This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
improve PlaintextPasswordEncoder docBlock summary
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Updates class summary as suggested in tkt #35927 & pr #35929 to suggest the encoder is for test usage.
Commits
-------
622facfe94 Tweak message
a56d262639 improve PlaintextPasswordEncoder docBlock summary
This PR was merged into the 3.4 branch.
Discussion
----------
Add Spanish translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
@javiereguiluz I know it's not very significant, but in order to make distinction between `must be` and `should be`, shouldn't translation no. 94 be changed to `Este valor debería estar entre...`?
Commits
-------
9e67b57baa Add Spanish translation
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] NumberToLocalizedStringTransformer return int if scale = 0
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35775
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
2993fc9fc5 Return int if scale = 0
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] add German translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
9d837ecb34 add German translation
This PR was merged into the 3.4 branch.
Discussion
----------
[DomCrawler][Form] Fix PHPDoc on get & offsetGet
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`FormFieldRegistry::get()` returns mixed. For example, it can return an array when the field is a collection.
Commits
-------
f8735cc47b [DomCrawler][Form] Fix PHPDoc on get & offsetGet
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Remove specific check for Valid targets
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
As covered by `ClassMetadataTest::testAddConstraintDoesNotAcceptValid`, this check is useless, as `Valid` already accepts only properties as targets.
This check is a [leftover of a time](9b07b0c672) `Valid` was extending `Traverse` which was allowing classes & properties.
The `Valid` targets are properly checked by the lines above, the same way as other constraints.
Commits
-------
0086562c77 [Validator] Remove specific check for Valid targets
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[ExpressionLanguage] Fixed collisions of character operators with object properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Expression `foo.not in [bar]` compiles to invalid php code:
```
$foo->not in[$bar]
```
Added check for absence of a dot before of the character operators.
PS. I apologize for not starting the issue before create PR. I considered this bug is minor, but obvious.
Commits
-------
4b83ae7547 [ExpressionLanguage] Fixed collisions of character operators with object properties
This PR was merged into the 3.4 branch.
Discussion
----------
[Ldap] force default network timeout
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The default network timeout is infinite, which makes no sense and can block workers.
Note that LDAP supports also "timelimit" options, but those are max-durations for LDAP queries. We cannot limit them by default.
Commits
-------
63f9e013a1 [Ldap] force default network timeout
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Add the missing translations for the Polish ("pl") locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
Fabbot indicates a typo, but there is no typo. The English word `address` is `adres` in Polish (with a single d and a single s).
Commits
-------
8c4de564a8 [Validator] Add the missing translations for the Polish ("pl") locale
This PR was squashed before being merged into the 3.4 branch (closes#35657).
Discussion
----------
[Security] Fix exception name in doc comments
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f10098e9f1 [Security] Fix exception name in doc comments
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fix handling of empty_data's \Closure value in Date/Time form types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33188
| License | MIT
| Doc PR | -
Basically this would solve the posibility to pass a `\Closure` to the `empty_data` option for Date/Time form types.
> https://symfony.com/doc/current/reference/forms/types/form.html#empty-data
> If a form is compound, you can set empty_data as an array, object or **closure**. See the [How to Configure empty Data](https://symfony.com/doc/current/form/use_empty_data.html) for a Form Class article for more details about these options.
Also related to https://github.com/symfony/symfony/pull/29182
Commits
-------
4939f0e323 Fix handling of empty_data's \Closure value in Date/Time form types
This PR was squashed before being merged into the 3.4 branch (closes#35552).
Discussion
----------
[Translation][Debug] Add installation and minimal example to README
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | -
At SymfonyCon, we decided to test out removing some component documentation from the official docs. These were duplicating quite some information of the main guides and were confusing people that used the components in the framework.
I think it's good to reintroduced the composer installation command and a very minimal example in the README's of the component. This doesn't require maintenance and can kickstart people to gain knowledge on how to use the component.
For now, we've (re)moved the Debug and Translation component docs, so that's why I've only modified those README's.
cc @symfony/team-symfony-docs
Commits
-------
b52b7b9fd6 [Translation][Debug] Add installation and minimal example to README
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] check for __get method existence if property is uninitialized
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35544
| License | MIT
Resolve bug #35544.
