This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
814d961 [tests] Use @requires annotation when possible
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
This PR was squashed before being merged into the 2.3 branch (closes#16095).
Discussion
----------
[Console] Add additional ways to detect OS400 platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16053
| License | MIT
| Doc PR | None
This PR adds support for detecting the OS400 platform when the PHP function `php_uname()` is disabled. OS400 platform detection was added in #15058 to fix character encoding issues present on OS400. See that PR for more info.
This PR fixes regression introduced in #16053, which did not work on the IBM OS400 server I have access to. The constant `PHP_OS` being checked outputs "AIX" on my IBM OS400 server. I can't say for sure if it works on other IBM platforms... but I preserved this check just in case.
User @eloigranado [commented here](https://github.com/symfony/symfony/pull/15058#issuecomment-130743928) asking if we could switch to using `PHP_OS` constant instead of `php_uname()` because he claims some admins might "[hide] the exact kernel build from any attacker who discovers a remote PHP code execution vulnerability". I personally don't think we should accommodate this use case, but I was able to find alternate approaches.
### Why use case insensitive string matching stristr() instead of in_array()?
Here are the various outputs on my OS400 server:
echo PHP_OS; // "AIX"
echo getenv('OSTYPE'); // "os400"
echo php_uname('s'); // "OS400"
So we have various case issues here, and possible blank values on platforms where OSTYPE var doesn't exist or php_uname() is disabled. Concatenating these optional values together delimited by ; then case-insensitive searching the string for "OS400" seemed like a fair compromise. I would've probably done `in_array()` if case wasn't an issue.
Commits
-------
96a4071 [Console] Add additional ways to detect OS400 platform
This PR was merged into the 2.7 branch.
Discussion
----------
Added more tests for PropertyAccess
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is a follow up for [16090#issuecomment-145183635](https://github.com/symfony/symfony/pull/16090#issuecomment-145183635)
Commits
-------
378db75 Added more tests for PropertyAccess
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Allow tabs before comments at the end of a line
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
If a yml file has a tab character before a line ending comment the comment will be included in the parsed value. Yaml spec allows tab or space as whitespace characters so we need to check for tab as well. See included test.
Recently caused an odd and hard to find bug in our project.
See spec:
http://www.yaml.org/spec/1.2/spec.html#s-b-commenthttp://www.yaml.org/spec/1.2/spec.html#s-separate-in-linehttp://www.yaml.org/spec/1.2/spec.html#s-white
This is a new PR replacing https://github.com/symfony/symfony/pull/15747
@fabpot
Commits
-------
d040be7 [Yaml] Allow tabs before comments at the end of a line
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The new feature is in the DI component and it enlighten a deprecation from Doctrine that we ignored in FrameworkBundle, that is also fixed in this PR.
See https://github.com/symfony/symfony/pull/16001/files?w=1
Commits
-------
ca69fa3 [DI] Warn when a definition relies on a deprecated class in ContainerBuilder::createService()
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] consistent signature of getDump() in class + trait
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16126
| License | MIT
| Doc PR |
Commits
-------
48a9e83 consistent signature of getDump() in class + trait
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7b12fe9 [2.7] Fix docblocks about callables
This PR was merged into the 2.3 branch.
Discussion
----------
Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a25beb6 Fix docblocks about callables
This PR was merged into the 3.0-dev branch.
Discussion
----------
Replace is_callable checks with type hints
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14330
| License | MIT
| Doc PR | -
Also removes tests checking the exceptions thrown from
the removed is_callable checks.
Commits
-------
7685cdd Add more callable type hints
4e0c6e1 Replace is_callable checks with type hints
This PR was merged into the 2.3 branch.
Discussion
----------
Command list ordering fix
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Makes sure that global commands are always first.
Commits
-------
2984f8e fixed previous commit
70f2b3e global commands are always first in command list
* 2.8: (21 commits)
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Throw exception if tempnam returns false in ProcessPipes
[DomCrawler] Deprecated using /_root/ in XPath expressions
Pass missing request template variables
Simplify AbstractVoter
[Form] add missing deprecation triggers
Throw exception if tempnam returns false
Fix PropertyAccessor modifying array in object when array key does not exist
[DependencyInjection] Add autowiring capabilities
Fixing typo in variable name
Add a few additional tests for the Crawler
[Form] remove obsolete deprecation comments
Updated the style of the event commands
[Debug] Deprecate providing $fileLinkFormat as second argument
[Form] minor CS fix
Updated PHPDoc of the AbstractVoter class
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
...
* 2.7:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Fix PropertyAccessor modifying array in object when array key does not exist
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 2.8 branch.
Discussion
----------
Include working directory in ProcessFailedException
... because quite often the Exception is a result of the `www-data` user not having the appropriate rights at that working path. Maybe @schmittjoh can confirm this?
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
dbaefb4 Include working directory in ProcessFailedException
This PR was squashed before being merged into the 2.3 branch (closes#14842).
Discussion
----------
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14822
| License | MIT
| Doc PR | ~
* test now always pass "secure" and "httponly" options, as they are required
* could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required
* I can squash the commits before merging
* Alternative solution: #14843
Commits
-------
18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself.
[DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it.
But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication.
It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication.
Commits
-------
729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 3.0-dev branch.
Discussion
----------
[HttpFoundation] change precedence of parameters in Request::get
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Allowing the request attributes to be overwritten via GET parameters is risky and made #8966 even worse.
It is even more risky because it skips the requirements checks as configured in routing. So people that set requirements for routing placeholders like `\d+` or `html|json` can be sure it is validated when using the routing variables. But if developers use `$request->get()` to retrieve them, anybody from outside can set any value for those.
Commits
-------
e8d6764 [HttpFoundation] change precedence of parameters in Request::get
This PR was merged into the 2.3 branch.
Discussion
----------
Fix PropertyAccessor modifying array in object when array key does no…
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16056
| License | MIT
| Doc PR |
Commits
-------
f24c678 Fix PropertyAccessor modifying array in object when array key does not exist
This PR was merged into the 2.8 branch.
Discussion
----------
Simplify AbstractVoter
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no, just simplification
| BC breaks? | no, because 2.8 is not yet released
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
93de659 Simplify AbstractVoter
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] Deprecated using /_root/ in XPath expressions
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
6042e86 [DomCrawler] Deprecated using /_root/ in XPath expressions
This PR was merged into the 2.3 branch.
Discussion
----------
Throw exception if tempnam returns false in ProcessPipes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15215
| License | MIT
| Doc PR |
Related to #16092
Commits
-------
1425b8a Throw exception if tempnam returns false in ProcessPipes
Passing implementations of the pre 2.5 validator API to the constructors
of the `ValidatorExtension` and the `ValidationListener` must trigger a
deprecation.
This PR was squashed before being merged into the 2.8 branch (closes#15613).
Discussion
----------
[DependencyInjection] Add autowiring capabilities
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
This PR adds autowiring capabilities to the Dependency Injection component. It eases service registration by letting the component guessing dependencies to inject and even (under certain conditions) registering them using typehints of the constructor parameters.
The following usages are supported:
# Automatic dependency registration
```php
class Foo
{
}
class Bar
{
public function __construct(Foo $f)
{
}
}
```
```yaml
services:
bar:
class: Bar
autowire: true
```
It will register `Foo` as a private service (`autowired.foo`) and injects it as the first argument of the `bar` constructor.
This method works only for typehints corresponding to instantiable classes (interfaces and abstract classes are not supported).
# Autocompletion of definition arguments
```php
interface A
{
}
interface B extends A
{
}
class Foo implements B
{
}
class Bar
{
}
class Baz extends Bar
{
}
class LesTilleuls
{
public function __construct(A $a, Bar $bar)
{
}
}
```
```yaml
services:
foo:
class: Foo
baz:
class: Baz
les_tilleuls:
class: LesTilleuls
autowire: true
```
The autowiring system will find types of all services and completes constructor arguments of the `les_tilleuls` service definition using typehints.
It works only if there is one service registered for a given type (if there are several services available for the same type and no explicit type definition, a `RuntimeException` is thrown).
# Explicit type definition
```php
interface A
{
}
class A1 implements A
{
}
class A2 implements A
{
}
class B
{
public function __construct(A $a)
{
}
}
```
```yaml
services:
a1:
class: A1
types: [ A ]
a2:
class: A2
# Will be autowired with A1
class b:
class: B
autowire: true
# Not autowired
class another_b:
class: B
arguments: [ @a2 ]
autowire: true
```
When a service is explicitly associated with a type, it is always used to fill a definition depending of this type, even if several services have this type. If several services are associated with the same type, the last definition takes the priority.
Of course explicit definitions are still supported.
YAML, XML and PHP loaders have been updated to supports the new `type` parameter.
Commits
-------
aee5731 [DependencyInjection] Add autowiring capabilities
This PR was merged into the 3.0-dev branch.
Discussion
----------
Fix the crawler refactoring
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This fixes a few mistakes I spotted in #16075 for the DomCrawler component.
Regression tests are added separately in https://github.com/symfony/symfony/pull/16093 to be included in older branches too.
Commits
-------
d128735 Fix the crawler refactoring
This condition is always `true` because `$attributesMetadata` does not exists in this `foreach` context and could overwrite values in the `$attributesMetadata` variable.
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Deprecate providing $fileLinkFormat as second argument
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ed3611d [Debug] Deprecate providing $fileLinkFormat as second argument
This PR was merged into the 3.0-dev branch.
Discussion
----------
[3.0] Clean Form, Validator, DowCrawler and some more
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
abca2d6 [3.0] Clean Form, Validator, DowCrawler and some more
* 2.8:
Updated the stlyes of the YAML commands
[Security] Configuring a user checker per firewall
[PropertyInfo] Test behavior when an extractor return null.
This PR was squashed before being merged into the 2.8 branch (closes#14721).
Discussion
----------
[Security] Configuring a user checker per firewall
_Changed my base branch to avoid issues, closed old PR_
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed ticket | #11090 and helps #14673
| License | MIT
| Doc PR | symfony/symfony-docs/pull/5530
This pull request adds support for a configurable user checker per firewall. An example could be:
```yml
services:
app.user_checker:
class: App\Security\UserChecker
arguments:
- "@request_stack"
security:
firewalls:
secured_area:
pattern: ^/
anonymous: ~
basic_auth: ~
user_checker: app.user_checker
```
The above example will use the `UserChecker` defined as `app.user_checker`. If the `user_checker` option is left empty, `security.user_checker` will be used. If the `user_checkers` option is not defined, it will fall back to the original behavior to not break backwards compatibility and will validate using the existing `UserChecker`: `security.user_checker`.
I left the default argument in the service definitions to be `security.user_checker` to include backwards compatibility for people who for some reason don't have the extension executed. You can obtain the checker for a specific firewall by appending the firewall name to it. For the firewall `secured_area`, this would be `security.user_checker.secured_area`.
Commits
-------
76bc662 [Security] Configuring a user checker per firewall
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] use PHP_OS instead of php_uname('s')
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15058
| License | MIT
| Doc PR |
The php_uname() function may be disabled for security reasons.
Commits
-------
40e0dc8 use PHP_OS instead of php_uname('s')
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] Test behavior when an extractor returns null
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16064
| License | MIT
| Doc PR | n/a
Add a test as suggested by @stof in https://github.com/symfony/symfony/pull/16064#issuecomment-144975004
Commits
-------
73ee226 [PropertyInfo] Test behavior when an extractor return null.
This PR was merged into the 3.0-dev branch.
Discussion
----------
[3.0][Security] Remove deprecated features (follow up of #15899)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15899
| License | MIT
| Doc PR | -
- updated UPGRADE-3.0.md
- removed unused `supportsClass` methods
- changed visibility of `supportsAttribute` methods from public to private, removed `inheritdoc` annotation from them because there is no definition for this methods in parent interface
- removed tests for `supportsClass` and `supportsAttribute` method
- removed unused mock creation
Commits
-------
437398d [3.0][Security] Remove deprecated features (follow up of #15899)
This PR was squashed before being merged into the 3.0-dev branch (closes#8967).
Discussion
----------
[HttpFoundation] Request->getRequestFormat should only rely on the request attributes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | possibly
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8966
| License | MIT
| Doc PR |
Added test case and fix for #8966. Is this functionality relied on somewhere?
Commits
-------
7115c1e [HttpFoundation] Request->getRequestFormat should only rely on the request attributes
* 2.8:
added missing a deprecated notice
Move AjaxCollector for use without framework bundle
Deprecate loading multiple documents in the same crawler
[VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
Prevent adding non-DOMElement elements in DomCrawler
[appveyor] Fix command line
Using a service as a router resource
Fluid interface for building routes in PHP
Updated the styles of the container commands
fix tests after twig commands style changes
synchronize tests for static and non-static API
[DomCrawler] fix deprecation triggers
[Yaml] Fix improper comments removal inside strings
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Move AjaxCollector to HttpKernel for use with Silex
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR moves the AjaxDataCollector from the FrameworkBundle to the HttpKernel Component where most of the other DataCollectors are. This would allow applications which are not base on symfony/framework-bundle to use the collector. Like for instance applications based on silex or symfony components.
Commits
-------
3841f46 added missing a deprecated notice
c227806 Move AjaxCollector for use without framework bundle
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
So useful when writing/updating dump fixtures!
Commits
-------
aa1d578 [VarDumper] Add $this->getDump($var) when using VarDumperTestTrait
This PR was merged into the 2.8 branch.
Discussion
----------
Prevent adding non-DOMElement elements in DomCrawler
| Q | A
| ------------- | ---
| Bug fix? | kind of
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Many methods of the DomCrawler component are relying on the DOMElement API, not only on the DOMNode API. All the typehints in the Form and Link APIs were already fixed in 2.5 because they are unusable with other kinds of nodes (fatal errors). However, the Crawler itself was not fixed. and this means that a bunch of its APIs can trigger fatal errors when passing other kinds of nodes.
Thus, there is a case where the code was allowing such nodes to be injected in the Crawler for some XPath queries. I fixed it to avoid it, adding the same kind of filtering than in other places.
Commits
-------
9f362a1 Prevent adding non-DOMElement elements in DomCrawler
This PR was merged into the 2.8 branch.
Discussion
----------
Deprecate loading multiple documents in the same crawler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #15849
| License | MIT
| Doc PR | n/a
Note that loading multiple documents in the same crawler already creates weird things when working with namespaces (the list of mapping of aliases to namespaces is shared between documents, which was flawed).
