* 2.3:
[travis] timeout the sigchild tests at 60s
CS: Single line comments should use double slashes (//) and not hash (#).
Do not use HttpKernel Extension when not needed
bumped Symfony version to 2.3.37
updated VERSION for 2.3.36
update CONTRIBUTORS for 2.3.36
updated CHANGELOG for 2.3.36
use nowdoc instead of heredoc
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ConfigDumpReferenceCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterApacheDumperCommand.php
src/Symfony/Bundle/FrameworkBundle/Command/RouterMatchCommand.php
src/Symfony/Bundle/FrameworkBundle/Translation/Translator.php
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Config/Tests/Definition/Dumper/YamlReferenceDumperTest.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Generator/Dumper/PhpGeneratorDumper.php
This PR was merged into the 2.3 branch.
Discussion
----------
CS: use nowdoc instead of heredoc
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
if this is accepted, we could add the fixer to symfony level of php-cs-fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1580
Commits
-------
3dca549 use nowdoc instead of heredoc
This PR was merged into the 2.3 branch.
Discussion
----------
Do not use HttpKernel Extension when not needed
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
HttpKernel Extension only adds `addClassesToCompile`. So the class hierarchy should be slim if it's not used.
Commits
-------
4978e19 Do not use HttpKernel Extension when not needed
* 2.3:
[2.7] Fixed flatten exception recursion with errors
Embedded identifier support
Change the ExtensionInterface load method definition to bo identical to the documentation.
add and correct armenian translations
[Config] Fix array sort on normalization in edge case
[Yaml] fix indented line handling in folded blocks
improve BrowserKit test coverage p1
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] fix indented line handling in folded blocks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9105
| License | MIT
| Doc PR |
Commits
-------
756834c [Yaml] fix indented line handling in folded blocks
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Make metadata interfaces internal
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/17113#discussion_r48291776
| License | MIT
| Doc PR | n/a
Introducing such interfaces was a (my) mistake. Serializer metadata are value objects. Nobody will (nor should) implement these interfaces. Composition is better for "extending" metadata.
They were not marked as `@api` and should now be marked as `@internal` (or even deprecated but it will cause some maintenance headaches).
Commits
-------
3f6cfcd [Serializer] Make metadata interfaces internal
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] Fix array sort on normalization in edge case
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
eca41a8 [Config] Fix array sort on normalization in edge case
This PR was merged into the 2.3 branch.
Discussion
----------
improve BrowserKit test coverage p1
Hi,
This PR improves BrowserKit test coverage.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I rebased previous PR https://github.com/symfony/symfony/pull/16549 to 2.3
Commits
-------
0261b48 improve BrowserKit test coverage p1
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Make tests more deterministic
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16988
| License | MIT
| Doc PR | -
This makes running the Process tests faster and more deterministic.
Commits
-------
0dc9389 [Process] Make tests more deterministic
* 2.3:
[PropertyAccess] Reorder elements array after PropertyPathBuilder::replace
[Routing] Skip PhpGeneratorDumperTest::testDumpWithTooManyRoutes on HHVM
[Process] More robustness and deterministic tests
Conflicts:
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/Tests/ProcessTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] More robustness and deterministic tests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16988, #15617
| License | MIT
| Doc PR | -
Commits
-------
d1a178a [Process] More robustness and deterministic tests
* 2.3:
Clean EOL whitespace
[travis] Fix
[Routing] Reduce memory usage of a high consuming test case
use requires annotation
skip bcrypt tests on incompatible platforms
Conflicts:
.travis.yml
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] skip bcrypt tests on incompatible platforms
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17055
| License | MIT
| Doc PR |
Not all PHP versions before 5.3.7 have backported fixes that make it
possible to use `password_hash()` function. Therefore, we have to skip
tests on not supported platforms.
Commits
-------
2a6fa7b use requires annotation
65eb188 skip bcrypt tests on incompatible platforms
Not all PHP versions before 5.3.7 have backported fixes that make it
possible to use `password_hash()` function. Therefore, we have to skip
tests on not supported platforms.