On PHP 7.4, check if object implements `__get` magic method if property is reported as uninitialized before returning null.
Commits
-------
427bc3aa18 [Validator] try to call __get method if property is uninitialized
This PR was merged into the 3.4 branch.
Discussion
----------
[DependencyInjection] Fix typo in test name
Rename testThrowsExceptionWhenAddServiceOnACompiledContainer to testNoExceptionWhenAddServiceOnACompiledContainer.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (technically)
| New feature? | no
| Deprecations? | no
| Tickets | #35505
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
9cbfad5853 [DependencyInjection] #35505 Fix typo in test name
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml][Inline] Fail properly on empty object tag and empty const tag
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Rework of https://github.com/symfony/symfony/pull/35208 to not end up in `parseScalar` with an empty string or a boolean (and thus, avoid unfriendly error such as `Trying to access array offset on value of type bool`).
Ping @xabbuh
Commits
-------
bdf02c0a7e [Yaml][Inline] Fail properly on empty object tag and empty const tag
This PR was merged into the 3.4 branch.
Discussion
----------
[DomCrawler] Skip disabled fields processing in Form
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28179
| License | MIT
Commits
-------
c73b042044 bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] SymonfyStyle - Check value isset to avoid PHP notice
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34093
| License | MIT
| Doc PR | n/a
This PR addresses the issue when a default value is not a valid choice. Currently this would throw a notice which outputs to the console.
This fix is a similar implementation to the `QuestionHelper`: https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Console/Helper/QuestionHelper.php#L63
Example console command and output can be found in the issue: #34093
Commits
-------
c9072c70ef Check value isset to avoid PHP notice
This PR was squashed before being merged into the 3.4 branch (closes#35305).
Discussion
----------
[HttpKernel] Fix stale-if-error behavior, add tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #24248
| License | MIT
| Doc PR |
This PR adds the first tests for `stale-if-error` logic in `HttpCache`.
It also fixes an observation from #24248: For responses that have been cached as `public` with an `ETag` but without a lifetime, in case of an error the stale response will be served forever (= as long as the error persists), even beyond the configured `stale-if-error` grace period.
Furthermore, it tries to improve compliance with RFC 7234: Stale responses must not be sent (under no condition) if one of
* `no-cache`
* `must-revalidate`
* `proxy-revalidate` or
* `s-maxage` (sic) is present.
This can be found in the corresponding chapters of Section 5.2.2 for these directives, but is also summarized in [Section 4.2.4](https://tools.ietf.org/html/rfc7234#section-4.2.4) as
> A cache MUST NOT generate a stale response if it is prohibited by an explicit in-protocol directive (e.g., by a "no-store" or "no-cache" cache directive, a "must-revalidate" cache-response-directive, or an applicable "s-maxage" or "proxy-revalidate" cache-response-directive; see Section 5.2.2).
Because disabling of `stale-if-error` for `s-maxage` responses probably has a big impact on the usefulness of that feature in practice, it has to be enabled explicitly with a new config setting `strict_smaxage` (defaulting to `false`).
Commits
-------
ad5f427bed [HttpKernel] Fix stale-if-error behavior, add tests
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Use supportsClass in addition to UnsupportedUserException
| Q | A
| ------------- | ---
| Branch? | 3.4+
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35045
| License | MIT
| Doc PR | ~
This PR fixes the issue where user providers rely on just the UnsupportedUserException from `refreshUser()`, causing a flow where users are wrongfully re-authenticated.
There's one issue where `refreshUser()` can do far more sophisticated checks on the user class, which it will never reach if the class is not supported. As far as I know it was never intended to support instances that are rejected by `supportsClass()`, though people could've implemented this (by accident). So the question is more if we should add a BC layer for this; for example:
```php
try {
$refreshedUser = $provider->refreshUser($user);
$newToken = clone $token;
$newToken->setUser($refreshedUser);
if (!$provider->supportsClass($userClass)) {
if ($this->shouldCheckSupportsClass) {
continue;
}
// have to think of a proper deprecation here for 6.0
@trigger_error('Provider %s does not support user class %s via supportsClass() while it does support it via refreshUser .. please set option X and fix %s::supportsUser() ', E_USER_DEPRECATED);
}
```
This would prevent behavior from breaking but also means we can't fix this on anything less than 5.1.
