* 3.4:
Bump phpunit bridge cache id
[appveyor] fix create-project phpunit
Fix HttpKernel Debug requirement
Fix heredoc
use final annotation to allow mocking the class
synchronise the form builder docblock
Grammar fix in exception message
fix tests
forward the parse error to the calling code
[Debug][DebugClassLoader] Match more cases for final, deprecated and internal classes / methods extends
ensure compatibility with older PHPUnit mocks
[Security] Do not mix usage of password_*() functions and sodium_*() ones
* 3.4:
fixed CS
fixed short array CS in comments
fixed CS in ExpressionLanguage fixtures
fixed CS in generated files
fixed CS on generated container files
fixed CS on Form PHP templates
fixed CS on YAML fixtures
fixed fixtures
switched array() to []
* 4.2:
properly fix tests on PHP 5
fix tests on PHP 5
remove doubled dot from exception message
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
[Intl] make type-hinted arguments nullable
[DI] Fixed wrong factory method in exception
Changed gender choice types to color
Fix unnecessary use
remove no longer needed PHP version checks
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
* 4.1:
properly fix tests on PHP 5
fix tests on PHP 5
remove doubled dot from exception message
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
[Intl] make type-hinted arguments nullable
[DI] Fixed wrong factory method in exception
Changed gender choice types to color
remove no longer needed PHP version checks
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
* 3.4:
properly fix tests on PHP 5
fix tests on PHP 5
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
Changed gender choice types to color
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Correctly Render Signed URIs Containing Fragments
| Q | A
| ------------- | ---
| Branch? | `3.4`
| Bug fix? | yes
| New feature? | no
| BC breaks? | no?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- Rebuild the URL with the computed hash instead of appending it onto the end of the fragment.
- Update unit tests, and add new unit test to cover URIs that include fragments.
Commits
-------
b9ece6bde7 [HttpKernel] Correctly Render Signed URIs Containing Fragments
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpKernel] Set the default locale early
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Similar to #29186, the default locale isn't set till after the router so isn't available when trying to handle errors there (well, only the _default_ default locale is).
Commits
-------
02c9f352d9 Set the default locale early
This PR was merged into the 4.3-dev branch.
Discussion
----------
[HttpKernel] Increase priority of AddRequestFormatsListener
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19469
| License | MIT
| Doc PR |
Currently `AddRequestFormatsListener` has a low priority, so it won't fire before others like `RouterListener` which can create problems (eg when listening for a HTTP exception thrown by the router you don't have access for any custom types).
IMO this map should be in the application rather than set on every request, but the same can be achieved by giving it a high priority. (Can't think of a reason for it to not be first...)
Commits
-------
9bf313660d Increase priority of AddRequestFormatsListener
Rebuild the URL with the computed hash instead of appending it onto the end of the URI, preventing incorrect formatting when dealing with URIs containing fragments.
* 4.1:
[Routing] fix trailing slash redirections involving a trailing var
[EventDispatcher] Revers event tracing order
[Security] Prefer clone over unserialize(serialize()) for user refreshment
[Console] OutputFormatter: move strtolower to createStyleFromString
Adjust tests to work in the armhf architecture. Fixes#29281.
Vietnamese translations improvement
[Form] Fixed FormErrorIterator class phpdoc
Renamed test controller from Controller to TestController so it doesn't show up in the IDE autocomplete.
Don't use he in docs when its not needed
EventSubscriberInterface isn't a man
fixed public directory of web server and assets install when configured in composer.json
* 3.4:
[EventDispatcher] Revers event tracing order
[Security] Prefer clone over unserialize(serialize()) for user refreshment
[Console] OutputFormatter: move strtolower to createStyleFromString
Adjust tests to work in the armhf architecture. Fixes#29281.
Vietnamese translations improvement
[Form] Fixed FormErrorIterator class phpdoc
Renamed test controller from Controller to TestController so it doesn't show up in the IDE autocomplete.
