This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] add Request type json check in json_login
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no, unreleased feature
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
follow up to https://github.com/symfony/symfony/pull/22425 to limit the `UsernamePasswordJsonAuthenticationListener` to only requests with appropriate JSON content type.
I am not entirely happy with this implementation but mostly because Symfony out of the box only provides very limited content type negotiation. I guess anyone that wants to tweak the content negotiation will simply need to ensure the Request::$format is set accordingly before the code is triggered.
Commits
-------
045a36b303 add Request type json check in json_login
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Serializer] Add missing normalizer options constants
| Q | A
| ------------- | ---
| Branch? | master (3.3)
| Bug fix? | not really
| New feature? | yesish, but for 3.3 as those options were added on this branch and not released yet
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/22537#discussion_r113719848
| License | MIT
| Doc PR | N/A
As seen in https://github.com/symfony/symfony/pull/22537#discussion_r113719848.
@dunglas : I'm not sure about the exposing the `key_type` option as a constant in `ArrayDenormalizer`/`AbstractObjectNormalizer`, as it looks more or less like a detail of the AbstractObjectNormalizer implementation, but anyway it should be in 3.2 if we add it, so I haven't included it here.
However, I wonder if this option shouldn't directly accept a string too, rather than just a `Symfony\Component\PropertyInfo\Type` instance if we want to consider this option "public"?
Commits
-------
b0c414f2c8 [Serializer] Add missing normalizer options constants
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Serializer] Allow to pass csv encoder options in context
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
CSV contents typically are provided by one or many third-parties, not always allowing you to get control over the provided format. In case you need to import csv files with different formats, either you have to instantiate a decoder yourself/inject it instead of the main serializer instance, either you need another serializer instance with a differently configured csv encoder registered within.
This PR allows to configure any encoder option through the context, so you can keep injecting and using the same serializer instance.
Commits
-------
10a76aac15 [Serializer] Allow to pass csv encoder options in context
This PR was merged into the 2.8 branch.
Discussion
----------
Allow Upper Case property names in ObjectNormalizer
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22547
| License | MIT
Same problem that has been fixed here https://github.com/symfony/symfony/pull/22265
and here https://github.com/api-platform/core/pull/1037
ObjectNormalizer returns $id instead of $Id. It is bad naming convention, but is possible
```php
class Entity {
protected $Id;
public function getId()
{
return $this->Id;
}
}
```
Commits
-------
b2b4faa3c0 Allow Upper Case property names in ObjectNormalizer
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] Handle bad request format in json auth listener
| Q | A
| ------------- | ---
| Branch? | master (3.3)
| Bug fix? | yesish
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
In https://github.com/symfony/symfony/pull/22034, I wondered myself if we shouldn't throw a dedicated exception to handle bad formatted requests and give more inputs to the client by returning a 400 response with an explicit message.
~~Here is a suggestion, introducing a new `BadRequestFormatException` and using it in `UsernamePasswordJsonAuthenticationListener` whenever there is no custom failure handler set (but someone using its own handler should be able to treat the failure properly too).~~
As discussed with @chalasr , it seems better to directly throw a `BadRequestHttpException` as it's actually out of the whole security process. PR updated.
Commits
-------
93a8cb9cd4 [Security] Handle bad request format in json auth listener
This PR was squashed before being merged into the 3.3-dev branch (closes#22551).
Discussion
----------
[Process] Ecaping of CLI arguments containing slashes on Windows
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22549
| License | MIT
Actually only the first argument - the command needs to be escaped but that would need another condition. I think it should be OK.
Commits
-------
0d073128de [Process] Ecaping of CLI arguments containing slashes on Windows
This PR was merged into the 3.3-dev branch.
Discussion
----------
Not allowing autoconfigure, instanceofConditionals or defaults for ChildDefinition
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes (removing risky behavior)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | see #22530
| License | MIT
| Doc PR | n/a
This PR *prohibits* using `autoconfigure`, `_instanceof` and `_defaults` for ChildDefinition.
Additionally, I added many "integration" test cases: we need to test and prove all edge cases. These are in the `integration/` directory: the `main.yml` file is parsed and compared to `expected.yml`. Both are in YAML to ease comparing the before/after. We need to check these out and make sure they're right and we're not missing anything else.
This PR removes MANY of the "wtf" cases, but there are still 4 that I know of... and of course they all deal with parent-child stuff :).
A) [MAJOR] [autoconfigure_parent_child_tags](https://github.com/symfony/symfony/pull/22563/files#diff-fd6cf15470c5abd40156e4e7dc4e7f6d) `instanceof` tags from autoconfigure are NEVER applied to the child (you can't set `autoconfigure` directly on a Child, but you still can set it on a parent and inherit it... sneaky). We could throw an Exception I suppose to prevent this `autoconfigure` from cascading from parent to child... but it's tricky due to `instanceof`.
B( [MAJOR] [instanceof_parent_child](https://github.com/symfony/symfony/pull/22563/files#diff-14666e9a25322d44b3c2c583b6814dc2) `instanceof` tags that are applied to the parent, are not applied to the child. Again, you can't set `instanceof` directly on a Child, but you *can* set it on a parent, and have that cascade to the child. Like before, we could maybe throw an exception to prevent this.
C) [MINOR] ([autoconfigure_child_not_applied](https://github.com/symfony/symfony/pull/22563/files#diff-3372a1dcaf3af30d14a7d0a6c8bfa988)) automatic `instanceof` will not be applied to the child when the parent class has a different (non-instanceof-ed) class. If we could throw an exception for (A), then it would cover this too.
