This PR was squashed before being merged into the 2.8 branch (closes#16722).
Discussion
----------
[Security][SecurityBundle] Use csrf_token_id instead of deprecated intention
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16720
| License | MIT
| Doc PR | -
Commits
-------
0450865 [Security][SecurityBundle] Use csrf_token_id instead of deprecated intention
* 2.7:
[HttpKernel] clearstatcache() so the Cache sees when a .lck file has been released
[WIP] [Form] [TwigBridge] Bootstrap horizontal theme missing tests
AssetBundle - fix docs
CS: remove impossible default argument value
This PR was squashed before being merged into the 2.3 branch (closes#16312).
Discussion
----------
[HttpKernel] clearstatcache() so the Cache sees when a .lck file has been released
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15813
| License | MIT
| Doc PR | n/a
I've been trying to debug #15813 and modified the Store in a way to keep unique request IDs in the .lck file. That way, I was hoping to find out which request is blocking and/or if the request is actually still running.
It turned out that `is_file()` would claim that a lock file still exists, but a subsequent attempt to read the information from that file returned "file not found" errors.
So, my assumption is that the `is_file()` result is based on the fstat cache and wrong once a process has seen the lock file.
@jakzal said in https://github.com/symfony/symfony/issues/15813#issuecomment-149013691 that `unlink()`ing the lock file should clear the statcache, but I doubt this is true across PHP processes.
Commits
-------
982710f [HttpKernel] clearstatcache() so the Cache sees when a .lck file has been released
This PR was squashed before being merged into the 2.8 branch (closes#16547).
Discussion
----------
[Serializer] Improve ObjectNormalizer performance
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16179
| License | MIT
| Doc PR | n/a
Cache attributes detection in a similar way than in #16294 for PropertyAccess.
As for the PropertyAccess Component, I'll open another PR (in 2.8 or 3.1) allowing to cache these attributes between requests using Doctrine Cache.
@Tobion, can you try this PR with your benchmark to estimate the gain?
Commits
-------
683f0f7 [Serializer] Improve ObjectNormalizer performance
This PR was merged into the 2.8 branch.
Discussion
----------
[Yaml] more fixes to changelog and upgrade files
| Q | A
| ------------- | ---
| Fixed tickets | #16433, #16654
| License | MIT
Commits
-------
273ed25 [Yaml] more fixes to changelog and upgrade files
This PR was merged into the 2.8 branch.
Discussion
----------
[SecurityBundle] test legacy CSRF configuration options
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16704
| License | MIT
| Doc PR |
Commits
-------
444b6ef test legacy CSRF configuration options
* 2.7:
[ci] Force update of ./phpunit deps
[Form] Fixed: Duplicate choice labels are remembered when using "choices_as_values" = false
[Process] Don't catch RuntimeException when it complicates tests debugging
[appveyor] Workaround transient segfault when APCu is enabled
* 2.3:
[ci] Force update of ./phpunit deps
[Process] Don't catch RuntimeException when it complicates tests debugging
[appveyor] Workaround transient segfault when APCu is enabled
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed: Duplicate choice labels are remembered when using "choices_as_values" = false
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15606
| License | MIT
| Doc PR | -
Commits
-------
1179f07 [Form] Fixed: Duplicate choice labels are remembered when using "choices_as_values" = false
This PR was merged into the 2.8 branch.
Discussion
----------
[Bridge\PhpUnit] Display the stack trace of a deprecation on-demand
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR has been essential into making #16708, and I think everyone working on a 3.0 migration will need this.
Example:
```
$ SYMFONY_DEPRECATIONS_HELPER=/FormExtensionBootstrap3LayoutTest/ ./phpunit src/Symfony/Bridge/Twig/
PHPUnit 4.8.18 by Sebastian Bergmann and contributors.
Testing src/Symfony/Bridge/Twig/
................................................
Remaining deprecation triggered by Symfony\Bridge\Twig\Tests\Extension\FormExtensionBootstrap3LayoutTest::testSingleChoiceGrouped:
The value "false" for the "choices_as_values" option is deprecated since version 2.8 and will not be supported anymore in 3.0. Set this option to "true" and flip the contents of the "choices" option instead.
Stack trace:
#0 src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php(286): trigger_error()
#1 src/Symfony/Component/OptionsResolver/OptionsResolver.php(962): Symfony\Component\Form\Extension\Core\Type\ChoiceType->Symfony\Component\Form\Extension\Core\Type\{closure}()
#2 src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php(277): Symfony\Component\OptionsResolver\OptionsResolver->offsetGet()
#3 src/Symfony/Component/OptionsResolver/OptionsResolver.php(962): Symfony\Component\Form\Extension\Core\Type\ChoiceType->Symfony\Component\Form\Extension\Core\Type\{closure}()
#4 src/Symfony/Component/OptionsResolver/OptionsResolver.php(791): Symfony\Component\OptionsResolver\OptionsResolver->offsetGet()
#5 src/Symfony/Component/Form/ResolvedFormType.php(156): Symfony\Component\OptionsResolver\OptionsResolver->resolve()
#6 src/Symfony/Component/Form/FormFactory.php(119): Symfony\Component\Form\ResolvedFormType->createBuilder()
#7 src/Symfony/Component/Form/FormFactory.php(48): Symfony\Component\Form\FormFactory->createNamedBuilder()
#8 src/Symfony/Component/Form/Tests/AbstractBootstrap3LayoutTest.php(540): Symfony\Component\Form\FormFactory->createNamed()
#9 [internal function]: Symfony\Component\Form\Tests\AbstractBootstrap3LayoutTest->testSingleChoiceGrouped()
#10 {main}
KO src/Symfony/Bridge/Twig/
```
Commits
-------
5a88fb6 [Bridge\PhpUnit] Display the stack trace of a deprecation on-demand
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Deprecated TimezoneType::getTimezones()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This method is useless as of https://github.com/symfony/symfony/pull/16681. It needs to be deprecated before we can remove it since it is public.
Commits
-------
41df3fc [Form] Deprecated TimezoneType::getTimezones()
* 2.7:
Fixed the wrong source name and the ja translation
[Debug] fix readme: DebugClassLoader moved to debug itself
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
[Form] Disabled view data validation if "data_class" is set to null
[HttpFoundation] Workaround HHVM rewriting HTTP response line
* 2.3:
Fixed the wrong source name and the ja translation
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] fix readme: DebugClassLoader moved to debug itself
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/16663#discussion_r45866385
| License | MIT
| Doc PR | -
Commits
-------
123a300 [Debug] fix readme: DebugClassLoader moved to debug itself
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Fixed wrong usages of the "text" type
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
9149622 [Form] Fixed wrong usages of the "text" type
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Disabled view data validation if "data_class" is set to null
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14877
| License | MIT
| Doc PR | -
After this PR, Form::setData() does not validate the view data anymore when "data_class" is set to `null`. This way it is possible to create fields with dynamic view data types (see #14877).
Commits
-------
f495410 [Form] Disabled view data validation if "data_class" is set to null
This PR was squashed before being merged into the 2.8 branch (closes#16621).
Discussion
----------
[Console] Fix bug with $output overloading
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-standard/issues/887, #16622
| License | MIT
| Doc PR | -
This is exactly why variable overloading isn't a great idea :)
Commits
-------
5764a00 [Console] Fix bug with overloading
* 2.7:
Always enable clock-mock for HttpFoundation
[ClassLoader] Fix parsing namespace when token_get_all() is missing
Bug #16343 [Router] Too many Routes ?
[Debug] Ensure class declarations are loaded only once
* 2.3:
Always enable clock-mock for HttpFoundation
[ClassLoader] Fix parsing namespace when token_get_all() is missing
Bug #16343 [Router] Too many Routes ?
This PR was squashed before being merged into the 2.8 branch (closes#16498).
Discussion
----------
fix unused variable warning
Hi,
This PR fixes a bug in ClockMock class.
Best regards,
Michal
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
cf28474 fix unused variable warning
This PR was merged into the 2.8 branch.
Discussion
----------
add composer exclude-from-classmap for new 2.8 components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
#16397 for new components in 2.8 that was missing
Commits
-------
2edebbf add composer exclude-from-classmap for new 2.8 components
This PR was squashed before being merged into the 2.8 branch (closes#16031).
Discussion
----------
[Translation][Form] Do not translate form labels and placeholders when 'translation_domain' is false
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Seems like this behaviour was already partially added (as stated [here](https://github.com/symfony/symfony/pull/16016#issuecomment-144464875)) to solve the problem of expanded choice widgets.
Commits
-------
0e0b904 [Translation][Form] Do not translate form labels and placeholders when 'translation_domain' is false
This PR was merged into the 2.8 branch.
Discussion
----------
[Process] PhpExecutableFinder: add regression test
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16599
| License | MIT
| Doc PR | -
I guess it won't be a shame to have this simple test after #16599 .
Commits
-------
576f802 [Process] PhpExecutableFinder: add regression test
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15185
| License | MIT
| Doc PR | -
While trying to migrate Blackfire to 2.8-beta, I found this BC-break: by resetting the container on kernel shut-down, functional tests are broken when they need to use the container after a call to `$this->client->request()`. Broken because e.g . the session or the profiler state is lost between consecutive requests in the same test, and because a call to $container->get('kernel') throws a synthetic-related exception.
This PR fixes the BC-break by reverting to the <=2.7 behavior (not resetting the container on kernel shut-down), and moving resetting to the KernelTestCase.
Commits
-------
baad4da [HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
This PR was squashed before being merged into the 2.8 branch (closes#16477).
Discussion
----------
[Routing] Changing RouteCollectionBuilder::import() behavior to add to the builder
| Q | A
| ------------- | ---
| Bug fix? | behavior change
| New feature? | behavior change
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Based on conversation starting here: https://github.com/symfony/symfony/pull/15990#issuecomment-154081718.
```php
// Before:
$routes->mount('/admin', $routes->import(__DIR__.'/config/admin.yml');
// After:
$routes->import(__DIR__.'/config/admin.yml', '/admin');
```
This makes `import()` actually add the `RouteCollectionBuilder` into itself. We didn't do this before at Fabien's request, and actually the current implementation (before this PR) is quite "clean". However, I agree with @WouterJ that `import()` really sounds/looks like it will actually *import* those routes *into* this `RouteCollectionBuilder`.
This change is subjective - we just need to pick which way we like better and run full steam with it.
Commits
-------
8feb9ef [Routing] Changing RouteCollectionBuilder::import() behavior to add to the builder
This PR was merged into the 2.8 branch.
Discussion
----------
[Serializer] add missing unit tests related to Encoder
Add some missing unit tests on the Serializer component.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7418d29 [Serializer] add missing unit tests related to Encoder
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Fix minitoolbar height
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The height of the minimized toolbar icon was a bit off. This change makes sure the icon has the same height as the toolbar itself.
Commits
-------
0459912 [WebProfilerBundle] Fix minitoolbar height
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Fix trailing space in PHP binary finder
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16598
| License | MIT
| Doc PR | -
Commits
-------
f15e6e0 [Process] Fix trailing space in PHP binary finder
This PR was merged into the 2.8 branch.
Discussion
----------
Add support for HTTP status code 418 back
See https://gist.github.com/anonymous/a863d7b493c4b09733ec what this results into
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | 16584
| License | MIT
| Doc PR |
Commits
-------
db5fbe0 add it back
* 2.7:
Fix undefined array $server
Fix bug in windows detection
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
[Serializer] ObjectNormalizer: don't serialize static methods and props
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Component/Security/phpunit.xml.dist
* 2.3:
Fix undefined array $server
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Bundle/DebugBundle/phpunit.xml.dist
src/Symfony/Component/Security/phpunit.xml.dist
This PR was merged into the 2.3 branch.
Discussion
----------
Add missing exclusions from phpunit.xml.dist
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d4880c4 Add missing exclusions from phpunit.xml.dist
This PR was squashed before being merged into the 2.8 branch (closes#16581).
Discussion
----------
Fix call to undefined function json_last_error_message
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
15f9cf2 Fix call to undefined function json_last_error_message
This PR was squashed before being merged into the 2.3 branch (closes#16352).
Discussion
----------
Fix the server variables in the router_*.php files
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
The built-in web server automatically rewrites everything to the `app_dev.php` script, but it does not adjust the server variables accordingly.
Here is the output of `print_r($_SERVER)` on Apache with mod_rewrite enabled (relevant lines only):
```
Array
(
[REQUEST_URI] => /text-elements.html
[SCRIPT_NAME] => /app_dev.php
[PHP_SELF] => /app_dev.php
)
```
And here is the output of the exact same script on the built-in server:
```
Array
(
[REQUEST_URI] => /text-elements.html
[SCRIPT_NAME] => /text-elements.html
[PHP_SELF] => /text-elements.html
)
```
And here is the return value of Symfony's `Request::getScriptName()` method:
```php
// Apache: http://localhost/text-elements.html
echo $this->container->get('request_stack')->getCurrentRequest()->getScriptName(); // /app_dev.php
// Built-in web server: http://127.0.0.1:8000/text-elements.html
echo $this->container->get('request_stack')->getCurrentRequest()->getScriptName(); // /text-elements.html
```
This PR fixes the two server variables in the `router_dev.php` script.
Commits
-------
4923411 Fix the server variables in the router_*.php files
This PR was squashed before being merged into the 2.3 branch (closes#16510).
Discussion
----------
[2.3][Process] fix Proccess run with pts enabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12643
| License | MIT
| Doc PR |
Commits
-------
9cf90fb [2.3][Process] fix Proccess run with pts enabled
This PR was merged into the 2.8 branch.
