This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2e07338 [FrameworkBundle] use the new request_stack service to get the Request object in the base Controller class
This PR was merged into the master branch.
Discussion
----------
[Translation] make IdentityTranslater consistent with normal translator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | n/a
The MessageSelector should not be required in the constructor of the IdentityTranslator because it's also optional for the [Translator](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Translation/Translator.php#L64).
I also fixed the TranslatorInterface phpdoc and the IdentityTranslator params similar to 90a20d7835
Commits
-------
7cdb260 [Translation] make IdentityTranslater consistent with normal translator
This PR was squashed before being merged into the master branch (closes#9540).
Discussion
----------
[Security] Added a missing field in SimpleAuthenticationHandler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Added tests and made a small CS fix as a bonus.
Btw, the properties are protected. Do we really want to provide extension points here?
Commits
-------
d553347 [Security] Added a missing field in SimpleAuthenticationHandler
This PR was squashed before being merged into the master branch (closes#9536).
Discussion
----------
[FrameworkBundle] Update 2 dependencies (currently broken)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
## Dependency on http-foundation
In b1a062d232 the `RequestStack` was moved to `http-foundation`, because of this the `framework-bundle` now also depends on `http-foundation`: b1a062d232 (diff-3) (at least in services.xml).
We got an error while installing the framework-bundle `2.4.*` with `prefer-stable` in our composer.json. We currently get framework-bundle 2.4 with http-kernel and http-foundation 2.3. An alternative fix would be raising the requirement of http-kernel to 2.4, but I think this is the "purest" declaration of dependencies.
Update 1
## Dependency on config
In 05e9ca7509 the config component was updated with an xml reference dumper for configuration. In the same commit the frameworkbundle dump command is updated to make use of the 2 newly introduced classes. It is currently possible to get an installation with config `2.3`, which in turn leads to an exception when running the dump-reference command:
```
$ app/console config:dump-reference framework
# Default configuration for extension with alias: "framework"
PHP Fatal error: Class 'Symfony\Component\Config\Definition\Dumper\YamlReferenceDumper
```
Update 2
## Dependency on http-kernel
We just found out that the dependency on http-kernel should also be updated to `2.4`. That's because the framework-bundle injects the `RequestStack` now and doesn't set the request on the `RouterListener` service anymore. Without updating the dependency it is possible to get a `RouterListener` that is not aware of the request stack (< 2.4) and none of your routes will work.
*tests are failing because of some race condition I guess?*
Commits
-------
fe5d8f8 [FrameworkBundle] Update 2 dependencies (currently broken)
This PR was merged into the 2.3 branch.
Discussion
----------
[Intl] make currency bundle merge fallback locales when accessing data, ...
...allowing use of country-specific locales
Fixes#9262.
Commits
-------
edc287b [Intl] make currency bundle merge fallback locales when accessing data, allowing use of country-specific locales
This PR was merged into the 2.2 branch.
Discussion
----------
CS fix
I hope this is not BC break though handler_id checking should be done with identical comparison operator I believe.
Commits
-------
1b6b1e9 if handler_id is identical to null fix
In Request::getClientIps() on line 772 there is a check if self::$trustedProxies is not set. If this condition evaluates to true the method will return.
Because of this the second identical check on line 783 will never evaluate to true, as when reaching this position self::$trustedProxies must be set.
This PR was merged into the master branch.
Discussion
----------
Add missing dependency to expression-language
Add missing dependency, without this dependency, PHPUnit can't run successfully.
Commits
-------
4206e98 Add missing dependency to expression-language
My kernel has been moved and namespaced to `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKernel`. This worked fine until a change was made to how the kernel temp stuff is handled in the warmup phase.
When the app generates its own cache (i.e you run cache without warmup and access the site) everything is generated ok and the .meta files generate the proper reference to the FQN of the Kernel.
However if the warmup is used, it uses `Cfs\Bundle\MultiSiteBundle\Kernel\CfsKerne_` as the temporary Kernel, and when it does "fix references to the Kernel in .meta files" it generates 2 errors.