D) `_tags` from defaults are never used (unless you have inherit_tags) - fixed in #22530
A, B & C are effectively caused by there being a "sneaky" way to re-enable `autoconfigure` and `instanceof` for ChildDefinition... which opens up wtf cases.
## Wait, why not support `_defaults`, `autoconfigure` and `_instanceof` for child definitions?
1 big reason: reduction of wtf moments where we arbitrarily decide override logic. PLUS, since `_defaults`, `instanceof` and `autoconfigure` *are* applied to parent definitions, in practice (other than tags), this makes no difference: the configuration will still pass from parent down to child.
Also, using parent-child definitions is already an edge case, and this *simply* prevents *just* those services from using the new features.
## Longer reasons why
The reason behind this is that parent-child definitions are a different mechanism for "inheritance"
than `_instanceof` and `_defaults`... creating some edge cases when trying to figure out which settings "win". For example:
```yml
# file1.yml
services:
_defaults:
public: false
ChildService:
parent: parent_service
# file2.yml
services:
_defaults:
public: true
ParentService: ~
```
Is `ChildDefinition` `public: true` (so the parent
overrides the child, even though it only came from _defaults) or `public: false` (where
the child wins... even though it was only set from its _defaults)?
Or, if ParentService is explicitly set to `public: true`, should that override the `public: false` of ChildService (which it got from its `_defaults`)? On one hand, ParentService is being explicitly
set. On the other hand, ChildService is explicitly in a file settings `_defaults` `public: false`
There's no correct answer.
There are also problems with `_instanceof`. The importance goes:
> defaults < instanceof < service definition
But how do parent-child relationships fit into that? If a child has public: false
from an _instanceof, but the parent explicitly sets public: true, which wins? Should
we assume the parent definition wins because it's explicitly set? Or would the
_instanceof win, because that's being explicitly applied to the child definition's
class by an _instanceof that lives in the same file as that class (whereas the parent
definition may live in a different file).
Because of this, @nicolas-grekas and I (we also talked a bit to Fabien) decided that
the complexity was growing too much. The solution is to not allow any of these
new feature to be used by ChildDefinition objects. In other words, when you want some
sort of "inheritance" for your service, you should *either* giving your service a
parent *or* using defaults and instanceof. And instead of silently not applying
defaults and instanceof to child definitions, I think it's better to scream that it's
not supported.
Commits
-------
a943b96d42 Not allowing autoconfigure, instanceofConditionals or defaults for ChildDefinition
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console][HttpKernel] Avoid reflection-based registration for command public services
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/22410#issuecomment-298158585
| License | MIT
| Doc PR | n/a
By mapping commands ids by their alias in `console.command.ids` (even if the alias is not registered in the container for public services), then skipping reflection if the predictable alias exists as a key of `console.command.ids`.
Please note that the whole command service registration process is far from ideal.
I'm working on changing this for 3.4 in a transparent way regarding end users, leveraging PSR-11 to make the console component DI friendly, allowing to register commands as true private services (no more public aliases) and providing laziness for those.
Commits
-------
6c1b384b75 Avoid reflection-based registration for command public services
This PR was squashed before being merged into the 3.3-dev branch (closes#22564).
Discussion
----------
Fixing problem where _defaults set to null was seen as a service
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
```yml
services:
_defaults:
```
If you leave `_defaults` empty (i.e. null), you got a bad error before. Now it's better :)
Before:
>The definition for "_defaults" has no class. If you intend to inject this service dynamicall
y at runtime, please mark it as synthetic=true. If this is an abstract definition solely use
d by child definitions, please add abstract=true, otherwise specify a class to get rid of th
is error.
After:
> Service "_defaults" key must be an array, "NULL" given in "/path/to/services.yml"
Commits
-------
4b7e148a9b Fixing problem where _defaults set to null was seen as a service
This PR was squashed before being merged into the 2.7 branch (closes#22528).
Discussion
----------
[Asset] Starting slash should indicate no basePath wanted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish... and no-ish
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
**Important** View the second commit for an accurate diff. The first commit just renames some strings in a test for clarity.
When we moved `PathPackage` from `Templating` to `Asset`, we actually changed its behavior. Assume that we're deployed under a `/subdir` subdirectory:
**Before** `{{ asset('/main.css') }}` would *not* have the base path prefixed -> `/main.css`
**After** `{{ asset('/main.css') }}` *does* have the base path prefixed -> `/subdir/main.css`
3adff11d72/src/Symfony/Component/Templating/Asset/PathPackage.php (L61-L63)
This PR simply reverses that, to the *previous* behavior. This *is* a BC break... and also arguably a bug fix :). Interestingly, when we changed the behavior the first time (i.e. broke BC), I don't think that anyone noticed. It should only affect users deployed under a subdirectory.
Why do I care? I'm using the new `JsonManifestVersionStrategy` with a library that is outputting paths that *already* include my subdirectory:
```json
{
"build/main.css": "/subdir/build/main.abc123.css"
}
```
So, I do not want Symfony to detect the `/subdir` and apply it a second time.
Commits
-------
3cc096b540 [Asset] Starting slash should indicate no basePath wanted
Also, not allowing arguments or method calls for autoconfigure. This is a safety
mechanism, since we don't have merging logic. It will allow us to add this in the
future if we want to.
