* 4.0:
Fix typos
[Routing] remove useless failing mocks
[appveyor] Workaround GitHub disabling of low versions of TLS
Use long array syntax
[Routing] Fix GC control of PHP-DSL
[Routing] Don't throw 405 when scheme requirement doesn't match
[Routing] Revert throwing 405 on missed slash/scheme redirections
[WebProfilerBundle] fix test after ajax path updated
Fix ArrayInput::toString() for InputArgument::IS_ARRAY args
Update excluded_ajax_paths for sf4
Add missing use for RoleInterface
Add missing use of Role
[Routing] fix CS
add container.autowiring.strict_mode to 3.4 docs
Set controller without __invoke method from invokable class
[VarDumper] Fixed PHPDoc
* 3.4:
[Routing] remove useless failing mocks
[appveyor] Workaround GitHub disabling of low versions of TLS
Use long array syntax
[Routing] Fix GC control of PHP-DSL
[Routing] Don't throw 405 when scheme requirement doesn't match
[Routing] Revert throwing 405 on missed slash/scheme redirections
[WebProfilerBundle] fix test after ajax path updated
Fix ArrayInput::toString() for InputArgument::IS_ARRAY args
Update excluded_ajax_paths for sf4
Add missing use for RoleInterface
[Routing] fix CS
add container.autowiring.strict_mode to 3.4 docs
Set controller without __invoke method from invokable class
[VarDumper] Fixed PHPDoc
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix GC control of PHP-DSL
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Adding fluently in a collection is broken currently.
Commits
-------
239f2e2 [Routing] Fix GC control of PHP-DSL
* 4.0:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[TwigBundle][WebProfilerBundle] Fix JS collision
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 3.4:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[TwigBundle][WebProfilerBundle] Fix JS collision
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 2.8:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 2.7:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 4.0:
[YAML] Issue #26065: leading spaces in YAML multi-line string literals
[Bridge\PhpUnit] Exit as late as possible
[Bridge\PhpUnit] Cleanup BC layer
[PhpBridge] add PHPUnit 7 support to SymfonyTestsListener
[Lock] Log already-locked errors as "notice" instead of "warning"
add context to serialize and deserialize
Update Repository Symlink Helper
isCsrfTokenValid() replace string by ?string
Document explicitly that dotfiles and vcs files are ignored by default
[HttpKernel] don't try to wire Request argument with controller.service_arguments
Make kernel build time optionally deterministic
Use 0 for unlimited expiry
[Routing] fix typo
Bump default PHPUnit version from 6.3 to 6.5
do not mock the container builder in tests
[Cache][WebProfiler] fix collecting cache stats with sub-requests + allow clearing calls
* 3.4:
[YAML] Issue #26065: leading spaces in YAML multi-line string literals
[Bridge\PhpUnit] Exit as late as possible
[Bridge\PhpUnit] Cleanup BC layer
[PhpBridge] add PHPUnit 7 support to SymfonyTestsListener
[Lock] Log already-locked errors as "notice" instead of "warning"
add context to serialize and deserialize
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
[HttpKernel] don't try to wire Request argument with controller.service_arguments
Make kernel build time optionally deterministic
Use 0 for unlimited expiry
[Routing] fix typo
Bump default PHPUnit version from 6.3 to 6.5
do not mock the container builder in tests
[Cache][WebProfiler] fix collecting cache stats with sub-requests + allow clearing calls
* 4.0:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
* 3.4:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
* 4.0:
[Intl] Fixed the broken link
Fix typo
Fix typo
Fixed issue #25985
Don't show wanna-be-private services as public in debug:container
[Routing] Fix trailing slash redirection for non-safe verbs
[DI] Fix tracking of source class changes for lazy-proxies
Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
collect extension information as late as possible
* 3.4:
[Intl] Fixed the broken link
Fix typo
Fix typo
Fixed issue #25985
Don't show wanna-be-private services as public in debug:container
[Routing] Fix trailing slash redirection for non-safe verbs
[DI] Fix tracking of source class changes for lazy-proxies
Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
collect extension information as late as possible
* 2.8:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 2.7:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 4.0:
[appveyor] set memory_limit=-1
[Console] Keep the modified exception handler
[Console] Fix restoring exception handler
[Router] Skip anonymous classes when loading annotated routes
allow dashes in cwd pathname when running the tests
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
[FrameworkBundle] Automatically enable the CSRF if component *+ session* are loaded
* 3.4:
[appveyor] set memory_limit=-1
[Console] Keep the modified exception handler
[Console] Fix restoring exception handler
[Router] Skip anonymous classes when loading annotated routes
allow dashes in cwd pathname when running the tests
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
[FrameworkBundle] Automatically enable the CSRF if component *+ session* are loaded
* 3.3:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
* 2.8:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 2.7:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 4.0:
[DI] fix param name cast
Remove randomness from dumped containers
fixed messages to be explicit about the package needed to be installed
[FrameworkBundle] Fix recommended composer command (add vendor)
[WebProfilerBundle] set the var in the right scope
[TwigBundle] fix lowest dep
[HttpKernel] Disable CSP header on exception pages
Use the default host even if context is empty and fallback to relative URL if empty host
Proposing Flex-specific error messages in the controller shortcuts
* 3.4:
Remove randomness from dumped containers
fixed messages to be explicit about the package needed to be installed
[FrameworkBundle] Fix recommended composer command (add vendor)
[WebProfilerBundle] set the var in the right scope
[TwigBundle] fix lowest dep
[HttpKernel] Disable CSP header on exception pages
Use the default host even if context is empty and fallback to relative URL if empty host
Proposing Flex-specific error messages in the controller shortcuts
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
* 4.0:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
[DX] [DI] Improve exception for invalid setter injection arguments
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 3.4:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
[DX] [DI] Improve exception for invalid setter injection arguments
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 3.3:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.8:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.7:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
* 4.0: (23 commits)
Clean up
Update return type in docblock.
