* 4.1:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 3.4:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 2.8:
improve docblocks around group sequences
[WebProfilerBundle] added a note in the README
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
Caching missed templates on cache warmup
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26731
| License | MIT
| Doc PR | -
By creating Cookie instances using `null` for the `$secure` argument, this PR allows making cookies inherit their "secure" attribute from the request.
This PR also adds a forward to make $secure=null and samesite=lax the defaults in Symfony 5.0:
- either define all constructor's arguments explicitly
- or use the new `Cookie::create()` factory
Commits
-------
9493cfd5f2 [HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
This PR was merged into the 4.2-dev branch.
Discussion
----------
[SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28338
| License | MIT
| Doc PR | -
Let's make it easier to have a good default security level, now for the remember-me cookie.
Commits
-------
6ec223bf6f [SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
* 4.1:
[TwigBridge] fix lowest version of symfony/form
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
fix not displaying labels when value is false
[Form] Fix DateTimeType html5 input format
* 3.4:
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
[Form] Fix DateTimeType html5 input format
* 2.8:
KernelInterface can return null container
[Ldap] Use shut up operator on connection errors at ldap_start_tls
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
[Form] Fix DateTimeType html5 input format
This PR was merged into the 3.4 branch.
Discussion
----------
[Controller][ServiceValueResolver] Making method access case insensitive
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28254
| License | MIT
| Doc PR | -
Fix#28254 by making the method access insensitive in `ServiceValueResolver`.
Commits
-------
cc6f82769b [Controller][ServiceValueResolver] Making method access case insensitive
* 4.1:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 3.4:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 4.1:
[appveyor] fix
[DI] Fix dumping some complex service graphs
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
added missing LICENSE file
remove cache warmers when Twig cache is disabled
[Workflow] Make sure we do not run the next transition on an updated state
change baseUrl to basePath to fix wrong profiler url
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
* 3.4:
[appveyor] fix
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
Fixed caching of templates in default path on cache warmup
remove cache warmers when Twig cache is disabled
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
* 2.8:
[appveyor] fix
Revert "minor #28321 [Routing] Fixed the interface description of the url generator interface (Toflar)"
remove cache warmers when Twig cache is disabled
[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
chore: rename Appveyor filename
Fixed the interface description of the url generator interface
Format file size in validation message according to binaryFormat option
This PR was squashed before being merged into the 4.2-dev branch (closes#25125).
Discussion
----------
[VarDumper] New env var to select the dump format
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
This PR introduces a new environment variable that can be used to force `dump()` to generate HTML even in CLI, or CLI even in a web context.
It allows to dump large objects when debugging a command, to open the resulting HTML in a browser, and to benefit of the nice JS UI (folded by default, search engine...).
Example usage:
VAR_DUMPER_FORMAT=html vendor/bin/behat > tmp.html; open -a firefox tmp.html
VAR_DUMPER_FORMAT=cli vendor/bin/behat > tmp.txt
Commits
-------
536125ac3c [VarDumper] New env var to select the dump format
* 4.1:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
bumped Symfony version to 3.4.16
updated VERSION for 3.4.15
updated CHANGELOG for 3.4.15
* 3.4:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
bumped Symfony version to 3.4.16
updated VERSION for 3.4.15
updated CHANGELOG for 3.4.15
* 2.8:
Use the real image URL for the filesystem tests
[Finder] Update PHPdoc append()
[DI] Fix phpdoc
Fix code examples in PHPDoc
[HttpKernel] Fix inheritdocs
This PR was merged into the 4.2-dev branch.
Discussion
----------
[FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm pretty sure we're many forgetting to make session cookies "secure".
Here is an "auto" mode that makes them secure automatically when the session is started on requests with the "https" scheme.
Commits
-------
4f7b41a83d [FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used
* 4.1:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
remove unnecessary instanceof in MongoDbSessionHandler
[HttpFoundation] fixed using _method parameter with invalid type
Renaming internal test class to help auto-completion
[Intl] Replace svn with git in the icu data update script
[Messenger] Fix error message on undefined message class for non-subscriber handler
[HttpFoundation] Fix Cookie::isCleared
* 4.0:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 3.4:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 2.8:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 4.1:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.0:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 3.4:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 2.8:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.1:
fix merge
bumped Symfony version to 4.1.3
[PhpUnitBridge] Describe weak_vendors properly
[HttpKernel] Fix merging bindings for controllers' locators
updated VERSION for 4.1.2
updated CHANGELOG for 4.1.2
bumped Symfony version to 4.0.14
updated VERSION for 4.0.13
updated CHANGELOG for 4.0.13
bumped Symfony version to 3.4.14
updated VERSION for 3.4.13
updated CHANGELOG for 3.4.13
bumped Symfony version to 2.8.44
Chaining senders with their aliases should work
* 4.0:
[HttpKernel] Fix merging bindings for controllers' locators
bumped Symfony version to 4.0.14
updated VERSION for 4.0.13
updated CHANGELOG for 4.0.13
bumped Symfony version to 3.4.14
updated VERSION for 3.4.13
updated CHANGELOG for 3.4.13
bumped Symfony version to 2.8.44