The reason is that parent-child definitions are a different mechanism for "inheritance"
than instanceofConditionas and defaults... creating some edge cases when trying to
figure out which settings "win". For example:
Suppose a child and parent definitions are defined in different YAML files. The
child receives public: false from its _defaults, and the parent receives public: true
from its _defaults. Should the final child definition be public: true (so the parent
overrides the child, even though it only came from _defaults) or public: false (where
the child wins... even though it was only set from its _defaults). Or, if the parent
is explicitly set to public: true, should that override the public: false of the
child (which it got from its _defaults)? On one hand, the parent is being explicitly
set. On the other hand, the child is explicitly in a file settings _defaults public
to false. There's no correct answer.
There are also problems with instanceof. The importance goes:
defaults < instanceof < service definition
But how does parent-child relationships fit into that? If a child has public: false
from an _instanceof, but the parent explicitly sets public: true, which wins? Should
we assume the parent definition wins because it's explicitly set? Or would the
_instanceof win, because that's being explicitly applied to the child definition's
class by an _instanceof that lives in the same file as that class (whereas the parent
definition may live in a different file).
Because of this, @nicolas-grekas and I (we also talked a bit to Fabien) decided that
the complexity was growing too much. The solution is to not allow any of these
new feature to be used by ChildDefinition objects. In other words, when you want some
sort of "inheritance" for your service, you should *either* giving your service a
parent *or* using defaults and instanceof. And instead of silently not applying
defaults and instanceof to child definitions, I think it's better to scream that it's
not supported.
This PR was squashed before being merged into the 3.3-dev branch (closes#22531).
Discussion
----------
Throwing an exception if the class is not found
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
We now throw an exception if the user makes a mistake with their PSR-4 prefix and namespace. For example:
```yml
AppBundle\Controller\:
resource: '../../src/AppBundle/{Controller}'
public: true
```
I should not have the `\Controller` at the end of the key. Previously, it would silently not import any services from the directory. Now it throws:
> Expected to find class "AppBundle\Controller\Controller\Admin\BlogController" in file "/path/to/project/src/AppBundle/Controller/Admin/BlogController.php" while importing services from resource "../../src/AppBundle/{Controller}", but it was not found! Check the namespace prefix used with the resource.
The only "downside" is that this prevents someone from importing files from a resource that has a file with no class in it (`functions.php`). @nicolas-grekas and I decided today that we can throw an exception now to be safe, and see if anyone has that valid use-case.
Cheers!
Commits
-------
e85bcc9 Throwing an exception if the class is not found
| Q | A
| ---------------- | -----
| Bug report? | yes
| Feature request? | no
| BC Break report? | yes
| RFC? | no
| Symfony version | 2.8.19
Same problem that has been fixed here https://github.com/symfony/symfony/pull/22265
and here https://github.com/api-platform/core/pull/1037
ObjectNormalizer returns $id instead of $Id. It is bad naming convention, but is possible
```php
class Entity {
protected $Id;
public function getId()
{
return $this->Id;
}
}
```
This PR was merged into the 3.3-dev branch.
Discussion
----------
[FrameworkBundle] Restore 3.2-like behavior for FormPass, to help BC with Sonata
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I tried updating a Sonata project to 3.3, and found it broken.
The issue is that Sonata uses the constructor arguments of the `form.extension` to create its own `form.extension` service - but borrows its first args from the Symfony one.
Here is the form pass doing that:
https://github.com/sonata-project/SonataCoreBundle/blob/3.x/DependencyInjection/Compiler/FormFactoryCompilerPass.php
And the implementation of the form extension:
https://github.com/sonata-project/SonataCoreBundle/blob/3.x/DependencyInjection/SonataCoreExtension.php
Question: is this covered by the BC policy? It shouldn't to me, because that would prevent *any* service reconfiguration.
Thus, I'm proposing the attached patch, which basically reverts the deprecated `FormPass` in FrameworkBundle to its 3.2 state.
I added a check to the new `FormPass` in the Form component so that it doesn't overwrite such compatibility configurations.
See for corresponding fix on https://github.com/sonata-project/SonataCoreBundle/pull/399
Commits
-------
c97b08e6c0 [FrameworkBundle] Restore 3.2-like behavior for FormPass, to help BC with Sonata
This PR was merged into the 2.7 branch.
Discussion
----------
[Asset] Preventing the base path or absolute URL from being prefixed incorrectly
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes an edge case (which I need) where the version strategy returns an absolute URL. Currently, if this happens, the baseUrl or basePath is prefixed - giving `https://baseurl.com/https://pathreturnedfromversioning.com` or `/basePath/https://pathreturnedfromversioning.com`.
I don't see any reason to prevent an absolute URL from being returned by the version strategy. And it's not a BC break, because the previous paths that were returned were nonsense.
Cheers!
Commits
-------
746c91eea4 Preventing the base path or absolute URL from being prefixed incorrectly on an absolute URL
* 3.2:
Fixed the flickering when loading complex profiler panels
[Console] Fix bar width with multilines ProgressBar's format
[DI] Add missing check in PhpDumper
[Serializer] XmlEncoder: fix negative int and large numbers handling
[Console] Fix dispatching throwables from ConsoleEvents::COMMAND
* 2.8:
Fixed the flickering when loading complex profiler panels
[DI] Add missing check in PhpDumper
[Serializer] XmlEncoder: fix negative int and large numbers handling
[Console] Fix dispatching throwables from ConsoleEvents::COMMAND
* 2.7:
[DI] Add missing check in PhpDumper
[Serializer] XmlEncoder: fix negative int and large numbers handling
[Console] Fix dispatching throwables from ConsoleEvents::COMMAND
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Review console.ERROR related behavior
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR is a follow up of #18140 that I wanted to do since a few weeks.
