This PR was merged into the 4.2-dev branch.
Discussion
----------
[Console] changed warning verbosity; fixes typo
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes*
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Tests pass, but I do not have an installation of MacOS to run tests on. Tests should be unaffected (the test is simply [skipped on MacOS](https://github.com/symfony/console/blob/master/Tests/Command/CommandTest.php#L345)).
When a Console Command fails to change the process title on MacOS, a warning is issued to output. This warning is relevant to developers of Console applications, but to end users is largely meaningless and potentially confusing.
This PR changes the verbosity of the warning to "very verbose" so it does not interrupt normal usage.
I've also fixed a typo in the message ("get" vs. "set").
Commits
-------
86c771a changed warning verbosity; fixes typo
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
It's allowed by `setValue`, it works, and it makes sense for `<select multiple>` fields.
Commits
-------
154ce9c170 [DomCrawler] Fix ChoiceFormField::select() PHPDoc
This PR was merged into the 2.8 branch.
Discussion
----------
[WebProfilerBundle] Prevent toolbar links color override by css
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27658
| License | MIT
| Doc PR |
Fixes this issue: https://github.com/symfony/symfony/issues/27658#issuecomment-401008659
Links color in toolbar can be easily override by application css. As this could happens sometimes, this PR set links color with a stronger CSS precedence.
Commits
-------
e12e217f2b Prevent toolbar links color override by css
This PR was squashed before being merged into the 2.8 branch (closes#27836).
Discussion
----------
[HttpFoundation] add tests for FlashBagInterface::setAll()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Adding documentation for the `FlashBagInterface::setAll()` function
Commits
-------
af96475e2a [HttpFoundation] add tests for FlashBagInterface::setAll()
This PR was merged into the 2.8 branch.
Discussion
----------
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27811
| License | MIT
This change prevents error when invalid subscriber is being used.
Expected result:
```
The Doctrine connection "root" referenced in service "stof_doctrine_extensions.listener.sluggable" does not exist. Available connections names: default
```
Actual error:
```
Notice: Array to string conversion
```
Commits
-------
cf1bc66464 [Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
This PR was squashed before being merged into the 2.8 branch (closes#27765).
Discussion
----------
[HttpFoundation] update phpdoc of FlashBagInterface::add()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
**Reason why I propose to change the docblock like this: **
The `FlashBagInterface::add()` function does not work only with the `string` type in second parameter
Commits
-------
9135e18ded [HttpFoundation] update phpdoc of FlashBagInterface::add()
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Dont throw if "security.http_utils" is not found
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27445
| License | MIT
| Doc PR | -
The comment + test were misleading, the actual important thing is wiring `AddSessionDomainConstraintPass` before removing passes, which is already the case already.
Commits
-------
db88330448 [SecurityBundle] Dont throw if "security.http_utils" is not found
This PR was merged into the 2.8 branch.
Discussion
----------
[Intl] Update ICU data to 62.1
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | -
| License | MIT
| Doc PR | -
It's this time of the year again to update ICU data. http://site.icu-project.org/download/62
Not many actual changes this time. Few new scripts added and some metadata for the VEF currency.
Commits
-------
5f2e6c2f12 [Intl] Update ICU data to 62.1
This PR was merged into the 2.8 branch.
Discussion
----------
[Serializer] Updates DocBlock to a mixed param type
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | Yes
| New feature? | No
| BC breaks? | No
| Deprecations? | Non added.
| Tests pass? | Yes , no new tests added.
| Fixed tickets | #27457
| License | MIT
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
The JSON serializers make use of the JsonSerializable interface and return arrays to the NormalizerInterface. This PR updates the DocBlock to reflect that.
Moving towards PHP 7.2 and the use of object type-hints would require changes to the [JsonSerializableNormalizer@L41](92c37b9711/src/Symfony/Component/Serializer/Normalizer/JsonSerializableNormalizer.php (L41)) at a minimum.
Truly not much of a PR I'm afraid!
Commits
-------
dca9ff529a [Serializer] Updates DocBlock to a mixed param type
This PR was merged into the 2.8 branch.
Discussion
----------
Set serialize_precision explicitly to avoid fancy float rounding
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | -
This is fixing some of the test failures I was seeing locally due to increased `serialize_precision` INI setting:
```
2) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testConstructorWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
/www/symfony/symfony/src/Symfony/Component/HttpFoundation/Tests/JsonResponseTest.php:46
3) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testStaticCreateWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
```
The test assertions should not depend on externally configured PHP configuration.
Also default value for this option was changed multiple times: http://php.net/manual/en/ini.core.php#ini.serialize-precision
For compatibility reasons (with PHP <7.x) `-1` can't be used.
https://3v4l.org/HBNsT
HHVM doesn't seem to support this though, how to handle this?
Commits
-------
b5ee7c3ccd Set serialize_precision explicitly to avoid fancy float rounding
This PR was submitted for the master branch but it was squashed and merged into the 2.8 branch instead (closes#27508).