The test introduced in #16797 used the `assertFilePermissions()` method
to test for the expected result. This worked quite well for the PR as it
was submitted for the `master` branch. However, the tests now fail on
2.3 as the `FilesystemTestCase` class which contains this method was
introduced with Symfony 2.4.
* 2.3:
[Form] fix#15544 when a collection type attribute "required" is false, "prototype" should too
updated validators.bg.xlf
[Security] Enable bcrypt validation and result length tests on all PHP versions
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
[Console] Avoid extra blank lines when rendering exceptions
[Yaml] do not remove "comments" in scalar blocks
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] Avoid extra blank lines when rendering exceptions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Don't know if it can be considered as a bug fix as it is the behavior since a while (https://github.com/symfony/symfony/pull/9055), but I let you see by yourself the old vs new rendering:
Commits
-------
2e158df [Console] Avoid extra blank lines when rendering exceptions
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17047
| License | MIT
| Doc PR | -
From the [password_hash() docs](http://php.net/password_hash):
> Caution Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being truncated to a maximum length of 72 characters.
Commits
-------
0a496e7 [Security] Enable bcrypt validation and result length tests on all PHP versions
5c30266 [Security] Verify if a password encoded with bcrypt is no longer than 72 characters
This PR was squashed before being merged into the 2.3 branch (closes#16959).
Discussion
----------
[Form] fix#15544 when a collection type attribute "required" is false, "prototype" should too
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15544
| License | MIT
| Doc PR | -
Commits
-------
b4b5d63 [Form] fix#15544 when a collection type attribute "required" is false, "prototype" should too
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] do not remove "comments" in scalar blocks
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12478, #15857
| License | MIT
| Doc PR |
Inside scalar blocks, lines starting with a `#` character must be
treated like every other strings and must not be ignored as comments.
Commits
-------
3c72fcc [Yaml] do not remove "comments" in scalar blocks
* 2.3:
prefer phpunit 5.x on hhvm
[FrameworkBundle][HttpKernel] the finder is required to discover bundle commands
[travis] Auto-conf deps=high matrix line
Fix the logout path when not using the router
[HttpFoundation] Added the ability of mapping stream wrapper protocols when using X-Sendfile
[HttpFoundation] Add a test case for using BinaryFileResponse with stream wrappers
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Added the ability of using BinaryFileResponse with stream wrappers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12990#13187
| License | MIT
| Doc PR | ~
Commits
-------
1da3d61 [HttpFoundation] Added the ability of mapping stream wrapper protocols when using X-Sendfile
dd129b7 [HttpFoundation] Add a test case for using BinaryFileResponse with stream wrappers
* Fixes edge case on windows where PHP does not generate a PHP Warning but instead returns a wrong result https://bugs.php.net/bug.php?id=71103
* Improved error reporting on `unlink` used in `remove()`
This PR was merged into the 2.3 branch.
Discussion
----------
Clean useless deprecation silencing
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We added these when we triggered unsilenced notices. But we silence them now.
Commits
-------
9953550 Clean useless deprecation silencing
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Enhance compatiblity with --enable-sigchild
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16888
| License | MIT
| Doc PR | -
This is complete rewrite of the fallback `--enable-sigchild` handling in the Process class.
It removes most of the differences between this and a non-sigchild-enabled php.
Which means the test suite doesn't need anymore to be replayed 3 times (which is how I started this PR, looking for a way to test this component in less time).
I validated this with a locally compiled php, sigchild-enabled. Green.
Changes affect only this special-mode php.
Ping @romainneutron and @Seldaek (original writer of the sigchild support)
Submitted on 2.3 as bugfix, which it is to me.
Commits
-------
e7cc4aa [Process] Enhance compatiblity with --enable-sigchild
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Conflicts:
src/Symfony/Component/Validator/Resources/translations/validators.lb.xlf
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Fix stopping a process on Windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15617
| License | MIT
| Doc PR | -
Commits
-------
80fb51c [Process] Fix stopping a process on Windows
This PR was merged into the 2.3 branch.