Discussion
----------
[Filesystem] Changed dumpFile to allow dumping to streams
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10018
| License | MIT
| Doc PR | symfony/symfony-docs#5393
This is a follow-up of #14970 with comments addressed
Commits
-------
5ca7dee Fix mode
a17aa5e Fixed failing test for HHVM
61a3afd Removed unused logic in MockStream
247266c Update coding standard for MockStream
c6a7747 [Filesystem] added tempnam() stream wrapper aware version of PHP's native tempnam() and fixed dumpFile to allow dumping to streams
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Renamed key to secret Part 2
Anonymous and RememberMe were already changed in https://github.com/symfony/symfony/pull/15141 This PR renames 2 more occurences of key in the Security: AnonymousAuthenticationListener and the Digest entry point.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
55f59d5 Renamed key to secret
* 2.7:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[VarDumper] Fix PHP7 type-hints compat
[Bridge] [PhpUnit] fixes documentation markup.
[PropertyAccess] Port of the performance optimization from 2.3
trigger deprecation warning when using empty_value
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
[Serializer] GetSetNormalizer shouldn't set/get static methods
[Serializer] PropertyNormalizer shouldn't set static properties
JsonDescriptor - encode container params only once
Conflicts:
src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
* 2.3:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
Conflicts:
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[DependencyInjection] [FrameworkBundle] Enhance autowiring DX
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Dump autowiring data when using the container
* Add autowiring data to the `debug:container` command
Commits
-------
9c3b910 [FrameworkBundle] Autowiring support for debug:container
18913e1 [DependencyInjection] Add autowiring support to dumpers
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] trigger deprecation warning when using empty_value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15908
| License | MIT
| Doc PR |
The `empty_value` option is deprecated in the `choice`, `date`, and
`time` form types. Therefore, a deprecation warning must be triggered
when the users configures a value for this option.
The `datetime` form type does not need to be updated as it passes
configured values to the `date` and `time` form types which trigger
deprecation warnings anyway.
Commits
-------
405d4a8 trigger deprecation warning when using empty_value
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] JsonDescriptor - encode container params only once
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16379
| License | MIT
| Doc PR |
Commits
-------
dd9d076 JsonDescriptor - encode container params only once
This PR was squashed before being merged into the 2.7 branch (closes#16463).
Discussion
----------
[PropertyAccess] Port of the performance optimization from 2.3
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16179
| License | MIT
| Doc PR | n/a
Portage of #16294 in the 2.7 branch.
Commits
-------
aa4cc90 [PropertyAccess] Port of the performance optimization from 2.3
This PR was merged into the 2.8 branch.
Discussion
----------
[LDAP] ldap_set_option should be called with a valid link identifier
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
7f89196 ldap_set_option should be called with a valid link identifier
This PR was squashed before being merged into the 2.8 branch (closes#16467).
Discussion
----------
Fixing bad type-hint auto-wiring bug
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Previously, if you type-hinted a bad class name, we did not set the argument value. In fact, with `continue`, we skipped setting the argument, which meant that if argument 2 was skipped, then argument 3 would be put into argument 2's location.
But really, if I type-hint a non-existent class, this should throw a clear exception. afaik, in the original PR, it was said that we cannot throw an exception for a non-existent class because a later compiler-pass may manipulate those class names and "fix" them to be real classes. But, that's an edge case, and I think if you're using advanced functionality like that, you should not use auto-wiring. Throwing an exception is much more user-friendly. I personally hit this issue and was trying to figure out what was going wrong :).
About the exception message: I would like to tell the user which class is type-hinted correctly, but getting the type-hinted class for a non-existent class is not possible with reflection.
Thanks!
cc @dunglas
Commits
-------
b7b182e Fixing bad type-hint auto-wiring bug
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][Form] Better exception message for private form tagged services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Similar to what is done in [RegisterListenerPass](https://github.com/symfony/symfony/blob/2.8/src/Symfony/Component/EventDispatcher/DependencyInjection/RegisterListenersPass.php#L61-L63), those changes allow to have a better exception message when defining a private `form.type`, `form.type_extension` or `form.form_guesser` tagged service, and at container compilation instead of runtime:
> The service "my.form.type" must be public as form types are lazy-loaded.
instead of:
> You have requested a non-existent service "my.form.type"
If I'm right, similar cases were considered as new features in the past, so this targets 2.8.
Commits
-------
11d675f [FrameworkBundle][Form] Better exception message for private form tagged services
This PR was merged into the 2.8 branch.
Discussion
----------
added a micro kernel
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Related to #15948 and #15820
Commits
-------
eab0f0a added a micro kernel
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] GetSetNormalizer shouldn't set/get static methods
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR fixes setting static getters and setters when serializing.
This is strictly speaking a BC break but in my opinion a needed one because the current behavior is unexpected.
Commits
-------
d8d4405 [Serializer] GetSetNormalizer shouldn't set/get static methods
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] PropertyNormalizer shouldn't set static properties
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR fixes a bug where static properties where set by the PropertyNormalizer.
Commits
-------
b15bdca [Serializer] PropertyNormalizer shouldn't set static properties
This PR was merged into the 2.8 branch.
Discussion
----------
Re-adding the ability to add a resource to the RouteCollectionBuilder
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
At the end of #15778, I removed the ability to add a resource to the RouteCollectionBuilder. But, this is needed (at least internally): if you import, the returned RouteCollection may have resources, which need to be brought forward into the new RouteCollectionBuilder (the code in `import()` to do this already exists, but is calling an undefined `addResource()` method).
This adds the test with minimal code to fix.
P.S. Fabien told me to remove `addResource` originally... so isn't this *kind of* his fault?
Commits
-------
3b67daa Re-adding the ability to add a resource to the RouteCollectionBuilder
This PR was squashed before being merged into the 2.8 branch (closes#16278).
Discussion
----------
Fix tests when no Intl extension
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I haven't Intl extension installed and testFormatWithIntlTimeZone is fail because use \IntlTimeZone.
This PR fix it.
Commits
-------
84c7567 Fix tests when no Intl extension
The `empty_value` option is deprecated in the `choice`, `date`, and
`time` form types. Therefore, a deprecation warning must be triggered
when the users configures a value for this option.
The `datetime` form type does not need to be updated as it passes
configured values to the `date` and `time` form types which trigger
deprecation warnings anyway.
We need this because when you import a RouteCollection and this has a resource
on it, we need to pass that resource forward to the RouteCollectionBuilder
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Deprecate VarDumperTestCase in favor of the trait
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Because people must upgrade to PHP 5.5 before upgrading to Sf 3.0, this can be done on the 2.8 branch.
Commits
-------
31e51ba [VarDumper] Deprecate VarDumperTestCase in favor of the trait
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Deprecate ContainerAware in favor of ContainerAwareTrait
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | -
To be merged before #16411 (that then should be rebased) if we agree that this is the right approach (which I believe personally).
The deprecation notice will be triggered by the existing mechanism in the DebugClassLoader (it can't be added inline because that would make symfony itself trigger it).
PHP 5.3 users migrating to 3.0 must already move to 2.8+5.5 beforehand so this is really on the CUP (Continuous Upgrade Path).
Commits
-------
807ebac [DI] Deprecate ContainerAware in favor of ContainerAwareTrait
This PR was merged into the 2.8 branch.
Discussion
----------
[Security][Guard] Check whether $this->logger is not null on GuardAuthenticationListener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16415
| License | MIT
| Doc PR |
Commits
-------
ebc751d Write the log message on a single line againn
713b99f Check whether $this->logger is not null on GuardAuthenticationListener
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] PostResponseEvent should extend the KernelEvent
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16342
| License | MIT
| Doc PR | -
Technically the `PostResponseEvent` is a `KernelEvent`.
Commits
-------
b9863d5 [HttpKernel] PostResponseEvent should extend the KernelEvent
* 2.7:
[Security][2.7] Clean deps
[HttpKernel] Fix time-sensitive test case
[travis] Fail early when an invalid composer.json is found
Conflicts:
src/Symfony/Component/Security/Core/composer.json
src/Symfony/Component/Security/composer.json
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Casters for Generator, ReflectionGenerator and ReflectionType
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I had this on a local branch since a few days:
- on PHP7, using ReflectionGenerator allows dumping interesting state info about generators (see test case for example output)
- caster for ReflectionType added
- source code excerpts are now left-trimmed (see adjusted test cases)
Commits
-------
d6c2d75 [VarDumper] Casters for Generator, ReflectionGenerator and ReflectionType
This PR was merged into the 2.3 branch.
Discussion
----------
removed all @covers annotations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Some unit tests have a `@covers` PHPUnit annotations. Most of them were added a very long time ago, but since then, we did not use them anymore and the existing ones are not maintained (see #16413). So, I propose to remove them all.
Commits
-------
1e0af36 removed all @covers annotations
This PR was squashed before being merged into the 2.8 branch (closes#16395).
Discussion
----------
checkCredentials() force it to be an affirmative yes!
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no (because 2.8 isn't released)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This changes `GuardAuthenticatorInterface::checkCredentials()`: you now *must* return true in order for authentication to pass.
Before: You could do nothing (i.e. return null) and authentication would pass. You threw an AuthenticationException to cause a failure.
New: You *must* return `true` for authentication to pass. If you do nothing, we will throw a `BadCredentialsException` on your behalf. You can still throw your own exception.
This was a suggestion at symfony_live to make things more secure. I think it makes sense.
Commits
-------
14acadd checkCredentials() force it to be an affirmative yes!
This PR was squashed before being merged into the 2.3 branch (closes#16294).
Discussion
----------
[PropertyAccess] Major performance improvement
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16179
| License | MIT
| Doc PR | n/a
This PR improves performance of the PropertyAccess component of ~70%.
The two main changes are:
* caching the `PropertyPath` initialization
* caching the guessed access strategy
This is especially important for the `ObjectNormalizer` (Symfony Serializer) and the JSON-LD normalizer ([API Platform](https://api-platform.com)) because they use the `PropertyAccessor` class in large loops (ex: normalization of a list of entities).
Here is the Blackfire comparison: https://blackfire.io/profiles/compare/c42fd275-2b0c-4ce5-8bf3-84762054d31e/graph
The code of the benchmark I've used (with Symfony 2.3 as dependency):
```php
<?php
require 'vendor/autoload.php';
class Foo
{
private $baz;
public $bar;
public function getBaz()
{
return $this->baz;
}
public function setBaz($baz)
{
$this->baz = $baz;
}
}
use Symfony\Component\PropertyAccess\PropertyAccess;
$accessor = PropertyAccess::createPropertyAccessor();
$start = microtime(true);
for ($i = 0; $i < 10000; ++$i) {
$foo = new Foo();
$accessor->setValue($foo, 'bar', 'Lorem');
$accessor->setValue($foo, 'baz', 'Ipsum');
$accessor->getValue($foo, 'bar');
$accessor->getValue($foo, 'baz');
}
echo 'Time: '.(microtime(true) - $start).PHP_EOL;
```
This PR also adds an optional support for Doctrine cache to keep access information across requests and improve the overall application performance (even outside of loops).
Commits
-------
284dc75 [PropertyAccess] Major performance improvement
* 2.7:
added the new Composer exclude-from-classmap option
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
* 2.3:
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
This PR was merged into the 2.3 branch.
Discussion
----------
added the new Composer exclude-from-classmap option
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65bef75 added the new Composer exclude-from-classmap option
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] fix expected argument type docblock
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
Commits
-------
1c01ebc fix expected argument type docblock
This PR was merged into the 2.8 branch.
Discussion
----------
[Routing] fix docblock description for the build() method
| Q | A
| ------------- | ---
| Fixed tickets | #15778
| License | MIT
Commits
-------
ca32ed4 fix docblock description for the build() method
This PR was merged into the 2.8 branch.
Discussion
----------
Add the PHP 7 polyfill for the random_bytes function
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Some classes (like the `SecureRandom` class) currently depends on the `random_bytes` function, which is only available in the PHP 7 polyfill
Commits
-------
8ab8ca0 Add the PHP 7 polyfill for the random_bytes function
Calling the parent constructor of the mocked `Mongo` class tries to
connect to a local MongoDB server which fails in case no local server
was configured.
Similarly, when the parent constructor of the mocked `MongoCollection`
class is called it performs checks on the passed arguments which fails
again when a connection was not established successfully before.
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Filter links in search results
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14110
| License | MIT
| Doc PR |
Quite often I find myself copy/pasting the results from the search results in the profiler search form. Adding links for this allows developers to narrow down to the proper profiler result fast.
Commits
-------
4bffacc [WebProfilerBundle] Filter links in search results
* 2.7:
added missing quotes in YAML files
[HttpKernel] Add `@group time-sensitive` on some transient tests
[DoctrineBridge] Fix issue which prevent the profiler to explain a query
Use mb_detect_encoding with $strict = true
don't allow to install the split Security packages
bumped Symfony version to 2.3.35
updated VERSION for 2.3.34
update CONTRIBUTORS for 2.3.34
updated CHANGELOG for 2.3.34
* 2.3:
added missing quotes in YAML files
[HttpKernel] Add `@group time-sensitive` on some transient tests
[DoctrineBridge] Fix issue which prevent the profiler to explain a query
Use mb_detect_encoding with $strict = true
don't allow to install the split Security packages
bumped Symfony version to 2.3.35
updated VERSION for 2.3.34
update CONTRIBUTORS for 2.3.34
updated CHANGELOG for 2.3.34
This PR was merged into the 2.3 branch.
Discussion
----------
Use mb_detect_encoding with $strict = true
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Otherwise, UTF-8 can be returned for non-UTF8 strings...
See e.g. https://3v4l.org/oMMnX
Commits
-------
e6c89f1 Use mb_detect_encoding with $strict = true
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] don't allow to install the split Security packages
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16134
| License | MIT
| Doc PR |
Currently, you would be able to install the Security component fromm
Symfony 2.3 together with one of the split packages from a higher
Symfony vesion like this:
```json
{
"require": {
"symfony/symfony": "2.3.*",
"symfony/security-core": "~2.7"
}
}
```
However, you will end up with classes being present twice.
