This PR was merged into the 2.3 branch.
Discussion
----------
Reload the session after regenerating its id
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15033
| License | MIT
| Doc PR | -
This is a fix preventing [a PHP bug](https://bugs.php.net/bug.php?id=70013), which I'm not sure when or IF is going to be fixed.
Commits
-------
99b9c78 [HttpFoundation] Reload the session after regenerating its id
eda5cb1 [HttpFoundation] Add a test case to confirm a bug in session migration
This PR was squashed before being merged into the 2.7 branch (closes#15176).
Discussion
----------
[Serializer] Fix ClassMetadata::sleep()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fix a bug with the `sleep()` method. It is blocking under when using the APC metadata cache.
Commits
-------
2f42801 [Serializer] Fix ClassMetadata::sleep()
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] allow to use `method` in XML configs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Before this change, you always had to use the `methods` key which is
inconsistent compared to other options like `roles` and `ips` for which
it was possible to use their singular versions.
Commits
-------
9b0dfd4 [Security] allow to use `method` in XML configs
This PR was merged into the 2.6 branch.
Discussion
----------
[Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
The fact `bootstrap_3_horizontal_layout.html.twig` **extends** `bootstrap_3_layout.html.twig` prevent to `use` it while using `{% form_theme form _self %}`.
As form templates don't have any code outside blocks this PR shouldn't induce any BC break.
Commits
-------
15886b6 [Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig
This PR was squashed before being merged into the 2.6 branch (closes#15226).
Discussion
----------
[2.6] Static Code Analysis for Components and Bundles
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended):
- all rules accepted into 2.3
Commits
-------
1dac127 [2.6] Static Code Analysis for Components and Bundles
This PR was squashed before being merged into the 2.3 branch (closes#15223).
Discussion
----------
[Finder] Command::addAtIndex() fails with Command instance argument
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14384
| License | MIT
| Doc PR | -
Fixed reported bug #14384 and added test case for it. This is a second PR as previous #14385 went bad after I failed to rebase 2.3 branch properly.
Commits
-------
2aff566 [Finder] Command::addAtIndex() fails with Command instance argument
This PR was merged into the 2.3 branch.
Discussion
----------
CS fixes for 2.3
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
To keep fabbot.io happy ;)
Commits
-------
464b67e fix CS
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes#15110).
Discussion
----------
Add a way to reset the singleton
## Problem
The mime type guesser is a singleton, which as we know, causes all kind of problems.
One problem Drupal ran into is the problem that for tests we continuesly registered more and more mimetype guessers,
once everytime we rebuild the container as part of your testing.
Once that we had that, with enough test functions + made one of the mimetype guessers as proxy, we ran into a memory leak
of storing the container as part of the mime type singleton.
See https://www.drupal.org/node/2408371
## Solution
Allow to reset the singleton.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
Commits
-------
0096266 Add a way to reset the singleton
Before this change, you always had to use the `methods` key which is
inconsistent compared to other options like `roles` and `ips` for which
it was possible to use their singular versions.
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] fix for legacy asset() with EmptyVersionStrategy
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15156
| License | MIT
| Doc PR |
Commits
-------
cf86a03 fix for legacy asset() with EmptyVersionStrategy
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fix Groups tests.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
2bd8fb8 [Serializer] Fix Groups tests.
This PR was submitted for the master branch but it was merged into the 2.6 branch instead (closes#15194).
Discussion
----------
Remove duplicate example in UPGRADE-3.0.md
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
The example:
```php
echo $form->getErrors(true, false);
```
is duplicated in the file.
Commits
-------
e195fd7 Remove duplicate example
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fix Groups PHPDoc
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
3233c2f [Serializer] Fix Groups PHPDoc
This PR was submitted for the 2.6 branch but it was merged into the 2.3 branch instead (closes#15198).
