* 5.0:
cs fix
add german translation of the html5 color validation
Fix PHP 8 deprecations
ensure compatibility with PHP 8 stack traces
clean up HHVM instructions
sync translations from master branch
silently ignore uninitialized properties when mapping data to forms
* 4.4:
cs fix
add german translation of the html5 color validation
Fix PHP 8 deprecations
ensure compatibility with PHP 8 stack traces
clean up HHVM instructions
sync translations from master branch
silently ignore uninitialized properties when mapping data to forms
* 3.4:
cs fix
add german translation of the html5 color validation
sync translations from master branch
silently ignore uninitialized properties when mapping data to forms
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] silently ignore uninitialized properties when mapping data to forms
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36492
| License | MIT
| Doc PR |
Commits
-------
b4616c810c silently ignore uninitialized properties when mapping data to forms
A public method declared in a trait can be used by a class without
importing the trait itself when the trait is already imported by one
of the parent classes from the inheritance chain.
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[PhpUnitBridge] Fix expectDeprecation() in isolation
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Tests like
```
/**
* Do not remove this test in the next major version.
*
* @group legacy
* @runInSeparateProcess
*/
public function testOneInIsolation()
{
$this->expectDeprecation('foo');
@trigger_error('foo', E_USER_DEPRECATED);
}
```
will fail due to:
```
Testing Symfony\Bridge\PhpUnit\Tests\ExpectDeprecationTraitTest
R 1 / 1 (100%)R
Time: 111 ms, Memory: 6.00 MB
There were 2 risky tests:
1) Symfony\Bridge\PhpUnit\Tests\ExpectDeprecationTraitTest::testOneInIsolation
This test did not perform any assertions
/Users/alex/dev/symfony/src/Symfony/Bridge/PhpUnit/Tests/ExpectDeprecationTraitTest.php:38
2) Symfony\Bridge\PhpUnit\Tests\ExpectDeprecationTraitTest::testOneInIsolation
This test did not perform any assertions
OK, but incomplete, skipped, or risky tests!
Tests: 1, Assertions: 0, Risky: 2.
```
Commits
-------
e7e2ee75d3 Expect deprecations in isolation
* 5.1:
[String] Added a help message when translation-contracts is not installed
Add: ExcludeList usage for PHPUnit 9.4
[Cache] Fix compat wth DBAL v3
[String] throw when Alpine is used and translit fails
* 5.0:
[String] Added a help message when translation-contracts is not installed
Add: ExcludeList usage for PHPUnit 9.4
[Cache] Fix compat wth DBAL v3
[String] throw when Alpine is used and translit fails
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[ErrorHandler] Allow override of the default non-debug template
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes - a very tiny one
| Deprecations? | no
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Add new feature to allow the default hardcoded non-debug template to be overridden when `symfony/error-handler`used as a component in other projects.
Currently, when used as a component, its not possible (that I could see) to override the standard default template of `views/error.html.php` therefore the look and feel, and text is hard coded. There is much written on how to customise the error pages when using the full symfony stack, but not when using individual `symfony/error-handler` component on its own.
This PR is related to the use of `symfony/error-handler` as a component in other projects - specifically the Joomla Content Management System, where, in non debug mode, a generic template **needs to be translatable, and customisable** even though most of the time when the error occurs will bt at boot time and not much available to it. https://github.com/joomla/joomla-cms/issues/29968
This PR allows the use of code such as
```php
<?php
require 'vendor/autoload.php';
use Symfony\Component\ErrorHandler\ErrorHandler;
use Symfony\Component\ErrorHandler\ErrorRenderer\HtmlErrorRenderer;
ErrorHandler::register();
HtmlErrorRenderer::setTemplate('/path/to/custom/mine.php');
throw new Exception('myException is this', 500);
```
and then for further customisation of the "look and feel" to be done in `mine.php`
Due to the unique way the error handler component is init'ed, the use of static calls has been employed rather than any DI approach, I hope this is ok.
Commits
-------
6e1d16b44d [ErrorHandler] Allow override of the default non-debug template
* 5.1:
minor #37121 [Contracts] Add missing "extra.thanks" entries in composer.json (nicolas-grekas)
[Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
fix handling null as empty data
[Security\Http] Skip remember-me logout on empty token
Missing return in loadValuesForChoices method
No need to create an issue when creating a PR
Use ">=" for the "php" requirement
[HttpClient] Fix promise behavior in HttplugClient
[Console] Fixes question input encoding on Windows
* 5.0:
minor #37121 [Contracts] Add missing "extra.thanks" entries in composer.json (nicolas-grekas)
[Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
fix handling null as empty data
No need to create an issue when creating a PR
Use ">=" for the "php" requirement
[HttpClient] Fix promise behavior in HttplugClient
[Console] Fixes question input encoding on Windows
* 4.4:
minor #37121 [Contracts] Add missing "extra.thanks" entries in composer.json (nicolas-grekas)
[Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
fix handling null as empty data
No need to create an issue when creating a PR
[Console] Fixes question input encoding on Windows
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Contracts] Add missing "extra.thanks" entries in composer.json
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Something we forgot and that might help give some more visibility to symfony/contracts.
Commits
-------
bd04f0cce6 [Contracts] Add missing "extra.thanks" entries in composer.json
* 3.4:
[Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
fix handling null as empty data
No need to create an issue when creating a PR
[Console] Fixes question input encoding on Windows
This PR was merged into the 3.4 branch.
Discussion
----------
[Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |no
| Deprecations? | no
| Tickets | Fix#37294
| License | MIT
| Doc PR |
Passes current Process unit tests.
On Windows systems, a new set of sf_proc_## files are generated in the system temp directory for each WindowsPipes object. These files are removed when the WindowsPipes object is destroyed.
This avoids receiving a permission denied error when attempting to write to sf_proc_## files between multiple sites running as different users, when the users do not have permissions to modify each others files.
Changes
- [Process] WindowsPipes always creates new sf_proc_## files in constructor
- [Process] WindowsPipes removes its sf_proc_## files in destructor
Commits
-------
220be89f5c [Process] Fix Permission Denied error when writing sf_proc_00 lock files on Windows
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] fix handling null as empty data
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37493
| License | MIT
| Doc PR |
Commits
-------
b5aa55dab9 fix handling null as empty data
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fixes question input encoding on Windows
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#35842, Fix#36324, Fix#37495 and Fix#37278 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | no <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
To ask a question to a user, the [QuestionHelper](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Console/Helper/QuestionHelper.php) use [`fgets`](https://www.php.net/manual/en/function.fgets.php). However, special characters are not supported on Windows with this function (like accents: `é`, `à`, `ö`). The solution is to set a special encoding with [`sapi_windows_cp_get`](https://www.php.net/manual/en/function.sapi-windows-cp-get).
> Before
```php
$stream = fopen('php://stdin', 'r');
$input = fgets($stream);
echo $input;
// input: "Bonjour à tous"
// output: 'Bonjour \ tous" or "Bonjour tous"
```
> After
```php
// Check if the function exists because it only exists on Windows
if(function_exists('sapi_windows_cp_set')) {
sapi_windows_cp_get(437);
}
$stream = fopen('php://stdin', 'r');
$input = fgets($stream);
echo $input;
// input: "Bonjour à tous"
// output: 'Bonjour à tous"
```
*Thanks to @bnjmnfnk for the solution 😉*
Commits
-------
4288df4f74 [Console] Fixes question input encoding on Windows
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[HttpClient] Fix promise behavior in HttplugClient
| Q | A
| ------------- | ---
| Branch? | 4.4 & up <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#37488 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
## The Problem
Promises have 2 important methods: `then` and `wait`.
To implement Httplug's promise interface, we built `HttplugPromise` on top of Guzzle promise.
However, when an error occurred (Httplug `NetworkException` thrown) while init the request/before actually sending the request,
`HttplugClient::sendAsyncRequest` will return a `Http\Promise\RejectedPromise`, which is a dummy implementation.
If the `then` callable returns a promise-like object, `Http\Promise\RejectedPromise` will treat it as plain value.
Guzzle promise will try to resolve the promise-like value, which is an object that has `then` method on it.
bbf3b200bc/src/Promise.php (L116)
To fix this, I edited `src/Symfony/Component/HttpClient/HttplugClient.php`.
Next, let me explain why to edit `src/Symfony/Component/HttpClient/Response/HttplugPromise.php`.
After the previous fix, when a Guzzle promise returned by the `then` callable, things will work.
However, If I return a `HttplugPromiseInterface`, it doesn't work, because Guzzle promise `wait` the return value (result)
only if it's a Guzzle promise.
bbf3b200bc/src/Promise.php (L63)
To fix this, I referenced the `wait` code of Guzzle promise and edited our `HttplugPromise`.
## How this fix make sense
So, why to return a promise from the `then` callable?
This let us change the promise chain according to current promise's result (fulfilled/rejected).
For example, we can retry an HTTP request if it failed.
Please take a look at my test code.
