This PR was squashed before being merged into the 3.3-dev branch (closes#21792).
Discussion
----------
[Security] deprecate multiple providers in context listener
Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
Commits
-------
53df0de7fc [Security] deprecate multiple providers in context listener
fbd9f88e31 [SecurityBundle] only pass relevant user provider
* 3.2:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
do not register the test listener twice
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
[WebServerBundle] fixed html attribute escape
* 2.8:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
do not register the test listener twice
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
[WebServerBundle] fixed html attribute escape
* 2.7:
[SecurityBundle] only pass relevant user provider
[Intl] Make tests pass after the ICU data update
[Intl] Update ICU data to 58.2
[DependencyInjection] removed dead code.
[Yaml] Stop replacing NULLs when merging
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] only pass relevant user provider
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #4498, #12465, #20401, #21737
| License | MIT
| Doc PR |
There is no need for the context listener to be aware of all the configured user providers. It must only use the provider for the current firewall (the one identified by the context key passed to the constructor) to refresh the user from the session.
Commits
-------
d97e07fd6a [SecurityBundle] only pass relevant user provider
This PR was merged into the 3.3-dev branch.
Discussion
----------
Remove some container injections in favor of service locators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21553#issuecomment-279214666
| License | MIT
| Doc PR | n/a
Commits
-------
8293b753cf Replace some container injections by service locators
0be9ea8ba1 [EventDispatcher] Fix abstract event subscribers registration
This PR was merged into the 3.3-dev branch.
Discussion
----------
Introduce weak vendors mode
Deprecations coming from the vendors are segregated from other
deprecations. A new mode is introduced, in which deprecations coming
from the vendors are not taken into account when deciding to exit with
an error code.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/7453
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Sample output :
# Weak vendor mode
## With both vendors and non-vendor errors
```
WARNINGS!
Tests: 1068, Assertions: 2714, Warnings: 6, Skipped: 15.
Remaining deprecation notices (1)
some error: 1x
1x in SonataAdminBundleTest::testBuild from Sonata\AdminBundle\Tests
Remaining vendor deprecation notices (4)
Legacy deprecation notices (48)
```
Exit code is 1
## After fixing non-vendor errors
```
WARNINGS!
Tests: 1068, Assertions: 2714, Warnings: 6, Skipped: 15.
Remaining vendor deprecation notices (4)
Legacy deprecation notices (48)
```
Exit code is 0
# TODO
- [x] fix colorization issues (vendor deprecation notices are always in red)
- [x] make the vendor detection more robust
- [x] make the vendor dir configurable
- [x] ~figure out how to run tests and~ add more of them
- [x] test on non-vendor file
- [x] test on vendor file
- [x] do not change the output of other modes
Commits
-------
61fd043dd5 Introduce weak vendors mode
This PR was merged into the 3.3-dev branch.
Discussion
----------
[VarDumper] Allow seamless use of Data clones
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
By implementing `ArrayAccess`, `Countable`, `IteratorAggregate`, `__get`, `__isset` and `__toString`, VarDumper's `Data` objects become seamless and behave almost identically from their original clones values, especially from the PoV of Twig.
In data collectors, this allows replacing the many nested calls to `cloneVar` by a single one.
This makes the code simpler, and should make a significant difference in term of performance.
Todo:
- [x] push a Blackfire profile comparison
- [x] double check that the profiler works as expected.
Commits
-------
ab716c64de [VarDumper] Allow seamless use of Data clones
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Always consider abstract getters as autowiring candidates
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes (a missing part of getter autowiring really)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a definition is set to be autowired with no method explicitly configured, we already wire the constructor.
We should also autowire abstract getters - with the same reasoning that makes us autowire the constructor: without concrete getters, the class is unusable. This just makes it usable again.
Commits
-------
8f246bde1d [DI] Always consider abstract getters as autowiring candidates
Passing multiple user providers to the context listener does not make
much sense. The listener is only responsible to refresh users for a
particular firewall. Thus, it must only be aware of the user provider
for this particular firewall.
This PR was squashed before being merged into the 2.7 branch (closes#21790).