This must be reverted after merging up in the `2.7` branch.
Commits
-------
0d14064 don't allow to install the split Security packages
This PR was merged into the 2.8 branch.
Discussion
----------
Fixed Ajax panel loading in the toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16349
| License | MIT
| Doc PR | -
Commits
-------
862daf2 Fixed Ajax panel loading in the toolbar
Currently, you would be able to install the Security component fromm
Symfony 2.3 together with one of the split packages from a higher
Symfony vesion like this:
```json
{
"require": {
"symfony/symfony": "2.3.*",
"symfony/security-core": "~2.7"
}
}
```
However, you will end up with classes being present twice.
This must be reverted after merging up in the `2.7` branch.
* 2.7:
fixed YAML files missing quotes when a string starts with @
[VarDumper] Fix anonymous class dumping
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
* 2.3:
fixed YAML files missing quotes when a string starts with @
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.3 branch.
Discussion
----------
fixed YAML files missing quotes when a string starts with @
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
e36fea8 fixed YAML files missing quotes when a string starts with @
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation][Csv loader] remove unnecessary statements, for better readability.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | ~
| Tests pass? | yes
| License | MIT
Commits
-------
47b8c3e [Translation][Csv file] remove unnecessary statements, for better readability.
This PR was squashed before being merged into the 2.8 branch (closes#16334).
Discussion
----------
Updated type guessers to use FQCNs for guessed types
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16332
| License | MIT
| Doc PR | symfony/symfony-docs#5834 (if applicable)
Commits
-------
e871db7 Updated type guessers to use FQCNs for guessed types
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] remove type check in FormRegistry::getType
| Q | A
| ------------- | ---
| Bug fix? | yes (consistency)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
remove validation of `FormRegistry::getType` as `FormRegistry::hasType` does not validate either. So `hasType` currently triggers a PHP warning with a wrong argument.
also developers do not work with the registry directly anyway but through the factory. and the factory already validates the value. So this validation is useless in reality.
Commits
-------
d37b9e6 [Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Autoreloading was previously set to `false`, but actually we want to force it.
This could even lead to a fatal error when warming where it was already warmed as the previous `classes.php` is directly required.
Commits
-------
d31350f [FrameworkBundle] Fix ClassCacheWarme when classes.php is already warmed
* 2.7:
[DoctrineBridge] Fix required guess of boolean fields
[DI] don't use array_map to resolve services
Remove dead code in the PropertyPath constructor
[Process] Inherit env vars by default in PhpProcess
Changed one console output style to avoid visual issues
[VarDumper] Fix return type and anonymous classes dumping
[HttpFoundation] Fixes /0 subnet handling in IpUtils
[Form] Simplify DateTimeToStringTransformer Avoid unneeded catch and re-throw of the same exception.
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
Conflicts:
src/Symfony/Component/BrowserKit/composer.json
src/Symfony/Component/VarDumper/Tests/Caster/ReflectionCasterTest.php
* 2.3:
[DoctrineBridge] Fix required guess of boolean fields
[DI] don't use array_map to resolve services
Remove dead code in the PropertyPath constructor
[Process] Inherit env vars by default in PhpProcess
[HttpFoundation] Fixes /0 subnet handling in IpUtils
[Form] Simplify DateTimeToStringTransformer Avoid unneeded catch and re-throw of the same exception.
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
Conflicts:
src/Symfony/Component/Process/Process.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorCollectionTest.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Inherit env vars by default in PhpProcess
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is the cause of our failures on Windows, where the SYSTEMROOT env var is mandatory for mcrypt_create_iv to work.
I don't know why the browserkit client is run with no env inheritance and this looks like a bug.
Same for PhpProcess emptying the env by default, this looks like a bug, esp. since the parent `Process` class defaults to inheriting the env.
Tests are not broken by this change.
Commits
-------
ab8cc29 [Process] Inherit env vars by default in PhpProcess
This PR was merged into the 2.3 branch.
Discussion
----------
Remove dead code in the PropertyPath constructor
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Custom singulars have been removed from the component before merging it in Symfony, but the code parsing them was only removed partially.
Commits
-------
ad4d0eb Remove dead code in the PropertyPath constructor
This PR was squashed before being merged into the 2.8 branch (closes#15966).
Discussion
----------
[FrameworkBundle] PropertyInfo support
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
Commits
-------
f84a92a [FrameworkBundle] PropertyInfo support
This PR was squashed before being merged into the 2.3 branch (closes#16177).
Discussion
----------
[HttpFoundation] Fixes /0 subnet handling in IpUtils
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16055
| License | MIT
| Doc PR | Not needed
Fixes bug #16055. For IP addresses with CIDR subnet length 0, the IP address must be valid - IPs with subnet masks greater than zero are implicitly validated due to the use of `ip2long` and `substr_compare` (although it's not particularly robust - there could be some future work to improve this here).
Commits
-------
d9ac571 [HttpFoundation] Fixes /0 subnet handling in IpUtils
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Add a new ClassCache cache warmer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This new cache warmer allows to remove the known slowness of the first hit of a Symfony application (even when cache has been warmed up). This also allows to make a Symfony application runnable on a read-only filesystem (like in a Docker container for example)
Commits
-------
b570d6c [FrameworkBundle] Add a new ClassCache cache warmer
This PR was merged into the 2.8 branch.
Discussion
----------
[Minor] [Serializer] Removed second license header
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
PR #15918 added a second license header to the `ArrayDenormalizer` file. One license header is probably enough.
Commits
-------
dee3be3 [Minor] [Serializer] Removed second license header
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] added a Twig templates warmer when templating is disabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When disabling the templating component, Twig templates are not warmed up as the warmer depends on the template finder which needs the templating component. This PR adds a new cache warmer that covers this case.
see #16262
Commits
-------
bd3701b [TwigBundle] added a Twig templates warmer when templating is disabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
PR #15918 added a second license header to the `ArrayDenormalizer` file. One license header is probably enough.
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Since the request was made a required argument to the `render()` method in #6829, this [test became a duplicate](23f51450bd/src/Symfony/Component/HttpKernel/Tests/RenderingStrategy/EsiRenderingStrategyTest.php (L28-L38)) of `testRenderFallbackToInlineStrategyIfEsiNotSupported()`.
Commits
-------
44d57a3 [HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
Since the request was made a required argument to the `render()` method in #6829, this test became a duplicate of `testRenderFallbackToInlineStrategyIfEsiNotSupported()`.
* 2.7:
[Routing] use constants in tests
[Process] tweaked README
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
* 2.3:
[Routing] use constants in tests
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Fix Twig cache is not properly warmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15982
| License | MIT
| Doc PR | -
Alternative to #15034
Commits
-------
e704ee4 [TwigBundle] Fix Twig cache is not properly warmed
This PR was merged into the 2.3 branch.
Discussion
----------
[filesystem] makeRelativePath does not work correctly from root
| Q | A
| ------------- | ---
| Bug fix? | yes/no
| New feature? | yes/no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #1234
| License | MIT
| Doc PR | #14066, #14067
When using `makeRelativePath`, it returns an incorrect path when trying to fetch an entry from the root:
$fs->makePathRelative('/foo/bar/baz', '/');
Actual result:
../foo/bar/baz
Expected result:
foo/bar/baz
As we have specified an absolute path, there is no point on having an `..` added. It works, because a root directory has a `..` which points to itself, but it could result in issues when the relative path is actually prefixed or concatted.
Commits
-------
791b124 fixed CS
7bb394e Added separated handling of root paths
This PR was merged into the 2.8 branch.
Discussion
----------
[ExpressionLanguage] marked node classes as being internal
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Adds `@internal` on some classes, would it make sense to also make them final?
Commits
-------
7d6bc48 [ExpressionLanguage] marked node classes as being internal
This PR was merged into the 2.8 branch.
Discussion
----------
[Yaml] marked some classes as being internal
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Adds `@internal` on some YAML classes.
Commits
-------
29e7893 [Yaml] marked some classes as being internal
This PR was merged into the 2.8 branch.
Discussion
----------
[PhpUnit] Mock clock on @group time-sensitive annotations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Instead of spreading the same clock mock code everywhere, let's create a test case that helps mocking the time related functions.
Commits
-------
34a0846 [PhpUnit] Mock clock on @group time-sensitive annotations
This PR was merged into the 2.8 branch.
Discussion
----------
[Yaml] deprecated non-escaped \ in double-quoted strings when parsing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
According to the YAML specs, backslashes must be escaped when used in a double-quoted string. So, `"Foo\Var"` is not valid, `"Foo\\Var"` is.
This PR deprecates the old ways so that we can throw an exception in 3.0 when parsing a non-compliant YAML string in 3.0.
ping @nicolas-grekas @tucksaun
Commits
-------
e599a72 [Yaml] deprecated non-escaped \ in double-quoted strings when parsing
This PR was merged into the 2.8 branch.
Discussion
----------
[EventDispatcher] added EventDispatcher::getListenerPriority()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14563, #15825
| License | MIT
| Doc PR | n/a
In #14563, we added a way to get the priorities of listeners, but as noted by @Tobion in #15825, the implementation is sub-optimal because of two main reasons: the change is not part of the interface but more importantly, the added boolean changes the return value of `getListeners()`.
This PR reverts most of #14563 to add a `getListenerPriority()` method. This method is quite slow, but as it should only be used for debugging purposes (on the CLI or the WDT), I think it's not really a problem.
In 3.0, this method should probably be added to `EventDispatcherInterface`.
ping @Tobion
Commits
-------
068e955 [EventDispatcher] added EventDispatcher::getListenerPriority()
* 2.7:
[ci] Fix tests requirements
[ci] SymfonyTestsListener is now auto-registered
adds validation messages missing italian translations
[Console] fixed progress bar format on edge cases
fix bug with set max count, by start method in progress bar
Conflicts:
src/Symfony/Component/Form/Tests/Extension/Core/EventListener/TrimListenerTest.php
src/Symfony/Component/HttpKernel/Tests/Profiler/MongoDbProfilerStorageTest.php
src/Symfony/Component/HttpKernel/Tests/Profiler/SqliteProfilerStorageTest.php
src/Symfony/Component/Security/Acl/Tests/Dbal/AclProviderTest.php
src/Symfony/Component/Security/Acl/Tests/Dbal/MutableAclProviderTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] [Form] Rename CollectionType options for entries
Description
---
Replaces #13820 for the 2.8 branch.
Original description:
> `type` and `options` are extremely generic. Prefixing them with `entry_` makes it clear what they are configuring.
> About the property deprecation it is the same story as https://github.com/symfony/symfony/pull/13717 and I don't know which direction you want me to go.
I've tried to apply the comments in the previous PR, but got a bit lost in the normalizers/default closure stuff. I hope I did everything correctly, but please review :)
PR Info Table
---
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7831
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5051
Commits
-------
942a237 Rename CollectionType options for entries
This PR was merged into the 2.8 branch.
Discussion
----------
[PhpUnit] Auto-register SymfonyTestsListener
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This allows removing the copy/pasted `<listeners>` tags in our phpunit.xml.dist files and opens for future enhancements (like #16194)
Commits
-------
9e2bb00 [PhpUnit] Auto-register SymfonyTestsListener
This PR was merged into the 2.8 branch.
Discussion
----------
Fix potential access to undefined index
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes @tobion's comment in https://github.com/symfony/symfony/pull/14563/files#r39705270
Commits
-------
de41002 Fix potential access to undefined index
This PR was merged into the 2.8 branch.
Discussion
----------
Fix the BC layer for the key->secret renaming for remember_me
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/5765
| License | MIT
| Doc PR | n/a
There was a mistake in https://github.com/symfony/symfony/pull/15141 removing the configuration entirely.
Commits
-------
f52b3a0 Fix the BC layer for the key->secret renaming for remember_me
* 2.7:
[Filesystem] Fix test on Windows
Fix merge
[HttpFoundation] Extend ClockMock to session storage tests
[Process] Don't use @requires on abstract class
[VarDumper] Fix wordwrap with Bootstrap
* 2.3:
[HttpFoundation] Extend ClockMock to session storage tests
[Process] Don't use @requires on abstract class
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/PdoSessionHandlerTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
814d961 [tests] Use @requires annotation when possible
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [yes|no]
| BC breaks? | [yes|no]
Since cache is now required, it makes no sense to suggest it
This PR was squashed before being merged into the 2.3 branch (closes#16095).
Discussion
----------
[Console] Add additional ways to detect OS400 platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16053
| License | MIT
| Doc PR | None
This PR adds support for detecting the OS400 platform when the PHP function `php_uname()` is disabled. OS400 platform detection was added in #15058 to fix character encoding issues present on OS400. See that PR for more info.
This PR fixes regression introduced in #16053, which did not work on the IBM OS400 server I have access to. The constant `PHP_OS` being checked outputs "AIX" on my IBM OS400 server. I can't say for sure if it works on other IBM platforms... but I preserved this check just in case.
User @eloigranado [commented here](https://github.com/symfony/symfony/pull/15058#issuecomment-130743928) asking if we could switch to using `PHP_OS` constant instead of `php_uname()` because he claims some admins might "[hide] the exact kernel build from any attacker who discovers a remote PHP code execution vulnerability". I personally don't think we should accommodate this use case, but I was able to find alternate approaches.
### Why use case insensitive string matching stristr() instead of in_array()?
Here are the various outputs on my OS400 server:
echo PHP_OS; // "AIX"
echo getenv('OSTYPE'); // "os400"
echo php_uname('s'); // "OS400"
So we have various case issues here, and possible blank values on platforms where OSTYPE var doesn't exist or php_uname() is disabled. Concatenating these optional values together delimited by ; then case-insensitive searching the string for "OS400" seemed like a fair compromise. I would've probably done `in_array()` if case wasn't an issue.