Commits
-------
147b6adc39 [HttpClient] Fix promise behavior in HttplugClient
* 5.1:
[HttpClient][CurlHttpClient] Fix http_version option usage
[HttpClient] fix parsing response headers in CurlResponse
[PropertyAccess] Remove inflector component
[Console] Do not check for "stty" using "exec" if that function is disabled
[Console] always use stty when possible to ask hidden questions
* 5.0:
[HttpClient][CurlHttpClient] Fix http_version option usage
[HttpClient] fix parsing response headers in CurlResponse
[Console] Do not check for "stty" using "exec" if that function is disabled
[Console] always use stty when possible to ask hidden questions
* 4.4:
[HttpClient][CurlHttpClient] Fix http_version option usage
[HttpClient] fix parsing response headers in CurlResponse
[Console] Do not check for "stty" using "exec" if that function is disabled
[Console] always use stty when possible to ask hidden questions
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] always use stty when possible to ask hidden questions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36565, replaces #36590
| License | MIT
| Doc PR | -
The current code doesn't make much sense: we check `hasSttyAvailable()`, and if the answer is `false`, we still use `stty` directly.
This PR relies on `stream_isatty` and equivalent fallback checks to decide if the password can be hidden or not.
Best reviewed [ignoring whitespaces](https://github.com/symfony/symfony/pull/37469/files?w=1).
Commits
-------
055b605e30 [Console] always use stty when possible to ask hidden questions
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix parsing response headers in CurlResponse
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This fixes rare notices that look like:
`Argument 2 passed to Symfony\Component\HttpClient\Chunk\DataChunk::__construct() must be of the type string, null given`
I'm unable to provide a test case since I'm unable to provide a simple reproducer.
It happens that curl can call the header-function with multiple lines at once apparently, while most of the time it does so with one at a time.
Commits
-------
eb70fb2f26 [HttpClient] fix parsing response headers in CurlResponse
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Workflow] Added Function (and Twig extension) to retrieve a specific transition
You can now easily retrieve a specific transition. Useful when you want the metadata of a specific transition.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | hmmmm, should I create a ticket first ?
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13907
I needed to get the metadata of a transition, but in order to do that, you need the transition object. So here is a PR to easily get the transition object
Commits
-------
0eebe74259 [Workflow] Added Function (and Twig extension) to retrieve a specific transition
This PR was merged into the 5.2-dev branch.
Discussion
----------
[HttpClient] Add MockResponse::getRequestMethod() and getRequestUrl() to allow inspecting which request has been sent
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
---
As same as the `MockResponse` class has `getRequestOptions()` when doing a request; I've added:
* `getRequestUrl()` - returns the URL used when doing the request
* `getRequestMethod()` - returns the HTTP method used when doing the request
With these two getters, we would be able to assert that the method and URL passed to the `HttpClient` were well generated. I've tried to assert the URL generated in a unit test of a class with a `SymfonyHttpClient` injected and it wasn't possible. Calling `$mock->getInfo('url')` returns `null`.
Example, if we have a class with `HttpClientInterface` injected like this:
```php
final class SymfonyHttpUserClient
{
private HttpClientInterface $httpClient;
private string $baseUri;
public function __construct(
HttpClientInterface $httpClient,
string $baseUri
) {
$this->httpClient = $httpClient;
$this->baseUri = $baseUri;
}
public function getById(string $userId): void
{
$this->httpClient->request(
'GET',
$this->baseUri . $customerId
);
}
}
```
And if we want to do a unit test of `SymfonyHttpUserClient` right now we are not able to check if the URL of the request was well-formed passing a `MockResponse`. Also, we weren't able to assert the HTTP method (maybe this piece is not so critical to assert in the unit test).
```php
class SymfonyHttpUserClientTests extends TestCase
{
public function testGetById(): void
{
$baseUri = 'https://user-api.test/api/v1/users/';
$mockResponse = new MockResponse();
$symfonyHttpUserClient = new SymfonyHttpUserClient(
new MockHttpClient(
[$mockResponse],
$baseUri
),
$baseUri
);
// test get by id:
$symfonyHttpUserClient->getById('some-user-id');
// cannot be asserted right now:
$this->assertSame($mockResponse->getInfo('url'), $baseUri . 'some-user-id'); // fail
$this->assertSame($mockResponse->getInfo('http_method'), 'GET'); // fail
// it could be with the new getters:
$this->assertSame($mockResponse->getRequestUrl(), $baseUri . 'some-user-id');
$this->assertSame($mockResponse->getRequestMethod(), 'GET');
}
}
```
This only happens if the class has injected the HttpClient and if it is used inside void methods with no being able to return the response. If the class returns the response, `url` and `http_method` are available with `$response->getInfo()` call. But this response object is a new one, is not the mock passed by argument when you instance the MockHttpClient.
Var dumps of `getInfo` array:
```
$response->getInfo() from MockClient:
..array(10) {
["start_time"]=>
float(1587109014.7985)
["user_data"]=>
NULL
["http_code"]=>
int(200)
["response_headers"]=>
array(0) {
}
["error"]=>
NULL
["canceled"]=>
bool(false)
["redirect_count"]=>
int(0)
["redirect_url"]=>
NULL
["http_method"]=>
string(3) "GET"
["url"]=>
string(47) "https://user-api.test/api/v1/users/some-user-id"
}
$mock->getInfo()
array(4) {
["http_code"]=>
int(200)
["response_headers"]=>
array(0) {
}
["error"]=>
NULL
["canceled"]=>
bool(false)
}
```
This is a minor change, I opened the PR with `4.4` as base branch; but not sure if it should be opened with `5.0` as base branch or even `master` taking account is a feature (add two new getters in MockResponse class). Let me know if I didn't follow right the instructions (first PR on Symfony project 😃)
Thanks!
Commits
-------
7a250d80c1 [HttpClient] Add MockResponse::getRequestMethod() and getRequestUrl() to allow inspecting which request has been sent
This PR was merged into the 5.2-dev branch.
Discussion
----------
Move event alias mappings to their components
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
For a small console tool, I wanted to use the Console, EventDispatcher and DI components standalone. In order to make use of aliased events, I had to copy over the mapping information from FrameworkBundle, which was a bit unfortunate.
With this PR, I'd like to suggest to store all alias mappings on the `*Events` classes of each component instead. This change will make the mapping reusable outside of the full-stack framework.
Note: I've bumped the dependencies of FrameworkBundle/SercurityBundle in order to gain access to the moved mapping information. If any of the bumps is too heavy, please tell me and I'll implement a fallback instead.
Commits
-------
28e6f6f72c Move event alias mappings to their components.
* 5.1:
[ErrorHandler] fix throwing from __toString()
Removed comments and requirements relative to php <5.5 (not supported anymore)
Fix caching of parent locales file in translator
fix validating lazy properties that evaluate to null
* 5.0:
[ErrorHandler] fix throwing from __toString()
Removed comments and requirements relative to php <5.5 (not supported anymore)
Fix caching of parent locales file in translator
fix validating lazy properties that evaluate to null
* 4.4:
[ErrorHandler] fix throwing from __toString()
Removed comments and requirements relative to php <5.5 (not supported anymore)
Fix caching of parent locales file in translator
fix validating lazy properties that evaluate to null
This PR was merged into the 4.4 branch.
Discussion
----------
[Translation] Fix caching of parent locales file in translator
| Q | A
| ------------- | ---
| Branch? | 4.4 (this is the lowest maintained branch with this code)
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
The `parentLocales` property was probably meant as a cache for the content of the `parents.json` file but instead the content is stored in a local variable and the property stays `null`. This means the file is read on each call to `computeFallbackLocales`.
This PR update the code to what was probably meant to be.
(Ref https://github.com/symfony/symfony/pull/28070)
Commits
-------
02c9ac68a4 Fix caching of parent locales file in translator
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Console ProgressBar: Change redraw default value to 25fps
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
`ProgressBar` has a default value of `0.1` for `$minSecondsBetweenRedraws` which works out to 10 fps, so below the threshhold at which the human eye perceives it as a moving image instead of a series of individual images. Of course, the console's progress bar is not really an animation tool, but it seems like a low-hanging fruit to change the redraw frequency to something that can be perceived as a fluid motion. So I'm proposing to change `$minSecondsBetweenRedraws` to `0.016666666666667`, i.e. 60 fps, which is a fairly typical refresh rate for computer screens, so redrawing more often than that would be pointless. It means of course to redraw six times more often than currently, but i guess performance is not such a big concern here, right?
Commits
-------
b1c38bada7 Console ProgressBar: Change redraw default value to 25fps
This PR was merged into the 4.4 branch.
Discussion
----------
[Mime] skip test if guesser is not supported
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
fixes tests on AppVeyor
Commits
-------
3b77abea65 skip test if guesser is not supported
This PR was merged into the 5.1 branch.
Discussion
----------
[Security] Added missing license headers
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
See 3be6ce121b
Seems like the fabbot reviews (and I) missed quite a lot of these in my big security PR.
Commits
-------
ea81b61e5f Added missing license headers
* 5.1:
Fix test that fails on old distros
Fix: compatibility with phpunit 9.3
[DoctrineBridge] work around Connection::ping() deprecation
[MimeType] Duplicated MimeType due to PHP Bug
[HttpClient] fix casting TraceableResponse to php streams
[DI] fix parsing of argument type=binary in xml
fix guessing form types for DateTime types
fix handling typed properties as constraint options
Fix the 'supports' method argument type of the security voter
Use the driverConnection executeUpdate method
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpClient] fix casting TraceableResponse to php streams
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37393
| License | MIT
| Doc PR | -
We'd better replace these checks by an `instanceof` one, but that'd be for master.