As said in the issue, this opens the door to optimizations in the future (sharing the DOMXpath instance for instance, including with subcrawler)
Commits
-------
0d1cb3b Deprecate loading multiple documents in the same crawler
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Fix improper comments removal
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15857
| License | MIT
| Doc PR | -
This tries to fix#15857 .
Honestly, I don't have any idea of the regressions it might introduce. Tests are passing, so if this code had any reason to exist, tests covering it are certainly missing :/
Any hint ?
Commits
-------
0e24fc5 [Yaml] Fix improper comments removal inside strings
This PR was merged into the 3.0-dev branch.
Discussion
----------
[CssSelector] removed the deprecated CssSelector class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
3ffa422 [CssSelector] removed the deprecated CssSelector class
This PR was squashed before being merged into the 2.8 branch (closes#15742).
Discussion
----------
Using a service as a router resource
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | almost
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
Hi guys!
This adds the ability to use a service as a routing resource. In other words, instead of loading `routing.yml`, you could load `my_route_loader`, and then a method would be called on your service to return a RouteCollection.
Specifically, I'm interested in this because it would allow a user to point their main router resource to the kernel itself, making it possible to load routes inside the kernel (making a single-file full-stack app more possible).
Thanks!
Commits
-------
79e210f Using a service as a router resource
This PR was squashed before being merged into the 2.8 branch (closes#15778).
Discussion
----------
Fluid interface for building routes in PHP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet...
This - along with #15742 - attempts to making adding routes in PHP (via an actual class+method) not only possible, but also useful.
The two classes - `Route` and `RouteCollectionBuilder` are based off of Silex's `Controller` and `ControllerCollection`. The `RouteCollectionBuilder` is basically a `RouteCollection` that's able to import other resources. Here are the goals:
A) Import routes easily
```php
$routes->import('routing.yml');
```
B) Fluid addition of routes into the collection
```php
$routes->add('/admin', 'AppBundle:Admin:index', 'admin_index')
->setMethods(['GET']);
```
C) Ability to create routes with auto-generating names
D) Ability to add a "sub-collection" (kind of like an import, without pointing to another file). Included is the ability to set the controller class:
```php
$blogRoutes = $routes->createBuilder('/blog')
->setControllerClass('AppBundle\Controller\BlogController');
$blogRoutes->add('/', 'indexAction');
$blogRoutes->add('/{id}', 'editAction');
$routes->addBuilder($blogRoutes);
```
E) The collection options can be set before or after the routes. With `RouteCollection`, if you set something - e.g. a prefix or a default - and THEN add more routes, those options are not passed to those routes. This is by design, but not ideal for building routes (e.g. in the previous code example, the controllerClass would not be applied using the opposite logic, since it's set before adding the routes).
Thanks!
Commits
-------
15ba2e8 Fluid interface for building routes in PHP
This PR was merged into the 2.8 branch.
Discussion
----------
[CssSelector] synchronize tests for static and non-static API
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Synchronizing the classes ensures that no tests are lost when the legacy
API is removed in #16020 for Symfony 3.0, thus mitigating the risk of
future regressions.
Commits
-------
2b29a40 synchronize tests for static and non-static API
Synchronizing the classes ensures that no tests are lost when the legacy
API is removed in #16020 for Symfony 3.0, thus mitigating the risk of
future regressions.
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] fix deprecation triggers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
On HHVM, the SplObjectStorage class performs calls to its method
internally. These method calls must not lead to triggered deprecation
notices.
Commits
-------
aca6bd9 [DomCrawler] fix deprecation triggers
This PR was merged into the 3.0-dev branch.
Discussion
----------
[HttpFoundation] removed the ParameterBag::get() deep argument
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
317f7b4 [HttpFoundation] removed the ParameterBag::get() deep argument
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] made the tests compatible with 3.0
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
795da85 [Form] made the tests compatible with 3.0
* 2.8:
add dependency required by a replaced package
Add a way to group toolbar info pieces
Added general sf-toolbar-block-right class
Bind input before executing the COMMAND event
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] add dependency required by a replaced package
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #16007, the Security HTTP component requires the PropertyAccess
component to access nested parameter bag values. Since the Security
component replaces the Security HTTP component, all dependencies of the
replaced packages must be mirrored here.
Commits
-------
d7034db add dependency required by a replaced package
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] Bind input before executing the COMMAND event
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10695 (problem 1)
| License | MIT
| Doc PR | -
Previously, `$input` wasn't very usefull in the `console.command` event, as the input was not yet bound to the command definition.
With this PR, the input is now bound twice: Once before the event is dispatched (to make it usefull in the listeners) and once at the original location in `Command#run()` (to allow changing the input definition in an event listener).
Commits
-------
0af1676 Bind input before executing the COMMAND event
Since #16007, the Security HTTP component requires the PropertyAccess
component to access nested parameter bag values. Since the Security
component replaces the Security HTTP component, all dependencies of the
replaced packages must be mirrored here.
Make sure that all relevant information is passed to created crawlers.
To avoid future regressions, this commit backports the approach taken by
@stof in #15934 to have a single place in the class that is responsible
to create subcrawler instances.
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Dump PHP+Twig code excerpts in backtraces
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ExceptionCaster::filterTrace() is deprecated and replaced by a more flexible backtrace processing that allows one to register casters for amending/changing dumped backtraces. This is especially useful for dumping source map information/excerpts (like e.g. twig template source).
Here is a comparison generated with this code snippet (see also the expected output in testThrowingCaster):
```php
namespace Symfony\Component\VarDumper\Caster;
require 'vendor/autoload.php';
function bar()
{
return foo();
}
function foo()
{
dump(new \Exception('baz'));
}
bar('aaaaarg');
```
Before:
![before](https://cloud.githubusercontent.com/assets/243674/9976794/88f0259a-5eef-11e5-81a8-3cb9b44cfb00.png)
After:
![after](https://cloud.githubusercontent.com/assets/243674/9976747/6bbac068-5eed-11e5-99dc-a4fd5d3172b5.png)
Commits
-------
89578f1 [VarDumper] Dump PHP+Twig code excerpts in backtraces
This PR was merged into the 2.8 branch.
Discussion
----------
[Config] Fix ArrayNode extra keys "ignore" and "remove" behaviors
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Due to #14238 , no more exception is thrown when submitting extra keys to an `ArrayNode`.
For instance:
```php
$builder = new TreeBuilder();
$nodeDefinition = $builder->root('root')
->children()
->scalarNode('foo')
->end()
->end();
$node = $nodeDefinition->getNode(true);
$node->normalize(array(
'foo' => 'ok',
'bar' => 'ko',
));
```
will not throw a
> Symfony\Component\Config\Definition\Exception\InvalidConfigurationException: Unrecognized option "bar" under "root"`
anymore, as it does in 2.7.
I think the expected behavior is:
`Submitted data: ['bar' => 'ko']`
Ignore | Remove | Expected | OK | Comment
---------| ------------ | ------------- | ------ | ----------
true | true | `[ ]` | ✔︎ | Previous behavior when ignoring.
true | false | `['bar' => 'ko']` | ✔︎ | This is the result targeted by #14238.
false | true | exception | ✘ | Removing makes no sense when not ignoring extra keys. <br/>The exception should still be thrown.
false | false | exception | ✘ | Previous behavior (2.7). <br/>Should not have changed
Commits
-------
d961f7f [Config] Fix ArrayNode extra keys "ignore" and "remove" behaviors
* 2.8:
Remove profiler storages
deprecate finding deep items in request parameters
[CssSelector] updated README
[CssSelector] remove ConverterInterface
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[FrameworkBundle] Fix tests
[Bridge\Twig] Fix form lowest version
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
* 2.7:
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[Bridge\Twig] Fix form lowest version
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
* 2.3:
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] deprecate finding deep items in request parameters
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is the same as #14203 but using the PropertyAccess component in the Security HTTP component to query nested request parameters and is rebased on the `2.8` branch.
Commits
-------
47fba88 deprecate finding deep items in request parameters
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] change a class in tests to avoid depending on SQLite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
d6a7517 [HttpKernel] change a class in tests to avoid depending on SQLite
This PR was merged into the 2.3 branch.
Discussion
----------
[ci] Display fastest results first when running tests in parallel
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Keeping order prevents seeing failures early as they happen. I propose to display tests results asap instead.
Best viewed with: https://github.com/symfony/symfony/pull/15993/files?w=1
Commits
-------
3d6c864 [ci] Display fastest results first when running tests in parallel
This PR was merged into the 2.3 branch.
Discussion
----------
remove api tags from code
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15977
| License | MIT
| Doc PR | n/a
Commits
-------
f1c7c65 remove api tags from code
This PR was squashed before being merged into the 2.8 branch (closes#15964).
Discussion
----------
Symfony Console Style tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR will contain some minor tweaks found while updating all the Symfony commands. Don't merge yet. Thanks!
Commits
-------
64e7b6f Symfony Console Style tweaks
This PR was squashed before being merged into the 3.0-dev branch (closes#15929).
Discussion
----------
[3.0][Config] Remove ResourceInterface::getResource() which was deprecated in 2.8
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Deprecated in #15719.
Commits
-------
7cef180 [3.0][Config] Remove ResourceInterface::getResource() which was deprecated in 2.8
This PR was merged into the 2.8 branch.
Discussion
----------
Add a non-static API for the CssSelector component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #15850, #8404
| License | MIT
| Doc PR | todo
This implements a non-static API for the CssSelector component.
I decided to keep the static API too, as it is convenient when you just need a one-shot conversion (if you need lots of conversions, keeping a reference to the Converter and all its internal object graph may be faster than releasing it all the time and rebuilding it).
I deprecated the global state to choose between HTML and XML conversion. The static API would always enable the HTML extension in 3.0. Dealing with XML would be done by using the Converter class.
A second commit also tags all internal classes of the component as ``@internal``, as there is really no reason for a user to deal with them (btw, we already considered them fully internal in the past, as we broke BC on them in a patch release to fix memory performance of the component in the past).
TODOs:
- [x] Validate whether we keep the static facade to the component
- [ ] send a PR on the documentation to document this new API.
- [x] handle usage of the deprecated API in the DomCrawler testsuite
The DomCrawler component does not use the new API yet. I will do it in a separate PR, as distinguishing between HTML and XML modes for a crawler will be easier once I deprecate the possibility to load multiple documents (which I will do tomorrow).
Commits
-------
9e51279 [CssSelector] Tag all internal classes as internal ones
f4563c3 Add a non-static API for the CssSelector component
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] fix tests for the `AbstractVoter` class
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15961, #15968
| License | MIT
| Doc PR |
* The `LegacyAbstractVoterTest` class is not needed anymore, tests have
been moved to the `AbstractVoterTest` class tagging them with the
legacy group.
* Tests are applied on `stdClass` object instances. Thus, the legacy
voter fixture class must not support `AbstractVoterTest_Object`
instances, but support `stdClass` objects instead.
* Remove a test that checked for a `BadMethodCallException` being
thrown. This seems to have been added accidentally in #15961.
Commits
-------
9fe3b76 fix tests for the `AbstractVoter` class
This PR was merged into the 2.8 branch.
Discussion
----------
added logging of unused tags
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11511, #11744
| License | MIT
| Doc PR | -
This is the same as #11744 but with some minor tweaks and some unit tests for the compiler pass.
Commits
-------
95c9f50 added some tests
d3271e1 missing tags in whitelist
f51fe4a [FrameworkBundle] [DependencyInjection] added logging of unused tags during container compilation
* The `LegacyAbstractVoterTest` class is not needed anymore, tests have
been moved to the `AbstractVoterTest` class tagging them with the
legacy group.
* Tests are applied on `stdClass` object instances. Thus, the legacy
voter fixture class must not support `AbstractVoterTest_Object`
instances, but support `stdClass` objects instead.
This PR was merged into the 3.0-dev branch.
Discussion
----------
use try-finally when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | I hope
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Found those with regex `catch \(\\Exception[^\}]+throw \$`
Commits
-------
49edef2 use try-finally when possible
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] [Ldap] Added support for LDAP (New Component + integration in the Security Component).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | -
| License | MIT
| Doc PR | not yet
Current state:
- [x] Implement logic
- [x] Post-review tuning and stabilization
- [x] Fix tests
This PR is a follow-up to #5189, which was in a stand-still for a few years now. It tries to fix the remaining issues which were mentioned in the discussion.
There are still a few issues with the PR, as it is. For example, it introduces two new firewall factories, whereas the base factories (`form_login` and `http_basic`) could simply introduce new configuration options.
Also, for a user to use an LDAP server as an authentication provider, he first needs to define a service which should be an instance of `Symfony\Component\Security\Ldap\Ldap`.
For example:
```yml
services:
my_ldap:
class: Symfony\Component\Security\Ldap\Ldap
arguments: [ "ldap.mydomain.tld" ]
```
Then, in `security.yml`, this service can be used in both the user provider and the firewalls:
```yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
ldap_users:
ldap:
service: my_ldap
base_dn: dc=MyDomain,dc=tld
search_dn: CN=My User,OU=Users,DC=MyDomain,DC=tld
search_password: p455w0rd
filter: (sAMAccountName={username})
default_roles: ROLE_USER
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
demo_login:
pattern: ^/login$
security: false
api:
provider: ldap_users
stateless: true
pattern: ^/api
http_basic_ldap:
service: my_ldap
dn_string: "{username}@MYDOMAIN"
demo_secured_area:
provider: ldap_users
pattern: ^/
logout:
path: logout
target: login
form_login_ldap:
service: my_ldap
dn_string: CN={username},OU=Users,DC=MyDomain,DC=tld
check_path: login_check
login_path: login
```
Commits
-------
60b9f2e Implemented LDAP authentication and LDAP user provider
1c964b9 Introducing the LDAP component
* 2.8:
[Finder] simplified code
Fix tests in 2.8
[Validator] Sync polish translation file
Adding a class to make it easier to set custom authentication error messages
Readd the correct tests
This PR was squashed before being merged into the 2.3 branch (closes#15799).
Discussion
----------
[HttpFoundation] NativeSessionStorage `regenerate` method wrongly sets storage as started
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This PR fixes an error when regenerating session IDs for non-active sessions.
Right now, the session is flagged as _started_, no matter if the session ID was successfully regenerated or not, making the storage [unable to _start the session_](6393ec3169/src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php (L130-L132)) later on.
This also fixes a future error with PHP 7, which throws an error if a regeneration is attempted for non-active sessions.
```
session_regenerate_id(): Cannot regenerate session id - session is not active
```
Commits
-------
8e6ef9c [HttpFoundation] NativeSessionStorage method wrongly sets storage as started
This PR was merged into the 2.7 branch.