Commits
-------
d3942cbe17 Use supportsClass where possible
This PR was merged into the 3.4 branch.
Discussion
----------
[Filesystem] chown and chgrp should also accept int as owner and group (3.4)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Reference: https://github.com/symfony/symfony/pull/35356#issuecomment-575526299
Commits
-------
6b811e6b4c chown and chgrp should also accept int as owner and group
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fix plurals for sr_Latn validation messages
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35276
| License | MIT
validators.sr_Latn.xlf (Serbian, written with latin script) has wrong plurals for all validation message translations that require them (only two where there should be three). This commit fixes that by adding the missing third plural-translation.
Commits
-------
207cdafd54 [Validator] Fix plurals for sr_Latn (Serbian language written in latin script) validation messages
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30428
| License | MIT
| Doc PR | n/a
fixes case #30428
implemented as in AutowiringPass
Commits
-------
b3a2173c8e [DI] deferred exceptions in ResolveParameterPlaceHoldersPass
This PR was merged into the 3.4 branch.
Discussion
----------
[Dotenv] Fixed infinite loop with missing quote followed by quoted value
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34642
| License | MIT
| Doc PR |
If there's a quote missing to end a value and in the next line there's again a quoted value Dotenv will run into an infinite loop. An .env file with the following content will result in this error:
```
FOO="foo
BAR="bar"
```
See #34642 for more details.
Commits
-------
eb69e135b2 [Dotenv] Fixed infinite loop with missing quote followed by quoted value
This PR was merged into the 3.4 branch.
Discussion
----------
[Security\Http] Prevent canceled remember-me cookie from being accepted
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35198
| License | MIT
| Doc PR | -
`RememberMeServices::autoLogin()` only checks that the cookie exists in `$request->cookies` while `loginFail()` only alter `$request->attributes` (which allows child implementations to read the canceled cookie for e.g. removing a persistent one).
This makes `autoLogin()` checks for `request->attributes` first, which fixes the linked issue.
Failure expected on deps=high build.
Commits
-------
9b711b87fe [Security] Prevent canceled remember-me cookie from being accepted
If there's a quote missing to end a value and in the next line there's again a quoted value Dotenv will run into an infinite loop. An .env file with the following content will result in this error:
```
FOO="foo
BAR="bar"
```
See #34642 for more details.
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] Fix BC issue in phpDoc Reflection library
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35077
| License | MIT
The used phpDocumentor library DocBlockReflection contained a BC break
that broke this component. The patch was applied in the recently released v4.3.4
version. But since it is unclear how long this issue existed it is not possible
to exclude a certain version. Therefor also `\RuntimeExpception` needs to be caught.
The BC break is possibly caused by a change in the TypeResolver library used by the
DocBlockReflection which is now supporting the more popular generics notation for arrays.
This PR might need some tests but the current test cases are not very clear to me. Instead of patching the code we could also try to ban the broken versions of the used phpdoc libraries, but that would require much more testing, and doesn't really add any value. Especially because the DocBlockReflection and TypeResolver are used by over half a million projects. It would raise more questions than just patching the behavior of the PropertyInfo component.
We are sorry that this issue slipt through our QA pipeline. The linked issue already showed that the issue is now fixed by just doing a `composer update` but it is not very convenient to leave this known issue in symfony.
Commits
-------
bad07ec557 Fix BC issue in phpDoc Reflection library
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] ensure to expect no validation for the right reasons
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
8d46f95f4c ensure to expect no validation for the right reasons
This PR was merged into the 3.4 branch.
Discussion
----------
[Translator] fix performance issue in MessageCatalogue and catalogue operations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In our project we use lots of catalogue operations during importing of translations to our system and we ran into performance issue. Code profiler showed lots or `array_replace` calls in [MessageCatalogue::add](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Component/Translation/MessageCatalogue.php#L128) method. This method is actually called by [MessageCatalogue::set](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Component/Translation/MessageCatalogue.php#L70), which is quite an overkill, because `MessageCatalogue::set` is meant to set only one translation at a time. Method was reworked. `MergeOperation` and `TargetOperation` was reworked as well to use this improved `MessageCatalogue::set` method instead of constructing array with only one translation and passing it to `MessageCatalogue::add` method.