Commits
-------
5733289278 [HttpClient] fix casting TraceableResponse to php streams
* 5.0:
Fix test that fails on old distros
Fix: compatibility with phpunit 9.3
[DoctrineBridge] work around Connection::ping() deprecation
[MimeType] Duplicated MimeType due to PHP Bug
[DI] fix parsing of argument type=binary in xml
fix guessing form types for DateTime types
fix handling typed properties as constraint options
Fix the 'supports' method argument type of the security voter
Use the driverConnection executeUpdate method
* 4.4:
Fix test that fails on old distros
Fix: compatibility with phpunit 9.3
[DoctrineBridge] work around Connection::ping() deprecation
[MimeType] Duplicated MimeType due to PHP Bug
[DI] fix parsing of argument type=binary in xml
fix guessing form types for DateTime types
fix handling typed properties as constraint options
Use the driverConnection executeUpdate method
This PR was merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] Fix compatibility with phpunit 9.3
| Q | A
| ------------- | ---
| Branch? | master for features / 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -<!-- required for new features -->
In PHPUnit 9.3 some Classes were moved or renamed, to make the PhpunitBridge compatible with PhpUnit 9.3 it necessary to call the new Loader instead of the Registry.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
de71a12f3b Fix: compatibility with phpunit 9.3
This PR was merged into the 4.4 branch.
Discussion
----------
[DoctrineBridge] work around Connection::ping() deprecation
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follows e603a2e233
Commits
-------
9ccf043c7c [DoctrineBridge] work around Connection::ping() deprecation
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[MimeType] Duplicated MimeType due to PHP Bug
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
## Issue:
Currently there is a PHP bug https://bugs.php.net/bug.php?id=77784 that is causing several MimeTypes to be given as duplicated:
```
application/vnd.openxmlformats-officedocument.spreadsheetml.sheetapplication/vnd.openxmlformats-officedocument.spreadsheetml.sheet
```
Instead of:
```
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
```
This Patch will fix the Issues by checking if a returned MimeType is duplicated and return appropriate MimeType.
This patch should be reverted if the PHP Bug is ever fixed.
Commits
-------
7cb29c8b4b [MimeType] Duplicated MimeType due to PHP Bug
This PR was merged into the 5.1 branch.
Discussion
----------
[Notifier] Notifier 5.2 is incompatible with 5.1 bridges
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
#36611 introduced a breaking change that made the Notifier 5.2 incompatible with all Notifier bridges 5.0-5.1. Because of this, the tests are currently failing on Travis. This PR attempts to fix this.
Commits
-------
1b6bbc2e71 [Notifier] Notifier 5.2 is incompatible with 5.1 bridges.
This PR was merged into the 4.4 branch.
Discussion
----------
Directly use the driverConnection executeUpdate method
executeUpdate & executeQuery methods do not throw a TableNotFoundException. No need for the try/catch as it is done for executeQuery
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/37355
| License | MIT
As explained in https://github.com/symfony/symfony/issues/37355, when doing a write operation, one should avoid using the `executeQuery` method of a Connection, as Doctrine's MasterSlaveConnection can pick a slave instance (usually read-only) for these operations.
Commits
-------
eec12ecd23 Use the driverConnection executeUpdate method
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Notifier][Slack] Error trown when having more than 10 fields specified #36346
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#36346 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
As written in [docs](https://api.slack.com/reference/block-kit/blocks#section) of Section block, for fields we have to had maximum 10 items specified.
Commits
-------
68b2490ee2 [Notifier][Slack] Error trown when having more than 10 fields specified #36346
This PR was merged into the 5.2-dev branch.
Discussion
----------
[TwigBundle] Deprecate the public "twig" service to private
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
I think the `twig` service don't need to be public anymore - we never need to access it directly in Symfony's code.
Commits
-------
f64cbada89 [TwigBundle] Deprecate the public "twig" service to private
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Form] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4, 4.4, 5.0 or 5.1 for bug fixes <!-- see below -->
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Part of #37186
| License | MIT
| Doc PR | -
Commits
-------
9e2e8eeb29 [Form] Move configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[HttpFoundation] add `HeaderUtils::parseQuery()`: it does the same as `parse_str()` but preserves dots in variable names
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Inspired by https://github.com/symfony/psr-http-message-bridge/pull/80
/cc @drupol
Related to #9009, #29664, #26220 but also https://github.com/api-platform/core/issues/509 and https://www.drupal.org/project/drupal/issues/2984272
/cc @dunglas @alexpott
Commits
-------
dd81e32ec1 [HttpFoundation] add `HeaderUtils::parseQuery()`: it does the same as `parse_str()` but preserves dots in variable names
* 5.1:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
[DI] Fix call to sprintf in ServicesConfigurator::stack()
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
Resolve event bubbling logic in a compiler pass
update cookie test
* 5.0:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
update cookie test
* 4.4:
[HttpClient] Support for cURL handler objects.
[HttpClient] unset activity list when creating CurlResponse
Fixed typo in test name
add .body wrapper element
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
Check whether path is file in DataPart::fromPath()
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
* 3.4:
Fixed typo in test name
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
[VarDumper] Support for cURL handler objects.
[DI][FrameworkBundle] Remove whitelist occurrences
Avoid accessibility errors on debug toolbar
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#36068 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | no
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
`.mp3` files are more common than `.mpga` files.
Commits
-------
76a744ad91 [HttpFondation] Change file extension of "audio/mpeg" from "mpga" to "mp3"
This PR was merged into the 5.0 branch.
Discussion
----------
[BrowserKit] update cookie test for cookie values with double quotes
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | noâ
| Deprecations? | no
| Tickets | Fix#37161
| License | MIT
| Doc PR | symfony/symfony-docs#
Provide a test for cookie values with double quotes
Commits
-------
a50c660823 update cookie test
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Notifier] Return SentMessage from the Notifier message handler
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | see https://github.com/symfony/symfony/pull/36611#issuecomment-648448026 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR |
Commits
-------
5855d112b7 [Notifier] Return SentMessage from the Notifier message handler
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Support for cURL handler objects
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #37378
| License | MIT
| Doc PR | N/A
Commits
-------
39c1a6373b [VarDumper] Support for cURL handler objects.
This PR was merged into the 4.4 branch.
Discussion
----------
add .body wrapper element
This change makes the notification email responsive.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
There was a wrapper missing from the foundation template.
This wrapper applies all `table.body table.container` styles from the foundation stylesheet
including font's and the responsive rules that were missing.
Commits
-------
5b74bbd288 add .body wrapper element
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Add Notifier SentMessage
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13624
Like Mailer, Notifier returns now a SentMessage that contains the messageId (returned by the provider in the response). It contains also the body of the response as array to have more info about price, number of sms sent, status and so on.
- [x] apply to bridges
Commits
-------
5a6f0537ec Add Notifier SentMessage
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] allow configuring trusted proxies using semantic configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | -
| Tickets | -
| License | MIT
| Doc PR | -
On top of the improved DX this should provide, this PR (and #37351) will allow [removing the corresponding lines](https://github.com/symfony/recipes/pull/790) from `index.php` & recipes.
Using values:
```yaml
framework:
trusted_proxies: '127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
#or
trusted_proxies: '%env(TRUSTED_PROXIES)%'
```
`trusted_headers` is similar but is an array of headers to trust.
```yaml
framework:
# that's the defaults already
trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']
```
Commits
-------
af9dd52752 [FrameworkBundle] allow configuring trusted proxies using semantic configuration
This PR was merged into the 5.1 branch.
Discussion
----------
[Security] Resolve event bubbling of logout + new events in a compiler pass
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37292
| License | MIT
| Doc PR | -
This PR proposes to create a compiler pass that registers listeners on the main `event_dispatcher` on the firewall-specific event dispatcher during compile time. This allows to still specify listener priorities while listening on a bubbled-up event (instead of a fix moment where the event bubbling occurs). It probably also improves performance, as it doesn't use duplicated event dispatching logic to provide event bubbling.
Nothing changes on the user side. I proposed this as a bugfix, as it fixes the bug mentioned in #37292 (not being able to use listener priorities). I did remove a class, which was introduced in 5.1 and is very internal. I think it's safe, but we can also keep it and remove in master.
Commits
-------
f962c26061 Resolve event bubbling logic in a compiler pass
This PR was merged into the 5.2-dev branch.
Discussion
----------
[DI] deprecate Definition/Alias::setPrivate()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
Right now, there is a very subtle difference between `setPublic()` and `setPrivate()` that dates back to the FC/BC layer we created to turn services private by default.
We kept this difference to help third party bundles provide support for a wide range of versions of Symfony, but since 5.2 will be released at the same time as 3.4 will enter EOM, we should remove this behavior and deprecate `setPrivate()` to signal the change.
This is what this PR does.
Commits
-------
1bea690f4d [DI] deprecate Definition/Alias::setPrivate()
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] allow enabling the HTTP cache using semantic configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, using the HTTP cache requires tweaking the `public/index.php` file [as explained in the doc](https://symfony.com/doc/current/http_cache.html).