Discussion
----------
[property-access] Improvement for Accessing Reference Chain
Improve performance for the following scenarios:
- Example 1:
```php
$a = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
);
$pa->setValue($a, '[a][b][c]', 'new-value');
// The PropertyAccessor will try to set values for
// $a['a']['b']['c'], $a['a']['b'] and $a['a'],
// but in fact it may terminate the loop
// right after the value of $a[a][b][c] is set,
// because $a, $[a], $[a][b] and $[a][b][c]
// are all passed as reference - the reference chain is not broken.
```
- Example 2
```php
$b = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
)
$a = new Foo($b);
// In this example, the reference chain of $b is broken,
// because it's passed to $a.value as value
// But its elements are all passed as reference,
// so after setting the value for $b[a][b][c], there is no need
// to set value for $b[a][b] and $b[a]
$pa->setValue($a, 'value[a][b][c]', 'new-value');
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
e24a798 [property-access] Improvement for Accessing Reference Chain
IBAN is an acronym. The term 'IBAN-Kontonummer' is redundant, since the 'AN' part (Account Number) already translates to 'Kontonummer'. It's like saying 'International Bank Account Number Account Number'.
"Fiş" is a correct translation for "token", however "bilet" is also used, I fixed that inconsistency. Moreover, "kimlik bilgileri" is a better translation for "credentials" than "girdiler". "Girdiler" is the translation of "inputs", so I fixed sentences with "credentials". "Hesap engellenmiş" is better than "Hesap devre dışı bırakılmış" for "Account is disabled.". "Digest nonce has expired" can be translated better as "Derleme zaman aşımına uğradı." because "Derleme zaman aşımı gerçekleşti" has a confirmation sense like user requested it to expire and it has expired.
References:
token: http://tureng.com/search/token (3rd entry)
credentials: http://www2.zargan.com/tr/q/credentials-ceviri-nedir (1st entry)
disable: http://tureng.com/search/disable (15th entry)
This PR was merged into the 2.8 branch.
Discussion
----------
Easier Custom Authentication errors
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
This makes failing authentication with a custom message much easier:
```php
throw CustomAuthenticationException::createWithSafeMessage(
'That was a ridiculous username'
);
// or
$e = new CustomAuthenticationException();
$e->setSafeMessage('That was a ridiculous username');
throw $e;
```
Currently, to do this, you'd need to create a new sub-class of `AuthenticationException`, which is way more work than it needs to be. The original design was so that all messages exposed are safe, which is why I've named the methods like I have.
Thanks!
Commits
-------
d7c1463 Adding a class to make it easier to set custom authentication error messages
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Improve AbstractVoter tests
Applying the improved tests from https://github.com/symfony/symfony/pull/15932 into the oldest possible branch.
Merge conflicts from 2.7 into 2.8 caused by this PR do not need to be done carefully, I'll create a new PR for 2.8 updating the tests as soon as these changes are merged up.
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
Commits
-------
5ff741d Readd the correct tests
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] don't rely on internal sort implementation om test
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14894
| License | MIT
| Doc PR |
PHP does not guarantuee how array elements with the same value will be
sorted when applying `asort()`. Since all namespaces used in the test
produce the same Levenshtein value, we should only check for presence of
these namespaces instead of comparing the exact order.
Commits
-------
3011fa0 don't rely on internal sort implementation in test
PHP does not guarantuee how array elements with the same value will be
sorted when applying `asort()`. Since all namespaces used in the test
produce the same Levenshtein value, we should only check for presence of
these namespaces instead of comparing the exact order.
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Fix input validation when required arguments are missing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15505
| License | MIT
| Doc PR | -
The rule that was here in place previously only works when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
Commits
-------
4982b02 [Console] Add the command name to input arguments if it's missing
f12a4c1 [Console] Fix input validation when required arguments are missing
* 2.8: (28 commits)
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
[WebProfilerBundle] Fix search button click listener
[Form][Type Date/Time] added choice_translation_domain option.
Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870
Making all "debug" messages use the debug router
Making GuardTokenInterface extend TokenInterface
Updating behavior to not continue after an authenticator has set the response
Add a group for tests of the finder against the FTP server
Fix trigger_error calls
Fix legacy security tests
tweaking message related to configuration edge case that we want to be helpful with
Minor tweaks - lowering the required security-http requirement and nulling out a test field
Fix license headers
Fix license headers
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Allow serializer 3.0 in the PropertyInfo component
Add the replace rules for the security-guard component
Forbid serializing a Crawler
...
* 2.7:
Detect Mintty for color support on Windows
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
Mintty is now the default terminal in GitBash, and it supports ANSI
colors without the need of ANSICON (it even supports 256 colors rather
than the 16 colors supported by ANSICON).
* 2.3:
Detect Mintty for color support on Windows
Add a group for tests of the finder against the FTP server
Fix license headers
Forbid serializing a Crawler
Fix phpdoc block of NativeSessionStorage class
Added exception when setAutoInitialize is called when locked
[FrameworkBundle] Advanced search templates of bundles
[Security] Allow user providers to be defined in many files
Use random_bytes function if it is available for random number generation
Mintty is now the default terminal in GitBash, and it supports ANSI
colors without the need of ANSICON (it even supports 256 colors rather
than the 16 colors supported by ANSICON).
This PR was merged into the 2.8 branch.
Discussion
----------
Updating behavior to not continue after an authenticator has set the response
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/14673/files#r40492765
| License | MIT
| Doc PR | n/a
This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.
It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best.
Commits
-------
5fa2684 Making all "debug" messages use the debug router
f403444 Updating behavior to not continue after an authenticator has set the response
This PR was merged into the 2.3 branch.
Discussion
----------
Add a group for tests of the finder against the FTP server
This allows to skip them easily when running the testsuite, as they represent a significant part of the testsuite time. These 2 tests together represent 42% of the execution time of the testsuite (all the time being spent connecting to the FTP server).
I also remove the usage of the data provider as a data provider with a single dataset (and used only partially) only makes tests harder to read. and does not save any duplication.
Commits
-------
51147e3 Add a group for tests of the finder against the FTP server
This PR was merged into the 2.8 branch.
Discussion
----------
Abstract voter tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes (a little)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Based on suggestions from stof in #15870, this simplifies the BC and deprecation throwing code. This also adds a BadMethodCallException in case the user doesn't override `isGranted` *or* `voteOnAttribute`, because that's just plain wrong (as is calling `isGranted()` on the parent class directly, since that was formerly abstract).
Commits
-------
c03f5c2 Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870
This PR was merged into the 2.8 branch.
Discussion
----------
Making GuardTokenInterface extend TokenInterface
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15884
| License | MIT
| Doc PR | n/a
See #15884
Commits
-------
7f04fbb Making GuardTokenInterface extend TokenInterface
This PR was merged into the 2.8 branch.
Discussion
----------
[Validator] Add Hungarian translation for the BIC constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f26425b [Validator] Add Hungarian translation for the BIC constraint
This PR was merged into the 2.8 branch.
Discussion
----------
Guard minor tweaks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Various completely minor things, most from suggestions on #14673
Commits
-------
869d5a7 tweaking message related to configuration edge case that we want to be helpful with
da4758a Minor tweaks - lowering the required security-http requirement and nulling out a test field
This PR was merged into the 2.3 branch.
Discussion
----------
Forbid serializing a Crawler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Unserializing a Crawler instance creates DOM elements in an invalid state, making the Crawler unusable.
While working on #15849, I figured out that DomCrawler actually inherits ``Serializable`` from its ``SplObjectStorage`` parent, and so I tried to serialize and unserialize one. The answer is that it does not work. This is what happens when trying to call ``parents`` on it for instance:
```
Symfony\Component\DomCrawler\Crawler::parents(): Invalid State Error
```
Commits
-------
12733cb Forbid serializing a Crawler
This PR was merged into the 2.8 branch.
Discussion
----------
Allow serializer 3.0 in the PropertyInfo component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This makes the component consistent with other components.
Commits
-------
0d72411 Allow serializer 3.0 in the PropertyInfo component
This PR was merged into the 2.8 branch.
Discussion
----------
Add the replace rules for the security-guard component
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The update of composer replacements was forgotten in #14673
Commits
-------
5ef8abc Add the replace rules for the security-guard component
This PR was squashed before being merged into the 2.8 branch (closes#15301).
Discussion
----------
[Form][Type Date/Time] added choice_translation_domain option.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15222 and #15298
| License | MIT
- [x] add test
Commits
-------
1f3af26 [Form][Type Date/Time] added choice_translation_domain option.
* 2.7:
Fix license headers
Ensure the ClockMock is loaded before using it in the testsuite
Fix with_minutes option in time widget
Fixed properties not explicitily declared
This PR was merged into the 2.7 branch.
Discussion
----------
Ensure the ClockMock is loaded before using it in the testsuite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The ``ProgressBarTest`` is passing in 2.7 and 2.8 on Travis only because the ``LegacyProgressHelperTest`` is running first, and so the clock mock is loaded. It would not pass when running it standalone. And the testsuite is currently broken in the master branch because LegacyProgressHelperTest is gone there, and so the clock mock was not loaded before the test.
Commits
-------
0e5aa0e Ensure the ClockMock is loaded before using it in the testsuite
This PR was merged into the 2.8 branch.
Discussion
----------
Fix legacy security tests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
when merging legacy test classes together in #15893, use statements where not copied, making the tests fail.
Commits
-------
8b615bb Fix legacy security tests
This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.
* 2.8:
[BrowserKit] Added isFollowingRedirects and getMaxRedirects methods
[PropertyInfo] Import the component
deprecated the Shell Console class
Deprecate ResourceInterface::getResource()
Merged LegacySecurityContext tests
[WebProfilerBundle] Added collapsed sidebar on small screens
This PR was merged into the 2.8 branch.
Discussion
----------
Deprecate ResourceInterface::getResource()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
The return value of this method does not make sense if you do not exactly know about the type of resource at hand. For example, it may be [an array](b49fa129bd/src/Symfony/Component/HttpKernel/Config/EnvParametersResource.php (L57)) or a [file path](87800ae47e/src/Symfony/Component/Config/Resource/FileResource.php (L51)).
As all usages of getResource() within Symfony are in tests of particular Resource implementations anyway, deprecating and later removing this method helps us with simplifying the ResourceInterface (https://github.com/symfony/symfony/issues/7176).
Commits
-------
87c0c7d Deprecate ResourceInterface::getResource()
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed properties not explicitily declared
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| License | MIT
Commits
-------
d2b3fe4 Fixed properties not explicitily declared
This PR was squashed before being merged into the 2.8 branch (closes#15858).
Discussion
----------
[PropertyInfo] Import the component
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#5717
As discussed with @fabpot (see #14844), this PR moves [dunglas/php-property-info](https://github.com/dunglas/php-property-info) under the Symfony umbrella.
Rationale behind this new component (extracted from README.md):
PHP doesn't support explicit type definition. This is annoying, especially when doing meta programming.
Various libraries including but not limited to Doctrine ORM and the Symfony Validator provide their own type managing
system.
This library extracts various information including the type and documentation from PHP class property from metadata of popular sources:
* Setter method with type hint
* PHPDoc DocBlock
* Doctrine ORM mapping (annotation, XML, YML or custom format)
* PHP 7 scalar typehint and return type
* Serializer metadata
**Usage:**
```php
<?php
// Use Composer autoload
require 'vendor/autoload.php';
use Doctrine\ORM\EntityManager;
use Doctrine\ORM\Tools\Setup;
use Doctrine\ORM\Mapping\Column;
use Doctrine\ORM\Mapping\Entity;
use Doctrine\ORM\Mapping\Id;
use Symfony\Component\PropertyInfo\Extractors\DoctrineExtractor;
use Symfony\Component\PropertyInfo\Extractors\PhpDocExtractor;
use Symfony\Component\PropertyInfo\Extractors\ReflectionExtractor;
use Symfony\Component\PropertyInfo\PropertyInfo;
/**
* @Entity
*/
class MyTestClass
{
/**
* @Id
* @Column(type="integer")
*/
public $id;
/**
* This is a date (short description).
*
* With a long description.
*
* @var \DateTime
*/
public $foo;
private $bar;
public function setBar(\SplFileInfo $bar)
{
$this->bar = $bar;
}
}
// Doctrine initialization (necessary only to use the Doctrine Extractor)
$config = Setup::createAnnotationMetadataConfiguration([__DIR__], true);
$entityManager = EntityManager::create([
'driver' => 'pdo_sqlite',
// ...
], $config);
$doctrineExtractor = new DoctrineExtractor($entityManager->getMetadataFactory());
$phpDocExtractor = new PhpDocExtractor();
$reflectionExtractor = new ReflectionExtractor();
$propertyInfo = new PropertyInfo(
array($reflectionExtractor),
array($doctrineExtractor, $phpDocExtractor, $reflectionExtractor),
array($phpDocExtractor),
array($reflectionExtractor)
);
var_dump($propertyInfo->getProperties('MyTestClass'));
var_dump($propertyInfo->getTypes('MyTestClass', 'foo'));
var_dump($propertyInfo->getTypes('MyTestClass', 'id'));
var_dump($propertyInfo->getTypes('MyTestClass', 'bar'));
var_dump($propertyInfo->isReadable('MyTestClass', 'id'));
var_dump($propertyInfo->isReadable('MyTestClass', 'bar'));
var_dump($propertyInfo->isWritable('MyTestClass', 'foo'));
var_dump($propertyInfo->isWritable('MyTestClass', 'bar'));
var_dump($propertyInfo->getShortDescription('MyTestClass', 'foo'));
var_dump($propertyInfo->getLongDescription('MyTestClass', 'foo'));
```
Output:
```
array(3) {
[0] =>
string(2) "id"
[1] =>
string(3) "foo"
[2] =>
string(3) "Bar"
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#36 (6) {
private $builtinType =>
string(6) "object"
private $nullable =>
bool(false)
private $class =>
string(8) "DateTime"
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#36 (6) {
private $builtinType =>
string(3) "int"
private $nullable =>
bool(false)
private $class =>
NULL
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
array(1) {
[0] =>
class Symfony\Component\PropertyInfo\Type#245 (6) {
private $builtinType =>
string(6) "object"
private $nullable =>
bool(false)
private $class =>
string(11) "SplFileInfo"
private $collection =>
bool(false)
private $collectionKeyType =>
NULL
private $collectionValueType =>
NULL
}
}
bool(true)
bool(false)
bool(true)
bool(true)
string(35) "This is a date (short description)."
string(24) "With a long description."
```
Commits
-------
f1eb185 [PropertyInfo] Import the component
This PR was merged into the 2.3 branch.