1. It does not use a string safe tempKernel name, so it never finds the reference to the kernel
2. If you fix that, then it replaces the FQN of the tempKernel with `CfsKernel`, the non-namespaced name of the proper Kernel (it also leaves the character count wrong in the serialization `C:43:<class>` where 43 is the char count for the FQN above)
The two changes above fix this, by escaping the string and replacing it with a FQN Kernel Class name.
What are your thoughts on this?
This PR was merged into the 2.2 branch.
Discussion
----------
[Locale] fixed the failing test described in #9455
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9455
| License | MIT
| Doc PR | -
Commits
-------
3f91039 [Locale] fixed the failing test described in #9455
* 2.3: (25 commits)
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
Fixed bug with lazy services
[Translation] fixed the error in the dumper test as described in #9475
deleted mixing string concatenation inside a sprintf
"__call()" should be displayed only if $this->magicCall is true
[Console] fix phpdoc and constructor default value
Add media-query for printing: Do not print the toolbar.
Fix ProgressHelper redraw when redrawFreq is greater than 1
Update toolbar.css.twig
slovenian translations fixed
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
[Form] fix and unify phpdoc
...
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
[Translation] fixed the error in the dumper test as described in #9475
[Console] fix phpdoc and constructor default value
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/HttpKernel/Kernel.php
According to http://php.net/manual/ja/ini.core.php ,
there's not variable_order, but variables_order (with trailing "s").
Perhaps it breaks BC for some developer who unsets
'request_order' ini value and sets 'variable_order' manually?
This PR was merged into the 2.3 branch.
Discussion
----------
[Console][ProgressHelper] Fix ProgressHelper redraw when redrawFreq is greater than 1
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When using a ProgressHelper object with redrawFreq > 1, there are situation where redraw may never occur.
E.g.
redrawFreq = 2
setContent = 1
advance(2) ... the redraw event is detected by 0 == current % redrawFreq.
I've tested the patch against phpunit and my local environment.
Maybe, a new test can be implemented to avoid the previous example, but I'm not familiar with mock object... :)
Commits
-------
5eca1fb Fix ProgressHelper redraw when redrawFreq is greater than 1
The Luhn Validator fails to work with float or large integers (internally turned into float by php, depending on precision setting).
This is problematic because developers might use number or integer form fields to capture credit card data, which will lead to a validation error even though the form input itself was valid. This commit makes validator throw UnexpectedTypeException on non-string input to avoid this confusion.
This PR was merged into the master branch.
Discussion
----------
adjust doctrine dependencies
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9384, #9385
| License | MIT
| Doc PR | -
I went through all components/bundles/bridges in symfony and searched for doctrine dependencies. Then looked if it only requires a subset (annotations instead of common for example).
Commits
-------
7366901 adjust doctrine dependencies
This PR was merged into the master branch.
Discussion
----------
[Process] Renamed flushOutput() and flushErrorOutput() to clearOutput() and clearErrorOutput()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I renamed `flushOutput()` and `flushErrorOutput()` to `clearOutput()` and `clearErrorOutput()` since I find the current naming unintuitive. When reading [the blog post about this feature](http://symfony.com/blog/new-in-symfony-2-4-flushing-stdout-and-stderr-on-a-process) I initially thought that the output would be flushed to the console (as in `ob_flush()`).
Using "clear" on the other hand conforms well with [our conventions](http://symfony.com/doc/current/contributing/code/conventions.html).
Commits
-------
1811367 [Process] Renamed flushOutput() and flushErrorOutput() to clearOutput() and clearErrorOutput()
This PR was merged into the master branch.
Discussion
----------
set mergeFallback to true,
If your default locale is de_CH for example, then you get an incomplete list of locales. This issue has been resolved in the LanguageBundle and RegionBundle but not in for the LocaleBundle. Would be also a good idea for the CurrencyBundle
Commits
-------
4587d4e set mergeFallback to true, otherwise an uncomplete list is shown with default locale is for example de_CH
This PR was merged into the 2.3 branch.