It enhances this work with fixes and behavior changes.
It embeds #22435 and resolves issues like the one described in #20808.
- makes ConsoleErrorEvent *not* extend the deprecated ConsoleExceptionEvent
- replace ConsoleErrorEvent::markErrorAsHandled by ConsoleErrorEvent::setExitCode
- triggers the deprecation in a more appropriate moment
- renames ExceptionListener to ErrorListener
- tweaks the behavior in relation to #22435
Commits
-------
a7c67c9ab2 [Console] Review console.ERROR related behavior
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Cache] Keep only hit/miss (not values) in TraceableAdapter/Cache
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Right now, TraceableAdapter and TraceableCache both keep all fetched values.
This exhaustive reporting is too much data gathering to me.
Here is a PR that keeps only true/false for each hit/miss + all corresponding keys.
That can still be a lot of data (one item per fetched key) - but a bit better.
Should we go further in stats-only gathering? Or should we *not* do this and keep collecting *all* the values?
The PR also fixes "Traversable" handling.
ping @Nyholm
The profiler panel still works (although breaking lines in the middle of words is strange, but this is the profiler's CSS, nothing special to this specific case).
![capture du 2017-04-19 11-40-13](https://cloud.githubusercontent.com/assets/243674/25173586/f9615dd6-24f4-11e7-8d6f-36fb2437c3b6.png)
Commits
-------
0c73c5d [Cache] Keep only hit/miss (not values) in TraceableAdapter/Cache
This PR was squashed before being merged into the 3.2 branch (closes#21958).
Discussion
----------
[Console] Fix bar width with multilines ProgressBar's format
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The bar width is badly recalculated when we use multilines (``\n``) and bar placeholer (``%bar%``) in ProgressBar's format. The bar width is reduced because multilines is considered as a big oneline. This PR fixes this.
Commits
-------
3d58ab5bad [Console] Fix bar width with multilines ProgressBar's format
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Allow service subscribers to leverage autowiring to know where their locator should be injected
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e407b3d42e [DI] Allow service subscribers to leverage autowiring to know where the locator should be injected
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Process] Fix BC break: "exec" should remain an internal "detail"
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22476
| License | MIT
| Doc PR | -
Commits
-------
eedcece20b [Process] Fix BC break: "exec" should remain an internal "detail"
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Fix inlining conflict by restricting IteratorArgument to Reference[]
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
`Reference` found in `ArgumentInterface::getValue()` are currently not inlined.
While trying to do so (hint: I failed), I noticed that the current code is broken for `IteratorArgument` which can contain anonymous `Definition` for now, which are then not inlined correctly.
This PR restricts `IteratorArgument` to arrays of `Reference`, and improves a few related things found while doing it.
(fabbot failure is false positive)
Commits
-------
4d3dce1c0f [DI] Fix inlining conflict by restricting IteratorArgument to Reference[]
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] XmlEncoder: fix negative int and large numbers handling
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #22329, #22333 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Alternative to #22333.
* Negative integers are now handled
* Float are now handled
* Large numbers are converted to float (as the `JsonEncoder` and native PHP functions like `ceil` do)
@vlastv, I've adapted your test. Can you check if it fixes your problem?
Commits
-------
1eeadb0c98 [Serializer] XmlEncoder: fix negative int and large numbers handling
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] Fix json_login default success/failure handling
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (master only)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22483
| License | MIT
| Doc PR | n/a
This makes the `json_login` listener default configuration stateless oriented by:
- Not using the default (redirect based) failure handler, it returns a 401 (json) response containing the failure reason instead
- Not using the default (redirect based) success handler, just let the original request continue instead (reaching the targeted resource without being redirected).
- Setting `require_previous_session` to `false` by default (I have to set it on `form-login` each time I want it to be stateless)
- Removing the options related to redirections (`default_target_path`, `login_path`, ...) from the listener factory, if one wants redirections then one has to write its own handlers, not the inverse
Commits
-------
9749618ff5 Fix json_login default success/failure handling
This PR was squashed before being merged into the 3.3-dev branch (closes#22234).
Discussion
----------
[DI] Introducing autoconfigure: automatic _instanceof configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes (mostly, a continuation of a new feature)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/issues/7538
This is a proposal to allow the user to opt into some automatic `_instanceof` config. Suppose I want to auto-tag all of my voters and event subscribers
```yml
# current
services:
_defaults:
autowire: true
_instanceof:
Symfony\Component\Security\Core\Authorization\Voter\VoterInterface:
tags: [security.voter]
Symfony\Component\EventDispatcher\EventSubscriberInterface:
tags: [kernel.event_subscriber]
# services using the above tags
AppBundle\Security\PostVoter: ~
AppBundle\EventListener\CheckRequirementsSubscriber: ~
```
If I'm registering a service with a class that implements `VoterInterface`, when would I ever *not* want that to be tagged with `security.voter`? Here's the proposed code:
```yml
# proposed
services:
_defaults:
autowire: true
autoconfigure: true
# services using the auto_configure_instanceof functionality
AppBundle\Security\PostVoter: ~
AppBundle\EventListener\CheckRequirementsSubscriber: ~
```
The user must opt into this and it only applies locally to this configuration file. It works because each enabled bundle would have the opportunity to add one or more "automatic instanceof" definitions - e.g. SecurityBundle would add the `security.voter` instanceof config, FrameworkBundle would add the `kernel.event_subscriber` instanceof config, etc.