Discussion
----------
Use random_bytes function if it is available for random number generation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15239
| License | MIT
| Doc PR |
This is an attempt to use the random_bytes function when generating secure random numbers. This function is included in PHP 7 or through the "paragonie/random_compat" library.
This PR only adds support to use the function if it is available. Changes that can be added is to add a hard dependency on the paragonie/random_compat library, so all current functionality can be deprecated.
Commits
-------
6a217dc Use random_bytes function if it is available for random number generation
This PR was merged into the 2.8 branch.
Discussion
----------
Merged LegacySecurityContext tests
I've no idea why this test was introduced in the wrong namespace in 2.8, but I merged it in the correct test case now.
Commits
-------
2c4da3c Merged LegacySecurityContext tests
This PR was merged into the 2.8 branch.
Discussion
----------
deprecated the Shell Console class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | n/a
Commits
-------
1c17928 deprecated the Shell Console class
* 2.8: (23 commits)
[Validator] added BIC (SWIFT-BIC) validation constraint
[TwigBridge] Foundation form layout integration
[Security] Deprecated supportsAttribute and supportsClass methods
bumped Symfony version to 2.7.6
updated VERSION for 2.7.5
updated CHANGELOG for 2.7.5
bumped Symfony version to 2.3.34
updated VERSION for 2.3.33
update CONTRIBUTORS for 2.3.33
updated CHANGELOG for 2.3.33
[Console] Fix transient HHVM test
[OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies
fixed tests
[DI] Support deprecated definitions in decorators
[DI] Allow to change the deprecation message in Definition
[DI] Trigger a deprecated error on the container builder
[DI] Dump the deprecated status
[DI] Supports the deprecated tag in loaders
[DI] Add a deprecated status to definitions
Fixing test locations
...
This PR was squashed before being merged into the 2.8 branch (closes#15519).
Discussion
----------
[Validator] added BIC (SWIFT-BIC) validation constraint
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5623
I've added the BIC validator, because we do often need validation for IBAN and BIC values. Since the IBAN validation was already included into Symfony, I was asking myself: why not contribute my BIC validator to the community? So here we go ...
It depends on ISO 9362 as described on [Wikipedia](https://en.wikipedia.org/wiki/ISO_9362#Structure). It validates the structure based on alphabetic/alphanumeric values and the value's length.
Todo-list:
- [x] submit changes to the documentation
Commits
-------
d6471b3 [Validator] added BIC (SWIFT-BIC) validation constraint
This PR was squashed before being merged into the 2.8 branch (closes#15151).
Discussion
----------
[Security] Deprecated supportsAttribute and supportsClass methods
These methods aren't used at all in a Symfony application and don't make sense to use in the application. They are only used internally in the voters. This means the voter interface can be made much easier.
I'm not sure how we do these deprecations, should we remove the methods from the interface now already? Also, I don't think it's possible to trigger deprecation notices for the voter methods?
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | one of #11742
| License | MIT
| Doc PR | -
Abstract Voter
---
There is one remaining question about the abstract voter. This currently has abstract `getSupportedAttributes()` and `getSupportedClass()` methods. One of the reasons to remove the methods for the interface was that these methods are not flexible. Does it make sense to deprecate these methods as well and replace them by an abstract `protected vote(array $attributes, $class)` method in the `AbstractVoter` (which is called from `AbstractVoter#vote()`) ?
Commits
-------
6588708 [Security] Deprecated supportsAttribute and supportsClass methods
This PR was merged into the 2.8 branch.
Discussion
----------
Add support for deprecated definitions
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14307
| License | MIT
| Doc PR | symfony/symfony-docs#5689
This add a sort of marker in the Definition of a service that marks it as "deprecated". This is useful when we have a bunch of service and a bunch of where it is used, and we need to track if there are any uses before removing it (in a later version or right now). I was not sure if the `trigger_error` would be enough, or if I should log them instead.
I'm first gathering some feedback, and then I'll try to update the doc.
I was not sure if it should target 2.8 or master (3.0) though.
What's left ?
==========
- [x] Make a POC
- [x] Gather some feedbacks
- [x] Dump the tag in XML, YAML and PHP
- [x] Load the definition from XML, YAML and PHP
- [x] Fix some forgotten things such as the key existence check
- [x] Work on inline services in the php dumper
- [x] Handle deprecations for decorators
- ~~Possibility to overwrite the deprecated flag in the decorators in `XmlFileLoader` ?~~ Nope, and this behavior is also ported to the `YamlFileLoader`.
Commits
-------
83f4e9c [DI] Support deprecated definitions in decorators
0b3d0a0 [DI] Allow to change the deprecation message in Definition
954247d [DI] Trigger a deprecated error on the container builder
2f37cb1 [DI] Dump the deprecated status
8f6c21c [DI] Supports the deprecated tag in loaders
4b6fab0 [DI] Add a deprecated status to definitions
* 2.7:
[Console] Fix transient HHVM test
[OptionsResolver] Fix catched exception along the dependency tree mistakenly detects cyclic dependencies
fixed tests
Fixing test locations
[VarDumper] Fix dump comparison on large arrays
[expression-language] Code Cleanup for GetAttrNode
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Fix dump comparison on large arrays
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
6a6e7f3 [VarDumper] Fix dump comparison on large arrays
This PR was merged into the 2.7 branch.
Discussion
----------
Fixing security test locations
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
There were just missed on sha: 0601ed33c4 probably because there were on a different branch.
Cheers!
Commits
-------
16e09d3 Fixing test locations
This PR was squashed before being merged into the 2.8 branch (closes#14894).
Discussion
----------
[Console] Add domain exceptions to replace generic exceptions
Creates domain specific exception classes for the case where a user type an invalid command name or option name.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14873
| License | MIT
| Doc PR | N/A
TODO:
* [x] Replace `\InvalidArgumentException` by `Symfony\Component\Console\Exception\InvalidArgumentException`
* [x] Add `Symfony\Component\Console\Exception\ExceptionInterface`
Commits
-------
dd17dc0 [Console] Add domain exceptions to replace generic exceptions
This PR was squashed before being merged into the 2.8 branch (closes#15738).
Discussion
----------
Implement service-based Resource (cache) validation
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #7230, #15692, #7782
| License | MIT
| Doc PR | symfony/symfony-docs#5136
### Overview
Currently, any metadata passed to `ConfigCache` (namely implementations of `ResourceInterface`) is serialized to disk. When the `ConfigCache` is validated, the metadata is unserialized and queried through `ResourceInterface::isFresh()` to determine whether the cache is fresh. That way, `ResourceInterface` implementations cannot interact with services, for example a database connection.
This PR introduces the new concept of `ResourceCheckers`. Services implementing `ResourceCheckerInterface` can be tagged as `config_cache.resource_checker` with an optional priority.
Clients that wish to use `ConfigCache` can then obtain an instance from the `config_cache_factory` service (which implements `ConfigCacheFactoryInterface`). The factory will take care of injecting resource checkers into the `ConfigCache` instance so that they can be used for cache validation.
Checking cache metadata is easy for `ResourceCheckers`:
* First, the `ResourceCheckerInterface::supports()` implementation is passed the metadata object in question. If the checker cannot handle the type of resource passed, `supports()` should return `false`.
* Otherwise, the `ResourceCheckerInterface::isFresh()` method will be called and given the resource as well as the timestamp at which the cache was initialized. If that method returns `false`, the cache is considered stale. If it returns `true`, the resource is considered unchanged and will *not* be passed to any additional checkers.
### BC and migration path
This PR does not (intend to) break BC but it comes with deprecations. The main reason is that `ResourceInterface` contains an `isFresh()` method that does not make sense in the general case of resources.
Thus, `ResourceInterface::isFresh()` is marked as deprecated and should be removed in Symfony 3.0. Resource implementations that can (or wish to) be validated in that simple manner can implement the `SelfCheckingResourceInterface` sub-interface that still contains (and will keep) the `isFresh()` method. The change should be as simple as changing the `extends` list.
Apart from that, `ResourceInterface` will be kept as the base interface for resource implementations. It is used in several `@api` interfaces and thus cannot easily be substituted.
For the Symfony 2.x series, a `BCResourceInterfaceChecker` will be kept that performs validation through `ResourceInterface::isFresh()` but will trigger a deprecation warning. The remedy is to either implement a custom ResourceChecker with a priority higher than -1000; or to switch to the aforementioned `SelfCheckingResourceInterface` which is used at a priority of -990 (without deprecation warning).
The `ConfigCache` and `ConfigCacheFactory` classes can be used as previously but do not feature checker-based cache validation.
### Outlook and closing remarks:
This PR supersedes #7230, #15692 and works at least in parts towards the goal of #7176.
The `ResourceCheckerInterface`, `...ConfigCache` and `...ConfigCacheFactory` no longer need to be aware of the `debug` flag. The different validation rules applied previously are now just a matter of `ResourceChecker` configuration (i. e. "no checkers" in `prod`).
It might be possible to remove the `debug` flag from Symfony's `Router` and/or `Translator` classes in the future as well because it was only passed on to the `ConfigCache` there.
Commits
-------
20d3722 Implement service-based Resource (cache) validation
This PR was merged into the 2.7 branch.
Discussion
----------
[expression-language] Code Cleanup for GetAttrNode
Use ``$this->nodes['attribute']->attributes['value']`` to
replace ``$this->nodes['attribute']->evaluate($functions, $values)``
for method call and property call.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
166e175 [expression-language] Code Cleanup for GetAttrNode
* 2.8: (29 commits)
Updating AbstractVoter so that the method receives the TokenInterface
Adding the necessary files so that Guard can be its own installable component
Fix syntax in a test
Normalize the way we check versions
Avoid errors when generating the logout URL when there is no firewall key
Removing unnecessary override
fabbot
Adding a new exception and throwing it when the User changes
Fixing a bug where having an authentication failure would log you out.
Tweaks thanks to Wouter
Adding logging on this step and switching the order - not for any huge reason
Adding a base class to assist with form login authentication
Allowing for other authenticators to be checked
meaningless author and license changes
Adding missing factory registration
Thanks again fabbot!
A few more changes thanks to @iltar
Splitting the getting of the user and checking credentials into two steps
Tweaking docblock on interface thanks to @iltar
Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
...
Conflicts:
UPGRADE-2.8.md
src/Symfony/Bridge/Twig/Tests/Node/DumpNodeTest.php
src/Symfony/Bundle/FrameworkBundle/Command/ServerCommand.php
src/Symfony/Component/Validator/Tests/Constraints/AbstractComparisonValidatorTestCase.php
src/Symfony/Component/Validator/Tests/Constraints/IdenticalToValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/RangeValidatorTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
New Guard Authentication System (e.g. putting the joy back into security)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | at least partially: #14300, #11158, #11451, #10035, #10463, #8606, probably more
| License | MIT
| Doc PR | symfony/symfony-docs#5265
Hi guys!
Though it got much easier in 2.4 with `pre_auth`, authentication is a pain in Symfony. This introduces a new authentication provider called guard, with one goal in mind: put everything you need for *any* authentication system into one spot.
### How it works
With guard, you can perform custom authentication just by implementing the [GuardAuthenticatorInterface](https://github.com/weaverryan/symfony/blob/guard/src/Symfony/Component/Security/Guard/GuardAuthenticatorInterface.php) and registering it as a service. It has methods for every part of a custom authentication flow I can think of.
For a working example, see https://github.com/weaverryan/symfony-demo/tree/guard-auth. This uses 2 authenticators simultaneously, creating a system that handles [form login](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/FormLoginAuthenticator.php) and [api token auth](https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Security/TokenAuthenticator.php) with a respectable amount of code. The [security.yml](https://github.com/weaverryan/symfony-demo/blob/guard-auth/app/config/security.yml) is also quite simple.
This also supports "manual login" without jumping through hoops: https://github.com/weaverryan/symfony-demo/blob/guard-auth/src/AppBundle/Controller/SecurityController.php#L45
I've also tested with "remember me" and "switch user" - no problems with either.
I hope you like it :).
### What's Needed
1) **Other Use-Cases?**: Please think about the code and try it. What use-cases are we *not* covering? I want Guard to be simple, but cover the 99.9% use-cases.
2) **Remember me** functionality cannot be triggered via manual login. That's true now, and it's not fixed, and it's tricky.
### Deprecations?
This is a new feature, so no deprecations. But, creating a login form with a guard authenticator is a whole heck of a lot easier to understand than `form_login` or even `simple_form`. In a perfect world, we'd either deprecate those or make them use "guard" internally so that we have just **one** way of performing authentication.
Thanks!
Commits
-------
a01ed35 Adding the necessary files so that Guard can be its own installable component
d763134 Removing unnecessary override
e353833 fabbot
dd485f4 Adding a new exception and throwing it when the User changes
302235e Fixing a bug where having an authentication failure would log you out.
396a162 Tweaks thanks to Wouter
c9d9430 Adding logging on this step and switching the order - not for any huge reason
31f9cae Adding a base class to assist with form login authentication
0501761 Allowing for other authenticators to be checked
293c8a1 meaningless author and license changes
81432f9 Adding missing factory registration
7a94994 Thanks again fabbot!
7de05be A few more changes thanks to @iltar
ffdbc66 Splitting the getting of the user and checking credentials into two steps
6edb9e1 Tweaking docblock on interface thanks to @iltar
d693721 Adding periods at the end of exceptions, and changing one class name to LogicException thanks to @iltar
eb158cb Updating interface method per suggestion - makes sense to me, Request is redundant
c73c32e Thanks fabbot!
6c180c7 Adding an edge case - this should not happen anyways
180e2c7 Properly handles "post auth" tokens that have become not authenticated
873ed28 Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
a0bceb4 adding Guard tests
05af97c Initial commit (but after some polished work) of the new Guard authentication system
330aa7f Improving phpdoc on AuthenticationEntryPointInterface so people that implement this understand it
This PR was merged into the 2.7 branch.
Discussion
----------
Normalize the way we check versions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
121eade Normalize the way we check versions
This PR was merged into the 3.0-dev branch.
Discussion
----------
[HttpKernel] Add better error message when controller action isn't callable
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
In the `ControllerResolver`, if a controller isn't callable, try to give a better description of what went wrong
Commits
-------
e0e19f6 Add better error message when controller action isn't callable
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8][Form] Fix php warning on invalid FormFactory::createBuilder() argument
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Without this check it comes to a `strpos() expects parameter 1 to be string, object given` warning, when passing an invalid argument to `FormFactory::createBuilder()` (e.g. when calling `$this->createForm(new AnEntity());` instead of `$this->createForm(new AnEntityType());` in a controller).