This PR removes this requirement by allowing one to do this instead:
```yaml
framework:
http_cache: true
```
Commits
-------
56b993ac2e [FrameworkBundle] allow enabling the HTTP cache using semantic configuration
This PR was merged into the 3.4 branch.
Discussion
----------
Avoid accessibility errors on symfony web debug toolbar
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | symfony/symfony-docs#...
When for example using the [axe](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd) to test the website for accessibility. Axe will fail because a div element without a role or a parent [landmark](https://www.w3.org/TR/wai-aria-practices/examples/landmarks/HTML5.html) is rendered. To avoid this errors I think we should define it as a specific region.
Commits
-------
223b405168 Avoid accessibility errors on debug toolbar
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] changed configuration file for messenger from xml to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37186
| License | MIT
Use `messenger.php` instead of `messenger.xml` and `messenger_debug.php` instead of `messenger_debug.php`
Commits
-------
571a49873e [FrameworkBundle] changed configuration file for messenger from xml to php
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] convert config/serializer.xml to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Part of #37186
| License | MIT
Hello!
This PR contains a new configuration file `serializer.php` instead of `serializer.xml`.
Commits
-------
62e9788599 make priority integers & fix test checking definition to be private
25df2de0a6 [FrameworkBundle] convert config/serializer.xml to php
* This removes duplicate event dispatching logic on event bubbling, which
probably improves performance.
* It allows to still specify listener priorities while listening on a
bubbled-up event (instead of a fix moment where the event bubbling occurs)
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Let security factories add firewall listeners
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | n/a
Hello there, I'm the author of `scheb/two-factor-bundle`, which extends Symfony's security layer with two-factor authentication. I've been closely following the recent changes by @wouterj to rework the security layer with "authenticators" (great work!). While I managed to make my bundle work with authenticators, I see some limitations in the security layer that I'd like to address to make such extensions easier to implement.
With the new authenticator-based security system, it is no longer possible to add a authentication listener to the firewall. The only way to do it is a dirty compiler pass, which extends the argument on the `security.firewall.map.context.[firewallName]` service (like I do in: ed2ce9804b/src/bundle/DependencyInjection/Compiler/AccessListenerCompilerPass.php). This is quite ugly and hacky, so I believe there should be an easier and clean way to add firewall-level listeners. This PR adds an interface, which may be implemented by security factories and lets them add additional listeners to the firewall.
Why would you want to do that? There are certain use-cases that require extra logic to handle a request within the firewall. For example in my bundle, I need to handle the intermediate state between login and the completion of two-factor authentication. So ideally, I'm able to execute some code from the firewall right before `Symfony\Component\Security\Http\Firewall\AccessListener`. In the old security system, I could handle this in my authentication listener, which I had to implement anyways. With the new authenticator-based system this option is gone. In the ideal world, I could add a firewall listener and tell it to execute between `LogoutListener` and `AccessListener`.
This is a draft, so I'd like to hear your opinion on this :)
There's another issue, regarding the order of execution, which I'm addressing with #37337.
Commits
-------
0a4fcea8db Add interface to let security factories add their own firewall listeners
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Security] Add attributes on Passport
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | not yet
see https://github.com/symfonycorp/connect/pull/95
/cc @wouterj
Commits
-------
440ada3c5f [Security] Add attributes on Passport
This PR was merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Fix UserCheckerListener registration with custom user checker
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37365
| License | MIT
| Doc PR | -
The user checker listener was wrongly registered on the global event dispatcher, as it can be customized per firewall. This PR fixes that + correctly uses the configured user checker instead of always trying to use `UserCheckerInterface`.
Commits
-------
d63f59036c Fix UserCheckerListener registration with custom user checkers
* 5.1:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
* 5.0:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
* 4.4:
[SecurityBundle] Drop cache.security_expression_language definition if invalid
[DI] disable preload.php on the CLI
collect all transformation failures
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Part pf #37186
| License | MIT
| Doc PR | -
Commits
-------
1132d404b0 Move configuration to PHP
This PR was merged into the 3.4 branch.
Discussion
----------
Added Unit tests for php 8 union types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
The missing test cases for #37340.
Commits
-------
2ca8ecdb74 Added Unit tests for php 8 union types.
* 5.1: (28 commits)
[DI] fix
Use "composer/package-versions-deprecated" when possible
Fix
Small update in our internal terminology
Fix support for PHP8 union types
[VarDumper] fix typo
[Lock][Messenger] Fix precedence of DSN options for 5.1
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
Remove unnecessary null check
[HttpFoundation] Allow `null` in InputBag@set
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
Fix package rename when releasing
bumped Symfony version to 5.1.3
updated VERSION for 5.1.2
updated CHANGELOG for 5.1.2
...
This PR was merged into the 5.1 branch.
Discussion
----------
[5.1] Fix support for PHP8 union types
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Same as #37340 for 5.1
Commits
-------
dd1b61703f Fix support for PHP8 union types
* 5.0:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
* 4.4:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Fix precedence of DSN options for 4.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/37218#discussion_r438779225
| License | MIT
| Doc PR | N/A
This PR fix précédence of DSN options over constructor options in all component on branch 4.4
Commits
-------
992205a759 Fix precendence in 4.4
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Lock][Messenger] Fix precedence of DSN options for 5.1
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/37218#discussion_r438779225
| License | MIT
| Doc PR | N/A
This PR fix précédence of DSN options over constructor options in all component on branch 5.1
Commits
-------
9670e9ff06 [Lock][Messenger] Fix precedence of DSN options for 5.1
This PR was merged into the 4.4 branch.
Discussion
----------
[4.4] Fix support for PHP8 union types
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Same as #37340 for 4.4
Commits
-------
da68e66a99 Fix support for PHP8 union types
* 3.4:
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] tighten detection of local dirs to prevent false positives
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36510 and #37150
| License | MIT
| Doc PR | -
Commits
-------
b746dd900c [DI] tighten detection of local dirs to prevent false positives
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
Currently the coloring of composer output is forced in some calls, forced not to be colored in one other call and left for auto in the others.
This change would make it uniform, depending on the --colors option of phpunit provided (or not provided) in the call
Commits
-------
968d6c4276 [PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Fix CliDumper coloration on light arrays
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When `AbstractDumper::DUMP_LIGHT_ARRAY` is used with the `CliDumper`, the first line (opening bracket) is not colored. When an empty array is dumped (with or without `AbstractDumper::DUMP_LIGHT_ARRAY`) the array is not colored too. This PR aims to fix that.
Commits
-------
7af3469771 [VarDumper] Fix CliDumper coloration
This PR was merged into the 5.1 branch.
Discussion
----------
Fix package rename when releasing
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix when upgrading my local project to use the package instead of my old code :)
| License | MIT
---
Related to
a89a2a8893 (diff-bd586be86489d3e4725496bf5d4caf23) friendly ping @fabpot
The package is released at https://packagist.org/packages/symfony/free-mobile-notifier
And thus this needed to be fixed t give proper hint to devs
Thanks
Commits
-------
7a93222259 Fix package rename when releasing
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[HttpClient] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Part of #37186
| License | MIT
| Doc PR | -
Commits
-------
955ab04d96 [HttpClient] Move configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
Adding a keyword for Packagist
Thank you @javiereguiluz for the suggestion.
https://github.com/symfony/symfony/pull/37273
| Q | A
| ------------- | ---
| Branch? | N/A
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
So project will appear here:
https://packagist.org/search/?tags=terminal
Commits
-------
aeef1e19bb Adding a keyword for Packagist
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[AssetBundle] Move xml service configuration to php
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4, 4.4, 5.0 or 5.1 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes/no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
74650610ff [AssetBundle] Move xml service configuration to php
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[DebugBundle] Move xml service configuration to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #37186
| License | MIT
| Doc PR | -
Move DebugBundles xml service configuration to php.
Commits
-------
7355c95fb0 [DebugBundle] Move xml service configuration to php
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[SecurityBundle] Move configuration from XML to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #37186 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR |- <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Move security configuration from XML to PHP for `collectors`, `console` and `guard`
Commits
-------
417636fb61 [Security] Move configuration of guard to PHP
79764a9e85 [Security] Move configuration of console to PHP
2176ed23b1 [Security] Move configuration of collectors to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[request] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Part of #37186
| License | MIT
| Doc PR |
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
ca72bbbf4d [request] Move configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move XML service configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Move the FrameworkBundle service configuration to PHP.
Commits
-------
679486257d [FrameworkBundle] Move XML service configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Routing] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | [#37186](https://github.com/symfony/symfony/issues/37186)
| License | MIT
Moving routing configurations in FrameworkBundle to PHP
Commits
-------
268edd8e71 [Routing] Move configuration to PHP
* 5.1:
[Console] Reset question validator attempts only for actual stdin (bis)
Fix CookieClearingLogoutListener DI configuration
[HttpFoundation] use InputBag for Request::$request only if data is coming from a form
Make PhpDocExtractor compatible with phpDocumentor v5
fixed prototype block prefixes hierarchy of the CollectionType
Reset question validator attempts only for actual stdin
fixed block prefixes hierarchy of the CollectionType
bumped Symfony version to 5.0.11
updated VERSION for 5.0.10
updated CHANGELOG for 5.0.10
bumped Symfony version to 4.4.11
updated VERSION for 4.4.10
updated CHANGELOG for 4.4.10
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[WebProfilerBundle] Move xml service configuration to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #37186 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -
Move WebProfilerBundles xml service configuration to php.