For another example, you can check out the proposed changes to `symfony-demo` - symfony/symfony-demo#483 - the `_instanceof` section is pretty heavy: 81694ac21e/app/config/services.yml (L20)
Thanks!
Commits
-------
18627bf9f6 [DI] Introducing autoconfigure: automatic _instanceof configuration
This PR was merged into the 3.3-dev branch.
Discussion
----------
Persist app bootstrapping logs for logger datacollector
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | yes
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21405
| License | MIT
Logs generated during the container build are catched by the BufferingLogger with a special flag.
They are persist by the LoggerDataCollector and are available in the logger profiler.
In the profiler toolbar, the "container build" logs increment the current logs counter (even if the container was previously built).
<img width="540" alt="capture d ecran 2017-02-01 a 20 56 40" src="https://cloud.githubusercontent.com/assets/1017746/22523826/0bc12e4a-e8c1-11e6-830f-7f6238ea7423.png">
<img width="1022" alt="capture d ecran 2017-02-01 a 20 57 55" src="https://cloud.githubusercontent.com/assets/1017746/22523859/2c48a698-e8c1-11e6-9bdb-d85f3e692938.png">
The BufferingLogger now require the cachePath and the filesystem to persist a (unique) container build logs.
If the current workflow is ok, I will update the test coverage (actually they fail). Maybe we can display the appDevDebugProjectContainerCompiler.log content in that logger profile.
Commits
-------
2fd18b5503 [VarDumper] Fine tune dumping log messages
ce3ef6a96e Persist app bootstrapping logs for logger datacollector
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Fix fatal error when logging console.error without command
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22449
| License | MIT
| Doc PR | n/a
Happens now that the console.error event is dispatched on command not found, I ran into using `server:run` on 3.3 without `web-server-bundle` enabled:
> PHP Fatal error: Uncaught Symfony\Component\Debug\Exception\FatalThrowableError: Call to a member function getName() on null
In this case, this first tries to cast the event input as string (less good than when the command name is available, there're extra quotes around the command name) and, if can't be casted, uses a generic message.
Commits
-------
97129fc611 Fix fatal error when logging console.error without a command
* 3.2:
Make .travis.yml more readable
Fold Travis CI output by component
[VarDumper] Minor tweaks to html/css dumps
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[PropertyInfo] Remove a useless call to count() in SerializerExtractor
[PropertyInfo] Prevent returning int values in some cases.
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 2.8:
Make .travis.yml more readable
Fold Travis CI output by component
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[PropertyInfo] Remove a useless call to count() in SerializerExtractor
[PropertyInfo] Prevent returning int values in some cases.
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 2.7:
Make .travis.yml more readable
Fold Travis CI output by component
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
This PR was squashed before being merged into the 3.3-dev branch (closes#22425).
Discussion
----------
[Security] Allow to set a check_path on json_login listener
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no, master only
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21948, ~~#22423~~
| License | MIT
| Doc PR | n/a
The listener should allow to restrict authentication to a given check_path, as stated in the docs http://symfony.com/doc/master/security/json_login_setup.html
Commits
-------
9f7eb618a4 [Security] Allow to set a check_path on json_login listener
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Add throws PHPDoc in Application::run()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | /
| License | MIT
| Doc PR | /
Same idea than merged #22411.
Commits
-------
28332afb38 Add trhows PHPDoc in Application::run
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Set exit status to 255 on error
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes (no easily testable in fact)
| Fixed tickets | #20775
| License | MIT
| Doc PR | -
Commits
-------
67e249dc81 [Debug] Set exit status to 255 on error
This PR was squashed before being merged into the 3.3-dev branch (closes#22420).
Discussion
----------
[DI] Make tagged abstract services throw earlier
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/pull/22388#issuecomment-293565243, skipping abstract tagged services removes an opportunity to report config mistakes to users.
Instead of skipping them, let's throw as done before (thus reverting #22039, ping @chalasr).
I made `$container->findTaggedServiceIds()` accept a 2nd arg to make this more systematic.
To keep the possibility to have abstract tagged services *for the purpose of tag inheritance*, `ResolveTagsInheritancePass` now resets their tags.
Commits
-------
388e4b3389 [DI] Make tagged abstract services throw earlier
cd06c1297b Revert "minor #22039 Skip abstract definitions in compiler passes (chalasr)"
This PR was merged into the 3.3-dev branch.
Discussion
----------
Enhancing integration test to show that "override" tags show up first
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not needed
Relates a bit to #22396, in that I'm clarifying and emphasizing the following types of situations:
```yml
services:
_instanceof:
Symfony\Component\Security\Core\Authorization\Voter\VoterInterface:
tags:
# you probably shouldn't set priority here, but let's pretend we did
- { name: security.voter, priority: 100 }
AppBundle\Security\CoolPersonVoter:
tags:
- { name: security.voter, priority: 50 }
```
In the final `Definition`, the tags will appear in this order:
* security.voter, priority 50
* security.voter, priority 100
It works the same for parent-child definitions.
tl;dr; If a service has the same tag multiple times, the one that should be used should appear *earlier* in the Definition. The code already works that way - this test emphasizes it.
Commits
-------
e9b96e5 Enhancing integration test to show that "override" tags always show up first
This PR was merged into the 3.3-dev branch.