Commits
-------
96a4071 [Console] Add additional ways to detect OS400 platform
This PR was merged into the 2.7 branch.
Discussion
----------
Added more tests for PropertyAccess
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is a follow up for [16090#issuecomment-145183635](https://github.com/symfony/symfony/pull/16090#issuecomment-145183635)
Commits
-------
378db75 Added more tests for PropertyAccess
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Allow tabs before comments at the end of a line
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
If a yml file has a tab character before a line ending comment the comment will be included in the parsed value. Yaml spec allows tab or space as whitespace characters so we need to check for tab as well. See included test.
Recently caused an odd and hard to find bug in our project.
See spec:
http://www.yaml.org/spec/1.2/spec.html#s-b-commenthttp://www.yaml.org/spec/1.2/spec.html#s-separate-in-linehttp://www.yaml.org/spec/1.2/spec.html#s-white
This is a new PR replacing https://github.com/symfony/symfony/pull/15747
@fabpot
Commits
-------
d040be7 [Yaml] Allow tabs before comments at the end of a line
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The new feature is in the DI component and it enlighten a deprecation from Doctrine that we ignored in FrameworkBundle, that is also fixed in this PR.
See https://github.com/symfony/symfony/pull/16001/files?w=1
Commits
-------
ca69fa3 [DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] consistent signature of getDump() in class + trait
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16126
| License | MIT
| Doc PR |
Commits
-------
48a9e83 consistent signature of getDump() in class + trait
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7b12fe9 [2.7] Fix docblocks about callables
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] sync translations and add a test for it
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15955
| License | MIT
| Doc PR |
Commits
-------
08333ec [Security] sync translations and add a test for it
This PR was merged into the 2.3 branch.
Discussion
----------
Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a25beb6 Fix docblocks about callables
The FrameworkBundle in version 2.3 can be used with recent versions of
the Security component. However, after the Security component has been
split with Symfony 2.4, translations resources have been moved to the
`symfony/security-core` package. Thus, the changed location must be
taken into account.
This PR was merged into the 2.3 branch.
Discussion
----------
Command list ordering fix
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Makes sure that global commands are always first.
Commits
-------
2984f8e fixed previous commit
70f2b3e global commands are always first in command list
* 2.7:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Fix PropertyAccessor modifying array in object when array key does not exist
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 2.3 branch.
Discussion
----------
Fixed typos
Following #16098
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
f5802c2 Fixed typos
This PR was merged into the 2.8 branch.
Discussion
----------
Include working directory in ProcessFailedException
... because quite often the Exception is a result of the `www-data` user not having the appropriate rights at that working path. Maybe @schmittjoh can confirm this?
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
dbaefb4 Include working directory in ProcessFailedException
This PR was squashed before being merged into the 2.3 branch (closes#14842).
Discussion
----------
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14822
| License | MIT
| Doc PR | ~
* test now always pass "secure" and "httponly" options, as they are required
* could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required
* I can squash the commits before merging
* Alternative solution: #14843
Commits
-------
18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself.
[DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it.
But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication.
It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication.
Commits
-------
729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 2.3 branch.
Discussion
----------
Fix PropertyAccessor modifying array in object when array key does no…
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16056
| License | MIT
| Doc PR |
Commits
-------
f24c678 Fix PropertyAccessor modifying array in object when array key does not exist
This PR was merged into the 2.8 branch.
Discussion
----------
Pass missing request template variables
Some render calls were missing the `request` variable, while it is used in the `layout.html.twig` template.
| Q | A
| --- | ---
| Fixed tickets | -
| License | MIT
Commits
-------
7f1b2c2 Pass missing request template variables
This PR was merged into the 2.8 branch.
Discussion
----------
Simplify AbstractVoter
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no, just simplification
| BC breaks? | no, because 2.8 is not yet released
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
93de659 Simplify AbstractVoter
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] Deprecated using /_root/ in XPath expressions
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
6042e86 [DomCrawler] Deprecated using /_root/ in XPath expressions
This PR was merged into the 2.3 branch.
Discussion
----------
Throw exception if tempnam returns false in ProcessPipes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15215
| License | MIT
| Doc PR |
Related to #16092
Commits
-------
1425b8a Throw exception if tempnam returns false in ProcessPipes
Passing implementations of the pre 2.5 validator API to the constructors
of the `ValidatorExtension` and the `ValidationListener` must trigger a
deprecation.
This PR was squashed before being merged into the 2.8 branch (closes#15613).
Discussion
----------
[DependencyInjection] Add autowiring capabilities
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
This PR adds autowiring capabilities to the Dependency Injection component. It eases service registration by letting the component guessing dependencies to inject and even (under certain conditions) registering them using typehints of the constructor parameters.
The following usages are supported:
# Automatic dependency registration
```php
class Foo
{
}
class Bar
{
public function __construct(Foo $f)
{
}
}
```
```yaml
services:
bar:
class: Bar
autowire: true
```
It will register `Foo` as a private service (`autowired.foo`) and injects it as the first argument of the `bar` constructor.
This method works only for typehints corresponding to instantiable classes (interfaces and abstract classes are not supported).
# Autocompletion of definition arguments
```php
interface A
{
}
interface B extends A
{
}
class Foo implements B
{
}
class Bar
{
}
class Baz extends Bar
{
}
class LesTilleuls
{
public function __construct(A $a, Bar $bar)
{
}
}
```
```yaml
services:
foo:
class: Foo
baz:
class: Baz
les_tilleuls:
class: LesTilleuls
autowire: true
```
The autowiring system will find types of all services and completes constructor arguments of the `les_tilleuls` service definition using typehints.
It works only if there is one service registered for a given type (if there are several services available for the same type and no explicit type definition, a `RuntimeException` is thrown).
# Explicit type definition
```php
interface A
{
}
class A1 implements A
{
}
class A2 implements A
{
}
class B
{
public function __construct(A $a)
{
}
}
```
```yaml
services:
a1:
class: A1
types: [ A ]
a2:
class: A2
# Will be autowired with A1
class b:
class: B
autowire: true
# Not autowired
class another_b:
class: B
arguments: [ @a2 ]
autowire: true
```
When a service is explicitly associated with a type, it is always used to fill a definition depending of this type, even if several services have this type. If several services are associated with the same type, the last definition takes the priority.
Of course explicit definitions are still supported.
YAML, XML and PHP loaders have been updated to supports the new `type` parameter.
Commits
-------
aee5731 [DependencyInjection] Add autowiring capabilities
This condition is always `true` because `$attributesMetadata` does not exists in this `foreach` context and could overwrite values in the `$attributesMetadata` variable.
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Deprecate providing $fileLinkFormat as second argument
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ed3611d [Debug] Deprecate providing $fileLinkFormat as second argument
This PR was merged into the 2.8 branch.
Discussion
----------
Updated PHPDoc of the AbstractVoter class
| Q | A
| ------------- | ---
| Bug fix? | PHPDoc bug
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ref https://github.com/symfony/symfony/pull/16035/files#r41016746
Commits
-------
68d010a Updated PHPDoc of the AbstractVoter class
This PR was squashed before being merged into the 2.8 branch (closes#14721).
Discussion
----------
[Security] Configuring a user checker per firewall
_Changed my base branch to avoid issues, closed old PR_
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed ticket | #11090 and helps #14673
| License | MIT
| Doc PR | symfony/symfony-docs/pull/5530
This pull request adds support for a configurable user checker per firewall. An example could be:
```yml
services:
app.user_checker:
class: App\Security\UserChecker
arguments:
- "@request_stack"
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
basic_auth: ~
user_checker: app.user_checker
```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.
I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.
Commits
-------
76bc662 [Security] Configuring a user checker per firewall
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] use PHP_OS instead of php_uname('s')
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15058
| License | MIT
| Doc PR |
The php_uname() function may be disabled for security reasons.
Commits
-------
40e0dc8 use PHP_OS instead of php_uname('s')
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] Test behavior when an extractor returns null
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16064
| License | MIT
| Doc PR | n/a
Add a test as suggested by @stof in https://github.com/symfony/symfony/pull/16064#issuecomment-144975004
Commits
-------
73ee226 [PropertyInfo] Test behavior when an extractor return null.
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Move AjaxCollector to HttpKernel for use with Silex
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR moves the AjaxDataCollector from the FrameworkBundle to the HttpKernel Component where most of the other DataCollectors are. This would allow applications which are not base on symfony/framework-bundle to use the collector. Like for instance applications based on silex or symfony components.
Commits
-------
3841f46 added missing a deprecated notice
c227806 Move AjaxCollector for use without framework bundle
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
So useful when writing/updating dump fixtures!
Commits
-------
aa1d578 [VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
This PR was merged into the 2.8 branch.
Discussion
----------
Prevent adding non-DOMElement elements in DomCrawler
| Q | A
| ------------- | ---
| Bug fix? | kind of
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Many methods of the DomCrawler component are relying on the DOMElement API, not only on the DOMNode API. All the typehints in the Form and Link APIs were already fixed in 2.5 because they are unusable with other kinds of nodes (fatal errors). However, the Crawler itself was not fixed. and this means that a bunch of its APIs can trigger fatal errors when passing other kinds of nodes.
Thus, there is a case where the code was allowing such nodes to be injected in the Crawler for some XPath queries. I fixed it to avoid it, adding the same kind of filtering than in other places.
Commits
-------
9f362a1 Prevent adding non-DOMElement elements in DomCrawler
This PR was merged into the 2.8 branch.
Discussion
----------
Deprecate loading multiple documents in the same crawler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #15849
| License | MIT
| Doc PR | n/a
Note that loading multiple documents in the same crawler already creates weird things when working with namespaces (the list of mapping of aliases to namespaces is shared between documents, which was flawed).
As said in the issue, this opens the door to optimizations in the future (sharing the DOMXpath instance for instance, including with subcrawler)
Commits
-------
0d1cb3b Deprecate loading multiple documents in the same crawler
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Fix improper comments removal
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15857
| License | MIT
| Doc PR | -
This tries to fix#15857 .
Honestly, I don't have any idea of the regressions it might introduce. Tests are passing, so if this code had any reason to exist, tests covering it are certainly missing :/
Any hint ?
Commits
-------
0e24fc5 [Yaml] Fix improper comments removal inside strings
This PR was squashed before being merged into the 2.8 branch (closes#15742).
Discussion
----------
Using a service as a router resource
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | almost
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
Hi guys!
This adds the ability to use a service as a routing resource. In other words, instead of loading `routing.yml`, you could load `my_route_loader`, and then a method would be called on your service to return a RouteCollection.
Specifically, I'm interested in this because it would allow a user to point their main router resource to the kernel itself, making it possible to load routes inside the kernel (making a single-file full-stack app more possible).
Thanks!
Commits
-------
79e210f Using a service as a router resource
This PR was squashed before being merged into the 2.8 branch (closes#15778).
Discussion
----------
Fluid interface for building routes in PHP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
This - along with #15742 - attempts to making adding routes in PHP (via an actual class+method) not only possible, but also useful.
The two classes - `Route` and `RouteCollectionBuilder` are based off of Silex's `Controller` and `ControllerCollection`. The `RouteCollectionBuilder` is basically a `RouteCollection` that's able to import other resources. Here are the goals:
A) Import routes easily
```php
$routes->import('routing.yml');
```
B) Fluid addition of routes into the collection
```php
$routes->add('/admin', 'AppBundle:Admin:index', 'admin_index')
->setMethods(['GET']);
```
C) Ability to create routes with auto-generating names
D) Ability to add a "sub-collection" (kind of like an import, without pointing to another file). Included is the ability to set the controller class:
```php
$blogRoutes = $routes->createBuilder('/blog')
->setControllerClass('AppBundle\Controller\BlogController');
$blogRoutes->add('/', 'indexAction');
$blogRoutes->add('/{id}', 'editAction');
$routes->addBuilder($blogRoutes);
```
E) The collection options can be set before or after the routes. With `RouteCollection`, if you set something - e.g. a prefix or a default - and THEN add more routes, those options are not passed to those routes. This is by design, but not ideal for building routes (e.g. in the previous code example, the controllerClass would not be applied using the opposite logic, since it's set before adding the routes).
Thanks!
Commits
-------
15ba2e8 Fluid interface for building routes in PHP
This PR was merged into the 2.8 branch.
Discussion
----------
[CssSelector] synchronize tests for static and non-static API
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Synchronizing the classes ensures that no tests are lost when the legacy
API is removed in #16020 for Symfony 3.0, thus mitigating the risk of
future regressions.
Commits
-------
2b29a40 synchronize tests for static and non-static API
Synchronizing the classes ensures that no tests are lost when the legacy
API is removed in #16020 for Symfony 3.0, thus mitigating the risk of
future regressions.
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] fix deprecation triggers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
On HHVM, the SplObjectStorage class performs calls to its method
internally. These method calls must not lead to triggered deprecation
notices.
Commits
-------
aca6bd9 [DomCrawler] fix deprecation triggers
This PR was squashed before being merged into the 2.8 branch (closes#15926).
Discussion
----------
[2.8][Form] Deprecate alias tag option
FQCN should be used since 2.8 instead, so a deprecation error should be triggered when the `alias` setting is used.
Furthermore, the name of the option doesn't make much sense for form types (as it's the alias of the field it applies to), so I renamed it to `extended_type`. I'm open to any other suggestions.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e3aa522 [2.8][Form] Deprecate alias tag option
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBundle] fix useless and failing test
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This test is failing in php 7, see https://travis-ci.org/symfony/symfony/jobs/83107755#L2015
But it also doesn't test anything. So it's useless in it's current form.