Discussion
----------
CS: general fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
d3f671e CS: general fixes
This PR was squashed before being merged into the 2.3 branch (closes#16799).
Discussion
----------
Improve error message for undefined DIC aliases
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Additionally, I think the arguments need to be the other way round (`templating` is an alias pointing to `templating.engine.twig`).
Commits
-------
9195cd3 Improve error message for undefined DIC aliases
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] Validate class names and factory methods
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Because, you know, people do mistakes... I saw this happening during a workshop: when e.g. the factory tag has no `method` attribute, we generate an container that embeds a parse error.
Commits
-------
b2e3850 [DependencyInjection] Validate class names and factory methods
This PR was merged into the 2.3 branch.
Discussion
----------
CS: remove unneeded parentheses around control statements
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
45d250d CS: remove unneeded parentheses around control statements
This PR was squashed before being merged into the 2.3 branch (closes#16312).
Discussion
----------
[HttpKernel] clearstatcache() so the Cache sees when a .lck file has been released
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15813
| License | MIT
| Doc PR | n/a
I've been trying to debug #15813 and modified the Store in a way to keep unique request IDs in the .lck file. That way, I was hoping to find out which request is blocking and/or if the request is actually still running.
It turned out that `is_file()` would claim that a lock file still exists, but a subsequent attempt to read the information from that file returned "file not found" errors.
So, my assumption is that the `is_file()` result is based on the fstat cache and wrong once a process has seen the lock file.
@jakzal said in https://github.com/symfony/symfony/issues/15813#issuecomment-149013691 that `unlink()`ing the lock file should clear the statcache, but I doubt this is true across PHP processes.
Commits
-------
982710f [HttpKernel] clearstatcache() so the Cache sees when a .lck file has been released
* 2.3:
[ci] Force update of ./phpunit deps
[Process] Don't catch RuntimeException when it complicates tests debugging
[appveyor] Workaround transient segfault when APCu is enabled
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed: Duplicate choice labels are remembered when using "choices_as_values" = false
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15606
| License | MIT
| Doc PR | -
Commits
-------
1179f07 [Form] Fixed: Duplicate choice labels are remembered when using "choices_as_values" = false
* 2.3:
Fixed the wrong source name and the ja translation
[SecurityBundle] disable the init:acl command if ACL is not used
[DI] remove useless condition around unset
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] fix readme: DebugClassLoader moved to debug itself
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/16663#discussion_r45866385
| License | MIT
| Doc PR | -
Commits
-------
123a300 [Debug] fix readme: DebugClassLoader moved to debug itself
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Disabled view data validation if "data_class" is set to null
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14877
| License | MIT
| Doc PR | -
After this PR, Form::setData() does not validate the view data anymore when "data_class" is set to `null`. This way it is possible to create fields with dynamic view data types (see #14877).
Commits
-------
f495410 [Form] Disabled view data validation if "data_class" is set to null
* 2.3:
Always enable clock-mock for HttpFoundation
[ClassLoader] Fix parsing namespace when token_get_all() is missing
Bug #16343 [Router] Too many Routes ?
* 2.3:
Fix undefined array $server
[ProxyManager] Tmp fix composer reqs issue in ZF
Add missing exclusions from phpunit.xml.dist
Fix the server variables in the router_*.php files
[Validator] Allow an empty path with a non empty fragment or a query
The following change adds support for Armenian pluralization.
[2.3][Process] fix Proccess run with pts enabled
Conflicts:
composer.json
src/Symfony/Bridge/ProxyManager/composer.json
src/Symfony/Bundle/DebugBundle/phpunit.xml.dist
src/Symfony/Component/Security/phpunit.xml.dist
This PR was merged into the 2.3 branch.
Discussion
----------
Add missing exclusions from phpunit.xml.dist
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d4880c4 Add missing exclusions from phpunit.xml.dist
This PR was squashed before being merged into the 2.3 branch (closes#16510).
