* 2.3:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
* 2.2:
[Locale] added support for the position argument to NumberFormatter::parse()
[Locale] added some more stubs for the number formatter
[Yaml] fixed typo
[Yaml] fixed a test on PHP < 5.4
[DomCrawler]Crawler guess charset from html
fixed PHP 5.3 compatibility
[Yaml] reverted previous merge partially (refs #8897)
[Security] remove unused logger
[Security] fix typo
[Yaml] Fixed filename in the ParseException message
Conflicts:
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/Locale/Stub/StubNumberFormatter.php
src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
This PR was squashed before being merged into the 2.2 branch (closes#9074).
Discussion
----------
[DomCrawler]Crawler guess charset from html
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9061
| License | MIT
| Doc PR | n/a
Commits
-------
e5282e8 [DomCrawler]Crawler guess charset from html
This PR was merged into the 2.2 branch.
Discussion
----------
[Yaml] Fixed filename in the ParseException message
| Q | A
| ------------- | ---
| Bug fix? | sort of
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
Yaml component throws an exception with corrupt filename because of `json_encode`:
```
[Symfony\Component\Yaml\Exception\ParseException]
A YAML file cannot contain tabs as indentation in "\/var\/www\/app\/config.yml" at line 42 (near " foo: bar").
```
Commits
-------
da44651 [Yaml] Fixed filename in the ParseException message
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] [Fragment] Fixed CS
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Only two simple CS fixes.
Commits
-------
7d53314 [HttpKernel] Fragment Fixed CS
This PR was merged into the master branch.
Discussion
----------
New Component: Expression Language
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8850, #7352
| License | MIT
| Doc PR | not yet
TODO:
- [ ] write documentation
- [x] add tests for the new component
- [x] implement expression support for access rules in the security component
- [x] find a better character/convention for expressions in the YAML format
- [x] check the performance of the evaluation mode
- [x] better error messages in the evaluation mode
- [x] add support in the Routing
- [x] add support in the Validator
The ExpressionLanguage component provides an engine that can compile and
evaluate expressions.
An expression is a one-liner that returns a value (mostly, but not limited to, Booleans).
It is a strip-down version of Twig (only the expression part of it is
implemented.) Like Twig, the expression is lexed, parsed, and
compiled/evaluated. So, it is immune to external injections by design.
If we compare it to Twig, here are the main big differences:
* only support for Twig expressions
* no ambiguity for calls (foo.bar is only valid for properties, foo['bar'] is only valid for array calls, and foo.bar() is required for method calls)
* no support for naming conventions in method calls (if the method is named getFoo(), you must use getFoo() and not foo())
* no notion of a line for errors, but a cursor (we are mostly talking about one-liners here)
* removed everything specific to the templating engine (like output escaping or filters)
* no support for named arguments in method calls
* only one extension point with functions (no possibility to define new operators, ...)
* and probably even more I don't remember right now
* there is no need for a runtime environment, the compiled PHP string is self-sufficient
An open question is whether we keep the difference betweens arrays and hashes.
The other big difference with Twig is that it can work in two modes (possible
because of the restrictions described above):
* compilation: the expression is compiled to PHP and is self-sufficient
* evaluation: the expression is evaluated without being compiled to PHP (the node tree produced by the parser can be serialized and evaluated afterwards -- so it can be saved on disk or in a database to speed up things when needed)
Let's see a simple example:
```php
$language = new ExpressionLanguage();
echo $language->evaluate('1 + 1');
// will echo 2
echo $language->compile('1 + 2');
// will echo "(1 + 2)"
```
The language supports:
* all basic math operators (with precedence rules):
* unary: not, !, -, +
* binary: or, ||, and, &&, b-or, b-xor, b-and, ==, ===, !=, !==, <, >, >=, <=, not in, in, .., +, -, ~, *, /, %, **
* all literals supported by Twig: strings, numbers, arrays (`[1, 2]`), hashes
(`{a: "b"}`), Booleans, and null.
* simple variables (`foo`), array accesses (`foo[1]`), property accesses
(`foo.bar`), and method calls (`foo.bar(1, 2)`).