PHP CS Fixer: no need to exclude xml and yml files
PHP CS Fixer: no need to exclude json file
[#22749] fix version in changelog
Update LICENSE year... forever
fixed some deprecation messages
fixed CS
Fixes for Oracle in PdoSessionHandler
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
Remove dead code
[TwigBundle/Brige] catch missing requirements to throw meaningful exceptions
[DI] fix CS
[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
[FrameworkBundle] Make cache:clear "atomic" and consistent with cache:warmup
Suggest to write an implementation if the interface cannot be autowired
[Debug] Skip DebugClassLoader checks for already parsed files
...
* 3.4:
Clean up
Update return type in docblock.
PHP CS Fixer: no need to exclude xml and yml files
PHP CS Fixer: no need to exclude json file
Update LICENSE year... forever
fixed some deprecation messages
fixed CS
Fixes for Oracle in PdoSessionHandler
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
[TwigBundle/Brige] catch missing requirements to throw meaningful exceptions
[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
[FrameworkBundle] Make cache:clear "atomic" and consistent with cache:warmup
Suggest to write an implementation if the interface cannot be autowired
[Debug] Skip DebugClassLoader checks for already parsed files
[2.7][DX] Use constant message contextualisation for deprecations
Remove group options without data and fix normalization
Remove redundant translation path
* 3.3:
Clean up
Update return type in docblock.
PHP CS Fixer: no need to exclude xml and yml files
PHP CS Fixer: no need to exclude json file
Update LICENSE year... forever
* 4.0:
[2.7] Fix issues found by PHPStan
[Command] Fix upgrade guide example
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
[FrameworkBundle] fix merge of 3.3 into 3.4
bumped Symfony version to 4.0.3
updated VERSION for 4.0.2
updated CHANGELOG for 4.0.2
bumped Symfony version to 3.4.3
updated VERSION for 3.4.2
updated CHANGELOG for 3.4.2
* 3.4:
[2.7] Fix issues found by PHPStan
[Command] Fix upgrade guide example
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
[FrameworkBundle] fix merge of 3.3 into 3.4
bumped Symfony version to 3.4.3
updated VERSION for 3.4.2
updated CHANGELOG for 3.4.2
* 3.3:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.8:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.7:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 4.0:
fixed wrong merge
Tweak message to be Flex friendly
[Routing] fixed tests
Fixing wrong class_exists on interface
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
removed FIXME
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
Take advantage of AnnotationRegistry::registerUniqueLoader
[DI] Optimize Container::get() for perf
fix merge
Fix tests
Refactoring tests.
* 3.4:
fixed wrong merge
Tweak message to be Flex friendly
[Routing] fixed tests
Fixing wrong class_exists on interface
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
Take advantage of AnnotationRegistry::registerUniqueLoader
[DI] Optimize Container::get() for perf
fix merge
Fix tests
Refactoring tests.
* 2.8:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
* 2.7:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
* 4.0:
[DI] Dont resolve envs in service ids
Add tests proving it can load annotated files
[WebProfilerBundle] Reset letter-spacing in toolbar
Prefer overflow-wrap to word-break
remove more kernel.root_dir parameter refs
[*Bundle] Replace some kernel.root_dir by kernel.project_dir
removed some phpdocs
[Routing] Fix "config-file-relative" annotation loader resources
Make search in debug:container command case-insensitive
`resolveEnvPlaceholders` will return a mixed value
Remove dead code, add missing test
Update translation commands to work with default paths
[FrameworkBundle] Fix AssetsInstallCommand
* 3.4:
[DI] Dont resolve envs in service ids
Add tests proving it can load annotated files
[WebProfilerBundle] Reset letter-spacing in toolbar
Prefer overflow-wrap to word-break
remove more kernel.root_dir parameter refs
[*Bundle] Replace some kernel.root_dir by kernel.project_dir
removed some phpdocs
[Routing] Fix "config-file-relative" annotation loader resources
Make search in debug:container command case-insensitive
`resolveEnvPlaceholders` will return a mixed value
Update translation commands to work with default paths
[FrameworkBundle] Fix AssetsInstallCommand
* 3.3:
[DI] Dont resolve envs in service ids
Add tests proving it can load annotated files
[WebProfilerBundle] Reset letter-spacing in toolbar
Prefer overflow-wrap to word-break
[Routing] Fix "config-file-relative" annotation loader resources
Make search in debug:container command case-insensitive
`resolveEnvPlaceholders` will return a mixed value
* 3.4:
[3.4] Remove useless docblocks
[3.3] More docblock fixes
[2.7] More docblock fixes
[TwigBridge] Fix BC break due required twig environment
Random fixes
Docblock fixes
[DI] Fix cannot bind env var
Fix some signatures in PHP-DSLs
[HttpKernel] Enhance deprecation message
bumped Symfony version to 3.4.0
updated VERSION for 3.4.0-BETA3
updated CHANGELOG for 3.4.0-BETA3
[SecurityBundle] Fix the datacollector to properly support decision.object being null
* 3.3:
[Serializer] Fix extra attributes when no group specified
[Intl] Make intl-data tests pass and save language aliases again
[Console] Fix CommandTester::setInputs() docblock
[Serializer] readd default argument value
[VarDumper] fix trailling comma when dumping an exception
Remove useless docblocks
[FrameworkBundle] Fix docblocks
[PropertyInfo] Remove useless docblocks