This PR was merged into the 3.4 branch.
Discussion
----------
Remove some unused methods parameters
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR removes some useless private method parameters.
Commits
-------
026730e913 Remove some unused methods parameters
This PR was squashed before being merged into the 3.4 branch (closes#34385).
Discussion
----------
Avoid empty "If-Modified-Since" header in validation request
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Just noticed that when a response has been cached that is `public` and has an `maxAge` but does _not_ provide `Last-Modified`, the validation subrequest will have an empty `If-Modified-Since` header value.
Commits
-------
960faef66f Avoid empty \"If-Modified-Since\" header in validation request
* 4.4:
[Routing] fix tests
[Form] group constraints when calling the validator
Remove wrong @group legacy annotations
[DependencyInjection] Fix dumping multiple deprecated aliases
allow button names to start with uppercase letter
States that the HttpClient provides a Http Async implementation
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] group constraints when calling the validator
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follow up of https://github.com/symfony/symfony/pull/34081
Spotted during the workshop at SymfonyCon, while trying to fix deprecation notices on symfony-demo:
the Form component currently passes constraints one by one for validation, effectively preventing the validator from taking care of cross-constraints dependencies.
This PR fixes it.
This will prevent ppl from having to fix things like
> Using the "Symfony\Component\Validator\Constraints\Length" constraint with the "min" option without setting the "allowEmptyString" one is deprecated and defaults to true. In 5.0, it will become optional and default to false.
Commits
-------
d15f77f33e [Form] group constraints when calling the validator
This PR was merged into the 5.0 branch.
Discussion
----------
Allow PHP ^7.2.5
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34442
| License | MIT
| Doc PR | -
Let's what the CI says.
Will need tagging all contracts as v2.0.1 after merge.
Commits
-------
6194c2a96c Allow PHP ^7.2.5
* 4.4:
[HttpKernel] Make ErrorListener::onKernelException()'s dispatcher argument explicit
Removed extra whitespace
[Security] Fix best encoder not wired using migrate_from
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Fix best encoder not wired using migrate_from
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Thanks @wouterj for spotting it.
Commits
-------
4132a60392 [Security] Fix best encoder not wired using migrate_from
* 4.4:
[Finder] Fixed docs
Fix PR template
Adjust pull request template for 5.0 branchout
Update HttpKernel.php
bumped Symfony version to 4.4.0
updated VERSION for 4.4.0-RC1
updated CHANGELOG for 4.4.0-RC1
* 4.4:
[Messenger] Perform no deep merging of bus middleware
[HttpFoundation] Added possibility to configure expiration time in redis session handler
[FrameworkBundle] Remove project dir from Translator cache vary scanned directories
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
Drop useless executable bit
[DoctrineBridge] Improve queries parameters display in Profiler
catch exceptions when using PDO directly
[SecurityBundle] fix failing test
* 4.3:
[FrameworkBundle] Remove project dir from Translator cache vary scanned directories
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
catch exceptions when using PDO directly
[SecurityBundle] fix failing test
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Perform no deep merging of bus middleware
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This change helps in case one needs to configure a bus differently for a custom environment while keeping existing handlers attached by name.
Commits
-------
c264583f28 [Messenger] Perform no deep merging of bus middleware
This PR was squashed before being merged into the 4.4 branch (closes#34405).
Discussion
----------
[HttpFoundation] Added possibility to configure expiration time in redis session handler
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Add possibility to manually configure expiration time in redis session handler.
Commits
-------
4a9d947b1a [HttpFoundation] Added possibility to configure expiration time in redis session handler
This PR was merged into the 4.3 branch.
Discussion
----------
[Cache] catch exceptions when using PDO directly
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fixsymfony/symfony-docs#12632
| License | MIT
| Doc PR |
Commits
-------
5c1f5594f5 catch exceptions when using PDO directly
* 4.4: (23 commits)
[HttpFoundation] fix docblock
[HttpKernel] Flatten "exception" controller argument if not typed
Fix MySQL column type definition.
Link the right file depending on the new version
[Cache] Redis Tag Aware warn on wrong eviction policy
[HttpClient] fix HttpClientDataCollector
[HttpKernel] collect bundle classes, not paths
[Config] fix id-generation for GlobResource
[HttpKernel] dont check cache freshness more than once per process
[Finder] Allow ssh2 stream wrapper for sftp
[FrameworkBundle] fix wiring of httplug client
add FrameworkBundle requirement
[SecurityBundle] add tests with empty authenticator
[Security] always check the token on non-lazy firewalls
[DI] Use reproducible entropy to generate env placeholders
[WebProfilerBundle] Require symfony/twig-bundle
[Mailer] Add UPGRADE entry about the null transport DSN
bumped Symfony version to 4.3.9
updated VERSION for 4.3.8
updated CHANGELOG for 4.3.8
...