* the ternary operator: `true ? true : false` (and all the shortcuts
implemented in Twig).
* function calls (`constant('FOO')` -- `constant` is the only built-in
functions).
* and of course, any combination of the above.
The compilation is better for performances as the end result is just a plain PHP string without any runtime. For the evaluation, we need to tokenize, parse, and evaluate the nodes on the fly. This can be optimized by using a `ParsedExpression` or a `SerializedParsedExpression` instead:
```php
$nodes = $language->parse($expr, $names);
$expression = new SerializedParsedExpression($expr, serialize($nodes));
// You can now store the expression in a DB for later reuse
// a SerializedParsedExpression can be evaluated like any other expressions,
// but under the hood, the lexer and the parser won't be used at all, so it''s much faster.
$language->evaluate($expression);
```
That's all folks!
I can see many use cases for this new component, and we have two use cases in
Symfony that we can implement right away.
## Using Expressions in the Service Container
The first one is expression support in the service container (it would replace
#8850) -- anywhere you can pass an argument in the service container, you can
use an expression:
```php
$c->register('foo', 'Foo')->addArgument(new Expression('bar.getvalue()'));
```
You have access to the service container via `this`:
container.get("bar").getvalue(container.getParameter("value"))
The implementation comes with two functions that simplifies expressions
(`service()` to get a service, and `parameter` to get a parameter value). The
previous example can be simplified to:
service("bar").getvalue(parameter("value"))
Here is how to use it in XML:
```xml
<parameters>
<parameter key="value">foobar</parameter>
</parameters>
<services>
<service id="foo" class="Foo">
<argument type="expression">service('bar').getvalue(parameter('value'))</argument>
</service>
<service id="bar" class="Bar" />
</services>
```
and in YAML (I chose the syntax randomly ;)):
```yaml
parameters:
value: foobar
services:
bar:
class: Bar
foo:
class: Foo
arguments: [@=service("bar").getvalue(parameter("value"))]
```
When using the container builder, Symfony uses the evaluator, but with the PHP
dumper, the compiler is used, and there is no overhead as the expression
engine is not needed at runtime. The expression above would be compiled to:
```php
$this->get("bar")->getvalue($this->getParameter("value"))
```
## Using Expression for Security Access Control Rules
The second use case in Symfony is for access rules.
As we all know, the way to configure the security access control rules is confusing, which might lead to insecure applications (see http://symfony.com/blog/security-access-control-documentation-issue for more information).
Here is how the new `allow_if` works:
```yaml
access_control:
- { path: ^/_internal/secure, allow_if: "'127.0.0.1' == request.getClientIp() or has_role('ROLE_ADMIN')" }
```
This one restricts the URLs starting with `/_internal/secure` to people browsing from the localhost. Here, `request` is the current Request instance. In the expression, there is access to the following variables:
* `request`
* `token`
* `user`
And to the following functions:
* `is_anonymous`
* `is_authenticated`
* `is_fully_authenticated`
* `is_rememberme`
* `has_role`
You can also use expressions in Twig, which works well with the `is_granted` function:
```jinja
{% if is_granted(expression('has_role("FOO")')) %}
...
{% endif %}
```
## Using Expressions in the Routing
Out of the box, Symfony can only match an incoming request based on some pre-determined variables (like the path info, the method, the scheme, ...). But some people want to be able to match on more complex logic, based on other information of the Request object. That's why we introduced `RequestMatcherInterface` recently (but we no default implementation in Symfony itself).
The first change I've made (not related to expression support) is implement this interface for the default `UrlMatcher`. It was simple enough.
Then, I've added a new `condition` configuration for Route objects, which allow you to add any valid expression. An expression has access to the `request` and to the routing `context`.