In 2.7 we have more tests that are actually useful. So the class is not untested.
Commits
-------
d94dd16 [TwigBundle] fix useless and failing test
This PR was squashed before being merged into the 2.8 branch (closes#16023).
Discussion
----------
Minor fixes for the profiler and toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | partially #15439
| License | MIT
| Doc PR | -
Changes:
* Fixed a misaligned icon
* Changed the priorities of the collectors to better control their position and to leave a "gap" between priorities so custom panels can be displayed between the default panels. This idea came from @stof.
By the way, @stof do you know how can I set the priority of the SwiftMailer collector? Its definition is the only one that doesn't use the `<tag name="data_collector" />`:
```xml
<service id="swiftmailer.data_collector" class="%swiftmailer.data_collector.class%">
<argument type="service" id="service_container" />
</service>
```
https://github.com/symfony/swiftmailer-bundle/blob/master/Resources/config/swiftmailer.xml#L90-L92
Commits
-------
bff4098 Minor fixes for the profiler and toolbar
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] made the tests compatible with 3.0
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
795da85 [Form] made the tests compatible with 3.0
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle][TwigBridge] do not render empty form action attributes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13852, #15995
| License | MIT
| Doc PR |
Commits
-------
1307043 do not render empty form action attributes
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] add dependency required by a replaced package
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #16007, the Security HTTP component requires the PropertyAccess
component to access nested parameter bag values. Since the Security
component replaces the Security HTTP component, all dependencies of the
replaced packages must be mirrored here.
Commits
-------
d7034db add dependency required by a replaced package
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] Bind input before executing the COMMAND event
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10695 (problem 1)
| License | MIT
| Doc PR | -
Previously, `$input` wasn't very usefull in the `console.command` event, as the input was not yet bound to the command definition.
With this PR, the input is now bound twice: Once before the event is dispatched (to make it usefull in the listeners) and once at the original location in `Command#run()` (to allow changing the input definition in an event listener).
Commits
-------
0af1676 Bind input before executing the COMMAND event
Since #16007, the Security HTTP component requires the PropertyAccess
component to access nested parameter bag values. Since the Security
component replaces the Security HTTP component, all dependencies of the
replaced packages must be mirrored here.
Make sure that all relevant information is passed to created crawlers.
To avoid future regressions, this commit backports the approach taken by
@stof in #15934 to have a single place in the class that is responsible
to create subcrawler instances.
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Dump PHP+Twig code excerpts in backtraces
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ExceptionCaster::filterTrace() is deprecated and replaced by a more flexible backtrace processing that allows one to register casters for amending/changing dumped backtraces. This is especially useful for dumping source map information/excerpts (like e.g. twig template source).
Here is a comparison generated with this code snippet (see also the expected output in testThrowingCaster):
```php
namespace Symfony\Component\VarDumper\Caster;
require 'vendor/autoload.php';
function bar()
{
return foo();
}
function foo()
{
dump(new \Exception('baz'));
}
bar('aaaaarg');
```
Before:
![before](https://cloud.githubusercontent.com/assets/243674/9976794/88f0259a-5eef-11e5-81a8-3cb9b44cfb00.png)
After:
![after](https://cloud.githubusercontent.com/assets/243674/9976747/6bbac068-5eed-11e5-99dc-a4fd5d3172b5.png)
Commits
-------
89578f1 [VarDumper] Dump PHP+Twig code excerpts in backtraces
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] Tag deprecated services
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Tag deprecated services as such. Some are deprecated by transitivity with their class definition.
Having given some workshops on migrating to sf 3.0, the deprecation triggered at the class level is cryptic to most. Triggering a more tailored one about the service is really important to me in order to help users migrate.
Commits
-------
87e8e8f [FrameworkBundle] Tag deprecated services
This PR was merged into the 2.8 branch.
Discussion
----------
[Config] Fix ArrayNode extra keys "ignore" and "remove" behaviors
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Due to #14238 , no more exception is thrown when submitting extra keys to an `ArrayNode`.
For instance:
```php
$builder = new TreeBuilder();
$nodeDefinition = $builder->root('root')
->children()
->scalarNode('foo')
->end()
->end();
$node = $nodeDefinition->getNode(true);
$node->normalize(array(
'foo' => 'ok',
'bar' => 'ko',
));
```
will not throw a
> Symfony\Component\Config\Definition\Exception\InvalidConfigurationException: Unrecognized option "bar" under "root"`
anymore, as it does in 2.7.
I think the expected behavior is:
`Submitted data: ['bar' => 'ko']`
Ignore | Remove | Expected | OK | Comment
---------| ------------ | ------------- | ------ | ----------
true | true | `[ ]` | ✔︎ | Previous behavior when ignoring.
true | false | `['bar' => 'ko']` | ✔︎ | This is the result targeted by #14238.
false | true | exception | ✘ | Removing makes no sense when not ignoring extra keys. <br/>The exception should still be thrown.
false | false | exception | ✘ | Previous behavior (2.7). <br/>Should not have changed
Commits
-------
d961f7f [Config] Fix ArrayNode extra keys "ignore" and "remove" behaviors
* 2.7:
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[Bridge\Twig] Fix form lowest version
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
* 2.3:
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] deprecate finding deep items in request parameters
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is the same as #14203 but using the PropertyAccess component in the Security HTTP component to query nested request parameters and is rebased on the `2.8` branch.
Commits
-------
47fba88 deprecate finding deep items in request parameters
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] change a class in tests to avoid depending on SQLite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
d6a7517 [HttpKernel] change a class in tests to avoid depending on SQLite
This PR was merged into the 2.7 branch.
Discussion
----------
[Bridge\Twig] Fix form lowest version
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
3f4ad74 [Bridge\Twig] Fix form lowest version
This PR was merged into the 2.3 branch.
Discussion
----------
[ci] Display fastest results first when running tests in parallel
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Keeping order prevents seeing failures early as they happen. I propose to display tests results asap instead.
Best viewed with: https://github.com/symfony/symfony/pull/15993/files?w=1
Commits
-------
3d6c864 [ci] Display fastest results first when running tests in parallel
This PR was merged into the 2.3 branch.
Discussion
----------
remove api tags from code
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15977
| License | MIT
| Doc PR | n/a
Commits
-------
f1c7c65 remove api tags from code
This PR was squashed before being merged into the 2.8 branch (closes#15964).
Discussion
----------
Symfony Console Style tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR will contain some minor tweaks found while updating all the Symfony commands. Don't merge yet. Thanks!
Commits
-------
64e7b6f Symfony Console Style tweaks
This PR was merged into the 2.8 branch.
Discussion
----------
Add a non-static API for the CssSelector component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #15850, #8404
| License | MIT
| Doc PR | todo
This implements a non-static API for the CssSelector component.
I decided to keep the static API too, as it is convenient when you just need a one-shot conversion (if you need lots of conversions, keeping a reference to the Converter and all its internal object graph may be faster than releasing it all the time and rebuilding it).
I deprecated the global state to choose between HTML and XML conversion. The static API would always enable the HTML extension in 3.0. Dealing with XML would be done by using the Converter class.
A second commit also tags all internal classes of the component as ``@internal``, as there is really no reason for a user to deal with them (btw, we already considered them fully internal in the past, as we broke BC on them in a patch release to fix memory performance of the component in the past).
TODOs:
- [x] Validate whether we keep the static facade to the component
- [ ] send a PR on the documentation to document this new API.
- [x] handle usage of the deprecated API in the DomCrawler testsuite
The DomCrawler component does not use the new API yet. I will do it in a separate PR, as distinguishing between HTML and XML modes for a crawler will be easier once I deprecate the possibility to load multiple documents (which I will do tomorrow).
Commits
-------
9e51279 [CssSelector] Tag all internal classes as internal ones
f4563c3 Add a non-static API for the CssSelector component
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] fix tests for the `AbstractVoter` class
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15961, #15968
| License | MIT
| Doc PR |
* The `LegacyAbstractVoterTest` class is not needed anymore, tests have
been moved to the `AbstractVoterTest` class tagging them with the
legacy group.
* Tests are applied on `stdClass` object instances. Thus, the legacy
voter fixture class must not support `AbstractVoterTest_Object`
instances, but support `stdClass` objects instead.
* Remove a test that checked for a `BadMethodCallException` being
thrown. This seems to have been added accidentally in #15961.
Commits
-------
9fe3b76 fix tests for the `AbstractVoter` class
In #15973, the `searchResultsAction()` of the `ProfilerController` was
updated to pass the current request to the rendered template. However,
this change was not reflected in the test thus letting it fail.
This PR was merged into the 2.8 branch.
Discussion
----------
added logging of unused tags
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11511, #11744
| License | MIT
| Doc PR | -
This is the same as #11744 but with some minor tweaks and some unit tests for the compiler pass.
Commits
-------
95c9f50 added some tests
d3271e1 missing tags in whitelist
f51fe4a [FrameworkBundle] [DependencyInjection] added logging of unused tags during container compilation
* The `LegacyAbstractVoterTest` class is not needed anymore, tests have
been moved to the `AbstractVoterTest` class tagging them with the
legacy group.
* Tests are applied on `stdClass` object instances. Thus, the legacy
voter fixture class must not support `AbstractVoterTest_Object`
instances, but support `stdClass` objects instead.
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBundle] removed usage of Templating classes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes (but frankly, I don't see how that would break anything out there)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
ff3c107 [TwigBundle] removed usage of Templating classes
7f13f95 [WebProfilerBundle] fixed a template reference
* Restore View Latest button
* In order to fit into the horizontal space available, shorten the names of the Latest Profiles and View Latest buttons and adjust the buttons' margin and padding.
This PR was merged into the 2.8 branch.
Discussion
----------
[TwigBridge] is_granted no longer raise an exception if the token storage is empty
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10159
| License | MIT
| Doc PR |
Commits
-------
6be68fd [TwigBridge] is_granted no longer raise an exception if the token storage is empty
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] [Ldap] Added support for LDAP (New Component + integration in the Security Component).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | -
| License | MIT
| Doc PR | not yet
Current state:
- [x] Implement logic
- [x] Post-review tuning and stabilization
- [x] Fix tests
This PR is a follow-up to #5189, which was in a stand-still for a few years now. It tries to fix the remaining issues which were mentioned in the discussion.
There are still a few issues with the PR, as it is. For example, it introduces two new firewall factories, whereas the base factories (`form_login` and `http_basic`) could simply introduce new configuration options.
Also, for a user to use an LDAP server as an authentication provider, he first needs to define a service which should be an instance of `Symfony\Component\Security\Ldap\Ldap`.
For example:
```yml
services:
my_ldap:
class: Symfony\Component\Security\Ldap\Ldap
arguments: [ "ldap.mydomain.tld" ]
```
Then, in `security.yml`, this service can be used in both the user provider and the firewalls:
```yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
ldap_users:
ldap:
service: my_ldap
base_dn: dc=MyDomain,dc=tld
search_dn: CN=My User,OU=Users,DC=MyDomain,DC=tld
search_password: p455w0rd
filter: (sAMAccountName={username})
default_roles: ROLE_USER
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
demo_login:
pattern: ^/login$
security: false
api:
provider: ldap_users
stateless: true
pattern: ^/api
http_basic_ldap:
service: my_ldap
dn_string: "{username}@MYDOMAIN"
demo_secured_area:
provider: ldap_users
pattern: ^/
logout:
path: logout
target: login
form_login_ldap:
service: my_ldap
dn_string: CN={username},OU=Users,DC=MyDomain,DC=tld
check_path: login_check
login_path: login
```
Commits
-------
60b9f2e Implemented LDAP authentication and LDAP user provider
1c964b9 Introducing the LDAP component
This PR was merged into the 2.8 branch.
Discussion
----------
Removed the "Delete profiles" action from the web profiler sidebar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #15819
| License | MIT
| Doc PR | -
Commits
-------
8c47eb9 Removed the "Delete profiles" action from the web profiler sidebar
This PR was squashed before being merged into the 2.3 branch (closes#15799).
Discussion
----------
[HttpFoundation] NativeSessionStorage `regenerate` method wrongly sets storage as started
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR fixes an error when regenerating session IDs for non-active sessions.
Right now, the session is flagged as _started_, no matter if the session ID was successfully regenerated or not, making the storage [unable to _start the session_](6393ec3169/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php (L130-L132)) later on.
This also fixes a future error with PHP 7, which throws an error if a regeneration is attempted for non-active sessions.
```
session_regenerate_id(): Cannot regenerate session id - session is not active
```
Commits
-------
8e6ef9c [HttpFoundation] NativeSessionStorage method wrongly sets storage as started
This PR was merged into the 2.7 branch.
Discussion
----------
[property-access] Improvement for Accessing Reference Chain
Improve performance for the following scenarios:
- Example 1:
```php
$a = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
);
$pa->setValue($a, '[a][b][c]', 'new-value');
// The PropertyAccessor will try to set values for
// $a['a']['b']['c'], $a['a']['b'] and $a['a'],
// but in fact it may terminate the loop
// right after the value of $a[a][b][c] is set,
// because $a, $[a], $[a][b] and $[a][b][c]
// are all passed as reference - the reference chain is not broken.
```
- Example 2
```php
$b = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
)
$a = new Foo($b);
// In this example, the reference chain of $b is broken,
// because it's passed to $a.value as value
// But its elements are all passed as reference,
// so after setting the value for $b[a][b][c], there is no need
// to set value for $b[a][b] and $b[a]
$pa->setValue($a, 'value[a][b][c]', 'new-value');
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
e24a798 [property-access] Improvement for Accessing Reference Chain
This PR was merged into the 2.7 branch.