Commits
-------
b5599a5 [Form] Fix php warning on invalid FormFactory::createBuilder() argument
* 2.8:
Added the right revision date for status code registry
[Config] Fix enum default value in Yaml dumper
fixed typo.
[Translation][File dumper] allow get file content without writing in file.
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[DomCrawler] Optimize the regex used to find namespace prefixes
[VarDumper] Add EnumStub for dumping virtual collections with casters
[Finder] Deprecate adapters and related classes
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
[WebProfilerBundle] added btn-link.
Remove duplication of the handling of regex filters in the Finder
Default to stderr for console helpers (only merge if #15794 gets merged)
Conflicts:
src/Symfony/Component/Console/Tests/Helper/LegacyProgressHelperTest.php
src/Symfony/Component/EventDispatcher/EventDispatcher.php
src/Symfony/Component/VarDumper/Tests/CliDumperTest.php
src/Symfony/Component/VarDumper/Tests/HtmlDumperTest.php
* 2.7:
[Config] Fix enum default value in Yaml dumper
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[DomCrawler] Optimize the regex used to find namespace prefixes
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
Default to stderr for console helpers (only merge if #15794 gets merged)
* 2.3:
Finnish translation fix
[CssSelector] Optimize regexs matching simple selectors
Fix the phpdoc in the CssSelector TranslatorInterface
[Console] Add clock mock to fix transient test on HHVM
[EventDispatcher] skip one lazy loading call
[EventDispatcher] fix memory leak in a getListeners
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Default to stderr for the console helpers (2.7+)
Interactive input/output and informational output such as progress should go to `stderr` if available.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Only merge if #15794 is merged.
If someone explicitly wants to use `stdout`, they can simply pass `$output->getStream()` instead of `$output` in most use-cases.
Commits
-------
90c2a96 Default to stderr for console helpers (only merge if #15794 gets merged)
This PR was merged into the 2.8 branch.
Discussion
----------
[Translation][File dumper] allow get file content without writing in file.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #14881
| Tests pass? | yes
| License | MIT
Commits
-------
805acc9 fixed typo.
9b877cf [Translation][File dumper] allow get file content without writing in file.
This PR was merged into the 2.8 branch.
Discussion
----------
[Finder] Deprecate adapters and related classes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c08cf4b [Finder] Deprecate adapters and related classes
This PR was merged into the 2.8 branch.
Discussion
----------
Remove duplication of the handling of regex filters in the Finder
The logic to handle the multiple regexs in MultiplePcreFilterIterator children is the same each time (and will always be the same given it is related to the meaning of properties in MultiplePcreFilterIterator itself).
This extracts this logic in MultiplePcreFilterIterator itself rather than duplicating it in all child classes.
Commits
-------
e66bf64 Remove duplication of the handling of regex filters in the Finder
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Add EnumStub for dumping virtual collections with casters
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Currently, casters may use arrays to represent a collection of virtual values. They are curently dumped the same as regular arrays, and this leads to noisy output (like the `array:%n` prefix, or the quotes around "keys").
This PR adds a new EnumStub for these situations.
Here is an example when using PdoCaster:
Before :
![before](https://cloud.githubusercontent.com/assets/243674/9976105/366a37dc-5ed8-11e5-9ee8-00a4a6b68fa9.png)
After:
![after](https://cloud.githubusercontent.com/assets/243674/9976106/3a9b78a2-5ed8-11e5-8209-1d629d3b1736.png)
Commits
-------
aa50596 [VarDumper] Add EnumStub for dumping virtual collections with casters
This PR was merged into the 2.3 branch.
Discussion
----------
[CssSelector] Optimize regexs matching simple selectors
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
These shortcut parsers are applied first when converting a CSS selector to XPath, to be faster for simple selectors (tag matching, class matching with an optional tag, id matching with an optional tag).
None of the regexes defined here could have more chances to match more element when backtracking identifiers. So the backtracking is only slowing down the regex engine when the regex does not match (i.e. for any more complex selector for instance, or even for simple selectors without namespace of without tag name). Making quantifiers possessive solves this issue.
I also turned some capturing groups (around the namespace and the namespace delimiter) into non-capturing groups as we don't care about them in the output (they are just here to be optional).
Commits
-------
d5abe0b [CssSelector] Optimize regexs matching simple selectors
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Add clock mock to fix transient test on HHVM
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This should fix the most frequent transient test on HHVM (ProgressBarTest::testAnsiColorsAndEmojis)
Commits
-------
549f43b [Console] Add clock mock to fix transient test on HHVM
This is quite technical. As you can see in the provider, the method is called
sometimes when the User changes, and so the token becomes de-authenticated (e.g.
someone else changes the password between requests).
In practice, the user should be unauthenticated. Using the anonymous token did this,
but throwing an AccountStatusException seems like a better idea. It needs to be an
AccountStatusException because the ExceptionListener from the Firewall looks for exceptions
of this class and logs the user out when they are found (because this is their purpose).
This solution is a copy of what AbstractAuthenticationListener does. Scenario:
1) Login
2) Go back to the log in page
3) Put in a bad user/pass
You *should* still be logged in after a failed attempt. This commit gives that behavior.
This looks like a subjective change (one more method, but the method implementations are
simpler), but it wasn't. The problem was that the UserChecker checkPreAuth should happen
*after* we get the user, but *before* the credentials are checked, and that wasn't possible
before this change. Now it is.
Here is the flow:
A) You login using guard and are given a PostAuthGuardToken
B) Your user changes between requests - AbstractToken::setUser() and hasUserChanged() - which
results in the Token becoming "not authenticated"
C) Something calls out to the security system, which then passes the no-longer-authed
token back into the AuthenticationProviderManager
D) Because the PostauthGuardToken implements GuardTokenInterface, the provider responds
to it. But, seeing that this is a no-longer-authed PostAuthGuardToken, it returns
an AnonymousToken, which triggers logout
The reason is that the GuardAuthenticationProvider *must* respond to *all* tokens
created by the system - both "pre auth" and "post auth" tokens. The reason is that
if a "post auth" token becomes not authenticated (e.g. because the user changes between
requests), then it may be passed to the provider system. If no providers respond (which
was the case before this commit), then AuthenticationProviderManager throws an exception.
The next commit will properly handle these "post auth" + "no-longer-authenticated" tokens,
which should cause a log out.
* 2.8:
Remove whitespaces between <input> and <label>
[Translation][File dumper] allow new child classes to implement only formatCatalogue.
[travis] Remove PHP 7 from allowed failures
[Translation] Clean whitespaces and EOL in xliff-core-2.0.xsd
[Finder] Optimize the hot-path
Update Process.php
Conflicts:
.travis.yml
composer.json
src/Symfony/Bridge/Doctrine/composer.json
This PR was merged into the 2.8 branch.
Discussion
----------
[Translation][File dumper] allow new child classes to implement only formatCatalogue
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | #15699
| Tests pass? | yes
| License | MIT
Commits
-------
5fd9f2f [Translation][File dumper] allow new child classes to implement only formatCatalogue.
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Stopped Autoruns when shelling on windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR |
Stop autoruns when shelling on Windows.
Original PR was on https://github.com/symfony/Process/pull/9#issuecomment-140721398.
Commits
-------
bca6771 Update Process.php
* 2.8:
[Finder] Fix recursive filter iterator
[Translator][FileDumper] deprecated format method in favor of formatCatalogue.
bug #15811 use of twig deprecated sameas test
Improve the structure of the Finder testsuite
Remove minimum width for web profiler content view
[VarDumper] Fix HtmlDumper constructor calling CliDumper's
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Validate the extended type for lazy-loaded type extensions
Exclude files based on path before applying the sorting
fixed composer.json
[Console] fix phpdoc of DialogHelper
[Translation][Dumper] added XLIFF 2.0 support.
[XLIFF 2.0] added support for target attributes.
apply some fixes.
update changelog.
[Translation][Loader] added XLIFF 2.0 support.
Allowed extensions to inline compiler passes
Conflicts:
UPGRADE-2.8.md
src/Symfony/Component/Console/Helper/DialogHelper.php
src/Symfony/Component/Form/composer.json
* 2.7:
[Finder] Fix recursive filter iterator
Improve the structure of the Finder testsuite
[VarDumper] Fix HtmlDumper constructor calling CliDumper's
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Exclude files based on path before applying the sorting
fixed composer.json
[Console] fix phpdoc of DialogHelper
Allowed extensions to inline compiler passes
* 2.3:
[Finder] Fix recursive filter iterator
Improve the structure of the Finder testsuite
Conflicts:
src/Symfony/Component/Finder/Iterator/ExcludeDirectoryFilterIterator.php
src/Symfony/Component/Finder/Tests/FinderTest.php
src/Symfony/Component/Finder/Tests/Iterator/DateRangeFilterIteratorTest.php
Testing against different adapters is now handled by multiple subclasses
of a common test case rather than using data providers. This allows
tests to be marked as skipped for unsupported adapters instead of making
them disappear from the testsuite.
* 2.3:
[Finder] Handle filtering of recursive iterators and use it to skip looping over excluded directories
Exclude files based on path before applying the sorting
[Console] fix phpdoc of DialogHelper
This PR was merged into the 2.7 branch.
Discussion
----------
Automatically process extensions when they implement CompilerPassInterface
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | todo (if people are in favor of this PR)
Compiler passes are very powerfull, but also quite strange to work with. Especially when you just need a very simple compiler pass (like https://github.com/symfony-cmf/RoutingBundle/blob/master/DependencyInjection/Compiler/SetRouterPass.php). For 3 lines of code, you need to tweak your bundle class and create a new class.
When using the DI component standalone, compiler passes are even harder to work with, as DI extensions can't register them. I believe that's why libraries like Behat make their extensions compiler passes by default.
I think it would be very easy to just implement an interface and have a `compile` method for the simple compiler pass stuff. If a bundle needs multiple compiler passes or need compiler passes to be executed at other times in the compile process, a bundle can use the normal compiler passes. But if it's just one simple thing, like replacing a definition or getting services with a specific tag, I think this method will be very usefull.
Commits
-------
6c50013 Allowed extensions to inline compiler passes
Improve performance for the following scenarios:
- Example 1:
```php
$a = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
);
$pa->setValue($a, '[a][b][c]', 'new-value');
// The PropertyAccessor will try to set values for
// $a['a']['b']['c'], $a['a']['b'] and $a['a'],
// but in fact it may terminate the loop
// right after the value of $a[a][b][c] is set,
// because $a, $[a], $[a][b] and $[a][b][c]
// are all passed as reference - the reference chain is not broken.
```
- Example 2
```php
$b = array(
'a' => array(
'b' => array(
'c' => 'old-value'
)
)
)
$a = new Foo($b);
// In this example, the reference chain of $b is broken,
// because it's passed to $a.value as value
// But its elements are all passed as reference,
// so after setting the value for $b[a][b][c], there is no need
// to set value for $b[a][b] and $b[a]
$pa->setValue($a, 'value[a][b][c]', 'new-value');
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* 2.8: (31 commits)
[DomCrawler] Invalid uri created from forms if base tag present
[VarDumper] Add caster for OuterIterator objects
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
Use stderr by default when a specific output is not injected
fixed bad merge
[Debug] Fix case mismatch detection
[HttpKernel] Add entry point to more easily create/configure the DI extension
[DX] Added a logout link in the security panel of the web debug toolbar
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
fixed CS
removed non-working tests
[WIP] #15502 Make template shortcuts be usable without Templating component
Redesigned the Symfony Profiler
[Yaml] Fix the parsing of float keys
Make the exception output visible even in quiet mode, fixes#15680
Convert Output::write's type to an options arg where verbosity can be passed in as well
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
...
* 2.7:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
Use stderr by default when a specific output is not injected
[Debug] Fix case mismatch detection
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
[HttpKernel] fix DumpDataCollector compat with Twig 2.0
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[Translator][warmup][fallback locales] fixed missing cache file generation.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
* 2.3:
[DomCrawler] Invalid uri created from forms if base tag present
[Console] update param type phpdoc for StreamOutput
[Console] fix typo in OutputInterface
[HttpKernel] fix broken multiline <esi:remove>
[DoctrineBridge] Fixed#14840
[FrameworkBundle] add a suggest for the serializer component
[Yaml] Fix the parsing of float keys
[Console] Ensure the console output is only detected as decorated when both stderr and stdout support colors
Improve exception messages.
Fix that two DirectoryResources with different patterns would be deduplicated
Tests fix clockmock
[WebProfilerBundle] Added tabindex="-1" to not interfer with normal UX
missing "YAML" in the exception message.
[framework-bundle] Add Test for TranslationUpdateCommand
Use ObjectManager interface instead of EntityManager
This PR was squashed before being merged into the 2.3 branch (closes#13794).
Discussion
----------
[DomCrawler] Invalid uri created from forms if base tag present
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #13145 was merged the provided testcase does not work anymore and creates an invalid link
This affects the latest versions of 2.3, 2.5, 2.6 and 2.7
Right now this PR only includes the failing test, as I could no easy find a fix. If someone immediately knows whats the problem, give me a hint please.
Commits
-------
dc57a7a [DomCrawler] Invalid uri created from forms if base tag present
Previous rule was only working when arguments are passed from command line, as in command line there is no way of skipping an argument. The rule does not work for arguments set on the Input after a command is run.
This PR was squashed before being merged into the 2.3 branch (closes#14802).
Discussion
----------
[HttpKernel] fix broken multiline <esi:remove>
|Q |A |
|--- |---|
|Bug Fix? |yes|
|New Feature? |n |
|BC Breaks? |n |
|Deprecations?|n |
|Tests Pass? |yes|
|Fixed Tickets| |
|License |MIT|
|Doc PR | |
Originally found in https://github.com/symfony/symfony/pull/14800#discussion-diff-31388942
`<esi:remove>` blocks with multiline contents were not removed.
`<esi:comment>` blocks with multiline contents were not removed.
Note. According to http://www.w3.org/TR/esi-lang
`comment is an empty element, and must not have an end tag.` so the support for multi line comments are not actually supported in the standard.
Commits
-------
06f97bf [HttpKernel] fix broken multiline <esi:remove>
This PR was merged into the 2.3 branch.
Discussion
----------
Add tests to the recently added exceptions thrown from YamlFileLoaders
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15702#15731
| License | MIT
| Doc PR | -
* use the `Symfony\Component\DependencyInjection\Exception\InvalidArgumentException` in the DI component
* add tests
Commits
-------
93e418f Improve exception messages.