Here is how one would configure it in a YAML file:
```yaml
hello:
path: /hello/{name}
condition: "context.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
Why do I keep the context as all the data are also available in the request? Because you can also use the condition without using the RequestMatcherInterface, in which case, you don't have access to the request. So, the previous example is equivalent to:
```yaml
hello:
path: /hello/{name}
condition: "request.getMethod() in ['GET', 'HEAD'] and request.headers.get('User-Agent') =~ '/firefox/i'"
```
When using the PHP dumper, there is no overhead as the condition is compiled. Here is how it looks like:
```php
// hello
if (0 === strpos($pathinfo, '/hello') && preg_match('#^/hello/(?P<name>[^/]++)$#s', $pathinfo, $matches) && (in_array($context->getMethod(), array(0 => "GET", 1 => "HEAD")) && preg_match("/firefox/i", $request->headers->get("User-Agent")))) {
return $this->mergeDefaults(array_replace($matches, array('_route' => 'hello')), array ());
}
```
Be warned that conditions are not taken into account when generating a URL.
## Using Expressions in the Validator
There is a new Expression constraint that you can put on a class. The expression is then evaluated for validation:
```php
use Symfony\Component\Validator\Constraints as Assert;
/**
* @Assert\Condition(condition="this.getFoo() == 'fo'", message="Not good!")
*/
class Obj
{
public function getFoo()
{
return 'foo';
}
}
```
In the expression, you get access to the current object via the `this` variable.
## Dynamic annotations
The expression language component is also very useful in annotations. the SensoLabs FrameworkExtraBundle leverages this possibility to implement HTTP validation caching in the `@Cache` annotation and to add a new `@Security` annotation (see sensiolabs/SensioFrameworkExtraBundle#238.)
Commits
-------
d4ebbfd [Validator] Renamed Condition to Expression and added possibility to set it onto properties
a3b3a78 [Validator] added a constraint that runs an expression
1bcfb40 added optimized versions of expressions
984bd38 mades things more consistent for the end user
d477f15 [Routing] added support for expression conditions in routes
86ac8d7 [ExpressionLanguage] improved performance
e369d14 added a Twig extension to create Expression instances
38b7fde added support for expression in control access rules
2777ac7 [HttpFoundation] added ExpressionRequestMatcher
c25abd9 [DependencyInjection] added support for expressions in the service container
3a41781 [ExpressionLanguage] added support for regexes
9d98fa2 [ExpressionLanguage] added the component
This PR was merged into the 2.3 branch.
Discussion
----------
Fix `use` statements in HttpKernel\Client
Commits
-------
5d5ea9a Fix `use` statements in HttpKernel\Client
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fix typo and remove unused logger
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
a33cc51 [Security] remove unused logger
62de9c1 [Security] fix typo
This PR was merged into the master branch.
Discussion
----------
[Security] Remove unused use statement
Commits
-------
6981669 Remove unused use statement
* 2.3:
fixed phpdoc
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
* 2.2:
Fix some annotates
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
[HttpKernel] remove unneeded strtoupper
updated the composer install command to reflect changes in Composer
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Command/Command.php
src/Symfony/Component/Console/Input/InputDefinition.php
src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php
src/Symfony/Component/Locale/Locale.php
src/Symfony/Component/Locale/README.md
src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
This PR was squashed before being merged into the 2.2 branch (closes#9067).
Discussion
----------
Fix some annotates
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
send those fixes in branch 2.2
This pr includes #9065
Commits
-------
de39bd5 Fix some annotates
This PR was merged into the master branch.
Discussion
----------
[Security] Split the component into 3 sub-components Core, ACL, HTTP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9047, #8848
| License | MIT
| Doc PR | -
The rationale behind this PR is to be able to use any of the sub components without requiring all the dependencies of the other sub components. Specifically, I'd like to use the core utils for an improved CSRF protection mechanism (#6554).
Commits
-------
14e9f46 [Security] removed unneeded hard dependencies in Core
5dbec8a [Security] fixed README files
62bda79 [Security] copied the Resources/ directory to Core/Resources/
7826781 [Security] Split the component into 3 sub-components Core, ACL, HTTP
This PR was squashed before being merged into the master branch (closes#8635).
Discussion
----------
[Config] Create XML Reference Dumper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Only Yaml was supported. This PR adds support for XML. This makes it easier to test XML schema's (see symfony-cmf/MenuBundle#114 ), helps us at the docs with our configuration reference and helps others using XML with symfony.