Discussion
----------
Remove failing test to fix#15935
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15935
| License | MIT
| Doc PR |
Test has been removed on 2.8 already in https://github.com/symfony/symfony/pull/15738/files#diff-990df0e8238847f8ae54e8227f295c22L107
Commits
-------
5392a0c Remove failing test
IBAN is an acronym. The term 'IBAN-Kontonummer' is redundant, since the 'AN' part (Account Number) already translates to 'Kontonummer'. It's like saying 'International Bank Account Number Account Number'.
"Fiş" is a correct translation for "token", however "bilet" is also used, I fixed that inconsistency. Moreover, "kimlik bilgileri" is a better translation for "credentials" than "girdiler". "Girdiler" is the translation of "inputs", so I fixed sentences with "credentials". "Hesap engellenmiş" is better than "Hesap devre dışı bırakılmış" for "Account is disabled.". "Digest nonce has expired" can be translated better as "Derleme zaman aşımına uğradı." because "Derleme zaman aşımı gerçekleşti" has a confirmation sense like user requested it to expire and it has expired.
References:
token: http://tureng.com/search/token (3rd entry)
credentials: http://www2.zargan.com/tr/q/credentials-ceviri-nedir (1st entry)
disable: http://tureng.com/search/disable (15th entry)
This PR was merged into the 2.8 branch.
Discussion
----------
Easier Custom Authentication errors
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
This makes failing authentication with a custom message much easier:
```php
throw CustomAuthenticationException::createWithSafeMessage(
'That was a ridiculous username'
);
// or
$e = new CustomAuthenticationException();
$e->setSafeMessage('That was a ridiculous username');
throw $e;
```
Currently, to do this, you'd need to create a new sub-class of `AuthenticationException`, which is way more work than it needs to be. The original design was so that all messages exposed are safe, which is why I've named the methods like I have.
Thanks!
Commits
-------
d7c1463 Adding a class to make it easier to set custom authentication error messages
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Improve AbstractVoter tests
Applying the improved tests from https://github.com/symfony/symfony/pull/15932 into the oldest possible branch.
Merge conflicts from 2.7 into 2.8 caused by this PR do not need to be done carefully, I'll create a new PR for 2.8 updating the tests as soon as these changes are merged up.
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
Commits
-------
5ff741d Readd the correct tests
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] don't rely on internal sort implementation om test
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14894
| License | MIT
| Doc PR |
PHP does not guarantuee how array elements with the same value will be
sorted when applying `asort()`. Since all namespaces used in the test
produce the same Levenshtein value, we should only check for presence of
these namespaces instead of comparing the exact order.
Commits
-------
3011fa0 don't rely on internal sort implementation in test
PHP does not guarantuee how array elements with the same value will be
sorted when applying `asort()`. Since all namespaces used in the test
produce the same Levenshtein value, we should only check for presence of
these namespaces instead of comparing the exact order.
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Fix input validation when required arguments are missing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15505
| License | MIT
| Doc PR | -
The rule that was here in place previously only works when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
Commits
-------
4982b02 [Console] Add the command name to input arguments if it's missing
f12a4c1 [Console] Fix input validation when required arguments are missing
* 2.7:
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
Mintty is now the default terminal in GitBash, and it supports ANSI
colors without the need of ANSICON (it even supports 256 colors rather
than the 16 colors supported by ANSICON).
* 2.3:
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
Mintty is now the default terminal in GitBash, and it supports ANSI
colors without the need of ANSICON (it even supports 256 colors rather
than the 16 colors supported by ANSICON).
This PR was merged into the 2.8 branch.
Discussion
----------
Updating behavior to not continue after an authenticator has set the response
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/14673/files#r40492765
| License | MIT
| Doc PR | n/a
This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.
It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best.
Commits
-------
5fa2684 Making all "debug" messages use the debug router
f403444 Updating behavior to not continue after an authenticator has set the response
This PR was merged into the 2.3 branch.
Discussion
----------
Add a group for tests of the finder against the FTP server
This allows to skip them easily when running the testsuite, as they represent a significant part of the testsuite time. These 2 tests together represent 42% of the execution time of the testsuite (all the time being spent connecting to the FTP server).
I also remove the usage of the data provider as a data provider with a single dataset (and used only partially) only makes tests harder to read. and does not save any duplication.
Commits
-------
51147e3 Add a group for tests of the finder against the FTP server
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][WebProfilerBundle] Fix search button click listener
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This fixes an issue when clicking the sidebar "Search" button **text** instead of the **button**. Then the click event target/srcElement is the *span* child-element, instead of the listening *a* element, which causes errors in the listener, since it expects the listening element. In consequence of that the search form isn't shown.
To fix this, the same technique is used, as for the navigation tabs. Traversing the DOM up to the expected *a* element.
Commits
-------
f9ddddb [WebProfilerBundle] Fix search button click listener
This PR was merged into the 2.8 branch.
Discussion
----------
Abstract voter tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes (a little)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Based on suggestions from stof in #15870, this simplifies the BC and deprecation throwing code. This also adds a BadMethodCallException in case the user doesn't override `isGranted` *or* `voteOnAttribute`, because that's just plain wrong (as is calling `isGranted()` on the parent class directly, since that was formerly abstract).
Commits
-------
c03f5c2 Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870
This PR was merged into the 2.8 branch.
Discussion
----------
Making GuardTokenInterface extend TokenInterface
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15884
| License | MIT
| Doc PR | n/a
See #15884
Commits
-------
7f04fbb Making GuardTokenInterface extend TokenInterface
This PR was merged into the 2.8 branch.
Discussion
----------
[Validator] Add Hungarian translation for the BIC constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f26425b [Validator] Add Hungarian translation for the BIC constraint
This PR was merged into the 2.8 branch.
Discussion
----------
Guard minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Various completely minor things, most from suggestions on #14673
Commits
-------
869d5a7 tweaking message related to configuration edge case that we want to be helpful with
da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
This PR was merged into the 2.3 branch.
Discussion
----------
Forbid serializing a Crawler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Unserializing a Crawler instance creates DOM elements in an invalid state, making the Crawler unusable.
While working on #15849, I figured out that DomCrawler actually inherits ``Serializable`` from its ``SplObjectStorage`` parent, and so I tried to serialize and unserialize one. The answer is that it does not work. This is what happens when trying to call ``parents`` on it for instance:
```
Symfony\Component\DomCrawler\Crawler::parents(): Invalid State Error
```
Commits
-------
12733cb Forbid serializing a Crawler
This PR was merged into the 2.8 branch.
Discussion
----------
Allow serializer 3.0 in the PropertyInfo component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This makes the component consistent with other components.
Commits
-------
0d72411 Allow serializer 3.0 in the PropertyInfo component
This PR was merged into the 2.8 branch.
Discussion
----------
Add the replace rules for the security-guard component
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The update of composer replacements was forgotten in #14673
Commits
-------
5ef8abc Add the replace rules for the security-guard component
This PR was squashed before being merged into the 2.8 branch (closes#15301).
Discussion
----------
[Form][Type Date/Time] added choice_translation_domain option.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15222 and #15298
| License | MIT
- [x] add test
Commits
-------
1f3af26 [Form][Type Date/Time] added choice_translation_domain option.
* 2.7:
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Fix with_minutes option in time widget
Fixed properties not explicitily declared
This PR was merged into the 2.7 branch.
Discussion
----------
Ensure the ClockMock is loaded before using it in the testsuite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The ``ProgressBarTest`` is passing in 2.7 and 2.8 on Travis only because the ``LegacyProgressHelperTest`` is running first, and so the clock mock is loaded. It would not pass when running it standalone. And the testsuite is currently broken in the master branch because LegacyProgressHelperTest is gone there, and so the clock mock was not loaded before the test.
Commits
-------
0e5aa0e Ensure the ClockMock is loaded before using it in the testsuite
This PR was merged into the 2.8 branch.
Discussion
----------
Fix legacy security tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
when merging legacy test classes together in #15893, use statements where not copied, making the tests fail.
Commits
-------
8b615bb Fix legacy security tests
This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.
This PR was merged into the 2.8 branch.
Discussion
----------
Deprecate ResourceInterface::getResource()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
The return value of this method does not make sense if you do not exactly know about the type of resource at hand. For example, it may be [an array](b49fa129bd/src/Symfony/Component/HttpKernel/Config/EnvParametersResource.php (L57)) or a [file path](87800ae47e/src/Symfony/Component/Config/Resource/FileResource.php (L51)).
As all usages of getResource() within Symfony are in tests of particular Resource implementations anyway, deprecating and later removing this method helps us with simplifying the ResourceInterface (https://github.com/symfony/symfony/issues/7176).
Commits
-------
87c0c7d Deprecate ResourceInterface::getResource()
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed properties not explicitily declared
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| License | MIT
Commits
-------
d2b3fe4 Fixed properties not explicitily declared
This PR was squashed before being merged into the 2.8 branch (closes#15858).
Discussion
----------
[PropertyInfo] Import the component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#5717
As discussed with @fabpot (see #14844), this PR moves [dunglas/php-property-info](https://github.com/dunglas/php-property-info) under the Symfony umbrella.
Rationale behind this new component (extracted from README.md):
PHP doesn't support explicit type definition. This is annoying, especially when doing meta programming.
Various libraries including but not limited to Doctrine ORM and the Symfony Validator provide their own type managing
system.
This library extracts various information including the type and documentation from PHP class property from metadata of popular sources:
* Setter method with type hint
* PHPDoc DocBlock
* Doctrine ORM mapping (annotation, XML, YML or custom format)
* PHP 7 scalar typehint and return type
* Serializer metadata
**Usage:**
```php
<?php
// Use Composer autoload
require 'vendor/autoload.php';
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\Tools\Setup;
use Doctrine\ORM\Mapping\Column;
use Doctrine\ORM\Mapping\Entity;
use Doctrine\ORM\Mapping\Id;
use Symfony\Component\PropertyInfo\Extractors\DoctrineExtractor;
use Symfony\Component\PropertyInfo\Extractors\PhpDocExtractor;
use Symfony\Component\PropertyInfo\Extractors\ReflectionExtractor;
use Symfony\Component\PropertyInfo\PropertyInfo;
/**
* @Entity
*/
class MyTestClass
{
/**
* @Id
* @Column(type="integer")
*/
public $id;
/**
* This is a date (short description).
*
* With a long description.
*
* @var \DateTime
*/
public $foo;
private $bar;
public function setBar(\SplFileInfo $bar)
{
$this->bar = $bar;
}
}
// Doctrine initialization (necessary only to use the Doctrine Extractor)
$config = Setup::createAnnotationMetadataConfiguration([__DIR__], true);
$entityManager = EntityManager::create([
'driver' => 'pdo_sqlite',
// ...
], $config);
$doctrineExtractor = new DoctrineExtractor($entityManager->getMetadataFactory());
$phpDocExtractor = new PhpDocExtractor();
$reflectionExtractor = new ReflectionExtractor();
$propertyInfo = new PropertyInfo(
array($reflectionExtractor),
array($doctrineExtractor, $phpDocExtractor, $reflectionExtractor),
array($phpDocExtractor),
array($reflectionExtractor)
);
var_dump($propertyInfo->getProperties('MyTestClass'));
var_dump($propertyInfo->getTypes('MyTestClass', 'foo'));
var_dump($propertyInfo->getTypes('MyTestClass', 'id'));
var_dump($propertyInfo->getTypes('MyTestClass', 'bar'));
var_dump($propertyInfo->isReadable('MyTestClass', 'id'));
var_dump($propertyInfo->isReadable('MyTestClass', 'bar'));
var_dump($propertyInfo->isWritable('MyTestClass', 'foo'));
var_dump($propertyInfo->isWritable('MyTestClass', 'bar'));
var_dump($propertyInfo->getShortDescription('MyTestClass', 'foo'));
var_dump($propertyInfo->getLongDescription('MyTestClass', 'foo'));
```
Output:
```
array(3) {
[0] =>
string(2) "id"
[1] =>
string(3) "foo"
[2] =>
string(3) "Bar"
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#36 (6) {
private $builtinType =>
string(6) "object"
private $nullable =>
bool(false)
private $class =>
string(8) "DateTime"
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#36 (6) {
private $builtinType =>
string(3) "int"
private $nullable =>
bool(false)
private $class =>
NULL
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#245 (6) {
private $builtinType =>
string(6) "object"
private $nullable =>
bool(false)
private $class =>
string(11) "SplFileInfo"
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
bool(true)
bool(false)
bool(true)
bool(true)
string(35) "This is a date (short description)."
string(24) "With a long description."
```
Commits
-------
f1eb185 [PropertyInfo] Import the component
This PR was merged into the 2.3 branch.
Discussion
----------
Use random_bytes function if it is available for random number generation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15239
| License | MIT
| Doc PR |
This is an attempt to use the random_bytes function when generating secure random numbers. This function is included in PHP 7 or through the "paragonie/random_compat" library.
This PR only adds support to use the function if it is available. Changes that can be added is to add a hard dependency on the paragonie/random_compat library, so all current functionality can be deprecated.
Commits
-------
6a217dc Use random_bytes function if it is available for random number generation
This PR was merged into the 2.8 branch.
Discussion
----------
Merged LegacySecurityContext tests
I've no idea why this test was introduced in the wrong namespace in 2.8, but I merged it in the correct test case now.
Commits
-------
2c4da3c Merged LegacySecurityContext tests
This PR was merged into the 2.8 branch.
Discussion
----------
deprecated the Shell Console class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | n/a
Commits
-------
1c17928 deprecated the Shell Console class
This PR was squashed before being merged into the 2.8 branch (closes#15519).
Discussion
----------
[Validator] added BIC (SWIFT-BIC) validation constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5623
I've added the BIC validator, because we do often need validation for IBAN and BIC values. Since the IBAN validation was already included into Symfony, I was asking myself: why not contribute my BIC validator to the community? So here we go ...