Discussion
----------
[WebProfilerBundle] Small bugfix in CSS: don't make links bold.
If the CSS in your application has something like `a { font-weight: bold; }` to make links bold by default, they will also show up **bold** in the profilers toolbar, which doesn't look right. This patch explicitly sets the font-weight to 'normal', as it should be.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
984566d Add media-query for printing: Do not print the toolbar.
cf1b7cf Update toolbar.css.twig
b6738b6 Set the font-weight for links to 'normal', to prevent ugly bold links.
This PR was merged into the master branch.
Discussion
----------
Fix bug with variable named context to securityContext
Commits
-------
38433d7 Fix bug with variable named context to securityContext in SimplePreAuthenticationListener->handle function
This PR was merged into the 2.3 branch.
Discussion
----------
Slovenian translations fixed for Symfony 2.3
Commits
-------
1ec42ec slovenian translations fixed
* 2.2:
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
update CONTRIBUTORS
added content length header to BinaryFileResponse
[Routing] added working test case for issue #5135
This PR was merged into the master branch.
Discussion
----------
[Config] Quoting reserved characters
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a5c0123 Use Inline class to quote reserved characters
This PR was merged into the master branch.
Discussion
----------
[Console] make parent constructor test more reliable
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixes | #9186 , f2b60e9
| Tests pass? | yes
| license? | MIT
It also fixes the test since f2b60e9 and improves phpdoc
The second commit improves regex performance to validate name (using possesive quantifier).
I did some basic performance tests http://3v4l.org/PuvuL
The new regex only takes 1/3 of the time compared to the old one!
Commits
-------
5798029 [Console] improve regex performance to validate name
22b09ce [Console] make parent constructor test more reliable
This PR was merged into the 2.3 branch.
Discussion
----------
fixed issue with clone now the children of the original form are preserved and the clone form is given new children
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | 9414
| License | MIT
| Doc PR |
this commit fixes#9414
Commits
-------
b952bcb fixed issue with clone now the children of the original form are preserved and the clone form is given new children
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] fix and unify phpdoc
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| license? | MIT
- Fixes FormTypeGuesserInterface that must return ValueGuess for guessRequired etc. instead of abstract Guess because its excepted for example by FormFactory.
- Unify array typehints that was not done consistently.
Commits
-------
7a754c3 [Form] fix and unify phpdoc
This PR was merged into the 2.2 branch.
Discussion
----------
[FrameworkBundle] add test for #5135 and simplify routing container parameter resolution
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Fixes | #5135
| Tests pass? | yes
| license? | MIT
1. [FrameworkBundle] added working test case for issue #5135
2. [FrameworkBundle] fix routing container parameter exception message which did not really make sense and improve regex performance
Commits
-------
719e037 [FrameworkBundle] fix routing container parameter exception message
8513ac9 [Routing] added working test case for issue #5135
This PR was merged into the master branch.
Discussion
----------
Add X-Debug-Url profiler url header
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | None
Hey, working with rest APIs I find it way more convenient to have the profiler url directly in the header ... We human are used to deal with hypermedia!
A little bit of hateoas in symfony :)
Commits
-------
2f09754 Add X-Debug-Url profiler url header
* 2.3:
fixed CS
fixed CS
[HttpKernel] fixed memory limit display in MemoryDataCollector
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Templating/TimedPhpEngineTest.php
* 2.2:
fixed CS
Fixed the error handling when decoding invalid XML to avoid a Warning
[Form] Fixed: The "data" option is taken into account even if it is NULL
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
Conflicts:
src/Symfony/Component/Form/Extension/Core/Type/FormType.php
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] Update deprecation message
Small addition to (doc string only):
https://github.com/symfony/symfony/pull/9252
Commits
-------
b057fab [FrameworkBundle] Update deprecation message
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
The removal of the Profiler dependency on the TraceableEventDispatcher (#9170) allows to remerge the patch from #9068 that fixes#6686.