Commits
-------
c17429ff76 [WebProfilerBundle] Move xml service configuration to php
* 5.0:
Make PhpDocExtractor compatible with phpDocumentor v5
Reset question validator attempts only for actual stdin
bumped Symfony version to 5.0.11
updated VERSION for 5.0.10
updated CHANGELOG for 5.0.10
bumped Symfony version to 4.4.11
updated VERSION for 4.4.10
updated CHANGELOG for 4.4.10
* 4.4:
Make PhpDocExtractor compatible with phpDocumentor v5
Reset question validator attempts only for actual stdin
bumped Symfony version to 4.4.11
updated VERSION for 4.4.10
updated CHANGELOG for 4.4.10
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpFoundation] use InputBag for Request::$request only if data is coming from a form
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37100
| License | MIT
| Doc PR | -
Commits
-------
786ba109d0 [HttpFoundation] use InputBag for Request::$request only if data is coming from a form
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move translation service configuration from xml to php #37186
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #37186
| License | MIT
| Doc PR | -
Move translation service configuration from xml to php
Commits
-------
e4bc48f334 [FrameworkBundle] Move translation service configuration from xml to php #37186
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move mailer configuration to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? |no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Part of #37186
| License | MIT
Move mailer configuration file to php
Commits
-------
eb88f8856b [FrameworkBundle] Move mailer configuration to php
This PR was merged into the 4.4 branch.
Discussion
----------
Reset question validator attempts only for actual stdin
| Q | A
| ------------- | ---
| Branch? | 4/4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#37046
| License | MIT
| Doc PR |
Let's see what CI says. Works for me locally with phpunit and when running such command manually
Commits
-------
8fe7be4212 Reset question validator attempts only for actual stdin
This PR was merged into the 4.4 branch.
Discussion
----------
[PropertyInfo] Make PhpDocExtractor compatible with phpDocumentor v5
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36049
| License | MIT
| Doc PR | N/A
Version 5 of phpDocumentor introduced some changes to the `getTagsByName()` method that break the `PhpDocExtractor`.
More specific, it now returns an instance of `InvalidTag` instead of `null` when parsing an invalid tag.
Commits
-------
b1f8e5a80a Make PhpDocExtractor compatible with phpDocumentor v5
Version 5 of phpDocumentor introduced some changes to the
`getTagsByName()` method that break the `PhpDocExtractor`.
More specific, it now returns an instance of `InvalidTag` instead of
`null` when parsing an invalid tag.
* 5.1:
[Security] Run functional tests also for the authenticator system
Fix register csrf protection listener
bumped Symfony version to 5.1.2
updated VERSION for 5.1.1
updated CHANGELOG for 5.1.1
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Validator][FrameworkBundle] Move configurations from XML to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Part of #37186 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Move `src/Symfony/Bundle/FrameworkBundle/Resources/config/validator*.xml` configurations to PHP
Commits
-------
46de8900f0 [FrameworkBundle] Move Validator configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move session configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37186
| License | MIT
Move session configuration file to php
Commits
-------
de8f07d5bd [FrameworkBundle] Move session configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Notifier] Remove default transport property in Transports class
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | tbd. <!-- required for new features -->
At the moment the `Transports` class uses the first element of the injected transports array as the default transport: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Notifier/Transport/Transports.php#L35
If you try to send a message that doesn't define a transport (`!$message->getTransport()`) the default transport is used. I see two main drawbacks with this solution that I try to fix with this PR:
1. There is no check if the given message is supported by the default transport. What means that the transport is going to fail with an Exception, if it's not supporting the given message. E.g. the `SlackTransport` only supports `ChatMessage`s with nullable options or options from type `SlackOptions`. So as a default transport the `SlackTransport` can't handle all types of `ChatMessage`s.
2. Why should we only send the message using the default transport if there are more possible transports which are probably supported?
I did the following to fix the mentioned drawbacks:
- removed the default transport property
- added a check to make sure the transport defined by the message supports it
- send the message to **all** supported transports, in case the given message does not define a transport
- added a test
Commits
-------
5c167b08d3 [Notifier] Remove default transport property in Transports class
* 5.1:
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
switch the context when validating nested forms
remove unused param from validator service config
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
* 5.0:
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
switch the context when validating nested forms
remove unused param from validator service config
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
* 4.4:
[DependencyInjection][CheckTypeDeclarationsPass] Handle unresolved parameters pointing to environment variables
switch the context when validating nested forms
remove unused param from validator service config
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
* 3.4:
switch the context when validating nested forms
Fix typo
[HttpKernel] Fix regression where Store does not return response body correctly
rework form validator tests
Update AbstractController.php
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] switch the context when validating nested forms
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37072
| License | MIT
| Doc PR |
Commits
-------
38135de549 switch the context when validating nested forms
This PR was merged into the 5.2-dev branch.
Discussion
----------
[APP_CACHE_DIR] Ensure a split per environment when using that new variable
| Q | A
| ------------- | ---
| Branch | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13819
All the explanation here: https://github.com/symfony/symfony-docs/pull/13819
Commits
-------
06b793f59e Ensure a split per environment
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Lock] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes-ish
| Deprecations? | no
| Tickets | #37186
| License | MIT
| Doc PR | n/a
Change lock config file from XML to PHP.
Commits
-------
7882cd5527 [Lock] Move configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move web configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Commits
-------
9000e72a23 add missing abstract_arg to fix replace arguments
8a81abeb6f [FrameworkBundle] Move web configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[SecurityBundle] convert templating configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Commits
-------
0c36a4b8d9 [SecurityBundle] convert templating configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move profiling collectors configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37186
| License | MIT
Moving profiling collectors configuration in framework bundle to PHP.
Commits
-------
3a0db4cf4d [FrameworkBundle] Move profiling collectors configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[DI][Framework] Use PHP instead of XML for test config
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Partially #37186
| License | MIT
See #37186
Commits
-------
36cc98228e [DI][Framework] Use PHP instead of XML for test config
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move profiling configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #37186
| License | MIT
Moving profiling configuration in framework bundle to PHP.
Commits
-------
20b5d245c7 [FrameworkBundle] Move profiling configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[Ssi] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
| Doc PR | n/a
Commits
-------
5a4d667369 [Ssi] Move configuration to PHP
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move debug configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
a226a52d65 [FrameworkBundle] Move debug configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Move security-csrf configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Moving security-csrf configuration in framework bundle to PHP.
Commits
-------
a2d6581345 [FrameworkBundle] Move security-csrf configuration to PHP
This PR was merged into the 4.4 branch.
Discussion
----------
Remove non-existing arg and param from serializer service config
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
Leftover from #22741
Commits
-------
d179d71f45 Remove non-existing arg and param from serializer service config
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][CheckTypeDeclarationsPass] Always resolve parameters
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37166
| License | MIT
| Doc PR | -
> Only array parameters are not inlined when dumped.
This is true only when the XML debug container is used, not on a live container that can contain unresolved parameters in the `%my_param%` form. That was my mistake. We have to resolve to get the parameter type.
`$value = [];` was just an improvement to avoid useless parameter resolve btw.
Commits
-------
da0e2c36ef [DependencyInjection][CheckTypeDeclarationsPass] Always resolve parameters
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[DependencyInjection] Apply ExpressionLanguageProviderPass to router.default
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/37042
| License | MIT
Using a `chain_router` usually replaces the `router` and add the `router.default` to it's chain.
This would `addExpressionLanguageProvider` to the default router only as the chain router is not expected to have `addExpressionLanguageProvider` as it is not part of the router interface.
Commits
-------
215ad1f93d [DependencyInjection] Apply ExpressionLanguageProviderPass to router.default
This PR was merged into the 5.1 branch.
Discussion
----------
[String] Fix ellipsis of truncate when not using cut option
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
[Since 5.1](https://symfony.com/blog/new-in-symfony-5-1-string-improvements#keep-the-last-word-when-truncating), we can use a cut option on truncate.
But with this option, we don't have the expected behavior when the entire chain is returned.
Currently:
`u('Lorem Ipsum')->truncate(8, '…', false); // 'Lorem Ipsum...'`
Instead of:
`u('Lorem Ipsum')->truncate(8, '…', false); // 'Lorem Ipsum'`
Thanks to @jmsche for his help.
Commits
-------
a2ee6c6cf4 [String] Fix ellipsis of truncate when not using cut option
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[PropertyInfo] Move configuration to PHP
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
| Doc PR | n/a
Commits
-------
5dab6ffc4b [PropertyInfo] Move configuration to PHP
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Framework] Convert config/error_renderer.xml to php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Commits
-------
213091e8d2 [Framework] Convert config/error_renderer.xml to php
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Convert config/secrets.xml to .php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Commits
-------
6ec97116a3 Convert config/secrets.xml to .php
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Add support for tagged_iterator/tagged_locator in unused tags util
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
/cc @stof :)
Commits
-------
164ca90d89 [FrameworkBundle] Add support for tagged_iterator/tagged_locator in unused tags util
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle] Convert config/mime_type.xml to .php
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Ref #37186
| License | MIT
Commits
-------
fa92490fcb Convert config/mime_type.xml into mime_type.php
This PR was merged into the 5.2-dev branch.