It depends on ISO 9362 as described on [Wikipedia](https://en.wikipedia.org/wiki/ISO_9362#Structure). It validates the structure based on alphabetic/alphanumeric values and the value's length.
Todo-list:
- [x] submit changes to the documentation
Commits
-------
d6471b3 [Validator] added BIC (SWIFT-BIC) validation constraint
This PR was merged into the 2.8 branch.
Discussion
----------
[FrameworkBundle] compatibility with older Form component versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15711
| License | MIT
| Doc PR |
Commits
-------
01ad767 compatibility with older Form component versions
This PR was squashed before being merged into the 2.8 branch (closes#15151).
Discussion
----------
[Security] Deprecated supportsAttribute and supportsClass methods
These methods aren't used at all in a Symfony application and don't make sense to use in the application. They are only used internally in the voters. This means the voter interface can be made much easier.
I'm not sure how we do these deprecations, should we remove the methods from the interface now already? Also, I don't think it's possible to trigger deprecation notices for the voter methods?
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | -
Abstract Voter
---
There is one remaining question about the abstract voter. This currently has abstract `getSupportedAttributes()` and `getSupportedClass()` methods. One of the reasons to remove the methods for the interface was that these methods are not flexible. Does it make sense to deprecate these methods as well and replace them by an abstract `protected vote(array $attributes, $class)` method in the `AbstractVoter` (which is called from `AbstractVoter#vote()`) ?
Commits
-------
6588708 [Security] Deprecated supportsAttribute and supportsClass methods
This PR was merged into the 2.8 branch.
Discussion
----------
Add support for deprecated definitions
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14307
| License | MIT
| Doc PR | symfony/symfony-docs#5689
This add a sort of marker in the Definition of a service that marks it as "deprecated". This is useful when we have a bunch of service and a bunch of where it is used, and we need to track if there are any uses before removing it (in a later version or right now). I was not sure if the `trigger_error` would be enough, or if I should log them instead.
I'm first gathering some feedback, and then I'll try to update the doc.
I was not sure if it should target 2.8 or master (3.0) though.
What's left ?
==========
- [x] Make a POC
- [x] Gather some feedbacks
- [x] Dump the tag in XML, YAML and PHP
- [x] Load the definition from XML, YAML and PHP
- [x] Fix some forgotten things such as the key existence check
- [x] Work on inline services in the php dumper
- [x] Handle deprecations for decorators
- ~~Possibility to overwrite the deprecated flag in the decorators in `XmlFileLoader` ?~~ Nope, and this behavior is also ported to the `YamlFileLoader`.
Commits
-------
83f4e9c [DI] Support deprecated definitions in decorators
0b3d0a0 [DI] Allow to change the deprecation message in Definition
954247d [DI] Trigger a deprecated error on the container builder
2f37cb1 [DI] Dump the deprecated status
8f6c21c [DI] Supports the deprecated tag in loaders
4b6fab0 [DI] Add a deprecated status to definitions
* 2.7:
[Console] Fix transient HHVM test
[OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies
fixed tests
Fixing test locations
[VarDumper] Fix dump comparison on large arrays
[expression-language] Code Cleanup for GetAttrNode
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Fix dump comparison on large arrays
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
6a6e7f3 [VarDumper] Fix dump comparison on large arrays
This PR was merged into the 2.7 branch.
Discussion
----------
Fixing security test locations
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
There were just missed on sha: 0601ed33c4 probably because there were on a different branch.
Cheers!
Commits
-------
16e09d3 Fixing test locations
This PR was squashed before being merged into the 2.8 branch (closes#14894).
Discussion
----------
[Console] Add domain exceptions to replace generic exceptions
Creates domain specific exception classes for the case where a user type an invalid command name or option name.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14873
| License | MIT
| Doc PR | N/A
TODO:
* [x] Replace `\InvalidArgumentException` by `Symfony\Component\Console\Exception\InvalidArgumentException`
* [x] Add `Symfony\Component\Console\Exception\ExceptionInterface`
Commits
-------
dd17dc0 [Console] Add domain exceptions to replace generic exceptions
This PR was squashed before being merged into the 2.8 branch (closes#15738).
Discussion
----------
Implement service-based Resource (cache) validation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7230, #15692, #7782
| License | MIT
| Doc PR | symfony/symfony-docs#5136
### Overview
Currently, any metadata passed to `ConfigCache` (namely implementations of `ResourceInterface`) is serialized to disk. When the `ConfigCache` is validated, the metadata is unserialized and queried through `ResourceInterface::isFresh()` to determine whether the cache is fresh. That way, `ResourceInterface` implementations cannot interact with services, for example a database connection.
This PR introduces the new concept of `ResourceCheckers`. Services implementing `ResourceCheckerInterface` can be tagged as `config_cache.resource_checker` with an optional priority.
Clients that wish to use `ConfigCache` can then obtain an instance from the `config_cache_factory` service (which implements `ConfigCacheFactoryInterface`). The factory will take care of injecting resource checkers into the `ConfigCache` instance so that they can be used for cache validation.
Checking cache metadata is easy for `ResourceCheckers`:
* First, the `ResourceCheckerInterface::supports()` implementation is passed the metadata object in question. If the checker cannot handle the type of resource passed, `supports()` should return `false`.
* Otherwise, the `ResourceCheckerInterface::isFresh()` method will be called and given the resource as well as the timestamp at which the cache was initialized. If that method returns `false`, the cache is considered stale. If it returns `true`, the resource is considered unchanged and will *not* be passed to any additional checkers.
### BC and migration path
This PR does not (intend to) break BC but it comes with deprecations. The main reason is that `ResourceInterface` contains an `isFresh()` method that does not make sense in the general case of resources.
Thus, `ResourceInterface::isFresh()` is marked as deprecated and should be removed in Symfony 3.0. Resource implementations that can (or wish to) be validated in that simple manner can implement the `SelfCheckingResourceInterface` sub-interface that still contains (and will keep) the `isFresh()` method. The change should be as simple as changing the `extends` list.
Apart from that, `ResourceInterface` will be kept as the base interface for resource implementations. It is used in several `@api` interfaces and thus cannot easily be substituted.
For the Symfony 2.x series, a `BCResourceInterfaceChecker` will be kept that performs validation through `ResourceInterface::isFresh()` but will trigger a deprecation warning. The remedy is to either implement a custom ResourceChecker with a priority higher than -1000; or to switch to the aforementioned `SelfCheckingResourceInterface` which is used at a priority of -990 (without deprecation warning).
The `ConfigCache` and `ConfigCacheFactory` classes can be used as previously but do not feature checker-based cache validation.
### Outlook and closing remarks:
This PR supersedes #7230, #15692 and works at least in parts towards the goal of #7176.
The `ResourceCheckerInterface`, `...ConfigCache` and `...ConfigCacheFactory` no longer need to be aware of the `debug` flag. The different validation rules applied previously are now just a matter of `ResourceChecker` configuration (i. e. "no checkers" in `prod`).
It might be possible to remove the `debug` flag from Symfony's `Router` and/or `Translator` classes in the future as well because it was only passed on to the `ConfigCache` there.
Commits
-------
20d3722 Implement service-based Resource (cache) validation
This PR was merged into the 2.7 branch.
Discussion
----------
[expression-language] Code Cleanup for GetAttrNode
Use ``$this->nodes['attribute']->attributes['value']`` to
replace ``$this->nodes['attribute']->evaluate($functions, $values)``
for method call and property call.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
166e175 [expression-language] Code Cleanup for GetAttrNode
This PR was merged into the 2.8 branch.
Discussion
----------
New Guard Authentication System (e.g. putting the joy back into security)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more
| License | MIT
| Doc PR | symfony/symfony-docs#5265
Hi guys!
Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot.
### How it works
With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of.
For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple.
This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45
I've also tested with "remember me" and "switch user" - no problems with either.
I hope you like it :).
### What's Needed
1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases.
2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky.
### Deprecations?
This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication.
Thanks!
Commits
-------
a01ed35 Adding the necessary files so that Guard can be its own installable component
d763134 Removing unnecessary override
e353833 fabbot
dd485f4 Adding a new exception and throwing it when the User changes
302235e Fixing a bug where having an authentication failure would log you out.
396a162 Tweaks thanks to Wouter
c9d9430 Adding logging on this step and switching the order - not for any huge reason
31f9cae Adding a base class to assist with form login authentication
0501761 Allowing for other authenticators to be checked
293c8a1 meaningless author and license changes
81432f9 Adding missing factory registration
7a94994 Thanks again fabbot!
7de05be A few more changes thanks to @iltar
ffdbc66 Splitting the getting of the user and checking credentials into two steps
6edb9e1 Tweaking docblock on interface thanks to @iltar
d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant
c73c32e Thanks fabbot!
6c180c7 Adding an edge case - this should not happen anyways
180e2c7 Properly handles "post auth" tokens that have become not authenticated
873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
a0bceb4 adding Guard tests
05af97c Initial commit (but after some polished work) of the new Guard authentication system
330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
This PR was squashed before being merged into the 2.8 branch (closes#15870).
Discussion
----------
Updating AbstractVoter so that the method receives the TokenInterface
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #12360
| License | MIT
| Doc PR | not yet
This fixes#12360, and along with already-merged #14733, this would make it possible to make calls back to the `AccessDecisionManager` inside a voter (e.g. you might check to see if `IS_AUTHENTICATED_FULLY` from inside your voter).
We originally passed the User instead of the token to be nice, but it's a limitation, and since we never sanitized the User (i.e. a string may be passed to `AbstractToken::isGranted()`), it's not helpful anyways.
Thanks!
Commits
-------
948ccec Updating AbstractVoter so that the method receives the TokenInterface
This PR was merged into the 2.7 branch.
Discussion
----------
Normalize the way we check versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
121eade Normalize the way we check versions
This PR was squashed before being merged into the 2.8 branch (closes#15861).
Discussion
----------
Avoid errors when generating the logout URL when there is no firewall key
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15853
| License | MIT
| Doc PR | -
Commits
-------
a811912 Avoid errors when generating the logout URL when there is no firewall key
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][Form] Fix php warning on invalid FormFactory::createBuilder() argument
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Without this check it comes to a `strpos() expects parameter 1 to be string, object given` warning, when passing an invalid argument to `FormFactory::createBuilder()` (e.g. when calling `$this->createForm(new AnEntity());` instead of `$this->createForm(new AnEntityType());` in a controller).
Commits
-------
b5599a5 [Form] Fix php warning on invalid FormFactory::createBuilder() argument
* 2.7:
[Config] Fix enum default value in Yaml dumper
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[DomCrawler] Optimize the regex used to find namespace prefixes
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
Default to stderr for console helpers (only merge if #15794 gets merged)
* 2.3:
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] fixed cursor as pointer when hovering over link.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | ~
| Tests pass? | yes
| License | MIT
Commits
-------
ac7591f [WebProfilerBundle] added btn-link.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Default to stderr for the console helpers (2.7+)
Interactive input/output and informational output such as progress should go to `stderr` if available.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Only merge if #15794 is merged.
If someone explicitly wants to use `stdout`, they can simply pass `$output->getStream()` instead of `$output` in most use-cases.
Commits
-------
90c2a96 Default to stderr for console helpers (only merge if #15794 gets merged)
This PR was merged into the 2.8 branch.
Discussion
----------
[Translation][File dumper] allow get file content without writing in file.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #14881
| Tests pass? | yes
| License | MIT
Commits
-------
805acc9 fixed typo.
9b877cf [Translation][File dumper] allow get file content without writing in file.
This PR was merged into the 2.8 branch.
Discussion
----------
[Finder] Deprecate adapters and related classes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c08cf4b [Finder] Deprecate adapters and related classes
This PR was merged into the 2.8 branch.
Discussion
----------
Remove duplication of the handling of regex filters in the Finder
The logic to handle the multiple regexs in MultiplePcreFilterIterator children is the same each time (and will always be the same given it is related to the meaning of properties in MultiplePcreFilterIterator itself).
This extracts this logic in MultiplePcreFilterIterator itself rather than duplicating it in all child classes.
Commits
-------
e66bf64 Remove duplication of the handling of regex filters in the Finder
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Add EnumStub for dumping virtual collections with casters
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Currently, casters may use arrays to represent a collection of virtual values. They are curently dumped the same as regular arrays, and this leads to noisy output (like the `array:%n` prefix, or the quotes around "keys").
This PR adds a new EnumStub for these situations.
Here is an example when using PdoCaster:
Before :
![before](https://cloud.githubusercontent.com/assets/243674/9976105/366a37dc-5ed8-11e5-9ee8-00a4a6b68fa9.png)
After:
![after](https://cloud.githubusercontent.com/assets/243674/9976106/3a9b78a2-5ed8-11e5-8209-1d629d3b1736.png)
Commits
-------
aa50596 [VarDumper] Add EnumStub for dumping virtual collections with casters
This PR was merged into the 2.3 branch.
Discussion
----------
[CssSelector] Optimize regexs matching simple selectors
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
These shortcut parsers are applied first when converting a CSS selector to XPath, to be faster for simple selectors (tag matching, class matching with an optional tag, id matching with an optional tag).
None of the regexes defined here could have more chances to match more element when backtracking identifiers. So the backtracking is only slowing down the regex engine when the regex does not match (i.e. for any more complex selector for instance, or even for simple selectors without namespace of without tag name). Making quantifiers possessive solves this issue.
I also turned some capturing groups (around the namespace and the namespace delimiter) into non-capturing groups as we don't care about them in the output (they are just here to be optional).