ResourceInterface::__toString is mainly important because in various places, array_uniqe() is called to perform a de-duplication of resources and will use the string representation for objects.
Thus, we need to take care that if DirectoryResources apply different patterns they must be kept after array_unique calls.
This PR was squashed before being merged into the 2.3 branch (closes#15746).
Discussion
----------
Tests fix clockmock
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
On my local computer tests for HttpCacheTest not passed, because ClockMock make side effects on another tests (it takes time from _SERVER['REQUEST_TIME'] and for my computer difference with real one time and this time was more than expected by HttpCacheTest, one part of code take time from mock, anothers - from native time function). This PR remove this side effects.
Commits
-------
6b21752 Tests fix clockmock
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Move required RequestStack args as first arguments
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Since we planned to make RequestStack required, we have to move it as first arguments.
Commits
-------
84ba05b [HttpKernel] Move required RequestStack args as first arguments
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Add BufferingLogger for errors that happen before a proper logger is configured
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This allows catching e.g. deprecations that happen during bootstrapping.
Commits
-------
2a9647d [Debug] Add BufferingLogger for errors that happen before a proper logger is configured
This PR was merged into the 2.3 branch.
Discussion
----------
Dispatch console.terminate *after* console.exception
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
The problem is when using the ConsoleHandler from MonologBridge, TERMINATE closes it and removes the output, so when EXCEPTION fires if you want to log the exception it's too late and you don't get any output. See ed4fb54901/src/Symfony/Bridge/Monolog/Handler/ConsoleHandler.php (L115-L145)
It is my understanding that TERMINATE is always supposed to come last anyway, so it is a bug in any case, but this particular use case is what prompted the discovery.
Commits
-------
7802345 Dispatch console.terminate *after* console.exception
When a form type provides a BC layer with old form names (all core types
do), the form registry will ask for type extensions registered on the
legacy name for BC, and trigger a warning if it finds any.
The DependencyInjectionExtension should not trigger warnings on its own
when being asked for such extensions (especially when it has none
registered).
Core extensions are also registered using the proper extended type
rather than legacy names.
This PR was merged into the 2.8 branch.
Discussion
----------
removed some Form related deprecation notices
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This removes a deprecation notice.
Commits
-------
4253824 removed some Form deprecation notices
* 2.8:
[Security\Http] Fix dep
added ExceptionHandler::getHtml() to expose the full HTML of an exception
Conflicts:
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Security/Http/composer.json
This PR was merged into the 2.8 branch.
Discussion
----------
[Security\Http] Fix dep
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should make tests green
Commits
-------
037196c [Security\Http] Fix dep
This PR was merged into the 2.8 branch.
Discussion
----------
added ExceptionHandler::getHtml() to expose the full HTML of an exception
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
`ExceptionHandler::createResponse()` has been deprecated in 2.8 to remove the HttpFoundation dependency on `symfony/debug`. But that breaks Silex which relies on this method. As the `decorate` method is private, there is no way in Silex to upgrade. Instead of making the `decorate()` method public, I propose to add a new `getHtml()` method that returns the exception as a full HTML page.
Commits
-------
4d1d277 added ExceptionHandler::getHtml() to expose the full HTML of an exception
This PR was squashed before being merged into the 2.7 branch (closes#15552).
Discussion
----------
[ExpressionLanguage] Fixed expressions cache key generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reworked version of #15537
Difference with original PR:
- sort $names array to ensure its order does not affect caching, added test for it
- minor tweaks for cache key format
- used `foreach` instead of `array_map`
P.S. I'm not proficient with tests so not sure if tests are correct.
Commits
-------
4114a2b [ExpressionLanguage] Fixed expressions cache key generation
* 2.8:
[2.8] Cleanup
allow more versions of the ACL package
[Translator] Added missing changelog notes.
[2.7] Clean deprecated interfaces
use new repo location in some readme.md
[Validator] Cleanup a test
[translation][framework-bundle] Deprecated DiffOperation
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/ORMQueryBuilderLoaderTest.php
src/Symfony/Bridge/ProxyManager/LazyProxy/PhpDumper/ProxyDumper.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/DependencyInjection/IntrospectableContainerInterface.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/CachingFactoryDecoratorTest.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/DefaultChoiceListFactoryTest.php
src/Symfony/Component/Form/Tests/ChoiceList/Factory/PropertyAccessDecoratorTest.php
src/Symfony/Component/Form/Tests/ChoiceList/LegacyChoiceListAdapterTest.php
src/Symfony/Component/Validator/Tests/Validator/AbstractLegacyApiTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] Deprecate IntrospectableContainerInterface
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Patch on Security is required for tests compat with 3.0, see #15684
IntrospectableContainerInterface is already deprecated in master.
Commits
-------
c2b94a1 [2.8] Cleanup
This PR was merged into the 2.8 branch.
Discussion
----------
[translation] Deprecated DiffOperation
## Summary:
The ``DiffOperation`` class has been deprecated and ``TargetOperation``
should be used instead, because ``DiffOperation`` has nothing to do
with 'diff', thus its class name is misleading.
Also added detailed documents for all operation interface and classes.
## Background:
The following names should have consistent meanings for all operations:
The name of ``intersection`` is temporarily introduced here to explain this issue.
* [x] ``intersection`` = source ∩ target = {x: x ∈ source ∧ x ∈ target}
* [x] ``all`` = **result of the operation, depends on the operation.**
* [x] ``new`` = all ∖ source = {x: x ∈ all ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ all}
The following analysis explains why ``DiffOperation`` should be deprecated.
## Logic of ``MergeOperation``:
* [x] ``all`` = source ∪ target = {x: x ∈ source ∨ x ∈ target}
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ source ∧ x ∉ target} = ∅
This absolutely makes sense.
## Logic of ``DiffOperation``:
* [ ] ``all`` = intersection ∪ (target ∖ intersection) = target
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = source ∖ target = {x: x ∈ source ∧ x ∉ target}
The ``all`` part is confusing because 'diff' should either mean 'relative complement' or 'symmetric difference' operation:
### Relative Complement:
* ``all`` = source ∖ target = {x: x ∈ source ∧ x ∉ target}
### Symmetric Difference:
* ``all`` = (source ∖ target) ∪ (target ∖ source) = {x: x ∈ source ∧ x ∉ target ∨ x ∈ target ∧ x ∉ source}
### Current Logic has Nothing to do with "Diff":
* ``all`` = intersection ∪ (target ∖ intersection) = target
So the name of ``DiffOperation`` is misleading and inappropriate.
Unfortunately, there is no corresponding set operation for this class,
so it's hard to give it an apppriate name.
From my point of view, I believe the most accurate name for this class
should be ``TargetOperation`` because its result is same as the target set.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
353c94d [translation][framework-bundle] Deprecated DiffOperation
* 2.8:
[travis] Add PHP 7 to allowed failures until segfaults are fixed
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
Require symfony/intl ~2.4 when Locale::setDefault() is used
[Form][2.7][ Choice type] fixed groups with empty array.
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[Config] Prototypes info
[console] Use the description when no help is available
Conflicts:
.travis.yml
CHANGELOG-2.3.md
src/Symfony/Component/Form/composer.json
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php
src/Symfony/Component/Translation/composer.json
src/Symfony/Component/Validator/composer.json
* 2.7:
[travis] Add PHP 7 to allowed failures until segfaults are fixed
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[console] Use the description when no help is available
* 2.3:
[Intl] Fix test
[Translator][fallback catalogues] fixed circular reference.
bumped Symfony version to 2.3.33
updated VERSION for 2.3.32
update CONTRIBUTORS for 2.3.32
updated CHANGELOG for 2.3.32
[FrameworkBundle] Fix templating.helper.code.file_link_format when defined by ini setting
[console] Use the description when no help is available
Conflicts:
src/Symfony/Component/Console/Tests/Fixtures/application_asxml1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_asxml2.txt
src/Symfony/Component/HttpKernel/Kernel.php
The ``DiffOperation`` class has been deprecated and ``TargetOperation``
should be used instead, because ``DiffOperation`` has nothing to do
with 'diff', thus its class name is misleading.
Also added detailed documents for all operation interface and classes.
The following names should have consistent meanings for all operations:
The name of ``intersection`` is temporarily introduced here to explain this issue.
* [x] ``intersection`` = source ∩ target = {x: x ∈ source ∧ x ∈ target}
* [x] ``all`` = **result of the operation, depends on the operation.**
* [x] ``new`` = all ∖ source = {x: x ∈ all ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ all}
The following analysis explains why ``DiffOperation`` should be deprecated.
* [x] ``all`` = source ∪ target = {x: x ∈ source ∨ x ∈ target}
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ ∉ source}
* [x] ``obsolete`` = source ∖ all = {x: x ∈ source ∧ x ∉ source ∧ x ∉ target} = ∅
This absolutely makes sense.
* [ ] ``all`` = intersection ∪ (target ∖ intersection) = target
* [x] ``new`` = all ∖ source = {x: x ∈ target ∧ x ∉ source}
* [x] ``obsolete`` = source ∖ all = source ∖ target = {x: x ∈ source ∧ x ∉ target}
The ``all`` part is confusing because 'diff' should either mean 'relative complement' or 'symmetric difference' operation:
* ``all`` = source ∖ target = {x: x ∈ source ∧ x ∉ target}
* ``all`` = (source ∖ target) ∪ (target ∖ source) = {x: x ∈ source ∧ x ∉ target ∨ x ∈ target ∧ x ∉ source}
* ``all`` = intersection ∪ (target ∖ intersection) = target
So the name of ``DiffOperation`` is misleading and inappropriate.
Unfortunately, there is no corresponding set operation for this class,
so it's hard to give it an apppriate name.
From my point of view, I believe the most accurate name for this class
should be ``TargetOperation`` because its result is same as the target set.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] Fix test
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7969503 [Intl] Fix test
* 2.7:
Require symfony/intl ~2.4 when Locale::setDefault() is used
[Form][2.7][ Choice type] fixed groups with empty array.
Conflicts:
src/Symfony/Component/Form/composer.json
src/Symfony/Component/Translation/composer.json
src/Symfony/Component/Validator/composer.json
This PR was merged into the 2.8 branch.
Discussion
----------
[Config] Prototypes info
| Q | A
| ------------- | ---
| Bug fix? | no ?
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Prototypes info is currently ignored by dumpers. It might be useful to add extra informations to the `# Prototype` comment in the `config:dump-reference` output.
Commits
-------
599fcb4 [Config] Prototypes info
This PR was merged into the 2.7 branch.
Discussion
----------
[Form][2.7][ Choice type] fixed groups with empty array.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15634
| License | MIT
| Doc PR | ~
- [x] test
Commits
-------
835aa78 [Form][2.7][ Choice type] fixed groups with empty array.
* 2.8:
Mark deprecated Twig functions as deprecated with the Twig feature
[appveyor] PHP 5.3.11 for Symfony 2.7
[HttpKernel] Group deprecation notices
[Translation] added <tool> element metadata to XliffFileDumper
Conflicts:
appveyor.yml
src/Symfony/Bridge/Twig/AppVariable.php
src/Symfony/Bridge/Twig/Extension/AssetExtension.php
src/Symfony/Bridge/Twig/Extension/FormExtension.php
* 2.7:
Mark deprecated Twig functions as deprecated with the Twig feature
[appveyor] PHP 5.3.11 for Symfony 2.7
[HttpKernel] Group deprecation notices
Conflicts:
appveyor.yml
This PR was merged into the 2.8 branch.
Discussion
----------
[Translation] added <tool> element metadata to XliffFileDumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15190
| License | MIT
| Doc PR | ~
Commits
-------
f667a34 [Translation] added <tool> element metadata to XliffFileDumper
This PR was merged into the 2.3 branch.
Discussion
----------
[console] Use the description when no help is available
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15498
| License | MIT
| Doc PR |
Commits
-------
e5d3f25 [console] Use the description when no help is available
* 2.8:
bumped minimal version in appveyor to 5.3.9
[VarDumper] Fix missing support for dumping PHP7 return type
Require security-acl 2.7 for BC
[travis] disable symfony_debug ext when deps!=no
Require actual version of ACL component until ACL/2.8 branch released
Do not normalize the kernel root directory path (see symfony/symfony#15474).
Don't trigger deprecation on interfaces
[Debug] Ignore silencing for deprecations
[ci] Run minimal versions on appveyor only
Deprecated Security ClassUtils in favor of Acl ClassUtils
Fix appveyor file
consistently use str_replace to unify directory separators (remaining)
* 2.7:
[VarDumper] Fix missing support for dumping PHP7 return type
[travis] disable symfony_debug ext when deps!=no
Do not normalize the kernel root directory path (see symfony/symfony#15474).
Don't trigger deprecation on interfaces
[Debug] Ignore silencing for deprecations
[ci] Run minimal versions on appveyor only
Fix appveyor file
consistently use str_replace to unify directory separators (remaining)
This PR was merged into the 2.3 branch.
Discussion
----------
[ci] Run minimal versions on appveyor only
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Hopefully the last round of ci optimizations: what do you think about running the minimal supported version on appveyor only? This removes one matrix line on travis, and gives more flexibility in choosing the minimal version because, where travis only supports a limited list of minimal versions, windows.php.net provides a binary for each and every php ever released.
Commits
-------
e564805 [ci] Run minimal versions on appveyor only
This PR was merged into the 2.7 branch.
Discussion
----------
Don't trigger deprecation on interfaces
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This can trigger false positives when implementing the interface is required for bc reasons. The DebugClassLoader is able to trigger on demand at runtime when required.
Commits
-------
b5b10b3 Don't trigger deprecation on interfaces
This PR was merged into the 2.7 branch.
Discussion
----------
consistently use str_replace to unify directory separators (2.7)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
Remaining ones from #15614
Commits
-------
17ce649 consistently use str_replace to unify directory separators (remaining)
This PR was merged into the 2.8 branch.
Discussion
----------
Deprecated Security ClassUtils in favor of Acl ClassUtils
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | symfony/symfony/issues/14718
| Relates to | symfony/security-acl/pull/3
| License | MIT
| Doc PR | ~
Should be removed from the core as it's only used in the Acl component.
Commits
-------
4278fe4 Deprecated Security ClassUtils in favor of Acl ClassUtils
* 2.8:
[Console] ProgressBarTest::testAnsiColorsAndEmojis() requires extension mbstring
[SecurityBundle] Skip SetAclCommandTest when sqlite is not available
[VarDumper] Windows compat for SplCasterTest
[Translation][Xliff loader] fixed check target node.