This PR also cleans up how profiles are stored. A Profile is now always stored only once.
The fix will only be available on 2.4+ as the changes are too deep to be backported to 2.2 and 2.3.
Commits
-------
1e1835e [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] Fixed: The "data" option is taken into account even if it is NULL
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c1a3eb3 [Form] Fixed: The "data" option is taken into account even if it is NULL
This PR was merged into the master branch.
Discussion
----------
prevent PHP from magically setting a 302 header
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (for people relying on getting a magic 302 when setting a Location header)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
this needs a test case .. but first let me know if you are ok with this change.
see http://www.php.net/manual/en/function.header.php
Commits
-------
c140d4f prevent PHP from magically setting a 302 header, see http://www.php.net/manual/en/function.header.php
This PR was squashed before being merged into the master branch (closes#9252).
Discussion
----------
[FrameworkBundle] Only enable CSRF protection when enabled in config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe?
| Deprecations? | no
| Tests pass? | I hope, master was already broken here
| License | MIT
bf85e8365a introduced new service configuration for CSRF protection in the frameworkbundle. It is always enabled even if you don't use it. Since it also depends on enabling the session that's not so nice.
Commits
-------
60dce14 [FrameworkBundle] Only enable CSRF protection when enabled in config
This PR was merged into the 2.2 branch.
Discussion
----------
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
According to [section 3.7 of RFC 2616][], media-type attribute names in the `Content-Type` header are case-insensitive.
Therefore, identification of the `text` type and the `charset` parameter in the `Content-Type` header should be case-insensitive.
[section 3.7 of RFC 2616]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7
Commits
-------
17a2d66 [DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Process] Fix#9343 : revert file handle usage on Windows platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9343
| License | MIT
Hello,
I propose to revert the use of file handles only for `STDOUT` on Windows platform (see implementation in 2.2.6 [here](4059720232/src/Symfony/Component/Process/Process.php (L231-L242))).
When I decoupled pipes management from `Process` in #8924, I used file handles for both `STDOUT` and `STDERR`. This was an error as it introduced random failure in reading the handles (reported as [PHP#65650](https://bugs.php.net/bug.php?id=65650)).
Reverting to the previous implementation solves the issue. My apologies for the issues it introduced.
Versions that have been affected by the bug are 2.2.7, 2.2.8, 2.2.9, 2.3.4, 2.3.5 and 2.3.6.
Side note : I thought about testing the file handles implementation on *nix, but it fails most of the time where as Windows is okay. Unit testing on windows is okay (AbstractProcessTest::testProcessPipes tests it), but I don't provide a travis compatible test.
Commits
-------
e9dd408 [Process] Fix#9343 : revert file handle usage on Windows platform
Added missing "@throws" PHPdoc comments in controllers
Updated deprecated reference to Symfony\Component\HttpKernel\Debug\ExceptionHandler to use Symfony\Component\Debug\ExceptionHandler instead
* 2.3:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
This PR was merged into the master branch.
Discussion
----------
[2.4][Form] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
#9333 merged into master.
Commits
-------
9a8ec64 Merge branch 'fix-csrf-default-2.3' into fix-csrf-default-2.4
baa2356 [Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
408769e bug #9328 [2.3][Form] Changed FormTypeCsrfExtension to use the form's name as default intention (bschussek)
* 2.2:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Form] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ping @stof
follow-up PR to #9327
Commits
-------
219e44d [Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
* 2.3:
Improve documentation of X-Forwarded-For header handling
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
Replaced the @inheritdoc with an actual list of params since the original method has a different signature.
fix typo : StdClass should be stdClass with little "s"
Remove unnecessary continue from Request
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
* 2.2:
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
This PR was merged into the master branch.
Discussion
----------
[Console] make InputArgument::setDefault() chainable
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
To allow chaining of methods, setDefault should return the InputArgument. I'm not quite sure if you would tread this as a BC break?
best regards
Philipp
Commits
-------
7b7a4c1 [Console] make InputArgument::setDefault() chainable
This PR was merged into the 2.2 branch.