Discussion
----------
Add a note about the ServiceLocator class in the changelog
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
In addition to have `container.service_locator` and `container.service_subscriber` based on, this class is useful on its own as it is the one avoiding the need for having the `Container` class filling this role.
Commits
-------
92994f3 Add a note about the ServiceLocator class in the changelog
* 3.2:
[2.8] Prevent double registrations related to tag priorities
Prevent double registrations related to tag priorities
[3.2] Prevent double registrations related to tag priorities
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Replace autowiring BC break by regular deprecation
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
It happens that doing so is really easy now. And as discussed in #22295, this should be more friendly to our users.
Commits
-------
0ed087d972 [DI] Replace autowiring BC break by regular deprecation
This PR was merged into the 3.3-dev branch.
Discussion
----------
added a more specialized exception for a better error message
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes/no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When trying to load a resource, it is very interesting to understand why a resource cannot be loaded. Especially when you get `Cannot load resource "../src/Controller/".`... when the real error is that annotation support is disabled. This PR adds more information in that case.
Commits
-------
aeb9bffa8f added a more specialized exception for a better error message
* 3.2:
Allow terminal dimensions to be set to 0 (unbounded)
[Cache] Remove exception false-positive from FilesystemAdapterTrait
fix risky tests
fix risky tests
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
* 2.8:
fix risky tests
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
* 2.7:
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
This PR was merged into the 3.2 branch.
Discussion
----------
[Cache] Remove exception false-positive from FilesystemAdapterTrait
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20517
| License | MIT
| Doc PR | -
As reported in the linked issue, there seem to be a race condition in FilesystemAdapterTrait (maybe related to realpath cache?).
Let's remove that exception: if the mkdir really fails, the error will be logged later on when a cache entry will be written (or succeed if the race is over.)
Commits
-------
a756db78d0 [Cache] Remove exception false-positive from FilesystemAdapterTrait
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Rework config hierarchy: defaults > instanceof > service config
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Replaces #22294.
The main change is that ChildDefinition does not have "instanceof" applied anymore. All the complexity of the pass came from the merging logic required to deal with them. But in fact, we'd better not have any such logic and just not apply "instanceof" to ChildDefinition (but have them inherit from their parents with the usual logic).
Commits
-------
6d6116b920 Adding an integration test for the hirarchy of defaults, instanceof, child, parent definitions
ab86457b12 [DI] Rework config hierarchy: defaults > instanceof > service config
cbaee55223 [DI] Track changes at the "Definition" level
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Dotenv] Throwing an error when loading nothing
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This is a quick fix to prevent anoying when you follow a tutorial using another dotenv component. For example, this code uses [vlucas/phpdotenv](https://packagist.org/packages/vlucas/phpdotenv):
```php
$dotenv = new Dotenv\Dotenv(__DIR__.'/../');
$dotenv->load();
```
Silently failed with symfony/dotenv.
Commits
-------
911bc68991 [Dotenv] Throwing an error when loading nothing
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Populate class of ChildDefinition when its id matches an existing FQCN
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22345
| License | MIT
| Doc PR | -
See linked issue for expected DX.
Instead of doing a "continue", let's throw to force the resolution of any ambiguities.
There is a minor potential BC Break, if one uses an ambiguous FQCN as child-definition id in 3.2 or below.
To me, this should be rare, and easy to fix (compile time only).
The DX enhancement this PR provides looks worth it.
> Service definition "App\Foo\Child" has a parent but no class, and its name looks like a FQCN. Either the class is missing or you want to inherit it from the parent service. To resolve this ambiguity, please rename this service to a non-FQCN (e.g. using dots), or create the missing class.
Commits
-------
3200d3738a [DI] Populate class of ChildDefinition when its id matches an existing FQCN
This PR was squashed before being merged into the 3.3-dev branch (closes#22239).
Discussion
----------
[Finder] Glob wildcard while using double-star without ending slash
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ø
| License | MIT
| Doc PR | ø
This PR allows to use the `Glob::toRegex` method to dump a glob that will match "everything after" while using the double-star without leading slash. `/foo/**` will therefore match `/foo/a` or `/foo/a/b/c` or even `/foo/a/b/c/d.e`.
The use-case for this change is an application allowing its users to match a list of files/folders from such glob pattern.
Happy to add a line in the CHANGELOG and documentation if you feel that would make sense.
Commits
-------
170b0ace2c [Finder] Glob wildcard while using double-star without ending slash
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Dotenv] Throwing an exception when loading a directory
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
8b83b58aa5 Throwing an exception when loading a directory
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel et al.] Move DataCollector::cloneVar() to lateCollect()
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22166
| License | MIT
| Doc PR | -
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
f83f971c3f [HttpKernel et al.] Move DataCollector::cloneVar() to lateCollect()
This PR was squashed before being merged into the 3.3-dev branch (closes#22273).
Discussion
----------
Add a new Link component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? |no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
This a proposal to extract HTTP preloading features introduced in #21478 in their own component.
There are some good reasons to do it:
* HTTP preloading is not (only) about assets: this standalone component could be very useful to replace resources embedding in APIs by HTTP/2 pushes like described in [this article](https://evertpot.com/rest-embedding-hal-http2/) by @evert. In such case, there is no reason to carry the whole asset component for an API.
* There is no dependency nor relation at all between the code of the asset compnent and the one I've added for Preloading features
* It makes the code cleaner (no more optional dependency in the `Asset` Twig extension)
This component would also better fit in HttpFoundation than in Asset. But there is no dependency between it and HttpFoundation and it can easily be used with PSR-7 too, so IMO it better belongs in a standalone component.