Discussion
----------
[HttpClient] make DNS resolution lazy with NativeHttpClient
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Neither a bug nor a feature but still an improvement. This aligns the behavior of NativeHttpClient with the other adapters.
Commits
-------
d3a450353d [HttpClient] make DNS resolution lazy with NativeHttpClient
This PR was merged into the 5.1 branch.
Discussion
----------
[Routing] Keeping routes priorities after add a name prefix to the collection
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37089
| License | MIT
| Doc PR | -
Commits
-------
10105267b5 kept routes priorities after add a name prefix to the collection
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Lock] Fixed reading locks from replica set secondary nodes
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37139
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13775
Force lock existence query to use `readPreference=primary` in case the given mongo connection is using any of the following `readPreference`s:
* primaryPreferred
* secondary
* secondaryPreferred
* nearest
Any of the above would fail if a secondary node is queried during a lock release.
Commits
-------
ebf7eaf503 [Lock] Fixed reading locks from replica set secondary nodes
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Mime] Add DKIM support
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#36014 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | not yet
```php
$dkimSigner = new DkimSigner($pk, 'example.com', 'sf');
$signedEmail = $dkimSigner->sign($email);
```
You can also pass options:
```php
$dkimSigner = new DkimSigner($pk, 'example.com', 'sf');
$signedEmail = $dkimSigner->sign($email, (new DkimOptions())
->bodyCanon('relaxed')
->headerCanon('relaxed')
->headersToIgnore(['Message-ID'])
->toArray()
);
```
Commits
-------
6dc533821c [Mime] Add DKIM support
This PR was merged into the 5.2-dev branch.
Discussion
----------
Use PHP instead of XML as the prefered service/route configuration in core
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes-ish <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
In Symfony 6, I (we?) would want to promote usage of configuration written in PHP instead of YAML. For third-party bundles and core, we should do the same, replacing XML with PHP. Doing so would remove the need for the XML lib for core.
The biggest advantage is auto-completion with any modern IDE without explicit support for Symfony, and probably one less thing to learn (how to configure things in YAML/XML).
Be warned that it does NOT concern semantic configuration which is much harder.
This PR does the work for the Twig bundle as an example. Once we agreed on the CS, the same should then be done for other core bundles both for service configuration and route configuration.
Embeds #36775 until it is merged.
Commits
-------
0aedd54fc1 [Twig] Move configuration to PHP
This PR was squashed before being merged into the 4.4 branch (closes#37177).
Discussion
----------
[Ldap] fix refreshUser() ignoring extra_fields
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? |no
| Tickets | -
| License | MIT
| Doc PR | -
While #31532 introduced `extra_fields` in general, #32824 later added `LdapUser` & `LdapUserProvider` and ignored `extra_fields` on `refreshUser()`.
This PR fixes `refreshUser()` and adds a test which makes sure, that the refreshed ldap user doesn't lose its default values.
Commits
-------
cb8f12996c [Ldap] fix refreshUser() ignoring extra_fields
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Console] Add support for true colors
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#26576, Fix#19844 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -
This PR adds support for true colors in the Console component.
Instead of adding many ways to add more colors than the current "default" ones, I've opted to only add true color support via Hex CSS colors. If you have something else (RGB, HSV, ...), you need to first convert it to a CSS color. I've also decided to not support the ANSI 256 colors as most terminals support true colors nowadays.
If true colors are not supported by the terminal, we fall back to the "nearest" default color.
`<fg=green;bg=blue>` is now equivalent to `<fg=#00ff00;bg=#00f>`.
The `Color` class is usable outside of the Console framework as well:
```php
$color = new Color('black', 'white');
echo $color->apply("foo");
echo "\n";
$color = new Color('red', 'yellow');
echo $color->apply("foo");
echo "\n";
$color = new Color('#000000', '#ffffff');
echo $color->apply("foo");
$color = new Color('#000', '#fff', ['underscore', 'reverse']);
echo $color->apply("bar");
echo "\n";
```
Rainbow time!
```php
function rainbowColor($i) {
$h = (int) ($i / 43);
$f = (int) ($i - 43 * $h);
$t = (int) ($f * 255 / 43);
$q = 255 - $t;
if ($h == 0) {
return new Color('', sprintf('#FF%02x00', $t));
} elseif ($h == 1) {
return new Color('', sprintf('#%02xFF00', $q));
} elseif ($h == 2) {
return new Color('', sprintf('#00FF%02x', $t));
} elseif ($h == 3) {
return new Color('', sprintf('#00%02xFF', $q));
} elseif ($h == 4) {
return new Color('', sprintf('#%02x00FF', $t));
} elseif ($h == 5) {
return new Color('', sprintf('#FF00%02x', $q));
}
}
for ($i = 0; $i < 128; $i++) {
echo rainbowColor($i)->apply(' ');
}
echo "\n";
for ($i = 255; $i >= 128; $i--) {
echo rainbowColor($i)->apply(' ');
}
echo "\n";
```
![image](https://user-images.githubusercontent.com/47313/81796170-59af5e00-950d-11ea-8203-18c13ae8a07e.png)
Commits
-------
d066514cf1 [Console] Add support for true colors
This PR was merged into the 5.2-dev branch.
Discussion
----------
[ExpressionLanguage] add details for error messages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36847
| License | MIT
| Doc PR |
Hello!
This PR contains a more detail error messages for [ExpressionLanguage], which include info about affected node and attribute.
My English is poor. Please, spell check in error texts.
Commits
-------
5852a8cedd [ExpressionLanguage] add details for error messages
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[PropertyInfo] Support using the SerializerExtractor with no group check
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
It seems there is no way currently to leverage the new `@Ignore` annotation metadata without using serializer groups in third party code.
Indeed the only way to access the serializer's metadata is through the PropertyInfo component since metadata are marked as `@internal` in the Serializer component itself. However, the PropertyInfo component doesn't allow accessing them without using a groups constraint.
This PR proposes a fix by interpreting `serializer_groups = null` as no groups constraint.
This feature would be useful in NelmioApiDocBundle, see https://github.com/nelmio/NelmioApiDocBundle/issues/1595.
Commits
-------
4190bfaf48 [PropertyInfo] Support using the SerializerExtractor with no group check
This PR was merged into the 5.1 branch.
Discussion
----------
[PhpUnitBridge] Fix ExpectDeprecationTrait::expectDeprecation() conflict
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/37133
| License | MIT
| Doc PR | -
ExpectDeprecationTrait::expectDeprecation() must be compatible with TestCase::expectDeprecation(). I'm personally against a renaming on our side because this name is the best.
Commits
-------
ea5bb242fd [PhpUnitBridge] Fix ExpectDeprecationTrait::expectDeprecation() conflict
This PR was merged into the 5.2-dev branch.
Discussion
----------
[DependencyInjection] Display alternatives when a service is not found in CheckExceptionOnInvalidReferenceBehaviorPass
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I often see the mistake of using `@my_service` instead of `my_service` in bundles configurations in YAML (on entries that are then turned into references). Since we don't currently display alternatives, the message content is just that the service don't exist which is hard to understand for new users of the framework.
Commits
-------
6b8f181f1a [DependencyInjection] Display alternatives when a service is not found in CheckExceptionOnInvalidReferenceBehaviorPass
This PR was merged into the 4.4 branch.
Discussion
----------
[Mailer] added the reply-to addresses to the API SES transport request.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
The transport was not sending the reply-to addresses to the SES API when using SendEmail API method.
Commits
-------
ee752f90ed [Mailer] added the reply-to addresses to the API SES transport request.
This PR was merged into the 5.1 branch.
Discussion
----------
[DI] Add check around class_alias for generated proxy classes
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | nofiles -->
| Tickets | Fix#37059
| License | MIT
| Doc PR |
Here is the [requested](https://github.com/symfony/symfony/issues/37059#issuecomment-638633262) fix.
I'd like to note that I consider this kind of a workaround. I don't know why the issue only started to appear with Symfony 5.1 and not before. There might be some other problem hidden somewhere else.
Commits
-------
c8b7459115 Add class_alias for generated proxy classes
This PR was merged into the 4.4 branch.
Discussion
----------
[Mime] use fromString when creating a new Address
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
When creating an Address, there are two ways right now in 4.4: `Address::create()` which takes an email or an instance of Address and `Address::fromString()` which takes an email or an email+name.
In 4.4, I propose to make `create` supports everything possible. And in 5.2, I will probably propose to deprecate `fromString()`.
Commits
-------
de68787693 [Mime] use fromString when creating a new Adress
This PR was merged into the 5.1 branch.
Discussion
----------
[Messenger] fix forward compatibility with Doctrine DBAL 2.11+
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
The methods will be deprecated in 2.11 (see doctrine/dbal#4019), but the forward compatibility layer is only present in 3.0 (see doctrine/dbal#4007).