Discussion
----------
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Previously, writing an association getter like this was impossible:
```php
public function addTag(Tag $tag) { ... }
public function removeTag(Tag $tag) { ... }
public function getTags()
{
return $this->tags->toArray();
}
```
Using `toArray()` is a useful way to restrict modifications of the collection to the specified methods. But previously, CollectionToArrayTransformer failed in this case, because it did not accept arrays as input.
Commits
-------
55001ab [DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
This PR was merged into the master branch.
Discussion
----------
[Form] Add missing use in form renderer
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9296
| License | MIT
| Doc PR | -
Commits
-------
7686867 [Form] Add missing use in form renderer
This PR was merged into the master branch.
Discussion
----------
Removed dead code (unused use statements).
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
eced94b Removed dead code (unused use statements).
* 2.3:
bumped Symfony version to 2.3.7
updated VERSION for 2.3.6
updated CHANGELOG for 2.3.6
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
[HttpKernel] Fixed a test (compiler pass class name has been changed).
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/BasePasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/Pbkdf2PasswordEncoder.php
src/Symfony/Component/Security/Core/Encoder/PlaintextPasswordEncoder.php
src/Symfony/Component/Security/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
src/Symfony/Component/Security/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
* 2.2:
bumped Symfony version to 2.2.10
updated VERSION for 2.2.9
update CONTRIBUTORS for 2.2.9
updated CHANGELOG for 2.2.9
[Security] limited the password length passed to encoders
assets:install command should mirror .dotfiles (.htaccess)
PoFileDumper - PO headers
removed whitespaces
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
This PR was merged into the master branch.
Discussion
----------
[Debug] Fixed `ClassNotFoundFatalErrorHandler`
After running the test suite, this produced a Fatal Error. Having continue in a child method is not allowed.
| Q | A
| ------------- | ---
| Bug fix? | [yes]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | [yes]
| Fixed tickets | None
| License | MIT
| Doc PR | None
Commits
-------
ecee5c2 [Debug] Fixed `ClassNotFoundFatalErrorHandler`
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] Fixed a test (compiler pass class name has been changed)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes, if #9259 also gets merged
| Fixed tickets | -
| License | MIT
| Doc PR | -
**I've sent it against wrong branch. It should be merged in 2.3. Sorry.**
Commits
-------
fae01c1 [HttpKernel] Fixed a test (compiler pass class name has been changed).
* 2.3:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
remove MinCount and MaxCount contraints. It has been replaced by Count constraints.
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Bridge/Propel1/Tests/Form/PropelTypeGuesserTest.php
* 2.2:
[Process] Fix#9182 : random failure on pipes tests
Fixed propel guessed relations
[FramworkBundle][HttpKernel] Check event listener services are not abstract
fixed CS
Check for lock existence before unlinking
[FrameworkBundle] fixed path replacement on Windows
Conflicts:
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Discussion
----------
[Form] fix missing use statement for exception UnexpectedTypeException
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? |
| Fixed tickets |
| License | MIT
| Doc PR |
fix missing use statement for exception `Symfony\Component\Form\Exception\UnexpectedTypeException`
cc @bschussek
Commits
-------
ea91533 [form] fix missing use statement for exception UnexpectedTypeException
This PR was merged into the master branch.
Discussion
----------
[Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9210
| License | MIT
| Doc PR | -
This is a follow-up PR of #6554 that splits the CsrfTokenGenerator into two separate classes for generating and managing CSRF tokens. As a consequence, it is now possible to explicitly remove or refresh CSRF tokens if they should be used only once. See #9210 for more information.
Commits
-------
d4bb5f4 [Security\Csrf] Split CsrfTokenGenerator into CsrfTokenManager and TokenGenerator
My logs are filled with a bazillion errors stating "Warning: unlink(/var/www/mysite/app/cache/prod/http_cache/md/cf/47/c693da5dab3eccb65fa36a9b4b07ad0f7cc4.lck): No such file or directory in /var/www/mysite/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpCache/Store.php line 53"
This PR was merged into the 2.2 branch.