Discussion
----------
[Finder] Update RealIteratorTestCase
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27480
| License | MIT
| Doc PR | n/a
Makes the entire test directory empty instead of trying to delete particular files and directories. The old method failed when trying to remove a directory which was not empty.
Commits
-------
7d0ebd41ab [Finder] Update RealIteratorTestCase
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Properties added on child classes of `ArrayObject` and `ArrayIterator`, or dynamic properties added on instances of them were now properly dumped. This fixes it.
Commits
-------
3ecabfc36e [VarDumper] Fix dumping ArrayObject and ArrayIterator instances
This PR was squashed before being merged into the 2.8 branch (closes#27452).
Discussion
----------
Avoid migration on stateless firewalls
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is a proof-of-concept. Once we agree / are happy, I need to add this to all of the other authentication mechanisms that recently got the session migration code & add tests.
Basically, this avoids migrating the session if the firewall is stateless. There were 2 options to do this:
A) Make the `SessionAuthenticationStrategy` aware of all stateless firewalls. **This is the current approach**
or
B) Make each individual authentication listener aware whether or not *its* firewall is stateless.
Commits
-------
cca73bb564 Avoid migration on stateless firewalls
Corrected return type which causes following error with (psalm)[https://getpsalm.org/]
```
ERROR: PossiblyInvalidArgument - src/Command/Utils/CheckVendorDependencies.php:170:62 - Argument 1 of iterator_to_array expects Traversable, possibly different type array<mixed, Symfony\Component\Finder\SplFileInfo>|Iterator provided $directories = array_map($closure, iterator_to_array($finder->getIterator()));
```
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Pass previous exception to FatalErrorException
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27483
| License | MIT
Add a previous parameter to FatalErrorException.
Call \ErrorException with this parameter.
Update parent::__constructor for inherited classes with default parameters and the new one
Commits
-------
7f9780b5df Pass previous exception to FatalErrorException
This PR was squashed before being merged into the 2.8 branch (closes#26973).
Discussion
----------
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | improvement
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ---
| License | MIT
| Doc PR | ---
SubRequest used in `InlineFragmentRendered` explicitly sets `$server['REMOTE_ADDR']` to `127.0.0.1`. Therefore, it's required to configure `127.0.0.1` address in TRUSTED_PROXIES environment variable. Without that, `Request::isFromTrustedProxy()` will return false.
The current behavior might be a little bit problematic, for instance, in case where images are rendered through subrequests. These might end-up with an incorrect schema in URL (`http` instead of `https`).
Commits
-------
18f55feef8 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
This PR was squashed before being merged into the 2.8 branch (closes#27303).
Discussion
----------
[Process] Consider "executable" suffixes first on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Executable finder should consider "executable" suffixes first on Windows because we basically ignore executability on Windows (on the lines below changed), which leads, for example, to finding usually-non-executable `phpunit` file first where both `phpunit` and `phpunit.bat` are present.
I may miss something here, so please tell me if this makes any sense.
Same change against master: #27301
Commits
-------
9372e7a813 [Process] Consider \"executable\" suffixes first on Windows
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR |
Related issue https://github.com/symfony/symfony/issues/21026.
Previous PR https://github.com/symfony/symfony/pull/24036.
Similar fix for `transform()` method.
Commits
-------
f94b7aadd3 fix rounding from string
This PR was merged into the 2.7 branch.
Discussion
----------
Disallow invalid characters in session.name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27023
| License | MIT
| Doc PR |
PHP saves cookie with correct name, but upon deserialization to
`$_COOKIE`, it replaces "." characters with "_".
This is probably also reason why \SessionHandler is not able to find
a session.
https://harrybailey.com/2009/04/dots-arent-allowed-in-php-cookie-names/https://bugs.php.net/bug.php?id=75883
Commits
-------
16ebb43bd4 Disallow illegal characters like "." in session.name
* 2.7:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Suppress warnings when open_basedir is non-empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a3 made it more likely that a warning is triggered.
Commits
-------
34f136e01b Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix populating error_get_last() for handled silent errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
d7e612d2ac [Debug] Fix populating error_get_last() for handled silent errors
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #27232 for 2.7.
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
9d015c7c50 [Filesystem] Fix usages of error_get_last()
* 2.7:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a37cb7ed6199548dc70dc33168e6cb2d made it more likely that a warning is triggered.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
30970c7a9b [Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.7:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
* 2.7:
[VarDumper] Remove decoration from actual output in tests
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
This PR was merged into the 2.8 branch.
Discussion
----------
[Security][Guard] GuardAuthenticationProvider::authenticate cannot return null
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26942
| License | MIT
Authenticate method in GuardAuthenticationProvider returned null when the token does not originate from any of the guard authenticators. This check was not done in the supports method. According to the interface authenticate cannot return null. This patch copies theguard authenticator checks to the supports method.
Commits
-------
9dff22c [Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
This PR was merged into the 2.7 branch.