Discussion
----------
[2.3][Process] fix Proccess run with pts enabled
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12643
| License | MIT
| Doc PR |
Commits
-------
9cf90fb [2.3][Process] fix Proccess run with pts enabled
* 2.3:
[ci] Phpunit tests wont run if composer is installed in a wrapper
[ci] Add version tag in phpunit wrapper to trigger cache-reset on demand
fix race condition at mkdir (#16258)
[PropertyAccess] Test access to dynamic properties
[PropertyAccess] Fix dynamic property accessing.
Conflicts:
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] trigger deprecation warning when using empty_value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15908
| License | MIT
| Doc PR |
The `empty_value` option is deprecated in the `choice`, `date`, and
`time` form types. Therefore, a deprecation warning must be triggered
when the users configures a value for this option.
The `datetime` form type does not need to be updated as it passes
configured values to the `date` and `time` form types which trigger
deprecation warnings anyway.
Commits
-------
405d4a8 trigger deprecation warning when using empty_value
This PR was squashed before being merged into the 2.7 branch (closes#16463).
Discussion
----------
[PropertyAccess] Port of the performance optimization from 2.3
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16179
| License | MIT
| Doc PR | n/a
Portage of #16294 in the 2.7 branch.
Commits
-------
aa4cc90 [PropertyAccess] Port of the performance optimization from 2.3
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] GetSetNormalizer shouldn't set/get static methods
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR fixes setting static getters and setters when serializing.
This is strictly speaking a BC break but in my opinion a needed one because the current behavior is unexpected.
Commits
-------
d8d4405 [Serializer] GetSetNormalizer shouldn't set/get static methods
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] PropertyNormalizer shouldn't set static properties
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR fixes a bug where static properties where set by the PropertyNormalizer.
Commits
-------
b15bdca [Serializer] PropertyNormalizer shouldn't set static properties
The `empty_value` option is deprecated in the `choice`, `date`, and
`time` form types. Therefore, a deprecation warning must be triggered
when the users configures a value for this option.
The `datetime` form type does not need to be updated as it passes
configured values to the `date` and `time` form types which trigger
deprecation warnings anyway.
This PR was merged into the 2.3 branch.
Discussion
----------
removed all @covers annotations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Some unit tests have a `@covers` PHPUnit annotations. Most of them were added a very long time ago, but since then, we did not use them anymore and the existing ones are not maintained (see #16413). So, I propose to remove them all.
Commits
-------
1e0af36 removed all @covers annotations
This PR was squashed before being merged into the 2.3 branch (closes#16294).
Discussion
----------
[PropertyAccess] Major performance improvement
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16179
| License | MIT
| Doc PR | n/a
This PR improves performance of the PropertyAccess component of ~70%.
The two main changes are:
* caching the `PropertyPath` initialization
* caching the guessed access strategy
This is especially important for the `ObjectNormalizer` (Symfony Serializer) and the JSON-LD normalizer ([API Platform](https://api-platform.com)) because they use the `PropertyAccessor` class in large loops (ex: normalization of a list of entities).
Here is the Blackfire comparison: https://blackfire.io/profiles/compare/c42fd275-2b0c-4ce5-8bf3-84762054d31e/graph
The code of the benchmark I've used (with Symfony 2.3 as dependency):
```php
<?php
require 'vendor/autoload.php';
class Foo
{
private $baz;
public $bar;
public function getBaz()
{
return $this->baz;
}
public function setBaz($baz)
{
$this->baz = $baz;
}
}
use Symfony\Component\PropertyAccess\PropertyAccess;
$accessor = PropertyAccess::createPropertyAccessor();
$start = microtime(true);
for ($i = 0; $i < 10000; ++$i) {
$foo = new Foo();
$accessor->setValue($foo, 'bar', 'Lorem');
$accessor->setValue($foo, 'baz', 'Ipsum');
$accessor->getValue($foo, 'bar');
$accessor->getValue($foo, 'baz');
}
echo 'Time: '.(microtime(true) - $start).PHP_EOL;
```
This PR also adds an optional support for Doctrine cache to keep access information across requests and improve the overall application performance (even outside of loops).