Discussion
----------
Fixed cache warmup of paths which contain back-slashes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8781
| License | MIT
| Doc PR | n/a
From #8781
"
At this step in the warmup process there is a string replacement made, but paths with backslashes
are written into the cache file as something like `C:\\path\\to\\cache/pro_/...` but the str_replace
searches for the plain string `C:\path\to\cache/pro_/...`, which produces no matches.
The fix solves this by using var_export to escape the search (and replace) paths so they match the
format originally output into the cache file.
"
Commits
-------
526d285 [FrameworkBundle] fixed path replacement on Windows
This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
Commits
-------
31c6c62 [FrameworkBundle] The config:dump-reference command shows the list of bundles with the table helper
* 2.3:
Fix: duplicate usage of Symfony\Component\HttpFoundation\Response
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
Revert "merged branch Tobion/flattenexception (PR #9111)"
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
This PR was squashed before being merged into the master branch (closes#7887).
Discussion
----------
[FrameworkBundle] adds routing/container descriptors
The goal of this PR is to add descriptors (as in #7454) for routing and container. This will permit add a `--format` option to `router:debug` and `container:debug` commands (with `txt`, `json`, `xml` and `md` formats).
Commits
-------
22f9bc8 [FrameworkBundle] adds routing/container descriptors
This PR was squashed before being merged into the master branch (closes#8835).
Discussion
----------
[Console] Fixed verbose option when passing verbosity level as option value
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Currently passing a verbosity level to verbose option on console doesn't work unless using the shotcuts _-v_, _-vv_, _-vvv_.
This also fix _accept_value_ in the xml generated by __console help --xml__ for people using the xml output ;)
Commits
-------
a28eb8b [Console] Fixed verbose option when passing verbosity level as option value
* 2.2:
[Form] add support for Length and Range constraint in order to replace MaxLength, MinLength, Max and Min constraints in next release (2.3)
[Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
This PR was squashed before being merged into the master branch (closes#8927).
Discussion
----------
[Templating] fix logic regarding template references and many phpdocs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
this clarifies the expected types and exceptions by much. and it fixes some logic flaws.
- missing info/methods in interfaces
- respecting Twig_LoaderInterface only accepting strings, not objects
related to fabpot/Twig#1183 but does not depend on it
Commits
-------
f6c12bd [Templating] fix logic regarding template references and many phpdocs
This PR was merged into the master branch.
Discussion
----------
[RC][Form] Let null values clear fields in PATCH requests
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
I've changed the way form checks wherever or not to submit childs by checking submitted data with array_key_exists and not with just isset.
This way in PATCH requests values are not processed when they are not in array and not also when the value is null. Currently there is no way to null a value with a PATCH request, even passing it null.
This can lead to some BC breaks depending on how users used form in their code.
Commits
-------
f5812c5 [Form] Let null values to unset fields in PATCH requests
This PR was squashed before being merged into the master branch (closes#8637).
Discussion
----------
[DomCrawler] Allowed internal validation of ChoiceFormField to be disabled
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7672
| License | MIT
| Doc PR | Not yet
Hi,
Here is a quite basic attempt to be able to disable the internal validation of the ChoiceFormField. It's pretty basic.
Feel free to tell me what you think guys. Maybe I should check the `validationDisabled` property at the beginning of the `containsOption()` method ?
I'll make the documentation PR as soon as the implementation will be validated.
Regards.
Commits
-------
739bf71 [DomCrawler] Allowed internal validation of ChoiceFormField to be disabled
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] added a way to override the Request class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7461, #7453
| License | MIT
| Doc PR | symfony/symfony-docs#3021
This is an alternative implementation for #7461.
I've also reverted #7381 and #7390 as these changes are not needed anymore.
Todo:
- [ ] add some tests
Commits
-------
464439d [HttpFoundation] added a way to override the Request class
This PR was merged into the master branch.