Commits
-------
d5abe0b [CssSelector] Optimize regexs matching simple selectors
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Add clock mock to fix transient test on HHVM
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This should fix the most frequent transient test on HHVM (ProgressBarTest::testAnsiColorsAndEmojis)
Commits
-------
549f43b [Console] Add clock mock to fix transient test on HHVM
This is quite technical. As you can see in the provider, the method is called
sometimes when the User changes, and so the token becomes de-authenticated (e.g.
someone else changes the password between requests).
In practice, the user should be unauthenticated. Using the anonymous token did this,
but throwing an AccountStatusException seems like a better idea. It needs to be an
AccountStatusException because the ExceptionListener from the Firewall looks for exceptions
of this class and logs the user out when they are found (because this is their purpose).
This solution is a copy of what AbstractAuthenticationListener does. Scenario:
1) Login
2) Go back to the log in page
3) Put in a bad user/pass
You *should* still be logged in after a failed attempt. This commit gives that behavior.
This looks like a subjective change (one more method, but the method implementations are
simpler), but it wasn't. The problem was that the UserChecker checkPreAuth should happen
*after* we get the user, but *before* the credentials are checked, and that wasn't possible
before this change. Now it is.
Here is the flow:
A) You login using guard and are given a PostAuthGuardToken
B) Your user changes between requests - AbstractToken::setUser() and hasUserChanged() - which
results in the Token becoming "not authenticated"
C) Something calls out to the security system, which then passes the no-longer-authed
token back into the AuthenticationProviderManager
D) Because the PostauthGuardToken implements GuardTokenInterface, the provider responds
to it. But, seeing that this is a no-longer-authed PostAuthGuardToken, it returns
an AnonymousToken, which triggers logout
The reason is that the GuardAuthenticationProvider *must* respond to *all* tokens
created by the system - both "pre auth" and "post auth" tokens. The reason is that
if a "post auth" token becomes not authenticated (e.g. because the user changes between
requests), then it may be passed to the provider system. If no providers respond (which
was the case before this commit), then AuthenticationProviderManager throws an exception.
The next commit will properly handle these "post auth" + "no-longer-authenticated" tokens,
which should cause a log out.
This PR was merged into the 2.8 branch.
Discussion
----------
[Translation][File dumper] allow new child classes to implement only formatCatalogue
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #15699
| Tests pass? | yes
| License | MIT
Commits
-------
5fd9f2f [Translation][File dumper] allow new child classes to implement only formatCatalogue.
Reason: With the whitespaces, there would be a "gap" between <input> and <label> which is clickable, but doesn't activate the <input>.
It's easy to *add* some margin with CSS, whereas it's impossible to *remove* whitespaces with CSS.
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Stopped Autoruns when shelling on windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR |
Stop autoruns when shelling on Windows.
Original PR was on https://github.com/symfony/Process/pull/9#issuecomment-140721398.
Commits
-------
bca6771 Update Process.php
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Remove PHP 7 from allowed failures
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Looking at the latests PRs, PHP 7 does not segfault anymore with our test suite.
Commits
-------
ba8366e [travis] Remove PHP 7 from allowed failures
* 2.7:
[Finder] Fix recursive filter iterator
Improve the structure of the Finder testsuite
[VarDumper] Fix HtmlDumper constructor calling CliDumper's
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Exclude files based on path before applying the sorting
fixed composer.json
[Console] fix phpdoc of DialogHelper
Allowed extensions to inline compiler passes
* 2.3:
[Finder] Fix recursive filter iterator
Improve the structure of the Finder testsuite
Conflicts:
src/Symfony/Component/Finder/Iterator/ExcludeDirectoryFilterIterator.php
src/Symfony/Component/Finder/Tests/FinderTest.php
src/Symfony/Component/Finder/Tests/Iterator/DateRangeFilterIteratorTest.php
Testing against different adapters is now handled by multiple subclasses
of a common test case rather than using data providers. This allows
tests to be marked as skipped for unsupported adapters instead of making
them disappear from the testsuite.
* 2.3:
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Exclude files based on path before applying the sorting
[Console] fix phpdoc of DialogHelper
This PR was merged into the 2.7 branch.
Discussion
----------
Automatically process extensions when they implement CompilerPassInterface
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | todo (if people are in favor of this PR)
Compiler passes are very powerfull, but also quite strange to work with. Especially when you just need a very simple compiler pass (like https://github.com/symfony-cmf/RoutingBundle/blob/master/DependencyInjection/Compiler/SetRouterPass.php). For 3 lines of code, you need to tweak your bundle class and create a new class.
When using the DI component standalone, compiler passes are even harder to work with, as DI extensions can't register them. I believe that's why libraries like Behat make their extensions compiler passes by default.
I think it would be very easy to just implement an interface and have a `compile` method for the simple compiler pass stuff. If a bundle needs multiple compiler passes or need compiler passes to be executed at other times in the compile process, a bundle can use the normal compiler passes. But if it's just one simple thing, like replacing a definition or getting services with a specific tag, I think this method will be very usefull.
Commits
-------
6c50013 Allowed extensions to inline compiler passes
Improve performance for the following scenarios:
- Example 1:
```php
$a = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
);
$pa->setValue($a, '[a][b][c]', 'new-value');
// The PropertyAccessor will try to set values for
// $a['a']['b']['c'], $a['a']['b'] and $a['a'],
// but in fact it may terminate the loop
// right after the value of $a[a][b][c] is set,
// because $a, $[a], $[a][b] and $[a][b][c]
// are all passed as reference - the reference chain is not broken.
```
- Example 2
```php
$b = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
)
$a = new Foo($b);
// In this example, the reference chain of $b is broken,
// because it's passed to $a.value as value
// But its elements are all passed as reference,
// so after setting the value for $b[a][b][c], there is no need
// to set value for $b[a][b] and $b[a]
$pa->setValue($a, 'value[a][b][c]', 'new-value');
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* 2.7:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
Use stderr by default when a specific output is not injected
[Debug] Fix case mismatch detection
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
[HttpKernel] fix DumpDataCollector compat with Twig 2.0
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[Translator][warmup][fallback locales] fixed missing cache file generation.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
* 2.3:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
This PR was squashed before being merged into the 2.3 branch (closes#13794).
Discussion
----------
[DomCrawler] Invalid uri created from forms if base tag present
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #13145 was merged the provided testcase does not work anymore and creates an invalid link
This affects the latest versions of 2.3, 2.5, 2.6 and 2.7
Right now this PR only includes the failing test, as I could no easy find a fix. If someone immediately knows whats the problem, give me a hint please.
Commits
-------
dc57a7a [DomCrawler] Invalid uri created from forms if base tag present
This PR was merged into the 2.7 branch.
Discussion
----------
Use stderr by default when a specific output is not injected
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
stderr is really the best place to put logs by default, so unless someone explicitly passes something else we should use it, and especially not depend on the log level to decide where to output.
Commits
-------
c28796e Use stderr by default when a specific output is not injected
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] update param type phpdoc for StreamOutput
Makes it consistent with `getStream()`
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c036352 [Console] update param type phpdoc for StreamOutput
This PR was merged into the 2.3 branch.
Discussion
----------
Use ObjectManager interface instead of EntityManager
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If you use the EntityManager Decorator pattern that doctrine provides
then simply specifying a query_builder closure where your decorated
em is used fails as it isn't an instance of Doctrine\ORM\EntityManager.
Testing against the ObjectManager interface fixes the issue.
Commits
-------
1f3ea0f Use ObjectManager interface instead of EntityManager
Previous rule was only working when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
This PR was squashed before being merged into the 2.8 branch (closes#14378).
Discussion
----------
[DX] Added a logout link in the security panel of the web debug toolbar
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While developing applications, it's common to login/logout users continuously to test security features. I usually type `/logout` in the URL, but this is boring and, depending on the application, not always works.
This PR adds a small *Logout* link in the security panel when you are logged in the application:
![logged](https://cloud.githubusercontent.com/assets/73419/7184976/6c66831a-e460-11e4-86a9-eb5a48c9aa4c.png)
Anonymous users won't see anything:
![anonymous](https://cloud.githubusercontent.com/assets/73419/7184982/74a95b60-e460-11e4-8b35-72d8336355fb.png)
Commits
-------
192523a [DX] Added a logout link in the security panel of the web debug toolbar
This PR was squashed before being merged into the 2.3 branch (closes#14802).
Discussion
----------
[HttpKernel] fix broken multiline <esi:remove>
|Q |A |
|--- |---|
|Bug Fix? |yes|
|New Feature? |n |
|BC Breaks? |n |
|Deprecations?|n |
|Tests Pass? |yes|
|Fixed Tickets| |
|License |MIT|
|Doc PR | |
Originally found in https://github.com/symfony/symfony/pull/14800#discussion-diff-31388942
`<esi:remove>` blocks with multiline contents were not removed.
`<esi:comment>` blocks with multiline contents were not removed.
Note. According to http://www.w3.org/TR/esi-lang
`comment is an empty element, and must not have an end tag.` so the support for multi line comments are not actually supported in the standard.
Commits
-------
06f97bf [HttpKernel] fix broken multiline <esi:remove>
This PR was squashed before being merged into the 2.3 branch (closes#14841).
Discussion
----------
[DoctrineBridge] Fixed#14840
[DoctrineBridge] Fixed compatibility with entities packed in Phar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14840
| License | MIT
| Doc PR | none
Commits
-------
92ad5df [DoctrineBridge] Fixed#14840
This PR was squashed before being merged into the 2.8 branch (closes#15620).
Discussion
----------
[WIP] #15502 Make template shortcuts be usable without Templating component
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #15502
| License | MIT
| Doc PR | -
Commits
-------
d547ec0 [WIP] #15502 Make template shortcuts be usable without Templating component
This PR was merged into the 2.3 branch.
Discussion
----------
[framework-bundle] Add Test for TranslationUpdateCommand
Added the test script as per the discussion in PR #15562
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
232f6fd [framework-bundle] Add Test for TranslationUpdateCommand
This PR was merged into the 2.3 branch.
Discussion
----------
Add tests to the recently added exceptions thrown from YamlFileLoaders
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15702#15731
| License | MIT
| Doc PR | -
* use the `Symfony\Component\DependencyInjection\Exception\InvalidArgumentException` in the DI component
* add tests
Commits
-------
93e418f Improve exception messages.
ResourceInterface::__toString is mainly important because in various places, array_uniqe() is called to perform a de-duplication of resources and will use the string representation for objects.
Thus, we need to take care that if DirectoryResources apply different patterns they must be kept after array_unique calls.
This PR was squashed before being merged into the 2.3 branch (closes#15746).
Discussion
----------
Tests fix clockmock
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
On my local computer tests for HttpCacheTest not passed, because ClockMock make side effects on another tests (it takes time from _SERVER['REQUEST_TIME'] and for my computer difference with real one time and this time was more than expected by HttpCacheTest, one part of code take time from mock, anothers - from native time function). This PR remove this side effects.
Commits
-------
6b21752 Tests fix clockmock
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Move required RequestStack args as first arguments
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Since we planned to make RequestStack required, we have to move it as first arguments.
Commits
-------
84ba05b [HttpKernel] Move required RequestStack args as first arguments
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Add BufferingLogger for errors that happen before a proper logger is configured
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This allows catching e.g. deprecations that happen during bootstrapping.
Commits
-------
2a9647d [Debug] Add BufferingLogger for errors that happen before a proper logger is configured
This PR was merged into the 2.3 branch.
Discussion
----------
Dispatch console.terminate *after* console.exception
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
The problem is when using the ConsoleHandler from MonologBridge, TERMINATE closes it and removes the output, so when EXCEPTION fires if you want to log the exception it's too late and you don't get any output. See ed4fb54901/src/Symfony/Bridge/Monolog/Handler/ConsoleHandler.php (L115-L145)
It is my understanding that TERMINATE is always supposed to come last anyway, so it is a bug in any case, but this particular use case is what prompted the discovery.
Commits
-------
7802345 Dispatch console.terminate *after* console.exception
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The change removes the animation in the "sf-toolbar-block-ajax" when the request state was "ok".
When a form type provides a BC layer with old form names (all core types
do), the form registry will ask for type extensions registered on the
legacy name for BC, and trigger a warning if it finds any.
The DependencyInjectionExtension should not trigger warnings on its own
when being asked for such extensions (especially when it has none
registered).
Core extensions are also registered using the proper extended type
rather than legacy names.
This PR was merged into the 2.8 branch.
Discussion
----------
removed some Form related deprecation notices
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This removes a deprecation notice.
Commits
-------
4253824 removed some Form deprecation notices
This PR was merged into the 2.8 branch.
Discussion
----------
[Security\Http] Fix dep
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should make tests green
Commits
-------
037196c [Security\Http] Fix dep
This PR was merged into the 2.8 branch.
Discussion
----------
added ExceptionHandler::getHtml() to expose the full HTML of an exception
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
`ExceptionHandler::createResponse()` has been deprecated in 2.8 to remove the HttpFoundation dependency on `symfony/debug`. But that breaks Silex which relies on this method. As the `decorate` method is private, there is no way in Silex to upgrade. Instead of making the `decorate()` method public, I propose to add a new `getHtml()` method that returns the exception as a full HTML page.
Commits
-------
4d1d277 added ExceptionHandler::getHtml() to expose the full HTML of an exception
This PR was squashed before being merged into the 2.7 branch (closes#15552).
Discussion
----------
[ExpressionLanguage] Fixed expressions cache key generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reworked version of #15537
Difference with original PR:
- sort $names array to ensure its order does not affect caching, added test for it
- minor tweaks for cache key format
- used `foreach` instead of `array_map`
P.S. I'm not proficient with tests so not sure if tests are correct.
Commits
-------
4114a2b [ExpressionLanguage] Fixed expressions cache key generation