Discussion
----------
[Intl] Update ICU data to 58.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ICU 58.2 was released: http://site.icu-project.org/download/58
Commits
-------
d135e5cd2f [Intl] Make tests pass after the ICU data update
65faa1043d [Intl] Update ICU data to 58.2
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Fix ordering of tags inheritance
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Tag inheritance should have predictable ordering, from child to parents.
This PR also adds tests for ResolveDefinitionInheritancePass (heavily inspired by ResolveDefinitionTemplatePass).
Commits
-------
18e7681fc5 [DI] Fix ordering of tags inheritance
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Form][Serializer] Add missing conflicts for DI
| Q | A
| ------------- | ---
| Branch? | master
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21375#discussion_r103180920
| License | MIT
They make use of `PriorityTaggedServiceTrait` which is available since 3.2 only
Commits
-------
ddae4eff50 [Form][Serializer] Add missing conflicts for DI
This PR was merged into the 3.3-dev branch.
Discussion
----------
[DI] Remove experimental status from service-locator argument type
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21625#issuecomment-282483374, https://github.com/symfony/symfony/pull/21625#discussion_r102232221, #21710
| License | MIT
The `service-locator` argument type is not controversial to me. We know its scope, nothing really surprising, just a map of services to be lazily loaded like `iterator` is (which is not experimental) but keyed.
About its api, it's just PSR-11 restricted to objects, nothing that can't be changed safely in the future.
As stated in https://github.com/symfony/symfony/pull/21625#issuecomment-282483374, it proven its usefulness already. I think what we were looking for by flagging it experimental is just to see it in action, we've 3 opened PRs for that (#21625, #21690, #21730).
This allows introducing deprecations for making use of the feature in the core, thus unlocks #21625 and #21690.
Commits
-------
46dc47af11 [DI] Remove experimental status from service-locator argument type
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpKernel] Added the SessionValueResolver
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21159
| License | MIT
| Doc PR | (soon)
This feature adds the `SessionValueResolver`. That means that you no longer have to rely on injecting a `SessionInterface` implementation via the constructor or getting this implementation from the `Request`. Regardless of method, it does not know about the `getFlashBag()`.
By adding the `Session` to the action arguments, you can now type-hint against the implementation rather than interface, which contains the `getFlashBag()`, making it accessible rather than using duck-typing.
_It should also feel less like injecting a service into the constructor which has a state or getting a service from the request._
**Old Situation**
```php
class Controller
{
public function __construct(SessionInterface $session) { /* ... */ }
public function fooAction(Request $request)
{
$this->get('session')->get(...);
$request->getSession()->get(...);
$this->session->get(...)
// duck-typing
$this->get('session')->getFlashBag();
$request->getSession()->getFlashBag();
$this->session->getFlashBag();
$this->addFlash(...);
}
}
```
**New Situation** _- The controller shortcut for flashbag could in theory be removed now_
```php
class Controller
{
public function fooAction(Session $session)
{
$session->get(...);
$session->getFlashBag();
}
}
```
Commits
-------
b4464dcea1 Added the SessionValueResolver
This PR was merged into the 2.8 branch.
Discussion
----------
[WebServerBundle] fixed html attribute escape
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
In the Web Debug Toolbar, when a toolbar item has extra attributes, they are not properly escaped.
(If you put your mouse over the right toolbar item with sf version, you will see a tooltip with `""`)
Currently:
```html
title=""
```
After:
```html
title=""
```
Commits
-------
1337cdb [WebServerBundle] fixed html attribute escape
* 3.2:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[SecurityBundle] simplified code
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
* 2.8:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
* 2.7:
Revamped the README file
Fix missing namespace in AddConstraintValidatorPassTest
[ExpressionLanguage] Registering functions after calling evaluate(), compile() or parse() is not supported
This marks the X-Status-Code header method of setting a custom response
status code in exception listeners as deprecated. Instead there is now
a new method on the GetResponseForExceptionEvent that allows successful
status codes in the response sent to the client.
This PR was merged into the 3.3-dev branch.
Discussion
----------
[SecurityBundle] Don't normalize username of in-memory users
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
It's common to have e.g. emails as keys in `security.providers.in_memory.users` since keys are username. Actually they are normalized so `foo-bar@gmail.com` becomes `foo_bar@gmail.com` and authentication fails unexpectedly.