## Todo
- [x] Prototyped arrays don't work properly
- [x] Add comments (see Yaml dumper)
- [x] Add namespaces support
## Side effects
I've moved the reference dumpers to their own namespace and renamed the original reference dumper to `YamlReferenceDumper`. The old one is kept for BC, but deprecated.
/cc @dantleech
Commits
-------
05e9ca7 [Config] Create XML Reference Dumper
* 2.3:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[DomCrawler] fixed HTML5 form attribute handling
Making tests pass on mac os x without this change tests would fail under mac os x at least in 10.8.2
[BrowserKit] Fixed the handling of parameters when redirecting
[Process] Properly close pipes after a Process::stop call
fixed bytes conversion when used on 32-bits systems
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Form] Fixed: "required" attribute is not added to <select> tag if no empty value
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.2:
fixes RequestDataCollector bug, visible when used on Drupal8
[Console] fixed exception rendering when nested styles
[Console] added some more information about OutputFormatter::replaceStyle()
[Console] fixed the formatter for single-char tags
[Console] Escape exception message during the rendering of an exception
[BrowserKit] Fixed the handling of parameters when redirecting
Typo fix
HttpFoundation RequestTest - Fixed indentation and removed comments
HttpFoundation Request test for #8619
LICENSE files moved to meta folders
added missing method in the UPGRADE file for 2.2 (closes#8941)
[Translation] Removed an unneeded return annotation.
[DomCrawler] Added missing docblocks and removed unneeded return annotation.
Conflicts:
src/Symfony/Component/BrowserKit/Client.php
src/Symfony/Component/DomCrawler/Crawler.php
In Drupal8 ```$request->attributes->all()``` returns an array with a 0 key whose value is the ```Drupal\user\Entity\User```
```php
array(
0 => Drupal\user\Entity\User,
...
)
```
```('_route' == $key && is_object($value))``` is therefore true which provokes an exception:
```php
FatalErrorException: Error: Call to undefined method Drupal\user\Entity\User::getPath() in [...]/RequestDataCollector.php line 54
```
This patch corrects this with a simple replacement of == by ===
This PR was merged into the 2.2 branch.
Discussion
----------
[Console] Fixed exception rendering
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9045
| License | MIT
| Doc PR | n/a
When an exception message contains styles, the output is not the expected one. This PR addresses this issue.
Commits
-------
c8d0342 [Console] fixed exception rendering when nested styles
1f88a28 [Console] added some more information about OutputFormatter::replaceStyle()
a47d663 [Console] fixed the formatter for single-char tags
c6c35b3 [Console] Escape exception message during the rendering of an exception
This PR was squashed before being merged into the 2.3 branch (closes#8197).
Discussion
----------
[DomCrawler] fixed HTML5 form attribute handling
Fixed HTML5 form attribute handling and improved a test case to test more thoroughly
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6239
| License | MIT
| Doc PR | no
Commits
-------
04e730e [DomCrawler] fixed HTML5 form attribute handling
This PR was merged into the 2.3 branch.
Discussion
----------
[Process][2.3] Properly close pipes after a Process::stop call
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
When calling `Process::stop`, if the process does not stop before the end of the method, pipes are not close, `proc_close` is not called.
I added a test that randomly fails without the patch :
```
phpunit --filter=testStartAfterATimeout --repeat 100 Tests/SimpleProcessTest.php
PHPUnit 3.8-g55a6dd0 by Sebastian Bergmann.
Configuration read from /Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/phpunit.xml.dist
....E.E......E.....E..........EE..............EEE..EE.......E.. 63 / 100 ( 63%)
E.E................E....EE.......E...
Time: 29.55 seconds, Memory: 6.75Mb
There were 18 errors:
1) Symfony\Component\Process\Tests\SimpleProcessTest::testStartAfterATimeout
fclose(): 89 is not a valid stream resource
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/ProcessPipes.php:95
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/ProcessPipes.php:80
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/ProcessPipes.php:62
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/Process.php:938
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/Process.php:229
/Users/romain/Documents/workspace/symfony/src/Symfony/Component/Process/Tests/AbstractProcessTest.php:490
```
And of course, I solved the issue, tests are now OK.
Commits
-------
d84df4c [Process] Properly close pipes after a Process::stop call
This PR was merged into the 2.3 branch.
