This PR was merged into the 3.4 branch.
Discussion
----------
[DI] fix dumping inline services again
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28720#28710
| License | MIT
| Doc PR | -
The main fix is in `PhpDumper::addInlineService()`
Fixes a few other glitches found meanwhile.
Commits
-------
a854b0a01c [DI] fix dumping inline services again
This PR was merged into the 4.2-dev branch.
Discussion
----------
Revert "feature #27549 [Cache] Unconditionally use PhpFilesAdapter for system pools"
This reverts commit d4f5d46b13, reversing
changes made to 7e3b7b0b50.
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Reading #28800, I've just realized that #27549 breaks using system caches with read-only filesystem.
Using ApcuAdapter makes system caches compatible with read-only filesystems.
Note that this affects only non-warmed up pools, as the warmed-up ones use a faster `PhpArrayAdapter` in front.
Commits
-------
dbc1230735 Revert "feature #27549 [Cache] Unconditionally use PhpFilesAdapter for system pools (nicolas-grekas)"
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Routing] simplify PhpMatcherDumper by splitting code logic from route data
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR splits all logic that is currently dumped into the matcher in a dedicated trait.
This makes the code easier to maintain and prepares for the next step (making the dumper compile routes as a set of PHP arrays instead of code.)
This diff is huge because affected fixtures are also huge, but it's negative, removing 1200 lines!
Commits
-------
22186c7045 [Routing] simplify PhpMatcherDumper by splitting code logic from route data
This PR was submitted for the 3.4 branch but it was merged into the 4.2-dev branch instead (closes#24263).
Discussion
----------
Filter logs by level
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Proposal to filter logs by level. This PR competes with #23247 (but also see #23038) which propose to filter by channel.
<details>
<summary>Before</summary>
</details>
<details>
<summary>After</summary>
</details>
From https://github.com/symfony/symfony/pull/23247#issuecomment-322827776
> Adding configuration is always adding complexity for the end user. If we can do otherwise (including doing nothing), i think that might be better. I all depends on the current "brokenness" status.
This avoids that. Also single click; noise gone.
Commits
-------
8f88753381 Filter logs by level
This PR was squashed before being merged into the 4.2-dev branch (closes#26261).
Discussion
----------
[Validator] Improvement: provide file basename for constr. violation messages in FileValidator.
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | N/A
`\Symfony\Component\Validator\Constraints\FileValidator` provides absolute path to file on server when user, per example, uploads empty file, too large file, of wrong mime type, etc...
Absolute path to file on server does not have value to the end user, on top of that, exposing it can be a security issue - end user should not be aware of server filesystem.
Basename of file, however, has value (per example: MyAwesomeSheet.xlsx, MyCV.doc, etc..) - if something is wrong with file upload (size, mime, etc...).
If basename is exposed, we can construct messages like: "Your file 'MyCV.doc' is not allowed for upload due to....whatever"...
This PR provides basename of file so end user of `\Symfony\Component\Validator\Constraints\FileValidator` can construct error messages of higher value for end user.
Commits
-------
a77abadf06 [Validator] Improvement: provide file basename for constr. violation messages in FileValidator.
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Finder] make reverse sorting a bit more generic
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/27967#issuecomment-406991194
| License | MIT
| Doc PR | -
Commits
-------
ce861d1861 [Finder] make reverse sorting a bit more generic
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Form] allow additional http methods in form configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26287
| License | MIT
| Doc PR | TBD
In order to allow HTTP methods other than GET, PUT, POST, DELETE and PATCH, the `allowed_methods` option under `framework.form` configuration has been added.
This configuration option adds the specified methods to the `FormConfigBuilder` whitelist, allowing that methods be used in form configuration via `setMethod` or the `method` option.
The use-case, that has been discussed in #26287, required the usage of custom HTTP method for describing a resource in an API application.
Commits
-------
27d228c3ee [Form] remove restriction on allowed http methods
This PR was submitted for the 2.8 branch but it was squashed and merged into the 4.2-dev branch instead (closes#26771).
Discussion
----------
[Filesystem] Fix mirroring a directory with a relative path and a custom iterator
| Q | A
| ------------- | ---
| Branch? | 2.8 up to 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The Filesystem::mirror method with a Finder iterator doesn't work if the origin directory is relative.
This is a case where it won't work:
```
$dir = '/data/../data/';
$finder = (new Finder())->in($dir)->getIterator();
(new Filesystem())->mirror($dir, '/tmp', $finder);
```
The finder will return file objects like this :
```
SplFileInfo {
pathname: "/data/file.tmp"
...
}
```
But the following line will fail because because the `$file->getPathname()` and the `$originDir` are differents.