Table shows execution time before and after
| | Time in seconds (avg. of 10 executions)
----------- | ------
Before | 50
After | 8
Looks like 4.* and 5.* versions can also be improved by the same changes.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
5179af4796 [Translator] Performance improvement in MessageCatalogue and catalogue operations.
The used phpDocumentor library DocBlockReflection contained an BC break
that broke this component. The patch was applied in the recent released v4.3.4
version. But since it is unclear how long this issue existed it is not possible
to exclude a certain version. Therefor also `\RuntimeExpception` needs to be catched.
The BC break is possibly caused by a change in the TypeResolver library used by the
DocBlockReflection which is now supporting the more populair generics notation for arrays.
This PR was merged into the 3.4 branch.
Discussion
----------
[Translation] Use `locale_parse` for computing fallback locales
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
As done in this PR https://github.com/symfony/symfony/pull/24157 for the `Intl` component, the `Translation` component should use `locale_parse` as well when available.
It will allow to manage [BCP 47](https://tools.ietf.org/html/bcp47) locales, which is why it is considered a bugfix ([locale_set_default](https://www.php.net/manual/en/locale.setdefault.php) is using BCP 47 compliant locale).
As done with the forementioned PR, there is also a fallback to make it work with `-`.
Sadly, I think it will create some conflicts when merging it upstream since the modified code has changed little by little.
Commits
-------
3657c0e664 Use locale_parse for computing fallback locales
This PR was merged into the 3.4 branch.
Discussion
----------
Fixed test added in #35022
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4, 4.3, 4.4 or 5.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes/no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
6eeec7c270 Fixed test added in #35022
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] skip looking for config class when the extension class is anonymous
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34613
| License | MIT
| Doc PR | -
Commits
-------
1c7eda4649 [DI] skip looking for config class when the extension class is anonymous
This PR was merged into the 3.4 branch.
Discussion
----------
Use `::class` constants instead of `__NAMESPACE__` when possible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Related to #34987
| License | MIT
| Doc PR | no
Form component has a lot of built-in form types. Some of them were implemented from the very beginning. In most of them there is a such method
```php
/**
* {@inheritdoc}
*/
public function getParent()
{
return __NAMESPACE__.'\TextType';
}
```
This `getParent()` method was refactored in Symfony 2.8. The upgrade instructions are given here https://github.com/symfony/symfony/blob/2.8/UPGRADE-2.8.md#form
I think the `__NAMESPACE__.'\TextType';` expression was used because Symfony 2.8 was using `"php": ">=5.3.9"`, and the constant `::class` was added only in PHP 5.5
Now this line can be refactored into
```php
/**
* {@inheritdoc}
*/
public function getParent()
{
return TextType::class;
}
```
For example new form types, that were added later, already using the `::class` constant.
https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Extension/Core/Type/ColorType.php#L23https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Extension/Core/Type/TelType.php#L23
So, in this pull request I propose to refactor all old form types to use `::class` constant. It will give a benefit during the future refactoring, because IDE or static analysers will find all usages of parent class. Unlike the `__NAMESPACE__.'\TextType';` line, which doesn't show the real link to the class for IDE or static analysers, and it could complicate finding all usages of parent class.
Commits
-------
32bf50abca Use `::class` constants instead of `__NAMESPACE__` when possible
This PR was merged into the 3.4 branch.
Discussion
----------
CS for AccessDecisionManager
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #34548
| License | MIT
| Doc PR | -
As discussed in #34548 with @nicolas-grekas here's a CS change for the `AccessDecisionManager`
Commits
-------
b3742ec493 CS
This PR was squashed before being merged into the 3.4 branch (closes#34791).
Discussion
----------
[Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
When trying to read from an uninitialized property in PHP 7.4, a `TypeError` is generated, see https://wiki.php.net/rfc/typed_properties_v2#uninitialized_and_unset_properties. This PR fixes the issue.
Commits
-------
1ed8e42d15 [Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Improve performance of processDefinition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | kind of
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR |
Saves some time during container compilation by instantiating the reflection class only once. In my case this speeds up container compilation in dev mode by ~10% (saves almost 100k calls to `getReflectionClass`).