Don't use he in docs when its not needed
EventSubscriberInterface isn't a man
fixed public directory of web server and assets install when configured in composer.json
* 4.1:
Undeprecate the single-colon notation for controllers
Command::addOption should allow int in $default
Update symfony links to https
[Form] Fixed keeping hash of equal \DateTimeInterface on submit
[PhpUnitBridge] Fix typo
[Routing] generate(null) should throw an exception
[Form] Minor fixes in docs and cs
[Workflow] Made code simpler
[Config] Unset key during normalization
[Form] Fixed empty data for compound date types
invalidate forms on transformation failures
[FrameworkBundle] fixed guard event names for transitions
method buildTransitionBlockerList returns TransitionBlockerList of expected transition
[FrameworkBundle] fixed guard event names for transitions
[PropertyAccessor] Fix unable to write to singular property using setter while plural adder/remover exist
This notation is the only way to support controllers as services in the 3.4
LTS version.
This deprecation has only a very small benefit for the Symfony codebase (the
amount of code involved is very small), but has a huge cost for the community
which cannot avoid this deprecation without dropping support for the LTS or
making crazy logic to switch routing files (as they cannot switch things
inline in YAML or XML files).
This deprecation will be delayed until a future 5.x version, when the current
LTS will be 4.4 (which supports the new notation).
* 4.1:
SCA: removed unused variables
Remove duplicate condition
fix useless space in docblock
remove unneeded tearDown method
[Intl] Update the ICU data to 63.1
[FrameworkBundle] Fix broken exception message
[Messenger] send using the routing_key for AMQP transport
also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session
[TwigBundle] Fix usage of TwigBundle without FrameworkBundle
Revert "fixed CS"
[Serializer] Reduce class discriminator overhead
Skip empty proxy code
[Security] Fix "exclude-from-classmap"
[Security] Removed unsed trait import
[Config] Fix @method annotation
add missing double-quotes to extra_fields output message
[DI] Default undefined env to empty string during compile
Convert InsufficientAuthenticationException to HttpException
* 4.1:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 3.4:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 2.8:
improve docblocks around group sequences
[WebProfilerBundle] added a note in the README
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
Caching missed templates on cache warmup
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26731
| License | MIT
| Doc PR | -
By creating Cookie instances using `null` for the `$secure` argument, this PR allows making cookies inherit their "secure" attribute from the request.
This PR also adds a forward to make $secure=null and samesite=lax the defaults in Symfony 5.0:
- either define all constructor's arguments explicitly
- or use the new `Cookie::create()` factory
Commits
-------
9493cfd5f2 [HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
* 4.1:
[appveyor] fix
[DI] Fix dumping some complex service graphs
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
added missing LICENSE file
remove cache warmers when Twig cache is disabled
[Workflow] Make sure we do not run the next transition on an updated state
change baseUrl to basePath to fix wrong profiler url
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
* 4.1:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
remove unnecessary instanceof in MongoDbSessionHandler
[HttpFoundation] fixed using _method parameter with invalid type
Renaming internal test class to help auto-completion
[Intl] Replace svn with git in the icu data update script
[Messenger] Fix error message on undefined message class for non-subscriber handler
[HttpFoundation] Fix Cookie::isCleared
* 4.0:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 3.4:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 2.8:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 4.1:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.0:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 3.4:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 2.8:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.1:
fix merge
bumped Symfony version to 4.1.3
[PhpUnitBridge] Describe weak_vendors properly
[HttpKernel] Fix merging bindings for controllers' locators
updated VERSION for 4.1.2
updated CHANGELOG for 4.1.2
bumped Symfony version to 4.0.14
updated VERSION for 4.0.13
updated CHANGELOG for 4.0.13
bumped Symfony version to 3.4.14
updated VERSION for 3.4.13
updated CHANGELOG for 3.4.13
bumped Symfony version to 2.8.44
Chaining senders with their aliases should work
* 4.0:
[HttpKernel] Fix merging bindings for controllers' locators
bumped Symfony version to 4.0.14
updated VERSION for 4.0.13
updated CHANGELOG for 4.0.13
bumped Symfony version to 3.4.14
updated VERSION for 3.4.13
updated CHANGELOG for 3.4.13
bumped Symfony version to 2.8.44
* 3.4:
[HttpKernel] Fix merging bindings for controllers' locators
bumped Symfony version to 3.4.14
updated VERSION for 3.4.13
updated CHANGELOG for 3.4.13
bumped Symfony version to 2.8.44
* 4.1:
updated VERSION for 2.8.43
update CONTRIBUTORS for 2.8.43
updated CHANGELOG for 2.8.43
backported translations