```
$target = $targetDir.substr($file->getPathname(), $originDirLen);
// $file->getPathname() = '/data/file.tmp'
// $originDirLen = strlen('/data/../data/') = 14
// $target = '/tmp' instead of '/tpm/file.tpm'
```
In some case, it's even worse. If the filename length is bigger than the `$originDirLen`, the target file will be a file with a completely wrong name:
```
// $file->getPathname() = '/data/file123456789.tmp'
// $originDirLen = strlen('/data/../data/') = 14
// $target = '/tmp/56789.tmp' instead of '/tpm/file123456789.tmp'
```
I fixed this on my side by using the realpath function everytime i'm calling the mirror method, but i doubt this is the desired behavior.
Commits
-------
27b673cbdd [Filesystem] Fix mirroring a directory with a relative path and a custom iterator
This PR was merged into the 4.2-dev branch.
Discussion
----------
[OptionsResolver] Added support for nesting options definition
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #4833
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/9995
I'd like to propose an alternative to #27251 and #18134 with a different approach.
It would allow you to create a nested options system with required options, validation (type, value),
normalization and more.
<details>
<summary><strong>Short documentation</strong></summary>
**To define a nested option, you can pass a closure as the default value of the option with an `OptionsResolver` argument:**
```php
$resolver
->defaults([
'connection' => 'default',
'database' => function (OptionsResolver $resolver) {
$resolver
->setRequired(['dbname', 'host', ...])
->setDefaults([
'driver' => 'pdo_sqlite',
'port' => function (Options $options) {
return 'pdo_mysql' === $options['driver'] ? 3306 : null,
},
'logging' => true,
])
->setAllowedValues('driver', ['pdo_sqlite', 'pdo_mysql'])
->setAllowedTypes('port', 'int')
->setAllowedTypes('logging', 'bool')
// ...
},
]);
$resolver->resolve(array(
'database' => array(
'dbname' => 'demo',
'host' => 'localhost',
'driver' => 'pdo_mysql',
),
));
// returns: array(
// 'connection' => 'default',
// 'database' => array(
// 'dbname' => 'demo',
// 'host' => 'localhost',
// 'driver' => 'pdo_mysql',
// 'port' => 3306,
// 'logging' => true,
// ),
//)
```
Based on this instance, you can define the options under ``database`` and its desired default
value.
**If the default value of a child option depend on another option defined in parent level,
adds a second ``Options`` argument to the closure:**
```php
$resolver
->defaults([
'profiling' => false,
'database' => function (OptionsResolver $resolver, Options $parent) {
$resolver
->setDefault('logging', $parent['profiling'])
->setAllowedTypes('logging', 'bool');
},
])
;
```
**Access to nested options from lazy or normalize functions in parent level:**
```php
$resolver
->defaults([
'version' => function (Options $options) {
return $options['database']['server_version'];
},
'database' => function (OptionsResolver $resolver) {
$resolver
->setDefault('server_version', 3.15)
->setAllowedTypes('server_version', 'numeric')
// ...
},
])
;
```
As condition, for nested options you must to pass an array of values to resolve it on runtime, otherwise an exception will be thrown:
```php
$resolver->resolve(); // OK
$resolver->resolve(['database' => []]); // OK
$resolver->resolve(['database' => null); // KO (Exception!)
```
</details>
---
Demo app https://github.com/yceruto/nested-optionsresolver-demo
Commits
-------
d04e40be5a Added support for nested options definition
This PR was merged into the 4.2-dev branch.
Discussion
----------
[VarDumper] Allow to use a light theme out of the box
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
Wouldn't it be nice to provide this light theme out of the box? (the one we use in the profiler)
Commits
-------
c705b82563 [VarDumper] Allow to use a light theme out of the box
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Finder] Added a way to inverse a previous sorting
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
Sometimes, it's useful to inverse the previous sorting.
For exemple when you want to display the most recent uploaded files
Commits
-------
3cd0dcaaee [Finder] Added a way to inverse a previous sorting
This PR was squashed before being merged into the 4.2-dev branch (closes#28061).
Discussion
----------
[Security] add port in access_control
| Q | A
| ------------- | ---
| Branch? | master for features
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26071
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/10359
Add port in access_control
__Please Squash this P.R.__
Commits
-------
6413dcbe75 [Security] add port in access_control
This PR was merged into the 4.2-dev branch.
Discussion
----------
Added different protocols to be allowed as asset base_url
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | fixes#28238
| License | MIT
| Doc PR | symfony/symfony-docs#10347
In some cases you want to use the `file://` as base_url when you are for example generating pdf and want to avoid network requests to improve the pdf generation performance:
```yaml
framework:
assets:
packages:
pdf:
base_url: "file://%kernel.project_dir%/public"
```
usage:
```twig
{{ asset('image.jpg', 'pdf' }}
```
Commits
-------
2e21834b71 added different protocols to be allowed as asset base_urls
This PR was merged into the 2.8 branch.