Discussion
----------
[Bridge/Doctrine] count(): Parameter must be an array or an object that implements Countable
| Q | A
| ------------- | ---
| Branch? | master |
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Php7.2 will throw a warning on count(null) [http://php.net/manual/en/migration72.incompatible.php](http://php.net/manual/en/migration72.incompatible.php)
Error:
```
count(): Parameter must be an array or an object that implements Countable
```
when no result returned on validating unique constraint
For example, on an entity with annotation uniqueEntity:
```
@UniqueEntity(
fields={"email"},
repositoryMethod="findMemberWithPasswordFromEmail",
)
```
And in repository, a method ``findMemberWithPasswordFromEmail`` which return null if no entity found (``getOneOrNullResult``)
Commits
-------
715373f [Bridge/Doctrine] fix count() notice on PHP 7.2
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Remove decoration from actual output in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes green again
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
AppVeyor has color support since #26910, that breaks the build.
Fixes it by removing decoration from tested DumpDataCollector CLI outputs, same as what's already done for HTML dumps
Commits
-------
c4daef9 [VarDumper] Remove decoration from actual output in tests
This PR was squashed before being merged into the 2.8 branch (closes#27003).
Discussion
----------
[PropertyInfo] Minor cleanup and perf improvement
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
4a8306e [PropertyInfo] Minor cleanup and perf improvement
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Fixed being logged out on failed attempt in guard
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25992
| License | MIT
| Doc PR | ~
This fixes the issue described in the ticket. After this fix, guard will no longer "forget" your authentication when your next attempt fails.
Commits
-------
4fc0ecbf90 Fixed being logged out on failed attempt in guard
This PR was squashed before being merged into the 2.7 branch (closes#26910).
Discussion
----------
Use new PHP7.2 functions in hasColorSupport
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes bc break in #26609
Reference: https://github.com/composer/xdebug-handler/blob/master/src/Process.php#L111
Commits
-------
b0c92254a0 Use new PHP7.2 functions in hasColorSupport
This PR was squashed before being merged into the 2.7 branch (closes#26938).
Discussion
----------
[minor] SCA
| Q | A
| ------------- | ---
| Branch? | 2.7
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- Control flow tweaks
Commits
-------
877e678 [minor] SCA
* 2.7:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
This PR was merged into the 2.7 branch.
Discussion
----------
Don't assume that file binary exists on *nix OS
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Certain lightweight distributions such as Alpine Linux (popular for smaller Docker images) do not include it by default.
Commits
-------
e2c1f24fbd Don't assume that file binary exists on *nix OS
This PR was squashed before being merged into the 2.7 branch (closes#26643).
Discussion
----------
Fix that ESI/SSI processing can turn a "private" response "public"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Under the condition that
* we are merging in at least one *embedded* response,
* all *embedded* responses are `public`,
* the *main* response is `private` and
* all responses use expiration-based caching (note: no `s-maxage` on the *main* response)
... the resulting response will turn to `Cache-Control: public`.
The real issue is that when all responses use expiration-based caching, a combined max age is computed. This is set on the *main* response using `Response::setSharedMaxAge()`, which implicitly sets `Cache-Control: public`.
The fix provided in this PR solves the problem by applying the same logic to the *main* response that is applied for *embedded* responses, namely that responses with `!Response::isCacheable()` will make the resulting response have `Cache-Control: private, no-cache, must-revalidate` and have `(s)max-age` removed.
This makes the change easy to understand, but makes responses uncacheable too often. This is because the `Response::isCacheable()` method was written to determine whether it is safe for a shared cache to keep the response, which is not the case as soon as a `private` response is involved. This might be improved upon in another PR.
Commits
-------
3d27b5946d Fix that ESI/SSI processing can turn a \"private\" response \"public\"
* 2.7:
[Console] Don't go past exact matches when autocompleting
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Don't go past exact matches when autocompleting
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21789
| License | MIT
| Doc PR | -
Commits
-------
adba79a [Console] Don't go past exact matches when autocompleting
* 2.7:
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
This PR was merged into the 2.7 branch.
Discussion
----------
Update da translations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The Danish translations have several serious errors. This PR adjusts to official Danish orthography, and updates some texts for internal consistency and to better reflect the original English text.
Commits
-------
d0ea26bd15 Update da translations
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Load the user before pre/post auth checks when needed
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | n/a
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26775
| License | MIT
| Doc PR | n/a
Commits
-------
c318306 [Security] Load the user before pre/post auth checks when needed
* 2.7:
Add PHPDbg support to HTTP components
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix check of color support on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the stream is redirected, `StreamOutput::hasColorSupport()` returns `false` on POSIX systems.
On Windows, this is not always true. Before PHP 7.2 we can't say if the stream is redirected, but since PHP 7.2 we have the `stream_isatty` function that works on Windows too: let's use it.
Sure, `sapi_windows_vt100_support` should return `false` if the stream is redirected, but it's in `or` with the other conditions, so the logic was flawed.
Commits
-------
f7f81892a0 Fix check of color support on Windows
* 2.7:
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