Commits
-------
bca4f9970b fix forward compatibility with Doctrine DBAL 2.11+
This PR was merged into the 5.2-dev branch.
Discussion
----------
Provides a way to override cache and log folders from the ENV
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
When using Docker and especially on Mac OS X, performances are terrible when using a "mount" on the host inside the container. (which happens by default)
To optimize the performances, one of the tricks is to change where the application is going to write the cache and the logs.
This PR provides a new env variables `APP_CACHE_DIR` and `APP_LOG_DIR` which can be set to change where will be saved the caches and the logs.
I know we can do it per project BUT:
- I think that is a good addition to Symfony
- it would allow project like eZ Platform and eZ Launchpad to automate that optimization
https://github.com/ezsystems/ezplatform/pull/543
Let me know
Commits
-------
5fa5d36153 Provides a way to override cache and log folders form the ENV
This PR was merged into the 5.2-dev branch.
Discussion
----------
[FrameworkBundle][Mailer] Add a way to configure some email headers from semantic configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | not yet
The configuration allows to set global `sender` and `recipients`, but for the *envelope*.
If you want to set some global headers, it was not possible (a default `from` header for instance, of a `bcc`).
That's implemented in this PR.
Commits
-------
805e9e62c1 [FrameworkBundle][Mailer] Add a way to configure some email headers from semantic configuration
This PR was merged into the 5.2-dev branch.
Discussion
----------
[HttpClient] add AsyncDecoratorTrait to ease processing responses without breaking async
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#31885, fix#32367
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13736
This PR allows processing the stream of chunks.
```php
<?php
$client = new class() implements HttpClientInterface {
use AsyncDecoratorTrait;
public function request(string $method, string $url, array $options): ResponseInterface
{
return new AsyncResponse($method, $url, $options, static function (ChunkInterface $chunk, AsyncContext $context) {
// do what you want with chunks, e.g. split them
// in smaller chunks, group them, skip some, etc.
yield $chunk;
});
}
};
```
Some ideas:
- custom retry/redirect logic
- align chunk boundaries with server-sent events and yield augmented chunks that know about messages (see #36692)
- play some OAuth dance before issuing the real request
- do some live transclusion
- be creative :)
Any custom logic should fit into the `$passthru` filter iterator (the last constructor argument of `AsyncResponse`). There, one has access to an `AsyncContext` DTO, which allows controlling the stream, eg. to replace the current request/response, to change the passthru filter itself, etc.
The surrounding logic will catch badly behaving filters to ease spotting some mistakes (eg. never forwarding an "isLast()" chunk, or yielding extra chunks after an "isLast()" one, etc.)
For the record:
- When the chunk passthru issues many internal requests in order to complete the external one, the info of each internal request is accessible via the `previous_info` entry. I considered merging all internal `response_headers` info under the main one since that's possible, but I'm not sure it's worth the added complexity. Please tell me if you think we should do it.
- A future iteration/PR might add support for time-based events. Right now, implementing a pause in the stream involves calling `usleep()`, but this doesn't play really well with async. Implementing small pauses and summing them up to the target pause might be good enough - we'll need to give it a try to know better.
Commits
-------
766a1c6287 [HttpClient] add AsyncDecoratorTrait to ease processing responses without breaking async
* 5.1:
fix forward compatibility with Doctrine DBAL 2.11+
[SecurityBundle] Fix the session listener registration under the new authentication manager
allow cursor to be used even when STDIN is not defined
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Fix the session listener registration under the new authentication manager
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37119
| License | MIT
| Doc PR | N/A
Fixes the logic that adds session listeners for firewalls to properly add them only for statefull firewalls. Adds tests to confirm that it is only added to statefull ones. Also remove unused abstract field on session listener
Commits
-------
936ae9df75 [SecurityBundle] Fix the session listener registration under the new authentication manager
This PR was merged into the 5.2-dev branch.
Discussion
----------
[Contracts] Add missing "extra.thanks" entries in composer.json
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Something we forgot and that might help give some more visibility to symfony/contracts.
Commits
-------
bd04f0cce6 [Contracts] Add missing "extra.thanks" entries in composer.json
* 5.1: (36 commits)
Fixed left-over debug statement
set column length for mysql 5.6 compatibility
[Mime] Remove unused var
[HttpClient] fix monitoring timeouts when other streams are active
[PhpUnitBridge] fix syntax on PHP 5.3
[PhpUnitBridge] Fix undefined index when output of "composer show" cannot be parsed
properly cascade validation to child forms
[PropertyAccess] Fix getter call order BC
[PhpUnitBridge] fix undefined var on version 3.4
Fix invalid char in SQS Headers
Move ajax clear event listener initialization on loadToolbar
[HttpClient] Throw JsonException instead of TransportException on empty response in Response::toArray()
Fix CS
FrameworkBundle Serializer issue
register event listeners depending on the installed packages
take into account the context when preserving empty array objects
Only register CSRF protection listener if CSRF is available
[VarExporter] tfix: s/markAsSkipped/markTestSkipped/
Also check PUBLIC_ACCESS for authenticated tokens
Fix enabled_locales behavior
...
This PR was merged into the 5.1 branch.
Discussion
----------
[PropertyAccess] Fix getter call order BC
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #37052
| License | MIT
| Doc PR | -
Property Accessor breaks BC due to a change in the order of calling the getters, see #37052
Commits
-------
8cf80688c7 [PropertyAccess] Fix getter call order BC
This PR was merged into the 5.1 branch.
Discussion
----------
[Messenger/DoctrineBridge] set column length for mysql 5.6 compatibility
MySQL 5.6 does not support more than 191 characters when an index is used and when using utf8mb4 as charset.
As a workaround, I define the length of the queue_name field.
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37116
| License | MIT
Commits
-------
d12190687b set column length for mysql 5.6 compatibility
This PR was merged into the 5.1 branch.
Discussion
----------
[Messenger/AmazonSqsBridge] Fixed left-over debug statement
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? |
| Deprecations? | no
| Tickets | Related to #37038
| License | MIT
| Doc PR |
I noticed whats properly a left-over debugging statement that blocks the code from further execution. /cc @jderusse can you check this (thanks).
Commits
-------
8b827e46f6 Fixed left-over debug statement
* 5.0:
[Mime] Remove unused var
[HttpClient] fix monitoring timeouts when other streams are active
[PhpUnitBridge] fix syntax on PHP 5.3
[PhpUnitBridge] Fix undefined index when output of "composer show" cannot be parsed
properly cascade validation to child forms
[PhpUnitBridge] fix undefined var on version 3.4
Move ajax clear event listener initialization on loadToolbar
[HttpClient] Throw JsonException instead of TransportException on empty response in Response::toArray()
take into account the context when preserving empty array objects
[VarExporter] tfix: s/markAsSkipped/markTestSkipped/
bumped Symfony version to 5.0.10
updated VERSION for 5.0.9
updated CHANGELOG for 5.0.9
bumped Symfony version to 4.4.10
updated VERSION for 4.4.9
updated CHANGELOG for 4.4.9
bumped Symfony version to 3.4.42
updated VERSION for 3.4.41
update CONTRIBUTORS for 3.4.41
updated CHANGELOG for 3.4.41
* 4.4:
[Mime] Remove unused var
[HttpClient] fix monitoring timeouts when other streams are active
[PhpUnitBridge] fix syntax on PHP 5.3
[PhpUnitBridge] Fix undefined index when output of "composer show" cannot be parsed
properly cascade validation to child forms
[PhpUnitBridge] fix undefined var on version 3.4
Move ajax clear event listener initialization on loadToolbar
[HttpClient] Throw JsonException instead of TransportException on empty response in Response::toArray()
take into account the context when preserving empty array objects
[VarExporter] tfix: s/markAsSkipped/markTestSkipped/
bumped Symfony version to 4.4.10
updated VERSION for 4.4.9
updated CHANGELOG for 4.4.9
bumped Symfony version to 3.4.42
updated VERSION for 3.4.41
update CONTRIBUTORS for 3.4.41
updated CHANGELOG for 3.4.41
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix monitoring timeouts when other streams are active
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d2a53f0bda [HttpClient] fix monitoring timeouts when other streams are active
* 3.4:
[PhpUnitBridge] fix syntax on PHP 5.3
[PhpUnitBridge] Fix undefined index when output of "composer show" cannot be parsed
properly cascade validation to child forms
[PhpUnitBridge] fix undefined var on version 3.4
bumped Symfony version to 3.4.42
updated VERSION for 3.4.41
update CONTRIBUTORS for 3.4.41
updated CHANGELOG for 3.4.41
MySQL 5.6 does not support more than 191 characters when an index is used and when using utf8mb4 as charset.
As a workaround, I define the length of the queue_name field.
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
SCA: file_exists -> is_dir|is_file in foundation and kernel
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Inspired by #36556 and replaces file_exists with is_dir|is_file alternative in order to leverage built-in cache advantages.
Commits
-------
0c467691b2 SCA: file_exists -> is_dir|is_file in foundation and kernel
This PR was merged into the 5.2-dev branch.