Tests still run locally and my compiled container was identical pre and post change, but I found this improvement by Blackfire profiling and am not familiar with the surrounding code, so it would be great if someone could doublecheck if the change causes problems.
Commits
-------
41b56eac29 [DI] Improve performance of processDefinition
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator][ConstraintValidator] Safe fail on invalid timezones
Co-authored-by: Scott Dawson <scott@loyaltycorp.com.au>
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/33901
| License | MIT
| Doc PR |
Alternative to https://github.com/symfony/symfony/pull/33902.
I will explain why I think it is better this way:
1. We set the timezone with the setter because it's 100% safe, it never fails. It fall backs to the default timezone if the provided timezone is not supported (as if we passed null, so the same behavior that always existed). We are therefore compatible with all edge cases.
2. We don't validate the timezone with `\DateTimeZone::listIdentifiers()`. It only returns full identifiers like "Europe/Paris" but it doesn't take into account "numeric" identifiers such as "+08:00" which are perfectly valid. I added a test case to ensure we stay valid with this case. + some invalid identifiers for the native `\IntlDateFormatter` are valid with the polyfill that uses `\DateTimeZone` (eg : `X`). I don't think we can validate anything safely that will work reliably on both implementations.
Commits
-------
3b1b994cb3 [Validator][ConstraintValidator] Safe fail on invalid timezones
This PR was merged into the 3.4 branch.
Discussion
----------
[Translation] fix memoryleak in PhpFileLoader
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This happens when running the test suite with opcache disabled (as it is the case by default since `opcache.enable_cli=0`).
Doing this "require" in a loop (for each test case) compiles the file at each iteration and doesn't reclaim memory (there is no garbage collector for opcodes).
Commits
-------
5c9e3bac96 [Translation] fix memoryleak in PhpFileLoader
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This is really nit-picking: The conservative, safe default for `Cache-Control` is `private, no-cache` which means the response must not be served from cache unless it has been validated.
If `Last-Modified` or `Expires` are present, we can relax `no-cache` to be `must-revalidate`, which means that _once the response has become stale_, it must be revalidated.
An `ETag` alone does not give the response a lifetime, so IMO sticking with `no-cache` in this case would be more consistent.
Commits
-------
1b1002b426 [HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Yaml] Implement multiline string as scalar block for tagged values
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
At the moment you can parse a tagged value defined as a scalar block. But you can't actually dump a multiline string as scalar block when using a tagged value.
This PR implements the multiline string as scalar block for tagged values as well.
Commits
-------
84241d4e62 [Yaml] Implement multiline string as scalar block for tagged values
This PR was merged into the 3.4 branch.
Discussion
----------
[ExpressionLanguage] Process division by zero
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
To be able to catch the error in expression like ` 1 / 0`
**Before PR:**
```
try {
1 / 0;
} catch (\Throwable $e) {
// It won't be caught anyway
// PHP Warning: Division by zero in...
}
try {
1 % 0;
} catch (\Throwable $e) {
// It will be caught since PHP7
// \DivisionByZeroError with message `Modulo by zero`
}
```
**After PR:**
```
try {
1 / 0;
} catch (\Throwable $e) {
// It will be caught
// \DivisionByZeroError with message `Division by zero`
}
try {
1 % 0;
} catch (\Throwable $e) {
// It will be caught
// \DivisionByZeroError with message `Modulo by zero`
}
```
Commits
-------
02ab72ab30 [ExpressionLanguage][Node][BinaryNode] Process division by zero
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since we format the \DateTimeImmutable with the "e" character, it uses this timezone identifier and do not consider the passed one. See https://www.php.net/manual/en/datetime.construct.php:
> The $timezone parameter and the current timezone are ignored when the $time parameter either is a UNIX timestamp (e.g. @946684800) or specifies a timezone (e.g. 2010-01-28T15:00:00+02:00).
Commits
-------
03dbcf8794 [Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fix memory leak when using PhpArrayAdapter
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34687
| License | MIT
| Doc PR | -
Thanks to @adrienfr, I've been able to understand what causes this massive memory leak when using `PhpArrayAdapter`:
![image](https://user-images.githubusercontent.com/243674/70262187-303b1b00-1794-11ea-9fcb-21ae29c31ff0.png)
When tests run, a new kernel is booted for each test case. This means a new instance of `PhpArrayAdapter` is created, which means it loads its state again and again using `include` for e.g. `annotations.php` in this example.