Discussion
----------
fixed bytes conversion when used on 32-bits systems
| Q | A
| ------------- | ---
| Bug fix? | yes (on 32-bits systems)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8977
| License | MIT
| Doc PR | n/a
This PR reverts #7413 and #742, which does not work well when a number is big (3Go for instance) and the machine is 32bits.
Commits
-------
b3ae29d fixed bytes conversion when used on 32-bits systems
This PR was squashed before being merged into the master branch (closes#7852).
Discussion
----------
[2.3][EventDispatcher] Make events lighter
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | na
| License | MIT
| Doc PR | symfony/symfony-docs#2476
I've taken the previous discussions and taking into consideration @fabpot does not want to break BC. This PR now provides the `EventDispatcher` as an argument to listeners. I've made a second separate commit which also passes the event name.
This PR is alternative to #7582
Commits
-------
e2bff32 [2.3][EventDispatcher] Make events lighter
This PR was merged into the 2.2 branch.
Discussion
----------
[DomCrawler] Added missing docblocks and removed redundant type in a return annotation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d414213 [DomCrawler] Added missing docblocks and removed unneeded return annotation.
This PR was merged into the 2.2 branch.
Discussion
----------
[Translation] Removed a @return annotation
This is the only `@return null` left...
Commits
-------
d6f4def [Translation] Removed an unneeded return annotation.
* 2.3:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
* 2.2:
[FrameworkBundle][Security] Replaced void return type with null for consistency
fixed CS
NativeSessionStorage regenerate
removed unneeded comment
Use setTimeZone if this method exists.
Fix FileResource test
fixed wrong usage of unset()
[HttpFoundation] Fixed the way path to directory is trimmed.
[Console] Fixed argument parsing when a single dash is passed.
Conflicts:
src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php
This PR was squashed before being merged into the 2.2 branch (closes#9026).
Discussion
----------
[FrameworkBundle][Security] Replaced void return type with null for consistency
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We're using `null` everywhere else.
Commits
-------
e4100ac [FrameworkBundle][Security] Replaced void return type with null for consistency
This PR was merged into the 2.2 branch.
Discussion
----------
[Console] Fixed argument parsing when a single dash is passed.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8986
| License | MIT
| Doc PR |
Commits
-------
42019f6 [Console] Fixed argument parsing when a single dash is passed.
I had the following test failing on OS X before:
There was 1 failure:
1) Symfony\Component\Config\Tests\Resource\FileResourceTest::testSerializeUnserialize
Failed asserting that two strings are identical.
This PR was merged into the 2.2 branch.
Discussion
----------
[HttpFoundation] Fixed the way path to directory is trimmed
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | re #8388
| License | MIT
| Doc PR | -
Commits
-------
773e716 [HttpFoundation] Fixed the way path to directory is trimmed.
* 2.3:
[WebProfilerBundle] fixed toolbar for IE8 (refs #8380)
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
* 2.2:
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
This PR was merged into the 2.2 branch.
Discussion
----------
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8507
| License | MIT
| Doc PR | n/a
Commits
-------
4f5b8f0 [HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
* 2.3:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
[Process] Fix process merge in 2.3
[Intl] made RegionBundle and LanguageBundle merge fallback data when using a country-specific locale
* 2.2:
[HttpKernel] added a check for private event listeners/subscribers
[FrameworkBundle] fixed registration of the register listener pass
[Form] Fixed regression causing invalid "WHERE id IN ()" statements
[DependencyInjection] fixed a non-detected circular reference in PhpDumper (closes#8425)
[Form] Fixed regression in BooleanToStringTransformer from ed83752
[FrameworkBundle] removed obsolete code
[Process] Close unix pipes before calling `proc_close` to avoid a deadlock
Conflicts:
src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
[DependencyInjection] added tags validation when compiling a container
| Q | A
| ------------- | ---
| Bug fix? | yes & no
| New feature? | yes & no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7543
| License | MIT
| Doc PR | n/a
When using YAML or XML, the tags validadity are checked during loading, but when using PHP, that's not possible.
So, the added step in the compilation phase does that nicely.