Fixed templateExists on parse error of the template name
* 4.0:
updated VERSION for 2.8.43
update CONTRIBUTORS for 2.8.43
updated CHANGELOG for 2.8.43
backported translations
Fixed templateExists on parse error of the template name
* 3.4:
updated VERSION for 2.8.43
update CONTRIBUTORS for 2.8.43
updated CHANGELOG for 2.8.43
backported translations
Fixed templateExists on parse error of the template name
* 2.8:
updated VERSION for 2.8.43
update CONTRIBUTORS for 2.8.43
updated CHANGELOG for 2.8.43
backported translations
Fixed templateExists on parse error of the template name
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Fixed templateExists on parse error of the template name
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28001
| License | MIT
| Doc PR | -
9bfa971bc5/src/Symfony/Bundle/FrameworkBundle/Templating/TemplateNameParser.php (L49-L51)
Commits
-------
53347c42fd Fixed templateExists on parse error of the template name
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpKernel][FrameworkBundle] Turn HTTP exceptions to HTTP status codes by default
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25844
| License | MIT
| Doc PR | -
When an exception is thrown, *if it is not handled* then it will be reinjected as a 2nd exception event via `HttpKernel::terminateWithException()`. When this happens, this will generate a proper HTTP status code.
Commits
-------
80b0739fc2 [HttpKernel][FrameworkBundle] Turn HTTP exceptions to HTTP status codes by default
* 4.1:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[Workflow] Update phpdoc to fit a used className
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
[Form] Fix fixtures for forward compat
[Lock] Fix SemaphoreStoreTest on OS X
Ensure the class discriminator mechanism works with serialization groups as well
fix handling of empty DI extension configs
* 4.0:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
* 3.4:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
This PR was merged into the 4.1 branch.
Discussion
----------
[VarDumper] Fix dumping by splitting Server/Connection out of Dumper/ServerDumper
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27622
| License | MIT
| Doc PR | -
Right now, the `dump()` function is broken on 4.1 as soon as one sets up a `dump_destination` for the dump server (as done by default by our Flex recipe). #27397 describes the issue and proposes a tentative fix. Yet, I think the issue is deeper and exists at the design level. Writting to the server should not happen in a `DumperInterface`, that's not its semantics. Instead, I propose a `Connection` object that will allow `DumpDataCollector` to have all the info it requires to do everything on its own.
My bad for not spotting this at the review stage.
Commits
-------
1435d677be [VarDumper] Fix dumping by splitting Server/Connection out of Dumper/ServerDumper
* 4.1:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Ensure updateTimestamp returns a boolean
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 4.0:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 3.4:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 2.8:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[Validator] Remove BOM in some xlf files
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] fix session tracking in surrogate master requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted while looking at ESI fragments resolved by`HttpCache`: right now when the master request starts the session, fragments are not cacheable anymore, even when they do not use the session.
Commits
-------
146e01cb44 [HttpKernel] fix session tracking in surrogate master requests
* 4.1: (22 commits)
[HttpKernel] Fix restoring trusted proxies in tests
Update UPGRADE-4.0.md
[Messenger] Fix suggested enqueue adapter package
bumped Symfony version to 4.1.1
updated VERSION for 4.1.0
updated CHANGELOG for 4.1.0
Insert correct parameter_bag service in AbstractController
Revert "feature #26702 Mark ExceptionInterfaces throwable (ostrolucky)"
CODEOWNERS: some more rules
removed unneeded comments in tests
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] fix registering IDE links
update UPGRADE-4.1 for feature #26332 Form field help option
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
bumped Symfony version to 4.1.0
updated VERSION for 4.1.0-BETA3
updated CHANGELOG for 4.1.0-BETA3
...
* 4.0:
[HttpKernel] Fix restoring trusted proxies in tests
Update UPGRADE-4.0.md
CODEOWNERS: some more rules
removed unneeded comments in tests
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] fix registering IDE links
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
[Serializer] Fix serializer tries to denormalize null values on nullable properties
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
* 3.4:
[HttpKernel] Fix restoring trusted proxies in tests
Update UPGRADE-4.0.md
CODEOWNERS: some more rules
removed unneeded comments in tests
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] fix registering IDE links
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
[Serializer] Fix serializer tries to denormalize null values on nullable properties
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
* 2.8:
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
This PR was squashed before being merged into the 2.8 branch (closes#26973).