* 4.3:
[HttpFoundation] fix docblock
Fix MySQL column type definition.
Link the right file depending on the new version
[Config] fix id-generation for GlobResource
[Finder] Allow ssh2 stream wrapper for sftp
[DI] Use reproducible entropy to generate env placeholders
[WebProfilerBundle] Require symfony/twig-bundle
bumped Symfony version to 4.3.9
updated VERSION for 4.3.8
updated CHANGELOG for 4.3.8
bumped Symfony version to 3.4.36
updated VERSION for 3.4.35
updated CHANGELOG for 3.4.35
* 3.4:
Link the right file depending on the new version
[Finder] Allow ssh2 stream wrapper for sftp
[WebProfilerBundle] Require symfony/twig-bundle
bumped Symfony version to 3.4.36
updated VERSION for 3.4.35
updated CHANGELOG for 3.4.35
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Cache] Redis Tag Aware warn on wrong eviction policy
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| Deprecations? | no
| Tickets | n.a.
| License | MIT
| Doc PR | n.a.
Adds validation to make sure Redis has been setup with the supported eviction policy to avoid surprises when cache suddenly is inconsistent.
This PR replaces #34178, and instead of checking in constructor and throwing it only checks on save, warns about this and refuses to save cache as suggested on the other PR.
TODO:
- [x] ~Adapt test setups for this to set correct eviction policy~ _It already uses default noeviction_
Commits
-------
e77f6de1e8 [Cache] Redis Tag Aware warn on wrong eviction policy
This PR was merged into the 4.3 branch.
Discussion
----------
[Config] fix id-generation for GlobResource
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I never encountered any issues related to this but still, it's a fix.
Commits
-------
6adbfa2ae7 [Config] fix id-generation for GlobResource
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] dont check cache freshness more than once per process
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
While running some functional tests in a loop, I noticed that half the time is spent computing cache freshness. This makes no sense - this mechanism is supposed to run once per process.
Here is the Blackfire comparison:
https://blackfire.io/profiles/compare/a4f2eb44-ae85-440b-ae87-edf43c2b2ef7/graph
Commits
-------
7f9556ce19 [HttpKernel] dont check cache freshness more than once per process
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] Allow symfony/service-contracts v2
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
In Symfony 4.4 applications, the Form component currently prevents the installation of `symfony/service-contracts` 2.0.0. That should not be the case.
Commits
-------
4755e160be [Form] Allow symfony/service-contracts v2.
* 4.4:
[Console] Constant STDOUT might be undefined.
Add missing conflict with symfony/serializer <4.4
Allow returning null from NormalizerInterface::normalize
bumped Symfony version to 4.4.0
updated VERSION for 4.4.0-BETA1
updated CHANGELOG for 4.4.0-BETA1
[Security\Core] throw AccessDeniedException when switch user fails
[Mime] fix guessing mime-types of files with leading dash
[HttpFoundation] fix guessing mime-types of files with leading dash
[VarExporter] fix exporting some strings
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
* 4.3:
[Console] Constant STDOUT might be undefined.
Allow returning null from NormalizerInterface::normalize
[Security\Core] throw AccessDeniedException when switch user fails
[Mime] fix guessing mime-types of files with leading dash
[HttpFoundation] fix guessing mime-types of files with leading dash
[VarExporter] fix exporting some strings
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
This PR was merged into the 3.4 branch.
Discussion
----------
Allow returning null from NormalizerInterface::normalize
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes?
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Looking at the code, it seems that a normalizer might be called with a `null` value for `$data`, and thus it's only sensible that it be allowed to return `null` too:
7064ff35f2/src/Symfony/Component/Serializer/Serializer.php (L141-L148)
Updating the phpdoc to match.
Commits
-------
1c8edc55ad Allow returning null from NormalizerInterface::normalize
This PR was merged into the 5.0-dev branch.
Discussion
----------
more strict requirements of experimental components
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
23bc40b764 more strict requirements of experimental components
* 3.4:
[HttpFoundation] fix guessing mime-types of files with leading dash
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
This PR was merged into the 5.0-dev branch.
Discussion
----------
Last cleanups before beta
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
61c7c11a32 Last cleanups before beta
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] merge and remove the ErrorRenderer component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR supersedes #34288.
Here is what it does:
- Merge the `ErrorRenderer` component into `ErrorHandler`
- Add `ErrorRendererInterface::render(\Throwable $e): FlattenException` and refactor error renderers around it.
- Add `FlattenException::setAsString()` to make the previous possible.
