This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Configurable execution order for firewall listeners
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | n/a
Hello there, I'm the author of `scheb/two-factor-bundle`, which extends Symfony's security layer with two-factor authentication. I've been closely following the recent changes by @wouterj to rework the security layer with "authenticators" (great work!). While I managed to make my bundle work with authenticators, I see some limitations in the security layer that I'd like to address to make such extensions easier to implement.
In #37336 I've submitted a draft to let security factories add their own authentication listeners to the firewall. This PR is intended to address the issue of execution order. If you look at the `Firewall` class
f64f59a9c0/src/Symfony/Component/Security/Http/Firewall.php (L62-L82)
authentication listeners are executed in the order of their creation. Additionally, there's hardcoded logic to execute `Symfony\Component\Security\Http\Firewall\AccessListener` always last and the logout listener second to last. I'd like to have a more flexible approach, to remove the hardcoded order and give authentication listeners the ability to determine their execution order.
I've added an optional interface to provide a priority to sort all registered authenitication listeners. Sorting is done in a compiler pass, so no time is wasted at runtime.
This is a draft, so I'd like to hear your opinion on this :)
Commits
-------
91388e871b Add ability to prioritize firewall listeners
This PR was merged into the 5.2-dev branch.
Discussion
----------
Remove unnecessary silence operator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
A gobble-all-errors handler was added around the unserialize() call making the @ operator unnecessary.
Commits
-------
03201f0d23 No longer need to silence errors as we're catching them all
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix undefined index for inconsistent command name definition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fixes#38015
| License | MIT
| Doc PR | -
The issue happens when the command name is set via construct/setName() and is routed via a command loader under a different name, which causes `Application::get(): Command` to return null (return type violation) with a notice. This makes it throws a proper CommandNotFoundException as expected.
Commits
-------
d59140e857 Fix undefined index for inconsistent command name definition
This PR was submitted for the 3.4 branch but it was squashed and merged into the 5.2-dev branch instead.
Discussion
----------
[Serializer] fix denormalization of basic property-types in XML and CSV
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33849
| License | MIT
| Doc PR |
Like I explained in the Issue, the serializer cannot de-serialize non-string basic properties (int, float, bool). This PR add's some logic to cast to the expected types.
Similar logic is already present in the [XmlUtils](https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Config/Util/XmlUtils.php#L215)-Class of the Config-Component
Commits
-------
3824dafffb [Serializer] fix denormalization of basic property-types in XML and CSV
This PR was merged into the 5.2-dev branch.
Discussion
----------
[PHPUnitBridge] deprecations not disabled anymore when disabled=0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? |
| Tickets |
| License | MIT
| Doc PR |
According to the [docs](https://symfony.com/doc/current/components/phpunit_bridge.html#disabling-the-deprecation-helper), `disabled=1` turns off deprecations mode on phpunit-bridge. It's not totally true since deprecations are disabled as soon as `disabled` key is present in `SYMFONY_DEPRECATIONS_HELPER`. So if `disabled=0` deprecations are still disabled.
Instead of updating the doc, this PR suggest to make `disabled` behavior consistent with `verbose` behavior, so:
- `disabled` => deprecations disabled
- `disabled=0` => deprecations enabled
- `disabled=1` => deprecations disabled
Commits
-------
6908e3d156 [PHPUnitBridge] deprecations not enabled anymore when disabled=0
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Form] dispatch submit events for disabled forms too
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27217
| License | MIT
| Doc PR |
TODO:
- [ ] add a test case covering the validation use case
Commits
-------
6da42ae2d1 dispatch submit events for disabled forms too
This PR was merged into the 5.1 branch.
Discussion
----------
stop using the deprecated at() PHPUnit matcher
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
e36e73b9cf stop using the deprecated at() PHPUnit matcher
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Added support for using the "{{ label }}" placeholder in constraint messages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #12238
| License | MIT
| Doc PR |
- [ ] Add docs PR
Commits
-------
0d9f44235c Added support for using the "{{ label }}" placeholder in constraint messages
* 5.1:
[Mailer] Fixed 'verify_peer' option in mailer DSN being ignored
[Cache] Psr16Cache does not handle Proxy cache items
[Serializer] fixed fix encoding of cache keys with anonymous classes
Fix symfony/amazon-mailer constraint
[Validator] Fix PhpUnitBridge version constraint.
Bump Symfony version to 5.1.5
Update VERSION for 5.1.4
Update CHANGELOG for 5.1.4
Bump Symfony version to 4.4.13
Update VERSION for 4.4.12
Update CHANGELOG for 4.4.12
Bump Symfony version to 3.4.45
Update VERSION for 3.4.44
Update CONTRIBUTORS for 3.4.44
Update CHANGELOG for 3.4.44
* 4.4:
[Cache] Psr16Cache does not handle Proxy cache items
[Serializer] fixed fix encoding of cache keys with anonymous classes
Bump Symfony version to 4.4.13
Update VERSION for 4.4.12
Update CHANGELOG for 4.4.12
Bump Symfony version to 3.4.45
Update VERSION for 3.4.44
Update CONTRIBUTORS for 3.4.44
Update CHANGELOG for 3.4.44
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Mailer] Fixed 'verify_peer' option in mailer DSN being ignored
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | N/A <!-- required for new features -->
The mailer DSN option 'verify_peer' was being ignored because `$dsn->getOption('verify_peer', true)` was returning a string and thus NOT operator on it was always resulting in false. I propose changing the line where it is used with a `filter_var` call with the `FILTER_VALIDATE_BOOLEAN` as the filter parameter to overcome this issue.
Commits
-------
1c789e87aa [Mailer] Fixed 'verify_peer' option in mailer DSN being ignored
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Psr16Cache does not handle Proxy cache items
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38006
| License | MIT
Add test for Psr16Cache along with a ProxyAdapter
Commits
-------
e525fa1055 [Cache] Psr16Cache does not handle Proxy cache items
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Serializer] fixed fix encoding of cache keys with anonymous classes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36589
| License | MIT
| Doc PR | -
Commits
-------
3a4675359d [Serializer] fixed fix encoding of cache keys with anonymous classes
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Console] Remove restriction for choices to be strings
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#34789
| License | MIT
When using choice, selected answers are forced into strings, preventing us from using complex values such as a class with a custom __toString. This is a problem, as I need the ability to present the user with a list of display strings to choose from, but need the ID associated with that display string in order to do anything useful.
Commits
-------
d276cc9ca3 [Console] Cast associative choices questions keys to string
a0223088a0 [Console] Add tests for removing restriction for choices to be strings
3349d3ce89 Remove restriction for choices to be strings