Btw, ~~~I plan to add support for prefetching to this component. Except a PR soon.~~~ Prefetching and prerendering support added in this PR.
ping @symfony/deciders
Commits
-------
053de25edf Add a new Link component
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Fix named args overridding
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22196
| License | MIT
| Doc PR | -
(The exception check in ResolveDefinitionTemplatesPass is not done in ResolveNamedArgumentsPass.)
Commits
-------
0c030d92f9 [DI] Fix named args overridding
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add `use_strict_mode` in validOptions for session
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9258
| License | MIT
| Doc PR |
PHP ini `session.use_strict_mode` was added in PHP 5.5.2 so I didn't target 2.8 as this still uses PHP 5.3. https://secure.php.net/manual/en/session.configuration.php#ini.session.use-strict-mode
Commits
-------
130ee327d4 Add `use_strict_mode` in validOptions for session
* 3.2:
don't keep internal state between parser runs
Add \Traversable typehint to phpdoc
[ExpressionLanguage] Avoid dependency on ctype
Moved ->setDate() before the deprecation handling.
[Debug] Fix php notice
[VarDumper] Relax tests to adapt for php 7.1rc4
This PR was merged into the 3.3-dev branch.
Discussion
----------
Add Kernel::getProjectDir()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes/no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
`Kernel::getRootDir()` is misleading. It returns the path where `AppKernel.php` is stored, which is `app/` in Symfony 2/3, but `src/` in Symfony 4. But most of the time, we are using `getRootDir()` to get the project root dir, so `%kernel.root_dir%/../` is a common idiom.
Changing the value of `getRootDir()` would be a hard BC break, so I propose to create a new method, `getProjectDir()` to "replace" `getRootDir()` gradually.
Commits
-------
1f680ccb2d added Kernel::getProjectDir()
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Enhance wording of autowiring exceptions
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
> Cannot autowire service "j": argument "$i" of method "Symfony\Component\DependencyInjection\Tests\Compiler\J::__construct()" references class "Symfony\Component\DependencyInjection\Tests\Compiler\I" but no such service exists. You should maybe alias this class to the existing "i" service; or type-hint against interface "Symfony\Component\DependencyInjection\Tests\Compiler\IInterface" instead.
Commits
-------
da792b2ff7 [DI] Enhance wording of autowiring exceptions
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel] Skip ContainerAwareInterface::setContainer from service_arguments actions registration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As it would never be used
Commits
-------
ad59e1804f Skip ContainerAwareInterface::setContainer from service_arguments actions registration
This PR was squashed before being merged into the 3.2 branch (closes#22304).
Discussion
----------
Moved $this->setDate() before the deprecation handling.
| Q | A
| ------------- | ---
| Branch? | 3.2 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no?
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
https://github.com/symfony/symfony/pull/22036 merged the patch into the wrong place; the `$this->setDate()` happens after the deprecation handling, so it does not always get called.
See also https://www.drupal.org/node/2712647?page=1#comment-12025349
Commits
-------
b6df4e7 Moved ->setDate() before the deprecation handling.
This PR was submitted for the 2.8 branch but it was merged into the 2.7 branch instead (closes#22307).
Discussion
----------
[Debug] Fix php notice
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Of course autoloading of an empty string should not actually happen (fixed that in https://github.com/twigphp/Twig/pull/2438) but if it does happen it should not throw a php notice.
```
Notice: Uninitialized string offset 0
```
Commits
-------
e333a1a [Debug] Fix php notice
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel][FrameworkBundle] Dump container logs in Kernel, to have them also on errors
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Inspecting container failures without the logs is hard, let's have them at hand. This should not be the responsibility of a compiler pass.
Commits
-------
a8b83340bb [HttpKernel][FrameworkBundle] Dump container logs in Kernel, to have them also on errors
* 3.2:
move provider after test
update dataProvider function name
cast substr result to string and remove empty function use
rename dataset provider
Add a test to prevent future regressions
Switch to `empty` native function to check emptiness
remove non relevant test case
Switch to `is_string` native method
Remove unnecessary parentheses
Add a test case to prevent future regressions
Move empty condition in return statement
Use LF line separator
fix coding standard to comply with fabbot
Remove malformed EmailValidatorTest + Update UrlValidator test
Add empty check on host in other methods + add unit tests
[Validator] Allow checkMX() to return false when $host is empty
[DI] Prevent AutowirePass from triggering irrelevant deprecations
[DI] Fix the xml schema
[Translation] avoid creating cache files for fallback locales.
* 2.8:
move provider after test
update dataProvider function name
cast substr result to string and remove empty function use
rename dataset provider
Add a test to prevent future regressions
Switch to `empty` native function to check emptiness
remove non relevant test case
Switch to `is_string` native method
Remove unnecessary parentheses
Add a test case to prevent future regressions
Move empty condition in return statement
Use LF line separator
fix coding standard to comply with fabbot
Remove malformed EmailValidatorTest + Update UrlValidator test
Add empty check on host in other methods + add unit tests
[Validator] Allow checkMX() to return false when $host is empty
[DI] Prevent AutowirePass from triggering irrelevant deprecations
[DI] Fix the xml schema
[Translation] avoid creating cache files for fallback locales.
