This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix false-positive circular ref leading to wrong exceptions or infinite loops at runtime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28010, #27865
| License | MIT
| Doc PR | -
When circular loops involve references in properties, method calls or configurators, it is possible to properly instantiate the related services.
The current logic is broken: `ContainerBuilder` considers some of these loops as self-referencing circular references, leading to a runtime exception, and in similar situations, `PhpDumper` generates code that turns to infinite loops at runtime 💥. These badly handled situations happen with inlined definitions.
This PR fixes both classes by making them track which references are really part of the constructors' chain, including inline definitions.
It also fixes dumping infinite loops when dumping circular loops involving lazy services while proxy-manager-bridge is not installed.
Commits
-------
e843bb86c8 [DI] Fix false-positive circular ref leading to wrong exceptions or infinite loops at runtime
This PR was merged into the 2.8 branch.
Discussion
----------
[travis] cache composer.lock files for deps=low
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I just realized that the resolved package versions for lowest deps depends only on the root composer.json, and not on transitive deps.
This means we can cache the lock files and save ~10 minutes required to resolve the lowest deps of the SecurityBundle.
Commits
-------
caaa74cd9b [travis] cache composer.lock files for deps=low
This PR was merged into the 2.8 branch.
Discussion
----------
Update validators.nl.xlf
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The original translation does not match intended communication.
`Deze waarde is geen geldige UUID waarde.` reads as `This value is not a valid UUID value`.
Commits
-------
7f895abbdd Update validators.nl.xlf
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Remove wrong sentence about ACL
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The security-acl component has been extracted from the core in 2.8.
Commits
-------
67f3e3ff4e [Security] Remove wrong sentence about ACL
This PR was merged into the 2.8 branch.
Discussion
----------
[travis] merge "same Symfony version" jobs in one
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? |
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Allowing to consume fewer jobs and save the 1 to 2 minutes bootstrap time of workers.
Commits
-------
9857ca07aa [travis] merge "same Symfony version" jobs in one
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] Allow nested collections
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | NA
| License | MIT
| Doc PR | NA
When a multidimentional collection is defined (in a docblock) the extractor does not resolve the className deeply
```
#input
class Foo {
/**
* @var Baz[][]
*/
public $bar;
}
```
```
# current result
builtinType: array
collectionValueType:
builtinType: object
class: Baz[]
```
```
# FIX
builtinType: array
collectionValueType:
builtinType: array
collectionValueType:
builtinType: object
class: Baz
```
The 2.8 version has also that bug, but the methods have been moved to another class. Should I create an other PR for 2.8?
Commits
-------
ce49036790 Allow multidimensional collection in property info
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] Allow nested collections
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Duplicate of #28012 for the 2.8 branche (as both code and test have been refactored between 2.8 and 3.x
Commits
-------
6331687f65 Allow multidimensional collection in property info
This PR was merged into the 2.8 branch.
Discussion
----------
Remove the Expires header when calling Response::expire()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #13341 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | -
Commits
-------
ac0cd15402 Remove the Expires header when calling Response::expire()
This PR was merged into the 3.4 branch.
Discussion
----------
[DoctrineBridge] allow dev versions of Doctrine again
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I don't expect this to be green yet, but let's see progress on Doctrine side.
Submitted against 4.0 for now, but should be merged on 3.4 when green.
Commits
-------
83dcbe9096 [DoctrineBridge] allow dev versions of Doctrine again
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Remove support for legacy and risky HTTP headers
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e447e8b921 [HttpFoundation] Remove support for legacy and risky HTTP headers
* 2.8:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28000 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
When trusted proxies are configured including a subnet a subrequest initiated by the InlineFragmentRenderer would contain an invalid REMOTE_ADDR server variable.
Commits
-------
f657dd2444 [HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