Commits
-------
5cad478 [DependencyInjection] added tags validation when compiling a container
This circular reference cannot be detected by the compiler pass as we
don't check for method arguments there.
The Container itself already detects such circular references at runtime.
So this fix is about circular references that are not detected at
compile time, and are not even detected at runtime because the code that
would cause the detection is never run (generated after a return
statement.)
This PR was merged into the master branch.
Discussion
----------
[Debug] removed usage of a deprecated class (closes#8992)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8992
| License | MIT
| Doc PR | n/a
Commits
-------
c673c0e [Debug] removed usage of a deprecated class (closes#8992)
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] made RegionBundle merge fallback data if using a country-specific locale
See #8442 and symfony/Icu#2.
Essentially, country data fetches from the Intl component do not currently work when using a locale with a country specifier, e.g. `fr_FR`. This change forces a merge on the data against the root language locale, thus making country data available for such locales.
Commits
-------
52d8676 [Intl] made RegionBundle and LanguageBundle merge fallback data when using a country-specific locale
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] Fixed FormValidator::findClickedButton() not to be called exponentially
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8317
| License | MIT
| Doc PR | -
Commits
-------
b65a515 [Form] Fixed FormValidator::findClickedButton() not to be called exponentially
This PR was merged into the 2.2 branch.
Discussion
----------
[HttpFoundation] fixed format duplication in Request
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8976
| License | MIT
| Doc PR | n/a
Commits
-------
8c2a733 [HttpFoundation] fixed format duplication in Request
This PR was merged into the master branch.
Discussion
----------
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
#7939 must be merged before this PR is merged.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5113, #5190
| License | MIT
| Doc PR | -
TODO:
- [x] test EntityChoiceList for stricter rules
- [ ] test ModelChoiceList for stricter rules
- [x] remove/deprecate the ChoiceList::getIndicesFor*() methods
Commits
-------
9efdb8e [Form] Deprecated ChoiceList::getIndicesFor*() methods
67ba131 [DoctrineBridge] Improved test coverage of EntityChoiceList
31e5ce5 [Form] Improved test coverage of ChoiceList classes
6283b0e [Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
79a214f [Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
62fbed6 [Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
* 2.3:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
Removed duplicate annotation
[HttpKernel] made code more reliable
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/GenericEntityChoiceListTest.php
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypeTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
Same as #7940, rebased onto 2.3.
Commits
-------
7879f07 [DoctrineBridge] Improved test coverage of EntityChoiceList
58e7c10 [Form] Improved test coverage of ChoiceList classes
9542d72 [Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
72b8807 [Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
e1bf07f [Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
* 2.2:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[HttpKernel] made code more reliable
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/EntityChoiceListTest.php
src/Symfony/Component/Form/Extension/Core/ChoiceList/ChoiceListInterface.php
src/Symfony/Component/Form/Extension/Core/EventListener/FixRadioInputListener.php
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/Form/Tests/Extension/Core/Type/ChoiceTypeTest.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
Same as #7940, rebased onto 2.2.
Commits
-------
4d2dc55 [DoctrineBridge] Improved test coverage of EntityChoiceList
9d3628c [Form] Improved test coverage of ChoiceList classes
ed83752 [Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
30aa1de [Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
53f292a [Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
This PR was merged into the 2.2 branch.
Discussion
----------
[Process][2.2] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8970
| License | MIT
This fix the read of file handles after `proc_close` as described in the issue. I enable some stdin=>stdout pipes tests on windows with some dedicated buffer size. Solving the issue, I finally reproduced this [PHP bug](https://bugs.php.net/bug.php?id=65650) that I first described in my PR note in #8924
Most of Windows usage should be okay, but in case of a program throws lots of output and fills the buffer, some data might be lost/corrupted. Should it be documented ? This is a Windows only known issue.
Commits
-------
1e75cf9 [Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
* 2.2:
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
This PR was squashed before being merged into the master branch (closes#8928).
Discussion
----------
[Console] Improved xml generated when listing commands
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I marked this PR as a BC break, as it breaks the xml schema generated by the command __app/console list --xml__
It replaces the first node (currently _symfony_) by a more generic node name ( _application_ ) and adds the application name and application version if specified in the _Symfony\Component\Console\Application_ constructor.