Discussion
----------
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | improvement
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ---
| License | MIT
| Doc PR | ---
SubRequest used in `InlineFragmentRendered` explicitly sets `$server['REMOTE_ADDR']` to `127.0.0.1`. Therefore, it's required to configure `127.0.0.1` address in TRUSTED_PROXIES environment variable. Without that, `Request::isFromTrustedProxy()` will return false.
The current behavior might be a little bit problematic, for instance, in case where images are rendered through subrequests. These might end-up with an incorrect schema in URL (`http` instead of `https`).
Commits
-------
18f55feef8 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
* 4.1: (26 commits)
Revert "bug #27312 Supress deprecation notices thrown when getting private servies from container in tests (arderyp)"
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
bumped Symfony version to 4.0.12
[FrameworkBundle] Fix using test.service_container when Client is rebooted
[DI] never inline lazy services
updated VERSION for 4.0.11
updated CHANGELOG for 4.0.11
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
Tweak Argon2 test config
[HttpFoundation] Fix cookie test with xdebug
[FrameworkBundle] cleanup generated test container
[Serializer] Check the value of enable_max_depth if defined
...
* 4.0:
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
bumped Symfony version to 4.0.12
[DI] never inline lazy services
updated VERSION for 4.0.11
updated CHANGELOG for 4.0.11
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
[HttpFoundation] Fix cookie test with xdebug
[Serializer] Check the value of enable_max_depth if defined
[DI] remove dead code
[PhpUnitBridge] silence some stderr outputs
[Validator] Update sl translation
* 3.4:
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
[DI] never inline lazy services
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
[HttpFoundation] Fix cookie test with xdebug
[Serializer] Check the value of enable_max_depth if defined
[DI] remove dead code
[PhpUnitBridge] silence some stderr outputs
[Validator] Update sl translation
This PR was merged into the 4.2-dev branch.
Discussion
----------
[DI] Allow binding by type+name
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This would allow to bind by type + argument name, e.g.:
```yaml
bind:
Psr\Log\LoggerInterface $logger: @logger
```
Allows more precise targets for bindings as it will match only if both the type and the name match.
Works with scalar/array types also for consistency.
Commits
-------
32fc58df8b [DI] Allow binding by type+name
* 3.4:
fix merge
[Security] Fix logout
Cleanup 2 tests for the HttpException classes
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Config] Fix tests when path contains UTF chars
[DI] Shared services should not be inlined in non-shared ones
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Cache][Lock] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
[DI] Display previous error messages when throwing unused bindings
Suppress warnings when open_basedir is non-empty
* 4.1:
[Messenger] Middleware factories support in config
[HttpKernel] Make TraceableValueResolver $stopwatch mandatory
[Messenger] Improve the profiler panel
[Workflow] Added DefinitionBuilder::setMetadataStore().
[Messenger][DX] Uses custom method names for handlers
[Messenger] remove autoconfiguration for Sender/ReceiverInterface
[Messenger] Make sure default receiver name is set before command configuration
[HttpKernel] Fix services are no longer injected into __invoke controllers method
Rename tag attribute "name" by "alias"
Autoconfiguring TransportFactoryInterface classes
[Messenger] Fix new AMQP Transport test with Envelope
Fixed return senders based on the message parents/interfaces
[Messenger] Make sure Sender and Receiver locators have valid services
[Workflow] add is deprecated since Symfony 4.1. Use addWorkflow() instead
[Messenger] Fix TraceableBus with envelope
Ensure the envelope is passed back and can be altered Ensure that the middlewares can also update the message within the envelope
feature #26945 [Messenger] Support configuring messages when dispatching (ogizanagi)
Add more tests around the AMQP transport
* 4.0:
PhpDoc: There is no attempt to create the directory
Avoiding an error when an unused service has a missing base class
Add an implementation just for php 7.0
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
* 3.4:
PhpDoc: There is no attempt to create the directory
Avoiding an error when an unused service has a missing base class
Add an implementation just for php 7.0
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Catch HttpExceptions when templating is not installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #25844
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
- [x] Test manually
- [x] Check for BC breaks
- [x] Needs tests
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
4e527aa bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
* 4.0: (22 commits)
[appveyor] use PHP 7.1 to run composer
[HttpKernel] Don't clean legacy containers that are still loaded
[VarDumper] Fix HtmlDumper classes match
Make the simple auth provider the same as in Symfony 2.7.