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Windows compat for SplCasterTest
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d4a5ecb [VarDumper] Windows compat for SplCasterTest
* 2.8: (21 commits)
Fix merge
Fix typo
Various fixes esp. on Windows
Fix the validation of form resources to register the default theme
Fix the retrieval of the value with property path when using a loader
[appveyor] minor enhancements
[Process] Disable failing tests on Windows
[Translation] Fix the string casting in the XliffFileLoader
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[VarDumper] fixed HtmlDumper to target specific the head tag
[travis] merge php: nightly and deps=high test-matrix lines
consistently use str_replace to unify directory separators
Support omitting the <target> node in an .xlf file.
Fix the handling of values for multiple choice types
moved PHP nightly to PHP 7.0
fixed tests using deprecation features
[Form] made deprecation notice more precise
fixed CS
Fix BC break after split of ACL from core
...
Conflicts:
.travis.yml
composer.json
src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php
src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
* 2.7:
Various fixes esp. on Windows
Fix the validation of form resources to register the default theme
Fix the retrieval of the value with property path when using a loader
[appveyor] minor enhancements
[Process] Disable failing tests on Windows
[Translation] Fix the string casting in the XliffFileLoader
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[VarDumper] fixed HtmlDumper to target specific the head tag
[travis] merge php: nightly and deps=high test-matrix lines
consistently use str_replace to unify directory separators
Support omitting the <target> node in an .xlf file.
Fix the handling of values for multiple choice types
moved PHP nightly to PHP 7.0
[Security] Add missing docblock in PreAuthenticatedToken
Conflicts:
.travis.yml
This PR was merged into the 2.3 branch.
Discussion
----------
consistently use str_replace to unify directory separators
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
We used a mix of `str_replace` and `strtr` for the same thing. `str_replace` is faster as [I tested myself](https://3v4l.org/MNrgC) which is logical since strtr adds logic we don't need here.
Commits
-------
b9760ef consistently use str_replace to unify directory separators
* 2.3:
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[travis] merge php: nightly and deps=high test-matrix lines
[Security] Add missing docblock in PreAuthenticatedToken
Conflicts:
.travis.yml
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpFoundation/JsonResponse.php
src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Add missing docblock in PreAuthenticatedToken
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed the `PreAuthenticatedToken` does not provide any dockblock about its constructor parameters so PHPStorm uses the `AbstractToken` parameters and think I'm using `PreAuthenticatedToken` badly.
This fix it by adding the missing docblock and I also added the string[] possibility for roles in `AbstractToken` as it's present in the code and the exception message.
Commits
-------
1dda0a6 [Security] Add missing docblock in PreAuthenticatedToken
This PR was merged into the 2.3 branch.
Discussion
----------
Add appveyor.yml for C.I. on Windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | YES, both on Travis (Linux) and on Appveyor (Windows)!
| Fixed tickets | #13934, #15049, #14259, #15045, #15444
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/5654
- testing two matrix lines:
- one without mbtring nor fileinfo nor intl
- one with these ext enables, intl version 51.2 so that almost no test is skipped on our Intl component
- bug fixes thanks to these harder testing conditions
- some display bug on appveyor, [reported here](http://help.appveyor.com/discussions/suggestions/197-support-ansi-color-codes).
Commits
-------
ea5d656 Windows and Intl fixes
8bbd8d9 Add appveyor.yml for C.I. on Windows
Choice values must always be strings, but a place was missing the
casting, breaking the comparison of selected choices when the callback
does not return a string.
* 2.7:
fixed CS
[DependencyInjection] Add missing file headers
fixed typo
made Symfony compatible with both Twig 1.x and 2.x
[FrameworkBundle] Fix precedence of xdebug.file_link_format
* 2.8: (22 commits)
[Form] fixed BC-break on grouped choice lists
[WebProfilerBundle] add import for Twig macro
made Symfony compatible with both Twig 1.x and 2.x
[VarDumper] Add caster for pgsql resources
[Debug/VarDumper] minor cleanups
[Form] only use PropertyPath if not already callable
[Form] fix reworked choice list phpdoc
[DoctrineBridge][Form] Add old tests to legacy group
Fixed warning when command alias is longer than command name
removed _self usage when not needed
Add support for target attributes.
Implement the support of timezone objects in the stub IntlDateFormatter
typofix - https://github.com/vlajos/misspell_fixer
make doctrine mappings compiler pass exception message more understandable
fix debug-ext 003.phpt
[Yaml] Nested merge keys
[FrameworkBundle] [Command] removed unused variable.
[FrameworkBundle] fix serializer config check
[Debug] Enhance DebugClassLoader performance on MacOSX
Add support for variadic arguments in the GetSetNormalizer
...
* 2.7:
[Form] fixed BC-break on grouped choice lists
[WebProfilerBundle] add import for Twig macro
made Symfony compatible with both Twig 1.x and 2.x
[Debug/VarDumper] minor cleanups
[Form] only use PropertyPath if not already callable
[Form] fix reworked choice list phpdoc
[DoctrineBridge][Form] Add old tests to legacy group
Fixed warning when command alias is longer than command name
removed _self usage when not needed
Implement the support of timezone objects in the stub IntlDateFormatter
typofix - https://github.com/vlajos/misspell_fixer
make doctrine mappings compiler pass exception message more understandable
fix debug-ext 003.phpt
[Yaml] Nested merge keys
[FrameworkBundle] [Command] removed unused variable.
[Debug] Enhance DebugClassLoader performance on MacOSX
Add support for variadic arguments in the GetSetNormalizer
[DoctrineBridge][Form] Fix IdReader when indexing by primary foreign key
[DoctrineBridge][Form] Fix EntityChoiceList when indexing by primary foreign key
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] only use PropertyPath if not already callable
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | could be in edge cases
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15542
| License | MIT
| Doc PR | -
Currently it uses a PropertyPath even when the string is already a callable. But the callable string should have higher priority since that is also the one documented in ChoiceListFactoryInterface.
Commits
-------
470b140 [Form] only use PropertyPath if not already callable
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Add caster for pgsql resources
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
If pgsql users could give feedback on this one, that would we great!
Commits
-------
6c3cfe5 [VarDumper] Add caster for pgsql resources
This PR was merged into the 2.8 branch.
Discussion
----------
[Translator] [Xliff] Add support for target attributes.
The previous implementation ignored attributes in target nodes in xliff files
so they were lost when you loaded and then dumped the same file. This change
should fix that problem.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
b913695 Add support for target attributes.
Use ``$this->nodes['attribute']->attributes['value']`` to
replace ``$this->nodes['attribute']->evaluate($functions, $values)``
for method call and property call.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fixed warning when command alias is longer than command name
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15511
| License | MIT
Commits
-------
ecfe944 Fixed warning when command alias is longer than command name
* 2.3:
Implement the support of timezone objects in the stub IntlDateFormatter
[DoctrineBridge][Form] Fix EntityChoiceList when indexing by primary foreign key
The previous implementation ignored attributes in target nodes in xliff files
so they were lost when you load and then dump the same file. This change
should fix that problem.
This PR was merged into the 2.3 branch.
Discussion
----------
Implement the support of timezone objects in the stub IntlDateFormatter
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As of PHP 5.5, the IntlDateFormatter accepts to use DateTimeZone or IntlTimeZone objects as timezone in the constructor (and in the new setTimeZone method) rather than timezone ids.
This is even the proper way to pass a timezone from a DateTime object as DateTimeZone names are not all valid ICU identifiers (and there is a PR on the Twig-extensions repo to use such feature to support things properly: https://github.com/twigphp/Twig-extensions/pull/148).
I'm considering this as a bugfix because it is a mismatch between the stub implementation and the real class.
Note that for simplicity, these objects are accepted on all PHP versions, as reproducing the behavior of older versions is not possible in the stub anyway (triggering a warning and making the instantiating with ``new`` return ``null``). We already have such differences anyway (the ``setTimeZone`` method exists in all PHP versions in the stub)
Commits
-------
2856abe Implement the support of timezone objects in the stub IntlDateFormatter
As of PHP 5.5, the IntlDateFormatter accepts to use DateTimeZone or
IntlTimeZone objects as timezone in the constructor (and in the new
setTimeZone method) rather than timezone ids.
This is even the proper way to pass a timezone from a DateTime object as
DateTimeZone names are not all valid ICU identifiers.
This PR was merged into the 2.3 branch.
Discussion
----------
[Serializer] Add support for variadic arguments in the GetSetNormalizer
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
There were 2 broken cases:
- when the value was passed, the array was passed as argument, becoming the first value of the variadic array. The array needs to be spread into multiple arguments when calling the method
- when the value was missing, the code would throw a ReflectionException, similar to the issue reported in #13690, because a variadic argument is optional but does not have a default value
Commits
-------
704760b Add support for variadic arguments in the GetSetNormalizer
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Nested merge keys
When trying to use nested merge keys in Yaml, the ref sometimes had the wrong value
eg, with:
```yaml
taz: &taz
a: Steve
w:
p: 1234
nested:
<<: *taz
d: Doug
w: &nestedref
p: 12345
z:
<<: *nestedref
```
in this case, the ref `nestedref` had the value "Doug", which cause this error :
Symfony\Component\Yaml\Exception\ParseException: YAML merge keys used with a scalar value instead of an array at line 38 (near "<<: *nestedref").
It now works as expected
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
note: this PR replace #15241
Commits
-------
500c57e [Yaml] Nested merge keys
in my environment the filename is filled, not "-"
$ php --version
PHP 5.5.27 (cli) (built: Jul 17 2015 12:32:05)
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies
* 2.8:
[travis] Build standalone phpunit without symfony/yaml
Clean wrong whitespaces
[travis] Build phpunit with local components
[Console] Handle false return value from readline
do not remove space between attributes
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
Allow to define Enum nodes with 1 single element
Fix "[Form] Add flexibility for EntityType"
Remove the duplicated rendering of deprecation messages in the profiler
Fix the retrieval of the default value for variadic arguments
Annotated routes with a variadic parameter
[Locale] Fix Intl requirement
Fixing DbalSessionHandler to work with a Oracle "limitation" or bug?
Update EngineInterface.php
[Form] Add flexibility for EntityType
[Console] Fix Symfony coding standards violations
[Console] Use readline for user input when available
Better Iban Validation
Added a way to define the priority of service decoration
let Travis builds fail when PHP 7 jobs fail
Conflicts:
.travis.yml
UPGRADE-2.8.md
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Component/Locale/composer.json
* 2.7:
Clean wrong whitespaces
[travis] Build phpunit with local components
do not remove space between attributes
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
Fix the retrieval of the default value for variadic arguments
Annotated routes with a variadic parameter
Fixing DbalSessionHandler to work with a Oracle "limitation" or bug?
Update EngineInterface.php
let Travis builds fail when PHP 7 jobs fail
Conflicts:
.travis.yml
This PR was merged into the 2.8 branch.
Discussion
----------
[DependencyInjection] Added a way to define the priority of service decoration
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10634
| License | MIT
| Doc PR | symfony/symfony-docs#5600
This PR adds a way to define the priority of service decoration, so, the service with the highest priority will be applied first (the default priority is zero).
```yaml
services:
foo:
class: Foo
bar:
class: Bar
arguments: ['@bar.inner']
decorates: foo
public: false
foobar:
class: Foobar
arguments: ['@foobar.inner']
decorates: foo
decoration_priority: 1
public: false
```
This will result in this code:
```php
$this->services['foo'] = new Bar(new Foobar(new Foo)));
```
Commits
-------
75c98cb Added a way to define the priority of service decoration
* 2.3:
Clean wrong whitespaces
[travis] Build phpunit with local components
do not remove space between attributes
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
Fix the retrieval of the default value for variadic arguments
Annotated routes with a variadic parameter
Fixing DbalSessionHandler to work with a Oracle "limitation" or bug?
Update EngineInterface.php
let Travis builds fail when PHP 7 jobs fail
Conflicts:
.travis.yml
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
This PR was squashed before being merged into the 2.3 branch (closes#15263).
Discussion
----------
[HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
| Q | A
| ------------- | ---
| Fixed tickets | #15262
| License | MIT
'proxy-revalidate' is not a header on its own but a 'Cache-Control' directive
See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
Commits
-------
6c22f0a [HttpFoundation] fixed the check of 'proxy-revalidate' in Response::mustRevalidate()
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Improve Iban Validation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/13802
| License | MIT
| Doc PR |
This PR adds 2 more checks for better IBAN validation: the validation of the country code (represented by the first 2 letters) and the format validation according to the country format regex based on http://www.swift.com/dsp/resources/documents/IBAN_Registry.pdf.
Commits
-------
07b38de Better Iban Validation
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] Use readline for user input when available #DX
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Given I am entering data in an user input
When I use left and right keys to make some changes in what I have typed
Then the cursor should move accordingly instead of adding characters at the end of the line
To make it simple: using the arrow keys (← →) to make changes to what I already typed would be much handier than getting `^[[D` and `^[[C` characters in the terminal and having to delete all chars to type everything again.
I could not add any extra tests to this as the STDIN can't be used during tests. But they are not breaking and I tried again all types of questions (text, choices, hidden) by myself.
Note that `readline` can't be used for hidden questions, as `stty -echo` is not taken into account.
Commits
-------
0534899 [Console] Fix Symfony coding standards violations
8b63d62 [Console] Use readline for user input when available
* 2.8:
[Locale] Add missing @group legacy annotations
[Form] Add missing @group legacy annotations
[Form] Use FQCN form types
Fix security-acl deps
Fix typo
[Security] Removed security-acl from the core
fixed typos
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
fix issue #15377
Skip ::class constant
[Config] type specific check for emptiness
[Form] Deprecated FormTypeInterface::getName() and passing of type instances
Conflicts:
UPGRADE-2.8.md
composer.json
src/Symfony/Bridge/Doctrine/composer.json
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/ClassLoader/ClassMapGenerator.php
src/Symfony/Component/DependencyInjection/Tests/ContainerTest.php
src/Symfony/Component/Form/Tests/AbstractExtensionTest.php
src/Symfony/Component/Form/Tests/AbstractLayoutTest.php
src/Symfony/Component/Form/Tests/SimpleFormTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php
src/Symfony/Component/Security/Acl/README.md
src/Symfony/Component/Security/Acl/composer.json
* 2.7:
[Locale] Add missing @group legacy annotations
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
fix issue #15377
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/TimeTypeTest.php
Added more country-based tests, added new error type
The error type `NOT_SUPPORTED_COUNTRY_CODE_ERROR` has been added for the
IBANs from unsupported countries, for which we don't have defined a
format. We will not check anymore if a country code against the Intl
component.