Commits
-------
8d03332726 [SecurityBundle] Don't normalize keys of in-memory users
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] fix priority ordering of security voters
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21660
| License | MIT
| Doc PR |
Could be updated in the `3.2` branch to make use of the `PriorityTaggedServiceTrait `.
Commits
-------
dcd19f3cf9 fix priority ordering of security voters
A new mode is introduced, in which deprecations coming from the vendors
are not taken into account when deciding to exit with an error code. In
this mode, deprecations coming from the vendors are segregated from
other deprecations.
This PR was merged into the 3.2 branch.
Discussion
----------
[DoctrineBridge] Fixed validating custom doctrine type columns
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21619
| License | MIT
| Doc PR | -
This fixes#21619 by not assuming the invalid `$value` is a Doctrine entity if its an object
Commits
-------
ad59370241 [DoctrineBridge] Fixed validating custom doctrine type columns
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Bridge/PhpUnit] Add PHPUnit 6 support
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21125
| License | MIT
| Doc PR | -
This PR makes our phpunit bridge compatible with all namespaced versions of phpunit, from 4.8.35 to 6.
It takes another approach than #21668 and #21221, thus replaces them.
Tested locally : tests pass when using phpunit 5.7, and fails with v6.0 because our own test suite is not yet compatible with it - but at least it runs nice.
If this were handled as usual Symfony component, we would consider some changes to be BC breaks. But in this specific case - a phpunit bridge - it makes no sense to me to apply the bc policy here. I added `@final` and `@internal` annotations to make this clearer.
Commits
-------
9e0745c [Bridge/PhpUnit] Add PHPUnit 6 support
* 3.2:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
* 2.8:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
This PR was merged into the 2.8 branch.
Discussion
----------
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Continued work to make Symfony PHPUnit 6 compatible.
Commits
-------
dbe8898 Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
This PR was squashed before being merged into the 2.7 branch (closes#21688).
Discussion
----------
Further refactorings to PHPUnit namespaces
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Continued work to make Symfony PHPUnit 6 compatible
Commits
-------
de8106f Further refactorings to PHPUnit namespaces
This PR was squashed before being merged into the 3.3-dev branch (closes#21122).
Discussion
----------
[ExpressionLanguage] Create an ExpressionFunction from a PHP function name
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When we [extend Expression Language](http://symfony.com/doc/current/components/expression_language/extending.html), we often need to add PHP functions whose code is repetitive and redundant at the compiler/evaluator level. This PR proposes a new way more generic which allows to add a PHP function.
currently:
```php
$el = new ExpressionLanguage();
$compiler = function ($str) {
return sprintf('strtoupper(%s)', $str);
};
$evaluator = function ($arguments, $str) {
return strtoupper($str);
};
$el->addFunction(new ExpressionFunction('strtoupper', $compiler, $evaluator));
$el->evaluate('strtoupper("hello")'); // return "HELLO"
```
with this PR:
```php
$el->addFunction(ExpressionFunction::fromPhp('strtoupper'));
$el->evaluate('strtoupper("hello")'); // return "HELLO"
```
It includes PHP namespaced function:
```php
$el->addFunction(ExpressionFunction::fromPhp('My\strtoupper', 'my_strtoupper'));
$el->evaluate('my_strtoupper("hello")'); // return "HELLO"
```
Commits
-------
44d67ed5f5 [ExpressionLanguage] Create an ExpressionFunction from a PHP function name
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Serializer] Reduce complexity of NameConverter
Cleaner and faster implementation of camelcase normalization.
Speed improvement is particularly visible in long string input.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
50ca944278 [Serializer] Reduce complexity of NameConverter
This PR was merged into the 3.3-dev branch.
Discussion
----------
[VarDumper] Added a way to print or not comma separator and/or trailing comma
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
Usecase: Be able to display a dump on one line.
It's already used in the following projets: https://github.com/bobthecow/psysh/blob/master/src/Psy/VarDumper/Dumper.php#L93-L95
Commits
-------
1ef07515c1 [VarDumper] Added a way to print or not comma separator and/or trailing comma
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Yaml] fix DUMP_EMPTY_ARRAY_AS_SEQUENCE flag value
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
3953d76954 fix DUMP_EMPTY_ARRAY_AS_SEQUENCE flag value