Discussion
----------
Decoupled TraceableEventDispatcher from the Profiler
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR removes the Profiler dependency on the TraceableEventDispatcher. That makes things more decoupled and cleaner. This PR also cleans up how profiles are stored; a Profile is now always stored only once.
I've created a `LateDataCollectorInterface` that is implemented for data collector that needs to get information from data that are available very late in the request process (when the request and the response are not even available anymore). The `lateCollect()` method is called just before the profile is stored.
We have 3 data collectors that implement that interface:
* Time: As the traceable event dipsatcher gets inject timing information via the stopwatch about all events (including the `terminate` one), we need to get events from the stopwatch as late as possible.
* Event: The traceable event dispatcher gathers all called listeners to determine non-called ones. To be able to accurately do that for all events (including the `terminate` one), we need to get the data as late as possible.
* Memory: We want to get the memory as late as possible to get the most accurate number as possible
I'm not very happy with the name and as always, better suggestions would be much appreciated.
This is an extract from #9168
Commits
-------
5cedea2 [HttpKernel] added LateDataCollectorInterface
9c4bc9a [HttpKernel] decoupled TraceableEventDispatcher and Profiler
This PR was merged into the master branch.
Discussion
----------
[Security] Added Security\Csrf sub-component with better token generation
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
**Update September 27, 2013**
This PR simplifies the CSRF mechanism to generate completely random tokens. A random token is generated once per ~~intention~~ token ID and then stored in the session. Tokens are valid until the session expires.
Since the CSRF token generator depends on `StringUtils` and `SecureRandom` from Security\Core, and since Security\Http currently depends on the Form component for token generation, I decided to add a new Security\Csrf sub-component that contains the improved CSRF token generator. Consequences:
* Security\Http now depends on Security\Csrf instead of Form
* Form now optionally depends on Security\Csrf
* The configuration for the "security.secure_random" service and the "security.csrf.*" services was moved to FrameworkBundle to guarantee BC
In the new Security\Csrf sub-component, I tried to improve the naming where I could do so without breaking BC:
* CSRF "providers" are now called "token generators"
* CSRF "intentions" are now called "token IDs", because that's really what they are
##### TODO
- [ ] The documentation needs to be checked for references to the configuration of the application secret. Remarks that the secret is used for CSRF protection need to be removed.
- [ ] Add aliases "csrf_token_generator" and "csrf_token_id" for "csrf_provider" and "intention" in the SecurityBundle configuration
- [x] Make sure `SecureRandom` never blocks for `CsrfTokenGenerator`
Commits
-------
7f02304 [Security] Added missing PHPDoc tag
2e04e32 Updated Composer dependencies to require the Security\Csrf component where necessary
bf85e83 [FrameworkBundle][SecurityBundle] Added service configuration for the new Security CSRF sub-component
2048cf6 [Form] Deprecated the CSRF implementation and added an optional dependency to the Security CSRF sub-component instead
85d4959 [Security] Changed Security HTTP sub-component to depend on CSRF sub-component instead of Form
1bf1640 [Security] Added CSRF sub-component
This PR was merged into the master branch.
Discussion
----------
[Form] Rewrite boolean attributes to match HTML spec
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #7856
> 'The presence of a boolean attribute on an element represents the true value, and the absence of the attribute represents the false value.' - http://www.w3.org/html/wg/drafts/html/master/infrastructure.html#boolean-attribute
This commit modifies widget_container_attributes and widget_attributes so that:
* `true` values render as the attribute name with the attribute name repeated as the value
* `false` values are not rendered
The comparison is strict using sames() in twig.
Previously `false` values would have been rendered as `some-attribute=""` which according to the spec would actually make them a boolean attribute and therefore equal to true.
Commits
-------
b85577b [Form] Improved test coverage of widget_attributes and widget_container_attributes blocks
8e4c2a7 [Form] Rewrite boolean attributes to match HTML spec
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] enforce correct timezone
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | not sure if this is a BC break...