The tests have been completed with more tests for each contry we have
formats defined.
The 4 character length check and the case check has been removed. The message code constants
`TOO_SHORT_ERROR` and `INVALID_CASE_ERROR` has been deprecated
* 2.3:
Fix security-acl deps
Fix doctrine mapping validation type error
Remove skipping of tests based on ICU data version whenever possible
Fix the handling of null as locale in the stub intl classes
do not dump leading backslashes in class names
Skip ::class constant
[Config] type specific check for emptiness
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/Config/Tests/Definition/ScalarNodeTest.php
src/Symfony/Component/DependencyInjection/Dumper/GraphvizDumper.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/DependencyInjection/Tests/Fixtures/containers/container9.php
src/Symfony/Component/Form/Tests/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformerTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTimeTypeTest.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/DateTypeTest.php
src/Symfony/Component/Locale/Tests/LocaleTest.php
src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php
src/Symfony/Component/Validator/Tests/Constraints/CountryValidatorTest.php
src/Symfony/Component/Validator/Tests/Constraints/CurrencyValidatorTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
Remove skipping of tests based on ICU data version whenever possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Many tests being skipped based on the ICU data version don't actually need it. They might be testing code paths not relying on Intl, or not performing assertions on the values depending on the ICU data and so not dependant on the exact ICU version being used.
this is somewhat related to https://github.com/symfony/symfony/issues/14259 as it allows to reduce the number of tests not running on Travis.
Commits
-------
7994513 Remove skipping of tests based on ICU data version whenever possible
This PR was merged into the 2.3 branch.
Discussion
----------
do not dump leading backslashes in class names
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15001
| License | MIT
| Doc PR |
Commits
-------
ad6cb10 do not dump leading backslashes in class names
This PR was squashed before being merged into the 2.8 branch (closes#15013).
Discussion
----------
[Security] Removed security-acl from the core
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | part of #14718
| License | MIT
| Doc PR | ~
The `Security\Acl` is removed from the core and is loaded from its own repository. All tests were passing and this is fully backwards compatible. I have removed all but the Test files in the first step and added the dependency to verify the Test were still working with the package dependency. The second step was to remove the remaining test files and tests are still running for both the Bundle and the Framework. Once the Read-Only repository is a full standalone repository, this PR can be merged.
- [x] Remove component from the core
- [ ] Remove read-only from https://github.com/symfony/security-acl
Once this PR is merged, I can start working on splitting the SecurityBundle and extracting the ACL part to the AclBundle.
/cc @fabpot
Commits
-------
b26a449 [Security] Removed security-acl from the core
* 2.8: (63 commits)
[Debug] Deprecate ExceptionHandler::createResponse
[Debug] cleanup ExceptionHandlerTest
Reordered the toolbar elements via service priorities
bumped Symfony version to 2.7.4
Increased the z-index of .sf-toolbar-info
Removed an unused media query
updated VERSION for 2.7.3
updated CHANGELOG for 2.7.3
Redesigned "abbr" elements
Restored the old behavior for toolbars with lots of elements
Tweaks and bug fixes
Added some upgrade notes about the new toolbar design
fixed typo in translation keys
Fix the return value on error for intl methods returning arrays
Removed an useless CSS class and added styles for <hr>
Added a new profiler_markup_version to improve BC of the new toolbar
Fix merge
Removed an unused import
Reverted the feature to display different toolbar versions
Minor JavaScript optimizations
...
Conflicts:
CHANGELOG-2.7.md
UPGRADE-2.8.md
src/Symfony/Bundle/FrameworkBundle/Resources/config/collectors.xml
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Deprecated FormTypeInterface::getName() and passing of type instances
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #5321, #15008
| License | MIT
| Doc PR | TODO
#### Type Names
This PR deprecates the definition of the `getName()` method of form types. See #15008 for a more detailed description.
Before:
```php
class MyType extends AbstractType
{
public function getName()
{
return 'mytype';
}
// ...
}
```
After:
```php
class MyType extends AbstractType
{
// ...
}
```
You should always reference other types by their fully-qualified class names. Thanks to PHP 5.5, that's easy:
Before:
```php
$form = $this->createFormBuilder()
->add('name', 'text')
->add('age', 'integer')
->getForm();
```
After:
```php
$form = $this->createFormBuilder()
->add('name', TextType::class)
->add('age', IntegerType::class)
->getForm();
```
#### Type Instances
Furthermore, passing of type instances is deprecated.
Before:
```php
$form = $this->createForm(new AuthorType());
```
After:
```php
$form = $this->createForm(AuthorType::class);
```
#### DIC Aliases
When registering a type in the DIC, you should omit the "alias" attribute now.
Before:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" alias="mytype" />
<argument type="service" id="some.service.id" />
</service>
```
After:
```xml
<service id="my.type" class="Vendor\Type\MyType">
<tag name="form.type" />
<argument type="service" id="some.service.id" />
</service>
```
Types without dependencies don't need to be registered in the DIC as they can be instantiated right away.
#### Template Block Prefixes
By default, the class name of the type in underscore notation minus "Type" suffix is used as Twig template block prefix (e.g. `UserProfileType` => `user_profile_*`). If you want to customize that, overwrite the new `getBlockPrefix()` method in your type:
```php
class UserProfileType extends AbstractType
{
public function getBlockPrefix()
{
return 'profile';
}
// ...
}
```
Commits
-------
3d9e5de [Form] Deprecated FormTypeInterface::getName() and passing of type instances
* 2.7:
[Debug] cleanup ExceptionHandlerTest
bumped Symfony version to 2.7.4
updated VERSION for 2.7.3
updated CHANGELOG for 2.7.3
fixed typo in translation keys
Fix the return value on error for intl methods returning arrays
Fix merge
Fix missing _route parameter notice in RouterListener logging case
Conflicts:
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Config] deprecate cannotBeEmpty() for boolean and numeric nodes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
d4473f3 [Config] deprecate cannotBeEmpty() for boolean and numeric nodes
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] type specific check for emptiness
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13736
| License | MIT
| Doc PR |
Commits
-------
0199fbf [Config] type specific check for emptiness
This PR was merged into the 2.3 branch.
Discussion
----------
Fix the handling of null as locale in the stub intl classes
The Intl extension accepts null as locale in formatters and the collator and will use the default locale in such case. Given that the stub implementation considers that the default locale is always 'en', it should be supported here too instead of forcing libraries to pass the default locale explicitly. For instance, ``Twig_Extensions_Extension_Intl`` relies on the fact that ``null`` as locale uses the default one: https://github.com/twigphp/Twig-extensions/pull/94
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-demo/pull/123
| License | MIT
| Doc PR | n/a
Commits
-------
d6db6ad Fix the handling of null as locale in the stub intl classes
Many tests being skipped based on the ICU data version don't actually
need it. They might be testing code paths not relying on Intl, or not
performing assertions on the values depending on the ICU data and so not
dependant on the exact ICU version being used.
The Intl extension accepts null as locale in formatters and the
collator and will use the default locale in such case. Given that the
stub implementation considers that the default locale is always 'en', it
should be supported here too instead of forcing libraries to pass the
default locale explicitly.
* 2.7:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
Fix calls to HttpCache#getSurrogate triggering E_USER_DEPRECATED errors.
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.3:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
This PR was squashed before being merged into the 2.3 branch (closes#15172).
Discussion
----------
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
The ParameterBagInterface was missing some @throws annotations, so the FrozenParameterBag class was a violation of Liskov subtitution principle. Also the ParameterBagInterface was missing the remove method.
(Optionally the ParameterBagInterface can be later split into two smaller interfaces, because the FrozenParameterBag shouldn't have the add, remove methods in the first place.)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I have also fixed removing elements from FrozenParameterBag, as introduced by @satahippy
https://github.com/symfony/DependencyInjection/pull/8
Commits
-------
3ad0794 [DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.8:
[Yaml] throw a ParseException on invalid data type
[TwigBridge] type-dependent path discovery
Resources as string have the same problem
Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
#15331 add infos about deprecated classes to UPGRADE-3.0
[Asset] removed unused private property.
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
[Serializer] Fix bugs reported in b5990be491 (commitcomment-12301266)
[Form] Fix not-BC test assertion
[Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
Implement resettable containers
[Console] Fix console output with closed stdout
* 2.7:
[Yaml] throw a ParseException on invalid data type
[TwigBridge] type-dependent path discovery
Resources as string have the same problem
Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
#15331 add infos about deprecated classes to UPGRADE-3.0
[Asset] removed unused private property.
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
* 2.6:
[Yaml] throw a ParseException on invalid data type
#15331 add infos about deprecated classes to UPGRADE-3.0
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
Without this check, PHP would trigger a warning when an array was passed
to `trim()`. The parser must throw a `ParseException` instance on a
malformed YAML string instead.
* 2.7:
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
[Serializer] Fix bugs reported in b5990be491 (commitcomment-12301266)
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Component/Security/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Fix not-BC test assertion
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The 2.6 branch is failing because of this case for `Validation::API_VERSION_2_4`, that can't work because `$this->context` is not a mock object, thus has no "expect" method.
See https://travis-ci.org/symfony/symfony/jobs/72100346#L2902
This got unnoticed because only 2.6 is testing the 2.4 validator api.
Commits
-------
5ef7ae9 [Form] Fix not-BC test assertion
This PR was squashed before being merged into the 2.6 branch (closes#15317).
Discussion
----------
[2.6] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended):
- fixed couple potential issues when code is running in a phar-file
Commits
-------
37a2353 [2.6] Static Code Analysis for Components
This PR was merged into the 2.8 branch.
Discussion
----------
Implement resettable containers
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | small one
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13448
| License | MIT
| Doc PR | n/a
This allows to release remove references to all services during shutdown, giving much more chances to destruct services and the container through refcounting rather than waiting GC, as it will break cycles between the container and container-aware services.
There is a small BC break for a very edge case: if someone keeps a reference to the container and then shutdowns the kernel, the container would now be cleared and so would not work as intended anymore. But I don't think it is a supported use case. If you shutdown the kernel, the container of this kernel is released by the kernel and should not be used anymore IMO.
Thus, shutting down the kernel generally does not happen except during tests on teardown.
I'm not sure a doc PR is needed here: users of the fullstack framework should never use this feature (the kernel is using it for them). What do you think @weaverryan ?
Commits
-------
4457745 Implement resettable containers
* 2.8: (27 commits)
[2.8] Fix 3.0 incompatible deps
[HttpKernel] Fix lowest dep
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
Fix typo 'assets.package' => 'assets.packages' in UPGRADE-2.7
[Serializer] Simplify AbstractNormalizer::prepareForDenormalization()
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Forbid container cloning
[HttpFoundation] Fix Response::closeOutputBuffers() for HHVM 3.3
[WebProfilerBundle] Add link to show profile of latest request
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
[Console] Set QuestionHelper max attempts in tests
[Form] Fix a BC break in the entity
fix broken ChoiceQuestion
bumped Symfony version to 2.7.3
updated VERSION for 2.7.2
updated CHANGELOG for 2.7.2
bumped Symfony version to 2.6.11
...
Conflicts:
.travis.yml
CHANGELOG-2.3.md
CHANGELOG-2.6.md
CHANGELOG-2.7.md
UPGRADE-2.7.md
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/Tests/Console/Descriptor/AbstractDescriptorTest.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Component/Form/composer.json
src/Symfony/Component/HttpKernel/composer.json
This PR was squashed before being merged into the 2.8 branch (closes#15131).
Discussion
----------
[Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
Description
---
The `SimpleFormAuthenticatorInterface` and `SimplePreAuthenticatorInterface` rely on `Request`, which means it's a Http land class. This means they don't belong in core.
Having a form login that doesn't depend on the request is an option as well (e.g. a console application might use the question helper to implement a "form" login). However, then there is a need for a new abstraction of the request. I don't think it's worth it.
Furthermore, the only classes typehinting/relying on this interfaces can be found in `Security\Http`.
Implementation
---
The new interfaces extend the old ones for better backwards compability. Symfony doesn't trigger deprecation errors for interfaces, see 6f57b7b552
PR Info Table
---
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ebb2064 [Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
* 2.7:
[HttpKernel] Fix lowest dep
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
Fix typo 'assets.package' => 'assets.packages' in UPGRADE-2.7
[Serializer] Simplify AbstractNormalizer::prepareForDenormalization()
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
bumped Symfony version to 2.3.32
updated VERSION for 2.3.31
update CONTRIBUTORS for 2.3.31
updated CHANGELOG for 2.3.31
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/HttpKernel/composer.json
* 2.6:
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
bumped Symfony version to 2.3.32
updated VERSION for 2.3.31
update CONTRIBUTORS for 2.3.31
updated CHANGELOG for 2.3.31
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
* 2.3:
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
bumped Symfony version to 2.3.32
updated VERSION for 2.3.31
update CONTRIBUTORS for 2.3.31
updated CHANGELOG for 2.3.31
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/HttpKernel/Kernel.php
This allows to remove references to all services during shutdown, giving
much more chances to destruct services and the container through
refcounting rather than waiting GC, as it will break cycles between the
container and container-aware services.
* 2.7:
[HttpFoundation] Fix Response::closeOutputBuffers() for HHVM 3.3
[Console] Set QuestionHelper max attempts in tests
[Form] Fix a BC break in the entity
fix broken ChoiceQuestion
bumped Symfony version to 2.7.3
updated VERSION for 2.7.2
updated CHANGELOG for 2.7.2
bumped Symfony version to 2.6.11
updated VERSION for 2.6.10
updated CHANGELOG for 2.6.10
[PropertyAccess] setValue & isWritable loops must only stops on reference and object. References can also be arrays and if the loop stops the value is never set in the object. (Breaks since 2.6.5 commit e3e4695)
* 2.6:
[HttpFoundation] Fix Response::closeOutputBuffers() for HHVM 3.3
bumped Symfony version to 2.6.11
updated VERSION for 2.6.10
updated CHANGELOG for 2.6.10
[PropertyAccess] setValue & isWritable loops must only stops on reference and object. References can also be arrays and if the loop stops the value is never set in the object. (Breaks since 2.6.5 commit e3e4695)
This PR was squashed before being merged into the 2.3 branch (closes#15249).
Discussion
----------
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
* Allows to fix tests of https://github.com/symfony/psr-http-message-bridge with PHP 5.6.
* Ease the transition to PSR-7 (in PSR-7, almost everything is stream - #15186)
Maybe should I open it against 2.8 but it can be considered a bug fix at least for the part "returning a string as a resource".
Commits
-------
059964d [HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content