[PhpUnitBridge] silence wget
fix merge
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[PhpUnitBridge] Fix#26994
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[DI] Add check of internal type to ContainerBuilder::getReflectionClass
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
Add type hints
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
[HttpFoundation] Add functional tests for Response::sendHeaders()
...
* 3.4: (22 commits)
[appveyor] use PHP 7.1 to run composer
[HttpKernel] Don't clean legacy containers that are still loaded
[VarDumper] Fix HtmlDumper classes match
Make the simple auth provider the same as in Symfony 2.7.
[PhpUnitBridge] silence wget
fix merge
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[PhpUnitBridge] Fix#26994
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[DI] Add check of internal type to ContainerBuilder::getReflectionClass
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
Add type hints
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
[HttpFoundation] Add functional tests for Response::sendHeaders()
...
* 2.8:
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
Fixed being logged out on failed attempt in guard
* 2.7:
[VarDumper] Remove decoration from actual output in tests
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Send cookies using header() to fix "SameSite" ones
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25344
| License | MIT
| Doc PR | -
Commits
-------
73fec237da [HttpFoundation] Add functional tests for Response::sendHeaders()
e350ea000f [HttpFoundation] Send cookies using header() to fix "SameSite" ones
* 4.0:
Fix tests
PropertyInfo\DoctrineExtractor - There is bug when indexBy is meta key
Fix PercentType error rendering.
[minor] SCA
[Cache] Inline some hot function calls
fixed Silex project's URL
fixed deprecations in tests
fixed Twig URL
[Cache] Add missing `@internal` tag on ProxyTrait
fix formatting arguments in plaintext format
Fix PSR exception context key
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
fix rendering exception stack traces
[Routing] Fix loading multiple class annotations for invokable classes
* 3.4:
fixed deprecations in tests
fixed Twig URL
[Cache] Add missing `@internal` tag on ProxyTrait
fix formatting arguments in plaintext format
Fix PSR exception context key
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
fix rendering exception stack traces
[Routing] Fix loading multiple class annotations for invokable classes
* 2.8:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
* 2.7:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
This PR was squashed before being merged into the 4.1-dev branch (closes#26833).
Discussion
----------
[HttpKernel] Added support for timings in ArgumentValueResolvers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
This feature provides timings for the supports and resolve methods for each individual argument value resolver. It was already possible to see the `controller.get_arguments` timing, but it was impossible to track a possible performance issue any further without using different tools. I've explicitly added the `supports` method as well, as it might otherwise hide performance issues. The `ServiceValueResolver` for example, does a `container::has`, which in turn might trigger a factory method, which might trigger a query for example.
~~Due to the feature freeze I've already added this to 4.2. If for some reason it's okay to still merge it into 4.1, I can update the upgrade files.~~ - Changed to 4.1
##### *Without performance issue*
![image](https://user-images.githubusercontent.com/1754678/38416250-6cf45528-3994-11e8-91d4-2472c97c6c50.png)
##### *With performance issue*
![image](https://user-images.githubusercontent.com/1754678/38416266-7966eb7c-3994-11e8-9dc5-a99daa8f9a69.png)
Commits
-------
1c0d8928aa [HttpKernel] Added support for timings in ArgumentValueResolvers
This PR was squashed before being merged into the 2.7 branch (closes#26643).
Discussion
----------
Fix that ESI/SSI processing can turn a "private" response "public"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Under the condition that
* we are merging in at least one *embedded* response,
* all *embedded* responses are `public`,
* the *main* response is `private` and
* all responses use expiration-based caching (note: no `s-maxage` on the *main* response)
... the resulting response will turn to `Cache-Control: public`.
The real issue is that when all responses use expiration-based caching, a combined max age is computed. This is set on the *main* response using `Response::setSharedMaxAge()`, which implicitly sets `Cache-Control: public`.