Commits
-------
284dc75 [PropertyAccess] Major performance improvement
* 2.3:
added the new Composer exclude-from-classmap option
fix expected argument type docblock
Set back libxml settings after testings.
fixed Twig deprecation notices
This PR was merged into the 2.3 branch.
Discussion
----------
added the new Composer exclude-from-classmap option
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
65bef75 added the new Composer exclude-from-classmap option
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] fix expected argument type docblock
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
Commits
-------
1c01ebc fix expected argument type docblock
Calling the parent constructor of the mocked `Mongo` class tries to
connect to a local MongoDB server which fails in case no local server
was configured.
Similarly, when the parent constructor of the mocked `MongoCollection`
class is called it performs checks on the passed arguments which fails
again when a connection was not established successfully before.
* 2.3:
added missing quotes in YAML files
[HttpKernel] Add `@group time-sensitive` on some transient tests
[DoctrineBridge] Fix issue which prevent the profiler to explain a query
Use mb_detect_encoding with $strict = true
don't allow to install the split Security packages
bumped Symfony version to 2.3.35
updated VERSION for 2.3.34
update CONTRIBUTORS for 2.3.34
updated CHANGELOG for 2.3.34
This PR was merged into the 2.3 branch.
Discussion
----------
Use mb_detect_encoding with $strict = true
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Otherwise, UTF-8 can be returned for non-UTF8 strings...
See e.g. https://3v4l.org/oMMnX
Commits
-------
e6c89f1 Use mb_detect_encoding with $strict = true
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] don't allow to install the split Security packages
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16134
| License | MIT
| Doc PR |
Currently, you would be able to install the Security component fromm
Symfony 2.3 together with one of the split packages from a higher
Symfony vesion like this:
```json
{
"require": {
"symfony/symfony": "2.3.*",
"symfony/security-core": "~2.7"
}
}
```
However, you will end up with classes being present twice.
This must be reverted after merging up in the `2.7` branch.
Commits
-------
0d14064 don't allow to install the split Security packages
Currently, you would be able to install the Security component fromm
Symfony 2.3 together with one of the split packages from a higher
Symfony vesion like this:
```json
{
"require": {
"symfony/symfony": "2.3.*",
"symfony/security-core": "~2.7"
}
}
```
However, you will end up with classes being present twice.
This must be reverted after merging up in the `2.7` branch.
* 2.3:
fixed YAML files missing quotes when a string starts with @
[Routing] mark internal classes
[Translation][Csv file] remove unnecessary statements, for better readability.
[Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
This PR was merged into the 2.3 branch.
Discussion
----------
fixed YAML files missing quotes when a string starts with @
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
e36fea8 fixed YAML files missing quotes when a string starts with @
This PR was merged into the 2.3 branch.
Discussion
----------
[Translation][Csv loader] remove unnecessary statements, for better readability.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixed tickets | ~
| Tests pass? | yes
| License | MIT
Commits
-------
47b8c3e [Translation][Csv file] remove unnecessary statements, for better readability.
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] remove type check in FormRegistry::getType
| Q | A
| ------------- | ---
| Bug fix? | yes (consistency)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
remove validation of `FormRegistry::getType` as `FormRegistry::hasType` does not validate either. So `hasType` currently triggers a PHP warning with a wrong argument.
also developers do not work with the registry directly anyway but through the factory. and the factory already validates the value. So this validation is useless in reality.
Commits
-------
d37b9e6 [Form] remove validation of FormRegistry::getType as FormRegistry::hasType does not validate either
* 2.3:
[DoctrineBridge] Fix required guess of boolean fields
[DI] don't use array_map to resolve services
Remove dead code in the PropertyPath constructor
[Process] Inherit env vars by default in PhpProcess
[HttpFoundation] Fixes /0 subnet handling in IpUtils
[Form] Simplify DateTimeToStringTransformer Avoid unneeded catch and re-throw of the same exception.