Discussion
----------
[Process] fix locking of pipe files on Windows
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28655
| License | MIT
| Doc PR | -
Commits
-------
d64bd3b181 [Process] fix locking of pipe files on Windows
This PR was merged into the 4.2-dev branch.
Discussion
----------
[FrameworkBundle] Moving Cache-related CompilerPass to Cache component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Hi, first PR here 🎉
This is related to #27479 and a first work to move Cache-related CompilerPass out of `FrameworkBundle`, it allows to decouple part of the FrameworkBundle configuration classes.
Since we didn't choosed a fixed directory organization to manage theses, I actually did same as in Bundles and used DependencyInjection folder. If we do choose to follow my [last comment directory organization proposal](https://github.com/symfony/symfony/issues/27479#issuecomment-401307685), I'll move theses CompilerPass to `Framework/DependencyInjection/Compiler` directory (nothing hard here).
Thanks to @DanieleGBX that helped me checking this PR and gave me some good advices !
Here is a list of all CompilerPass I moved, with related component (I also moved related tests when they were present):
- **Cache** - CacheCollectorPass
- **Cache** - CachePoolClearerPass
- **Cache** - CachePoolPass
- **Cache** - CachePoolPrunerPass
Commits
-------
53e7040829 moving Cache-related compiler pass from FrameworkBundle to Cache component
This PR was merged into the 2.8 branch.
Discussion
----------
invalidate stale commits for PRs too
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
aee63f5e4b invalidate stale commits for PRs too
* 2.8:
Fix class documentation
[Validator] Add a missing translation
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
This PR was squashed before being merged into the 4.2-dev branch (closes#28738).
Discussion
----------
[OptionsResolver] Passing Options argument to deprecation closure
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/28721#discussion_r222686221
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/10439
As spotted here https://github.com/symfony/symfony/pull/28721, we sometimes need more advanced cases, where the deprecation of the value depends on another option:
```php
$resolver->setDeprecated('date_format', function (Options $options, $dateFormat) {
if (null !== $options['date_format'] && 'single_text' === $options['widget']) {
return sprintf('Using the "date_format" option of the %s when the "widget" option is set to "single_text" is deprecated since Symfony 4.2.', self::class);
}
return '';
});
```
There is still a decision to make:
> We're in time to change the arguments position (Options $options, $value) to be consistent with other closure signatures.
WDYT?
Commits
-------
29360510db [OptionsResolver] Passing Options argument to deprecation closure
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Cache] add CacheInterface::delete() + improve CacheTrait
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've been hesitating a lot on this topic, but I think we should add a `delete()` method to `CacheInterface`.
Deleting is a very common invalidation strategy and invalidating by passing `$beta=INF` to `get()` has the drawback of requiring a fetch+unserialize+save-with-past-expiration. That's complexity that a delete removes.
This PR fixes an issue found meanwhile on `get()`: passing an `ItemInterface` to its callback makes it harder than required to implement on top of PSR-6. Let's pass a `CacheItemInterface`.
Lastly, the early expiration logic can be moved from the component to the trait shipped on contracts.
Here we are for all these steps.
Commits
-------
c6cf690b2f [Cache] add CacheInterface::delete() + improve CacheTrait
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Form] simplify the form type extension registration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22833, #27906
| License | MIT
| Doc PR |
Commits
-------
6a1d4c5db4 simplify the form type extension registration
This PR was merged into the 2.8 branch.
Discussion
----------
[EventDispatcher] Remove template method in test case
| Q | A
| ------------- | ---
| Branch? | 2.8 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | no <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | no <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
545a8eef05 [EventDispatcher] Remove template method in test case
This PR was merged into the 4.2-dev branch.
Discussion
----------
[WebServerBundle] Added ability to display the current hostname address if available when binding to 0.0.0.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ? (no tests for server commands)
| Fixed tickets | #28585
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Tries to get the local hostname into an ip (if available) using the PHP gethostname* methods.
Commits
-------
dfd2e8b4e6 [WebServerBundle] Added ability to display the current hostname address if available when binding to 0.0.0.0
This PR was merged into the 4.2-dev branch.
Discussion
----------
[DI] minor optim for dumped container
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted while reviewing a real-world dumped container.
Commits
-------
c1863e3a7a [DI] minor optim for dumped container
This PR was merged into the 4.1 branch.
Discussion
----------
[Form] fix a return type hint
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26918
| License | MIT
| Doc PR |
Commits
-------
095b9f3a30 fix a return type hint
This PR was squashed before being merged into the 3.4 branch (closes#28072).
Discussion
----------
[Security] Do not deauthenticate user when the first refreshed user has changed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Currently the token is deauthenticated when the first refreshed user has changed. In theory, a second user provider could find a user that is the same than the user stored in the token.
Also, the deauthentication is currently affected by the order of the user providers in the security.yaml and IMHO it does not make sense.
Commits
-------
95dce67 [Security] Do not deauthenticate user when the first refreshed user has changed