Discussion
----------
[HttpFoundation] Remove unused var
Minor. Looks like the var `$content` got introduced in aa5e6165, then in 8982c324 the early return meant it wasn't needed.
| Q | A
| ------------- | ---
| Fixed tickets | N/A
| License | MIT
Commits
-------
da5218f Remove var not used due to returning early (introduced in 8982c32)
This PR was merged into the 2.3 branch.
Discussion
----------
Enhance hhvm test skip message
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Reading our blog about hhvm (http://symfony.com/blog/symfony-2-3-achieves-100-hhvm-compatibility)
I'd like to improve the only single test skip in our code base that exists for hhvm.
HHVM does not trigger strict notices. This is a missing feature of the HHVM parser (https://github.com/facebook/hhvm/issues/5583). But this does not affect in any way the behavior of any PHP app. Strict notices are only for the dev stage.
There is some FUD-friendliness in the article and in the comments (no offence @javiereguiluz ☮):
100% hhvm compat is 100% honest. We did not skip any single tests because of errors, issues nor bugs. And the single missing "feature" of hhvm is this one: strict notices. Kudos to hhvm for what they did: parity is close enough so that the delta can be handled in exactly the same way as we handle deltas between PHP versions.
Commits
-------
5f4015c Enhance hhvm test skip message
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Added upgrade notes for #15061
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR contains the upgrade notes for #15061.
Commits
-------
6325b4c [Form] Added upgrade notes for #15061
This PR was merged into the 2.8 branch.
Discussion
----------
[2.8] Fix lowest deps
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Looks like that by testing the lowest deps on 5.3, we missed some constraints in our test suite.
Commits
-------
a036a77 [2.8] Fix lowest deps
This PR was squashed before being merged into the 2.8 branch (closes#15141).
Discussion
----------
[DX] [Security] Renamed Token#getKey() to getSecret()
There are 2 very vague parameter names in the authentication process: `$providerKey` and `$key`. Some tokens/providers have the first one, some tokens/providers the second one and some both. An overview:
| Token | `providerKey` | `key`
| --- | --- | ---
| `AnonymousToken` | - | yes
| `PreAuth...Token` | yes | -
| `RememberMeToken` | yes | yes
| `UsernamePasswordToken` | yes | -
Both names are extremely general and their PHPdocs contains pure no-shit-sherlock-descriptions :squirrel: (like "The key."). This made me and @iltar think it's just an inconsistency and they have the same meaning.
...until we dived deeper into the code and came to the conclusion that `$key` has a Security task (while `$providerKey` doesn't really). If it takes people connected to Symfony internals 30+ minutes to find this out, it should be considered for an improvement imo.
So here is our suggestion: **Rename `$key` to `$secret`**. This explains much better what the value of the string has to be (for instance, it's important that the string is not easily guessable and cannot be found out, according to the Spring docs). It also explains the usage better (it's used as a replacement for credentials and to hash the RememberMeToken).
**Tl;dr**: `$key` and `$providerKey` are too general names, let's improve DX by renaming them. This PR tackles `$key` by renaming it to `$secret`.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
*My excuse for the completely unrelated branch name*
Commits
-------
24e0eb6 [DX] [Security] Renamed Token#getKey() to getSecret()
This PR was merged into the 2.6 branch.
Discussion
----------
[Validator] always evaluate binary format when changed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13891
| License | MIT
| Doc PR |
Commits
-------
2ad7e67 [Validator] always evaluate binary format when changed
* 2.7:
Update DateTimeToArrayTransformer.php
Mock microtime() and time() in transient tests
Azerbaijani language pluralization rule
Move HHVM tests out of the allowed failures
* 2.6:
Update DateTimeToArrayTransformer.php
Mock microtime() and time() in transient tests
Azerbaijani language pluralization rule
Move HHVM tests out of the allowed failures
* 2.3:
Update DateTimeToArrayTransformer.php
Mock microtime() and time() in transient tests
Azerbaijani language pluralization rule
Move HHVM tests out of the allowed failures