The first obvious thing is that we see this doing `compile::*`: this means PHP is parsing the same file again and again. But shouldn't opcache prevent this? Well, it's disabled by default because `opcache.enable_cli=0`. To prove the point, here is a comparison with the same tests run with `php -dopcache.enable_cli=1`. The comparison is swapped, but you'll get it:
![image](https://user-images.githubusercontent.com/243674/70262616-fb7b9380-1794-11ea-81c3-6fea0145a63b.png)
But that's not over: because of https://bugs.php.net/76982 (see #32236 also), we still have a memory leak when the included file contains closures. And this one does.
This PR fixes the issue by storing the return value of the include statement into a static property. This fits the caching model of `PhpArrayAdapter`: it's a read-only storage for system caches - i.e. its content is immutable.
Commits
-------
4194c4c56d [Cache] fix memory leak when using PhpArrayAdapter
This PR was merged into the 3.4 branch.
Discussion
----------
more robust initialization from request
Request::getPort is declared as int|string but can actually return null.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I discovered this problem with a functional test where i dispatch the RequestEvent with a `new Request()`. This used to work in symfony 4 and now triggers an error `Argument 1 passed to Symfony\Component\Routing\RequestContext::setHttpPort() must be of the type int, null given`
In regular web requests, this should probably never happen, but it seems to me if Request is not robust, the RequestContext should be robust about it.
Commits
-------
c6ed0f0208 more robust initialization from request
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix clearing remember-me cookie after deauthentication
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#26379
| License | MIT
| Doc PR | -
If you are using the `remember_me` listener and the refreshed user is deauthenticated, you are still logged in because the remember-me cookie does not get cleared.
This fixes it.
Commits
-------
d625a73705 [Security] Fix clearing remember-me cookie after deauthentication
This PR was merged into the 3.4 branch.
Discussion
----------
[Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34053
| License | MIT
| Doc PR | -
Basically we can fix this bug by "reimplementing" php src way of building the __toString() of the method except that we avoid to call the undefined constant. Obviously we cannot invalidate the resource if the value of the constant changes since we never knew it. However, it's still better than now.
Commits
-------
8de2a226a8 [Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix commands description with numeric namespaces
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34111
| License | MIT
| Doc PR | -
This PR fixes the linked ticket case.
It also changes the keys sorting to display the numeric namespaces first.
It also fixes another bug if your command name starts with `_global:`. In this special case the command is considered global but its full name is still `_global:xxx`. We can't do better without more refactoring since the final array of namespaces and global commands is shared, `_global` just being a special key. Currently, if your command starts with `_global`, all global commands are not displayed at all so it's better like this anyway.
It also fixes another bug if your command starts with `0:` (cf `'' ===` comparison).
Commits
-------
4d47868125 [Console] Fix commands description with numeric namespaces
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Missing test on YamlFileLoader
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? |no
| Deprecations? |no
| Tickets | -
| License | MIT
| Doc PR | -
Missing test on YamlFileLoader
Commits
-------
b9d5237f67 [DI] Missing test on YamlFileLoader
This PR was merged into the 3.4 branch.
Discussion
----------
Remove some unused methods parameters
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR removes some useless private method parameters.
Commits
-------
026730e913 Remove some unused methods parameters
This PR was squashed before being merged into the 3.4 branch (closes#34385).
Discussion
----------
Avoid empty "If-Modified-Since" header in validation request
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Just noticed that when a response has been cached that is `public` and has an `maxAge` but does _not_ provide `Last-Modified`, the validation subrequest will have an empty `If-Modified-Since` header value.
Commits
-------
960faef66f Avoid empty \"If-Modified-Since\" header in validation request
This PR was merged into the 3.4 branch.
Discussion
----------
Allow returning null from NormalizerInterface::normalize
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes?
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Looking at the code, it seems that a normalizer might be called with a `null` value for `$data`, and thus it's only sensible that it be allowed to return `null` too:
7064ff35f2/src/Symfony/Component/Serializer/Serializer.php (L141-L148)
Updating the phpdoc to match.
Commits
-------
1c8edc55ad Allow returning null from NormalizerInterface::normalize