This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBridge] swap filter/function and package names
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Error message was `Did you forget to run "composer require symfony/csrf_token"? Unknown function "form" in "Security/Pages/login.html".` and will now be `Did you forget to run "composer require symfony/form"? Unknown function "csrf_token" in "Security/Pages/login.html".`
Commits
-------
9db699bd8d swap filter/function and package names
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Add tests for request collector and cookie redirection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (#25719)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | ø
Not that I felt bad doing a PR without tests (#25719) but this one adds tests to be sure we stabilize this cookie-based redirection.
Commits
-------
7b4f5a15e7 Add tests for the HttpKernel request collector and redirection via cookies
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Noticed by @jpauli: the native file session handler needs a call to `destroy()` to remove session files, even for new empty sessions.
Commits
-------
e5e2d5ddd2 [HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix compile error when a legacy container is fresh again
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25654
| License | MIT
| Doc PR | -
Noticed by @jpauli again: when reverting some configuration changes ends up generating the same container as the previously legacy one, the legacy flag should be removed.
Commits
-------
8c3eadb1b1 [HttpKernel] Fix compile error when a legacy container is fresh again
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Uses cookies to track the requests redirection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25698
| License | MIT
| Doc PR | ø
In order to track the redirections across requests, we need to have some state. So far, we've been using the session but some users have complained about it (#24774, #24730). The idea is that we don't actually need the session, we can use cookies.
It's a tradeoff: using a cookie would mean that both the redirection and the target page will not be cachable (because of the Set-Cookie to set the sf_redirect and the one to clear it).
As it's only on dev, it seems fair to say that having no cache (because of `Set-Cookie`s) is a better side effect than starting the session.
Commits
-------
83f257943f Uses cookies to track the requests redirection
This PR was squashed before being merged into the 3.4 branch (closes#25685).
Discussion
----------
Use triggering file to determine weak vendors if when the test is run in a separate process
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | I think so
| Fixed tickets | #25684
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
3830577 Use triggering file to determine weak vendors if when the test is run in a separate process
This PR was merged into the 3.4 branch.
Discussion
----------
Remove randomness from dumped containers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
With this PR, the generated container is immutable by cache clearing: it doesn't contain any random string anymore (well, third party bundles can add random things back, but at least core doesn't).
Since the class+file name of the container is based on a hash of its content, it means that they are now stable also. This should help fix some edge cases/race conditions during cache clears/rebuilds.
(fabbot failure is false positive)
Commits
-------
14dd5d1dbd Remove randomness from dumped containers
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Disable CSP header on exception pages
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR | -
This makes exception pages styled normally when using CSP listener. Technically it's new feature, but from user POV it's bugfix, because it's really confusing to get a blank page. It takes a while to realize it is because of enabled CSP. Therefore I'm trying to push it as patch release.
Commits
-------
f33a383a1a [HttpKernel] Disable CSP header on exception pages
This PR was merged into the 3.4 branch.
Discussion
----------
Fix fixed messages to be explicit about the package needed to be installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
e8bc099 fixed messages to be explicit about the package needed to be installed
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#25680).
Discussion
----------
[FrameworkBundle] Fix recommended composer command (add vendor)
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since running composer commands is time heavy, having a wrong one recommended to you just burns your time.
Commits
-------
f6d38b3770 [FrameworkBundle] Fix recommended composer command (add vendor)
This PR was squashed before being merged into the 3.4 branch (closes#25678).
Discussion
----------
[WebProfilerBundle] set the var in the right scope
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR fixes the bug when displaying the toolbar. The variable "has_time_events" was not created in the scope of the toolbar.
Commits
-------
3e9780df59 [WebProfilerBundle] set the var in the right scope
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
This PR was merged into the 3.4 branch.
Discussion
----------
Backport Flex-specific error messages in controller shortcuts to 3.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/25133#issuecomment-354551079
| License | MIT
| Doc PR | n/a
Commits
-------
419e93465f Proposing Flex-specific error messages in the controller shortcuts
* 3.3:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.8:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.7:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
This PR was merged into the 3.3 branch.
Discussion
----------
[WebServerBundle] use interface_exists instead of class_exists
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This bug was introduced in #25026
Commits
-------
dc3a94e use interface_exists instead of class_exists
This PR was merged into the 3.4 branch.
Discussion
----------
[DX] [DI] Improve exception for invalid setter injection arguments
| Q | A
| ------------- | ---
| Branch? | 4.0
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| License | MIT
Improve the exception message for when you accidentally write setter injection wrong as I did too many times:
```yaml
My\Logging\Service:
calls: [ [ setLogger, "@logger" ] ]
```
Used to throw:
> Type error: Argument 2 passed to Symfony\Component\DependencyInjection\Definition::addMethodCall() must be of the type array, object given, called in /var/www/project/vendor/symfony/dependency-injection/Loader/YamlFileLoader.php on line 457
Now throws:
> The second parameter for function call "setLogger" must be an array of its arguments for service "My\Namespace\Service" in /var/www/project/config/services.yaml. Check your YAML syntax in /var/www/project/config/services.yaml (which is loaded in resource "/var/www/project/config/services.yaml").
(semi-offtopic: why isn't `LoggerAwareInterface` in the default autoconfigure for FrameworkExtension?)
Commits
-------
6850a228a7 [DX] [DI] Improve exception for invalid setter injection arguments
This PR was submitted for the 3.3 branch but it was merged into the 2.7 branch instead (closes#25662).
Discussion
----------
Dumper shouldn't use html format for phpdbg / cli-server
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This may not be the lowest branch that this fix applies to.
Prevents the dumper from outputting in html format when using phpdbg.
Commits
-------
e2b6091 Dumper shouldn't use html format for phpdbg