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm using the Form component to handle JSON requests which come from AJAX requests. The JSON is formed by the Angular toJson method
A typical request would be:
```
{
name: "Some name"
start: "2013-08-21T05:00:00.000Z"
end: "2013-08-21T15:00:00.000Z"
}
```
Note that in this case, what I entered in my input boxes are 7:00 for start and 17:00 for end times. As you can see, Angular (or Chrome, I'm not sure), converts this to the "Z" timezone. Since I cannot enforce the correct timezone client side, the timezone will differ from the one configured in the DateTimeType, however, instead of resulting in either an error or a conversion to the correct timezone, I get a datetime object in the wrong timezone, eventually resulting in wrong values in the database.
By checking the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied, this problem is solved.
Commits
-------
b0349a1 [Form] check the required output timezone against the actual timezone of the input datetime object, rather than the expected timezone supplied
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
This PR was merged into the master branch.
Discussion
----------
[Filesystem] introduced new Exception base classes
The Filesystem class now throws a ```FileNotFoundException``` if a file could not be found, rather than an basic ```IOException```. The new exception is still a child of the ```IOException```, this way it doesn' t breack BC.
The ```IOException``` now also takes as the first argument an path to the file of interest, which can be used via the ```getPath()``` method.
The switch to the FilesystemInterface will allow you to have an implementation accessing S3 or Dropbox, etc. and still inject it into a classes, which are requiring the Filesystem.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| Doc PR | symfony/symfony-docs#2947
Commits
-------
c2e43d0 [Filesystem] removed getPath() on Exceptions and cleaned up CS and error messages
785080a [Filesystem] introduced new Exception base classes
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] made the cache key generation configurable for the default HttpCache store
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9088
| License | MIT
| Doc PR | n/a
Commits
-------
780b77a [HttpKernel] made the cache key generation configurable for the default HttpCache store
This PR was merged into the 2.2 branch.
Discussion
----------
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values
Header `HTTP_X_FORWARDED_PROTO` can contain various values. Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Tests pass? | yes
| Fixed tickets | #9101
| License | MIT
Commits
-------
d997443 [HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
* 2.3:
bumped Symfony version to 2.3.6
updated VERSION for 2.3.5
updated CHANGELOG for 2.3.5
Set cost type to integer
bumped Symfony version to 2.2.9
updated VERSION for 2.2.8
updated CHANGELOG for 2.2.8
bumped the version
fixed typo
updated VERSION for 2.2.7
update CONTRIBUTORS for 2.2.7
updated CHANGELOG for 2.2.7
bugix: CookieJar returns cookies with domain "domain.com" for domain "foodomain.com"
fixed HTML5 form attribute handling XPath query
Removed old way of building icu data.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Discussion
----------
Make the getNode function public (DomCrawler)
The getNode function should be public so that DomElement objects can be accessed directly if need be without having to loop manually.
Use case: Want to get to the tagname of a specific domelement.
Commits
-------
9868415 Make getNode function public
This PR was squashed before being merged into the master branch (closes#8288).
Discussion
----------
[Process] Added support for stdout and stderr flush (Issue #7884)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7884
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/2728
**To-do**
- [x] Submit changes to the documentation.
- [x] Fix a test broken on travis.
- [x] Fix mistakes on the documentation.
- [x] Removed flush + get methods.
- [x] Changed tests assert calls.
This PR introduces flushing methods for both stdout and stderr on Process class. The new methods are:
- flushOutput(): clears the output buffer.
- flushErrorOutput(): clears the error output buffer.
Tests for new methods are included on the PR.
Commits
-------
90daef7 [Process] Added support for stdout and stderr flush (Issue #7884)
This PR was merged into the master branch.
Discussion
----------
[Translation] Added support for JSON format (both loader and dumper).
Based on `IniFileLoader\Dumper`.
Q | A
--- | ---
Bug fix? |no
New feature? | yes
BC breaks?| no
Deprecations? |no
Tests pass? | yes
Fixed tickets | -
License | MIT
Doc | this component don't have docs
Commits
-------
fcef021 [Translation] Added support for JSON format (both loader and dumper).