- Add `CliErrorRenderer` to render error on the CLI too. This means `VarDumper` is now a required dependency of `ErrorHandler`. This paves the way to use it also for rendering HTML - the logic there is much more advanced than what `HtmlErrorRenderer` provides and ever should provide.
- Make `BufferingLogger` map its collected logs to `error_log()` if they are not emptied before.
- Remove some classes that are not needed anymore (`ErrorRenderer`, `ErrorRendererPass`, `HtmlErrorRendererInterface`)
- Simplified the logic in `Debug::enable()` - nobody uses its arguments
- Fix a few issues found meanwhile.
With these changes, the component can be used standalone. One is now able to require only it, register it either with either `ErrorHandler::register()` or `Debug::enable()` and profit.
Commits
-------
d1bf1cada4 [ErrorHandler] help finish the PR
6c9157bbc2 [ErrorHandler] merge and remove the ErrorRenderer component
This PR was merged into the 5.0-dev branch.
Discussion
----------
[5.0][Security] Minor clarification of the new isGranted signature
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
As we now only allow a single attribute for `isGranted()` in Symfony 5, let's adapt the PHPdoc and parameter name as well.
Commits
-------
e41e6b48a9 Clarified single attribute to isGranted() a bit more
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpKernel] make ExceptionEvent able to propagate any throwable
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
An alternative to #34306.
As a reminder, the goal of this series of PRs is to remove the `FatalThrowableError` wrapper that we introduced to seamlessly handle throwables when they were introduced in PHP 7.
From the changelog of `HttpKernel`:
* Deprecated methods `ExceptionEvent::get/setException()`, use `get/setThrowable()` instead
* Deprecated class `ExceptionListener`, use `ErrorListener` instead
And the final target: removed `Symfony\Component\ErrorHandler\Exception\ErrorException` (`FatalThrowableError` is already deprecated.)
Commits
-------
6f67f0e0c0 [HttpKernel] make ExceptionEvent able to propagate any throwable
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Fix defining multiple roles per access_control rule
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12371 needs to be reverted
#33584 deprecated passing multiple attributes to `AccessDecisionManager::decide()`, but this change must not impact `access_control` as you cannot define multiple rules with the same criteria for request matching (the first match wins).
Commits
-------
338b3dfd9f [Security] Fix defining multiple roles per access_control rule
* 4.4:
[Messenger] Fixed bad event dispatcher mocks.
[Workflow] Simplified EventDispatcherMock.
[Routing] revert the return type for UrlGeneratorInterface::generate to remove null
[HttpFoundation] Add a way to anonymize IPs
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fixed bad event dispatcher mocks
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
`EventDispatcherInterface::dispatch()` must return the passed event object. This PR fixes two mocks that violated this contract.
Commits
-------
103930039b [Messenger] Fixed bad event dispatcher mocks.
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] revert the return type for UrlGeneratorInterface::generate to remove null
…to remove null
| Q | A
| ------------- | ---
| Branch? | 3.4 (only)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
Bit of a casualty of commit tennis this:
A change to add `null` here as an option for how `UrlGeneratorInterface::generate()` (rather than the concrete `UrlGenerator`) was merged in https://github.com/symfony/symfony/pull/28321, but then [reverted](90494c20cc) for the reason [that this could be seen as a BC break](https://github.com/symfony/symfony/pull/28321#issuecomment-418540080), as the `null` return had not previously been documented (and is still not as part of the interface method docs).
However, in a subsequent change (https://github.com/symfony/symfony/pull/33252) with a wider scope, this doc change was added _back_ in order to reflect the underlying implementation as a result of a PHPStorm plugin complaining. There's no indication though of what a `null` return here though would mean, and for the same reason as the first revert (that this should be seen as a BC break), I'd like to submit this to be reverted for the 3.4 branch. (In 4.4 the `null` has already been removed.)
Having the interface indicating that this method can return `null` necessitates introducing a lot of actually redundant null checks in code that is covered by static analysis tools such as PHPStan.
Commits
-------
9f853f324f [Routing] revert the return type for UrlGeneratorInterface::generate to remove null
This PR was merged into the 4.3 branch.
Discussion
----------
[Workflow] Simplified EventDispatcherMock
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
This PR simplifies the Workflow component's mock implementation of the event dispatcher by implementing the much simpler contracts interface instead of the full-blown component interface.
Commits
-------
5aee181c83 [Workflow] Simplified EventDispatcherMock.
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] Add a way to anonymize IPs
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features --> TODO
This is helpful for GDPR compliance reasons, and it isn't much code saved but it's also good if you don't have to think about how to do it.
Commits
-------
9e62330bc4 [HttpFoundation] Add a way to anonymize IPs