* 2.7:
move provider after test
update dataProvider function name
cast substr result to string and remove empty function use
rename dataset provider
Add a test to prevent future regressions
Switch to `empty` native function to check emptiness
remove non relevant test case
Switch to `is_string` native method
Remove unnecessary parentheses
Add a test case to prevent future regressions
Move empty condition in return statement
Use LF line separator
fix coding standard to comply with fabbot
Remove malformed EmailValidatorTest + Update UrlValidator test
Add empty check on host in other methods + add unit tests
[Validator] Allow checkMX() to return false when $host is empty
[DI] Fix the xml schema
[Translation] avoid creating cache files for fallback locales.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Form] Deprecated usage of "choices" option in sub types
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | ~
Follows #21880 and the discussion in #20771.
Commits
-------
b5b56fcbac [Form] Deprecated usage of "choices" option in sub types
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Yaml] report deprecations when linting YAML files
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In a project I frequently discovered usages of deprecated YAML formats. I first wanted to set up a build step that would lint all YAML files found in that project to be able to report it inside the CI. While doing so I noticed that the lint command was ignoring all deprecations after all. I suggest that catch all deprecations triggered by the YAML components and turn them into reported errors here. If we think that this could be seen as misbehaviour as the Symfony YAML parser is still able to handle these files properly, we could think about adding an additional option to the command that would turn on the deprecation handling.
Commits
-------
9b4206ff73 report deprecations when linting YAML files
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI/Yaml] Remove `@experimental` flag from "instanceof" and "prototype"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
We don't need this flag on these features: the implementation is stable, and regular deprecations should be the way to go in the event where we decide to remove this later on.
That would leave only one single `@experimental` feature in 3.3: `CacheItem::getPreviousTags()`, which looks legitimate to me (since this method is aiming at interop).
Commits
-------
e8723df28a [DI/Yaml] Remove `@experimental` flag from "instanceof" and "prototype"
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Console] Allow to catch CommandNotFoundException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/22144#issuecomment-289200937
| License | MIT
| Doc PR | n/a
Basically reverts #22144, making the command argument optional in console.error event instead, so that `CommandNotFoundException` can be handled as any other console error.
Commits
-------
b21ce850e7 [Console] Allow to catch CommandNotFoundException
This PR was merged into the 2.8 branch.
Discussion
----------
[DI] Prevent AutowirePass from triggering irrelevant deprecations
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no (just a failing test case atm)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
For populating available types the AutowirePass iterates over `$container->getDefinitions()` trying to instantiate a reflection class for each definition.
Problem is that if one of these classes is deprecated, a notice is triggered due to the reflection, even if the service is actually never used.
~~Right now this only reproduces the issue with a failing test case~~, this bug (if we agree it's a bug) breaks the test suite of a bundle I maintain (see https://travis-ci.org/lexik/LexikJWTAuthenticationBundle/jobs/218275650#L262)
Solutions I can think about for now:
- ~~Skip deprecated definitions from type registering, meaning that if a service is deprecated a day, all autowired services that rely on it will suddenly be broken, also the bug would remain if the definition is not deprecated but relies on a deprecated class, not good I think~~
- Register an error handler ignoring deprecations during the type registering process (`AutowirePass#populateAvailableType()`), ~~works but makes my test suite say `THE ERROR HANDLER HAS CHANGED`. I'll push my try as a 2nd commit.~~
Thoughts?
Commits
-------
77927f4b33 [DI] Prevent AutowirePass from triggering irrelevant deprecations
* 3.2:
bumped Symfony version to 3.2.8
updated VERSION for 3.2.7
updated CHANGELOG for 3.2.7
Fixes#22264 - add support for Chrome headless, see also Seldaek/monolog#966
[Workflow] update documentation URL in readme
bumped Symfony version to 2.8.20
updated VERSION for 2.8.19
updated CHANGELOG for 2.8.19
Dont call sprintf() when no placeholders are used
* 2.8:
Fixes#22264 - add support for Chrome headless, see also Seldaek/monolog#966
bumped Symfony version to 2.8.20
updated VERSION for 2.8.19
updated CHANGELOG for 2.8.19
Dont call sprintf() when no placeholders are used
This PR was squashed before being merged into the 3.3-dev branch (closes#22279).
Discussion
----------
[DI] Fix anonymous factories/configurators support
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21999#discussion_r106019873
| License | MIT
| Doc PR |
Using prototypes / instanceof conditionals, anonymous factories are inlined using `Definition`, so a new instance will be created for every service created from the prototype / conditional which is inconsistent with the way other anonymous services are managed.
Commits
-------
dda43ed8ce [DI] Fix anonymous factories/configurators support
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] Use IteratorArgument for voters
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| License | MIT
Use an IteratorArgument for injecting voters into the AccessDecisionManager.
Commits
-------
4ec80b1ae8 Use IteratorArgument for voters
* 3.2:
[FrameworkBundle] Update console fixtures after #22217
Allow Upper Case property names
fix some risky tests
bumped Symfony version to 2.7.27
updated VERSION for 2.7.26
update CONTRIBUTORS for 2.7.26
updated CHANGELOG for 2.7.26
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Add "factory" support to named args and autowiring
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
To me, factories are expected to work named arguments.
Doing so also unlocks supporting them when autowiring, and will benefit #22187 soon.
Commits
-------
27470de62a [DI] Add "factory" support to named args and autowiring
* 2.8:
Allow Upper Case property names
fix some risky tests
bumped Symfony version to 2.7.27
updated VERSION for 2.7.26
update CONTRIBUTORS for 2.7.26
updated CHANGELOG for 2.7.26