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
Conflicts:
src/Symfony/Component/Process/Process.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorCollectionTest.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[Process] Inherit env vars by default in PhpProcess
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is the cause of our failures on Windows, where the SYSTEMROOT env var is mandatory for mcrypt_create_iv to work.
I don't know why the browserkit client is run with no env inheritance and this looks like a bug.
Same for PhpProcess emptying the env by default, this looks like a bug, esp. since the parent `Process` class defaults to inheriting the env.
Tests are not broken by this change.
Commits
-------
ab8cc29 [Process] Inherit env vars by default in PhpProcess
This PR was merged into the 2.3 branch.
Discussion
----------
Remove dead code in the PropertyPath constructor
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Custom singulars have been removed from the component before merging it in Symfony, but the code parsing them was only removed partially.
Commits
-------
ad4d0eb Remove dead code in the PropertyPath constructor
This PR was squashed before being merged into the 2.3 branch (closes#16177).
Discussion
----------
[HttpFoundation] Fixes /0 subnet handling in IpUtils
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16055
| License | MIT
| Doc PR | Not needed
Fixes bug #16055. For IP addresses with CIDR subnet length 0, the IP address must be valid - IPs with subnet masks greater than zero are implicitly validated due to the use of `ip2long` and `substr_compare` (although it's not particularly robust - there could be some future work to improve this here).
Commits
-------
d9ac571 [HttpFoundation] Fixes /0 subnet handling in IpUtils
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Since the request was made a required argument to the `render()` method in #6829, this [test became a duplicate](23f51450bd/src/Symfony/Component/HttpKernel/Tests/RenderingStrategy/EsiRenderingStrategyTest.php (L28-L38)) of `testRenderFallbackToInlineStrategyIfEsiNotSupported()`.
Commits
-------
44d57a3 [HttpKernel] Remove a duplicate test for the EsiFragmentRenderer
Since the request was made a required argument to the `render()` method in #6829, this test became a duplicate of `testRenderFallbackToInlineStrategyIfEsiNotSupported()`.
* 2.3:
[Routing] use constants in tests
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
This PR was merged into the 2.3 branch.
Discussion
----------
[filesystem] makeRelativePath does not work correctly from root
| Q | A
| ------------- | ---
| Bug fix? | yes/no
| New feature? | yes/no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #1234
| License | MIT
| Doc PR | #14066, #14067
When using `makeRelativePath`, it returns an incorrect path when trying to fetch an entry from the root:
$fs->makePathRelative('/foo/bar/baz', '/');
Actual result:
../foo/bar/baz
Expected result:
foo/bar/baz
As we have specified an absolute path, there is no point on having an `..` added. It works, because a root directory has a `..` which points to itself, but it could result in issues when the relative path is actually prefixed or concatted.
Commits
-------
791b124 fixed CS
7bb394e Added separated handling of root paths
* 2.3:
[HttpFoundation] Extend ClockMock to session storage tests
[Process] Don't use @requires on abstract class
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/PdoSessionHandlerTest.php
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][tests] Use @requires annotation when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b028aea [tests] Use @requires annotation when possible
This PR was squashed before being merged into the 2.3 branch (closes#16095).
Discussion
----------
[Console] Add additional ways to detect OS400 platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16053
| License | MIT
| Doc PR | None
This PR adds support for detecting the OS400 platform when the PHP function `php_uname()` is disabled. OS400 platform detection was added in #15058 to fix character encoding issues present on OS400. See that PR for more info.
This PR fixes regression introduced in #16053, which did not work on the IBM OS400 server I have access to. The constant `PHP_OS` being checked outputs "AIX" on my IBM OS400 server. I can't say for sure if it works on other IBM platforms... but I preserved this check just in case.
User @eloigranado [commented here](https://github.com/symfony/symfony/pull/15058#issuecomment-130743928) asking if we could switch to using `PHP_OS` constant instead of `php_uname()` because he claims some admins might "[hide] the exact kernel build from any attacker who discovers a remote PHP code execution vulnerability". I personally don't think we should accommodate this use case, but I was able to find alternate approaches.