The fix provided in this PR solves the problem by applying the same logic to the *main* response that is applied for *embedded* responses, namely that responses with `!Response::isCacheable()` will make the resulting response have `Cache-Control: private, no-cache, must-revalidate` and have `(s)max-age` removed.
This makes the change easy to understand, but makes responses uncacheable too often. This is because the `Response::isCacheable()` method was written to determine whether it is safe for a shared cache to keep the response, which is not the case as soon as a `private` response is involved. This might be improved upon in another PR.
Commits
-------
3d27b5946d Fix that ESI/SSI processing can turn a \"private\" response \"public\"
* 4.0:
[HttpKernel] Make ServiceValueResolver work if controller namespace starts with a backslash in routing
Add d-block to bootstrap 4 alerts
[Console] Don't go past exact matches when autocompleting
[DI] Improve error message for non-autowirable scalar argument
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
[HttpKernel] Dont create mock cookie for new sessions in tests
* 3.4:
[HttpKernel] Make ServiceValueResolver work if controller namespace starts with a backslash in routing
Add d-block to bootstrap 4 alerts
[Console] Don't go past exact matches when autocompleting
[DI] Improve error message for non-autowirable scalar argument
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
[HttpKernel] Dont create mock cookie for new sessions in tests
* 4.0: (24 commits)
moved Twig runtime to proper class
fixed deprecated messages in tests
add PHP errors options to XML schema definition
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
Import InvalidArgumentException in PdoAdapter
[DI] Do not suggest writing an implementation when multiple exist
[Intl] Update ICU data to 61.1
Use 3rd person verb form in command description
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
[DI] Fix hardcoded cache dir for warmups
[Routing] fix tests
[Routing] Fixed the importing of files using glob patterns that match multiple resources
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
[WebProfilerBundle] use the router to resolve file links
no type errors with invalid submitted data types
...
* 3.4: (24 commits)
moved Twig runtime to proper class
fixed deprecated messages in tests
add PHP errors options to XML schema definition
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
Import InvalidArgumentException in PdoAdapter
[DI] Do not suggest writing an implementation when multiple exist
[Intl] Update ICU data to 61.1
Use 3rd person verb form in command description
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
[DI] Fix hardcoded cache dir for warmups
[Routing] fix tests
[Routing] Fixed the importing of files using glob patterns that match multiple resources
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
[WebProfilerBundle] use the router to resolve file links
no type errors with invalid submitted data types
...
* 2.8:
fixed deprecated messages in tests
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 2.7:
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
This PR was squashed before being merged into the 4.1-dev branch (closes#26681).
Discussion
----------
Allow to easily ask Symfony not to set a response to private automatically
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR is related to the many discussions going on about the latest (Symfony 3.4+) changes regarding the way Symfony handles the session. I think we're almost there now, Symfony 4.1 automatically turns responses into `private` responses once the session is started and it's all done in the `AbstractSessionListener` where the session is also saved.
In other issues/PRs (https://github.com/symfony/symfony/pull/25583, https://github.com/symfony/symfony/pull/25699, https://github.com/symfony/symfony/issues/24988) it was agreed that setting the response to `private` if the session is started is a good default for Symfony. It was also agreed that setting it to `private` does not always make sense because you **can share a response** across sessions, it just requires a more complex caching setup with shared user context etc.
So there must be an easy way to disable this behaviour. Right now it's very hard to do so because what you end up doing is basically decorating the `session_listener` which is very hard because you have to keep track on that over different Symfony versions as the base listener might get additional features etc.
The [FOSCacheBundle](https://github.com/FriendsOfSymfony/FOSHttpCacheBundle/pull/438) is already having this problem, [Contao](https://github.com/contao/core-bundle/pull/1388) has the same issue and there will be probably more. Basically everyone that wants to share a response cache across the session will have to decorate the default listener. That's just too hard, so I came up with this solution. The header is easy. Every project can add that easily. It does not require any extension, configuration or adjustment of any service. It's clean, transparent and has absolutely no impact on "default" Symfony setups.
Would be happy to have some feedback before 4.1 freeze.
Commits
-------
0f36710708 Allow to easily ask Symfony not to set a response to private automatically