML using a square shape or arrow for the transition. (see below)
The conversion requires the PlantUML JAR, and can be used like that:
```bash
php bin/console workflow:dump pull_request --dump-format=puml | java -jar plantuml.jar -p > workflow.png
```
> don't forget the `-p` to enable the "piping"
Here is an example with `pull_request` workflow of the documentation (with no style and no marking):
```
@startuml
title pull_request
state start <<initial>>
state coding
state travis
state review
state merged
state closed
start --> travis: submit
coding --> travis: update
travis --> travis: update
review --> travis: update
travis --> review: wait_for_review
review --> coding: request_change
review --> merged: accept
review --> closed: reject
closed --> review: reopen
@enduml
```
As PlantUML let us define styles, I have provided some by default that the user can override.
Adding some marking:
```bash
php bin/console workflow:dump pull_request travis review --dump-format=puml
```
will give us:
```
@startuml
sprite $sf_logo [81x20/16z] {
hPNRaYiX24K1xwBo_tyx6-qaCtDEJ-KXLYMTLbp0HWcHZr3KRDJ8z94HG3jZn4_mijbQ2ryJoFePtXLWA_qxyGy19DpdY_10z11ZAbGjFHRwcEbcKx5-wqsV
yIMo8StMCHKh8ZUxnEwrZiwRAUOvy1lLcPQF4lEFAjhzMd5WOAqvKflS0Enx8PbihiSYXM8ClGVAseIWTAjCgVSAcnYbQG79xKFsZ0VnDCNc7AVBoPSMcTsX
UnrujbYjjz0NnsObkTgnmolqJD4QgGUYTQiNe8eIjtx4b6Vv8nPGpncn3NJ8Geo9W9VW2wGACm_JzgIO8A8KXr2jUBCVGEAAJSZ6JUlsNnmOzmIYti9G7bjL
8InaHM9G40NkwTG7OxrggvNIejA8AZuqyWjOzTIKi-wwYvjeHYesSWuPiTGDN5THzkYLU4MD5r2_0PDhG7LIUG33z5HtM6CP3icyWEVOS61sD_2ZsBfJdbVA
qM53XHDUwhY0TAwPug3OG9NonRFhO8ynF3I4unuAMDHmSrXH57V1RGvl9jafuZF9ZhqjWOEh98y0tUYGsUxkBSllIyBdT2oM5Fn2-ut-fzsq_cQNuL6Uvwqr
knh4RrvOKzxZfLV3s0rs_R_1SdYt3VxeQ1_y2_W2
}
title pull_request
skinparam titleBorderRoundCorner 15
skinparam titleBorderThickness 2
skinparam state {
BackgroundColor<<initial>> #87b741
BackgroundColor<<marked>> #3887C6
BorderColor #3887C6
BorderColor<<marked>> Black
FontColor<<marked>> White
}
state start <<initial>>
state coding
state travis <<marked>>
state review <<marked>>
state merged
state closed
start --> travis: submit
coding --> travis: update
travis --> travis: update
review --> travis: update
travis --> review: wait_for_review
review --> coding: request_change
review --> merged: accept
review --> closed: reject
closed --> review: reopen
footer \nGenerated by <$sf_logo> **Workflow Component** and **PlantUML**
@enduml
```
Which gives you that:
With `square` as transition, it gives you that:
Hope you will find that interesting!
Commits
-------
1497d36cab Add option to the workflow:dump command to allow PlantUML format dump
This PR was merged into the 4.1-dev branch.
Discussion
----------
[Serializer] Fix security issue on CsvEncoder about CSV injection
| Q | A
| ------------- | ---
| Branch? | master (4.1)
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I read [this article](http://georgemauer.net/2017/10/07/csv-injection.html) about CSV injection and I thought it best to update the `CsvEncoder` so that it does not generate potentially malicious CSV files by default.
Commits
-------
a1b0bdbbac Fix security issue on CsvEncoder
This PR was merged into the 4.1-dev branch.
Discussion
----------
[Security] The AuthenticationException should implements Security's ExceptionInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25770
| License | MIT
| Doc PR | ø
Dunno why this is the case right now but this probably should not. Was reported by @paq85.
Commits
-------
0ee4cf1019 The Security Component's exceptions should implements Security's ExceptionInterface
This PR was merged into the 4.1-dev branch.
Discussion
----------
[WebProfilerBundle] Improve controller linking
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I propose to remove the `Controller class` entry from the request toolbar panel, IMHO it's confusing/useless compared to the linked `Controller` entry above. They represent the same.
To preserve its value it's now used as title attribute instead, favored over controller file currently being used here. We can read that from the statusbar anyway :-)
Before: (hovering ontroller link)
After: (hovering ontroller link)
Commits
-------
f6c0dc64e6 [WebProfilerBundle] Improve controller linking
This PR was squashed before being merged into the 4.1-dev branch (closes#26036).
Discussion
----------
Added support for getting default values in Accept headers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25877
| License | MIT
| Doc PR | -
Commits
-------
7e31fd94df Added support for getting default values in Accept headers
This PR was merged into the 4.1-dev branch.
Discussion
----------
Deprecated the AdvancedUserInterface
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #23292
| License | MIT
| Doc PR | ~
This PR deprecates the usages of the `AdvancedUserInterface`.
Commits
-------
8456f3b Deprecated the AdvancedUserInterface
* 4.0:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
* 3.4:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
This PR was merged into the 4.1-dev branch.
Discussion
----------
[HttpFoundation] we should not pass size on FileBag removing the contruct parameter
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25466 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | none
We may have forgotten this one, thanks to @craue for seeing it !
Commits
-------
0db65b5 fix tests
820186f [HttpFoundation] we should not pass size on FileBag
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I recently let Europe's leading accessibility experts (Funkanu.se) review a site of mine, they gave me (among other) the feedback that errors should be a part of the label.
They said that it makes no sense for blind users to read label, read input and then read errors.
I know the implementation might look strange. But I wish something like this would be merged. That would be great for accessibility for all apps using Symfony.
We *could* also make sure it prints something like:
```
<label for=”name”>Name: <span class=”hidden”>Error message</span></label>
<input id=”name” type=”text”>
<span aria-hidden=”true”>Error message</span>
```
Commits
-------
a0b40f5 [Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
This PR was merged into the 4.1-dev branch.
Discussion
----------
Unwrap errors in FlattenException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | no (but probably unrelated?)
| Fixed tickets | #26025
| License | MIT
| Doc PR | N/A
This is probably the most straightforward way to solve #26025. `FlattenException` is now unwrapping `FatalThrowableError` instances and logs the wrapped error instead. The consequence of this change is that the real error class is displayend on TwigBundle's exception page and the profiler.
Regarding BC: If we assume that `FlattenException` is used for rendering and logging, everything should be fine. But this PR changes `FlattenException`'s internal behavior. If a piece of code relied on errors appearing `FatalThrowableError` inside a `FlattenException`, that code would break.
<img width="402" alt="bildschirmfoto 2018-02-02 um 20 08 42" src="https://user-images.githubusercontent.com/1506493/35760077-0b202940-087e-11e8-9b98-8e4ba269780c.png">
Commits
-------
f14d7d6 Unwrap errors in FlattenException.
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Only using filemtime to check file freshness
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25999
| License | MIT
Commits
-------
52c9cb4 [Config] Only using filemtime to check file freshness