### Why use case insensitive string matching stristr() instead of in_array()?
Here are the various outputs on my OS400 server:
echo PHP_OS; // "AIX"
echo getenv('OSTYPE'); // "os400"
echo php_uname('s'); // "OS400"
So we have various case issues here, and possible blank values on platforms where OSTYPE var doesn't exist or php_uname() is disabled. Concatenating these optional values together delimited by ; then case-insensitive searching the string for "OS400" seemed like a fair compromise. I would've probably done `in_array()` if case wasn't an issue.
Commits
-------
96a4071 [Console] Add additional ways to detect OS400 platform
This PR was merged into the 2.7 branch.
Discussion
----------
Added more tests for PropertyAccess
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is a follow up for [16090#issuecomment-145183635](https://github.com/symfony/symfony/pull/16090#issuecomment-145183635)
Commits
-------
378db75 Added more tests for PropertyAccess
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Allow tabs before comments at the end of a line
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
If a yml file has a tab character before a line ending comment the comment will be included in the parsed value. Yaml spec allows tab or space as whitespace characters so we need to check for tab as well. See included test.
Recently caused an odd and hard to find bug in our project.
See spec:
http://www.yaml.org/spec/1.2/spec.html#s-b-commenthttp://www.yaml.org/spec/1.2/spec.html#s-separate-in-linehttp://www.yaml.org/spec/1.2/spec.html#s-white
This is a new PR replacing https://github.com/symfony/symfony/pull/15747
@fabpot
Commits
-------
d040be7 [Yaml] Allow tabs before comments at the end of a line
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
7b12fe9 [2.7] Fix docblocks about callables
This PR was merged into the 2.3 branch.
Discussion
----------
Fix docblocks about callables
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a25beb6 Fix docblocks about callables
This PR was merged into the 2.3 branch.
Discussion
----------
Command list ordering fix
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Makes sure that global commands are always first.
Commits
-------
2984f8e fixed previous commit
70f2b3e global commands are always first in command list
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was squashed before being merged into the 2.3 branch (closes#14842).
Discussion
----------
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14822
| License | MIT
| Doc PR | ~
* test now always pass "secure" and "httponly" options, as they are required
* could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required
* I can squash the commits before merging
* Alternative solution: #14843
Commits
-------
18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
This PR was merged into the 2.3 branch.
Discussion
----------
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself.
[DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it.
But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication.
It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication.
Commits
-------
729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
This PR was merged into the 2.3 branch.
Discussion
----------
Fix PropertyAccessor modifying array in object when array key does no…
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #16056
| License | MIT
| Doc PR |
Commits
-------
f24c678 Fix PropertyAccessor modifying array in object when array key does not exist
This PR was merged into the 2.3 branch.
Discussion
----------
Throw exception if tempnam returns false in ProcessPipes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15215
| License | MIT
| Doc PR |
Related to #16092
Commits
-------
1425b8a Throw exception if tempnam returns false in ProcessPipes
This condition is always `true` because `$attributesMetadata` does not exists in this `foreach` context and could overwrite values in the `$attributesMetadata` variable.
This PR was merged into the 2.3 branch.
Discussion
----------
[Console] use PHP_OS instead of php_uname('s')
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15058
| License | MIT
| Doc PR |
The php_uname() function may be disabled for security reasons.
Commits
-------
40e0dc8 use PHP_OS instead of php_uname('s')
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] Fix improper comments removal
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15857
| License | MIT
| Doc PR | -
This tries to fix#15857 .
Honestly, I don't have any idea of the regressions it might introduce. Tests are passing, so if this code had any reason to exist, tests covering it are certainly missing :/
Any hint ?
Commits
-------
0e24fc5 [Yaml] Fix improper comments removal inside strings
Make sure that all relevant information is passed to created crawlers.
To avoid future regressions, this commit backports the approach taken by
@stof in #15934 to have a single place in the class that is responsible
to create subcrawler instances.
* 2.3:
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] change a class in tests to avoid depending on SQLite
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
d6a7517 [HttpKernel] change a class in tests to avoid depending on SQLite