Before (using composer console that uses symfony console component):
```
<?xml version="1.0" encoding="UTF-8"?>
<symfony>
...
</symfony>
```
After (using composer console that uses symfony console component):
```
<?xml version="1.0" encoding="UTF-8"?>
<application name="Composer" version="x.x.x">
...
</application>
```
Commits
-------
7958227 [Console] Improved xml generated when listing commands
* 2.3:
[HttpFoundation] removed extra parenthesis
[Process][2.2] Fix Process component on windows
[HttpFoundation] improve perf of previous merge (refs #8882)
Request->getPort() should prefer HTTP_HOST over SERVER_PORT
Fixing broken http auth digest in some circumstances (php-fpm + apache).
fixed typo
Conflicts:
src/Symfony/Component/Process/Process.php
* 2.2:
[HttpFoundation] removed extra parenthesis
[Process][2.2] Fix Process component on windows
[HttpFoundation] improve perf of previous merge (refs #8882)
Request->getPort() should prefer HTTP_HOST over SERVER_PORT
Fixing broken http auth digest in some circumstances (php-fpm + apache).
fixed typo
Conflicts:
src/Symfony/Component/Process/Process.php
This PR was squashed before being merged into the 2.2 branch (closes#8924).
Discussion
----------
[Process][2.2] Fix Process component on windows
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8836, #8799, #7078
| License | MIT
This PR fixes Process on windows (almost, see note below).
- Some unit tests were not Windows compatible
- Use a file handle for STDERR as well as STDOUT to avoid blocking
- Decouple pipes and descriptors from Process
As this move some a part of Process in a sub class, I hope merging this in 2.3 and master would not be a PITA. I'm here to make some adjustments after theses merge if needed.
**Important note** :
We are using file handles instead of streams for `proc_open` pipes as described in the code (see [PHP bug #51800](https://bugs.php.net/bug.php?id=51800)). Unfortunately, this workaround may produce corrupted output/error output in some race conditions. That's why `AbstractProcessTest::testProcessPipes` randomly fails when using file handles (on unix and windows).
Commits
-------
4a76c76 [Process][2.2] Fix Process component on windows
* 2.3:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
removed unused variable
[Form] fix iterator typehint
typos
Button missing getErrorsAsString() fixes#8084 Debug: Not calling undefined method anymore. If the form contained a submit button the call would fail and the debug of the form wasn't possible. Now it will work in all cases. This fixes#8084
Use isset() instead of array_key_exists() in DIC
Fixed annotation
[BrowserKit] fixed method/files/content when redirecting a request
[BrowserKit] removed some headers when redirecting a request
[BrowserKit] fixed headers when redirecting if history is set to false (refs #8697)
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
[BrowserKit] Pass headers when `followRedirect()` is called
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
* 2.2:
Fixing singular form for kisses, accesses and addresses.
fixed some circular references
[Security] fixed a leak in ExceptionListener
[Security] fixed a leak in the ContextListener
Ignore posix_istatty warnings
typos
[HttpKernel] fixed route parameters storage in the Request data collector (closes#8867)
Return BC compatibility for `@Route` parameters and default values
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Console/Application.php
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fixed a leak in the ContextListener
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Trying to fix leaks when using the same Kernel to handle several requests in a row without resetting the Container or shutting down the Kernel.
Commits
-------
899f176 [Security] fixed a leak in ExceptionListener
2fd8a7a [Security] fixed a leak in the ContextListener
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] fixes some memory leaks
| Q | A
| ------------- | ---
| Bug fix? | kinda
| New feature? | no
| BC breaks? | kinda as the Bundle `$reflected` property was removed
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
6307f41 [HttpKernel] removed a circular reference that prevents PHP GC to do its job
49fe3c7 [HttpKernel] removed the need to use reflection to get a bundle namespace
This PR was merged into the 2.2 branch.
Discussion
----------
Fixed some random leaks
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
970405f fixed some circular references
set logger in extension , so its only done in debug mode
add psr/log to suggest of templating
add test for setLogger and refactor tests to not depend that much an
deprecated functionality