Discussion
----------
[String] use base58 by default in ByteString::fromRandom()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This is the list from the [bitcoin alphabet](https://en.wikipedia.org/wiki/Base58): it's been designed to avoid characters that look ambiguous when printed.
Commits
-------
b36baa77bb [String] use base58 by default in ByteString::fromRandom()
This PR was merged into the 5.1 branch.
Discussion
----------
[DependencyInjection] Improve missing package/version deprecation
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
After updating to symfony 5.1 I've got some deprecations related to the missing package/version attributes/options for `deprecated` on services.
But currently it's not clear which bundle/part of the code is triggering the deprecations. The only way for me to track down where they were coming from was by setting a xdebug breakpoint in the `XmlFileLoader` and check the `$file` variable.
So it seemed like a good idea to include the file path in the deprecation message, that way it will be easier for users to know if their code or a bundle (and which) is triggering this deprecation.
Before:
<img width="871" alt="Screenshot 2020-05-31 at 13 51 03" src="https://user-images.githubusercontent.com/1374857/83351609-d0d65600-a345-11ea-9785-3237a3ec2360.png">
After:
<img width="907" alt="Screenshot 2020-05-31 at 13 50 10" src="https://user-images.githubusercontent.com/1374857/83351606-cfa52900-a345-11ea-9617-60d07e46234b.png">
Commits
-------
f603317363 [DependencyInjection] Improve missing package/version deprecation
This PR was merged into the 5.1 branch.
Discussion
----------
[SecurityBundle] Only register CSRF protection listener if CSRF is available
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets | Fix#37033
| License | MIT
| Doc PR | -
I know we're not allowed to add new deprecations in already released versions. However, I don't think anyone is using SecurityBundle's compiler passes except from Symfony itself - so I don't think anyone is affected by this deprecation. The alternatives would be:
* Add a new compiler pass in 5.1 that conditionally registers the CSRF listener
* Do this exact change in 5.2 and...
* accept a `null` argument in the listener for 5.1
* or add this to the `RegisterCsrfTokenClearingLogoutHandlerPass` class in 5.1
Commits
-------
2d738b30de Only register CSRF protection listener if CSRF is available
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Throw JsonException instead of TransportException on empty response in Response::toArray()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37064
| License | MIT
Commits
-------
69547d9cfc [HttpClient] Throw JsonException instead of TransportException on empty response in Response::toArray()
This PR was merged into the 5.1 branch.
Discussion
----------
[FrameworkBundle] Extension Serializer issue
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ???
| License | MIT
| Doc PR |
Hi,
When creating a new Symfony project and requiring `symfony/serializer` we have an issue with required service.
Here is a simple reproducer:
![image](https://user-images.githubusercontent.com/944409/83497176-6266d480-a4ba-11ea-98cb-7e354be0a273.png)
This bug was introduced by https://github.com/symfony/symfony/pull/31390
Commits
-------
ab5628f0f4 FrameworkBundle Serializer issue
This PR was merged into the 5.1 branch.
Discussion
----------
[ExpressionLanguage] reset the internal state when the parser is finished
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
d58eb020d0 reset the internal state when the parser is finished
This PR was merged into the 5.1 branch.
Discussion
----------
[Validator] simplify the tests
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
cfc6fc8527 simplify the tests
This PR was merged into the 5.1 branch.
Discussion
----------
[Security] Fixed PUBLIC_ACCESS in authenticated sessions
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Found while testing https://github.com/scheb/2fa/pull/8, sorry for not spotting it before the stable release 😞
Currently, authenticated users are denied access for pages that have `PUBLIC_ACCESS` set, as this attribute is only checked when no token was set. It should be checked for both cases.
Commits
-------
0ac530f460 Also check PUBLIC_ACCESS for authenticated tokens
This PR was merged into the 5.1 branch.
Discussion
----------
[Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fixsymfony/symfony-docs#13669
| License | MIT
| Doc PR |
Commits
-------
4807dab305 [Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Security] Fixed AbstractToken::hasUserChanged()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36989
| License | MIT
| Doc PR | -
This PR completely reverts #35944.
That PR tried to fix a BC break (ref #35941, #35509) introduced by #31177. However, this broke many authentications (ref #36989), as the User is serialized in the session (as hinted by @stof). Many applications don't include the `roles` property in the serialization (at least, the MakerBundle doesn't include it).
In 5.2, we should probably deprecate having different roles in token and user, which fixes the BC breaks all together.
Commits
-------
f297beb42c [Security] Fixed AbstractToken::hasUserChanged()
* 5.1:
Fix abstract method name in PHP doc block
Various cleanups
[HttpClient] fix issues in tests
Fixes sprintf(): Too few arguments in form transformer
[Console] Fix QuestionHelper::disableStty()
[Validator] Use Mime component to determine mime type for file validator
validate subforms in all validation groups
Update Hungarian translations
Add meaningful message when Process is not installed (ProcessHelper)
[Messenger] Change the default notify timeout value for PostgreSQL
[PropertyAccess] Fix TypeError parsing again.
[TwigBridge] fix fallback html-to-txt body converter
[Security/Http] fix merge
[ErrorHandler] fix setting $trace to null in FatalError
[Form] add missing Czech validators translation
[Validator] add missing Czech translations
never directly validate Existence (Required/Optional) constraints
* 5.0:
Fix abstract method name in PHP doc block
Various cleanups
[HttpClient] fix issues in tests
Fixes sprintf(): Too few arguments in form transformer
[Console] Fix QuestionHelper::disableStty()
[Validator] Use Mime component to determine mime type for file validator
validate subforms in all validation groups
Update Hungarian translations
Add meaningful message when Process is not installed (ProcessHelper)
[PropertyAccess] Fix TypeError parsing again.
[TwigBridge] fix fallback html-to-txt body converter
[Security/Http] fix merge
[ErrorHandler] fix setting $trace to null in FatalError
[Form] add missing Czech validators translation
[Validator] add missing Czech translations
never directly validate Existence (Required/Optional) constraints
* 4.4:
Fix abstract method name in PHP doc block
Various cleanups
[HttpClient] fix issues in tests
Fixes sprintf(): Too few arguments in form transformer
[Console] Fix QuestionHelper::disableStty()
[Validator] Use Mime component to determine mime type for file validator
validate subforms in all validation groups
Update Hungarian translations
Add meaningful message when Process is not installed (ProcessHelper)
[PropertyAccess] Fix TypeError parsing again.
[TwigBridge] fix fallback html-to-txt body converter
[Form] add missing Czech validators translation
[Validator] add missing Czech translations
never directly validate Existence (Required/Optional) constraints
This PR was merged into the 3.4 branch.
Discussion
----------
Fix abstract method name in PHP doc block
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
d6966c3147 Fix abstract method name in PHP doc block
* 3.4:
Fixes sprintf(): Too few arguments in form transformer
[Console] Fix QuestionHelper::disableStty()
validate subforms in all validation groups
Update Hungarian translations
Add meaningful message when Process is not installed (ProcessHelper)
[PropertyAccess] Fix TypeError parsing again.
[Form] add missing Czech validators translation
[Validator] add missing Czech translations
never directly validate Existence (Required/Optional) constraints
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] never directly validate Existence (Required/Optional) constraints
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36637#36723
| License | MIT
| Doc PR |
Using `Optional` or `Required` like "regular" constraints does not make any sense, but doing so didn't break before #36365. I suggest to ignore them for now and deprecate using them outside the `Collection` constraint in 5.2.
Commits
-------
d333aae187 never directly validate Existence (Required/Optional) constraints
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix QuestionHelper::disableStty()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no>
| Tickets | -
| License | MIT
| Doc PR | -
We broke it when adding `Terminal::hasSttyAvailable()`.
Let's fix it on 3.4 and move it to terminal on master, as suggested in #36977
Commits
-------
5d93b61278 [Console] Fix QuestionHelper::disableStty()
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyAccess] Fix TypeError parsing again
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
Apparently, the format of `TypeError`s has changed again in php8. While investigating, I noticed our error message parsing is not handling anonymous classes well, so I've added some test cases for them.
I chose a fuzzier regular expression to parse the expected return type from the error message. Additionally, I'm checking the stack trace if the caught `TypeError` is really caused by the accessor call.
Commits
-------
03b4e98630 [PropertyAccess] Fix TypeError parsing again.
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] validate subforms in all validation groups
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36852
| License | MIT
| Doc PR |
Commits
-------
b819d94d14 validate subforms in all validation groups
This PR was merged into the 5.1 branch.
Discussion
----------
[Messenger] Change the default notify timeout value for PostgreSQL
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | yes-ish
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
The default value of 0 means that notify is kind of disable and that incurs many SQL requests. 10 minutes is kind of arbitrary but seems to be a good balance between waiting for a message (blocking) and trying again later in case of an issue.
Commits
-------
d9decf9da2 [Messenger] Change the default notify timeout value for PostgreSQL
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBridge] fix fallback html-to-txt body converter
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, the content of the `<head>` and `<style>` are dumped as text. This fixes it.
Of course, use `league/html-to-markdown` if you need a better parser.
Commits
-------
6f59d60508 [TwigBridge] fix fallback html-to-txt body converter
* 5.1:
Handle fetch mode deprecation of DBAL 2.11.
Fixed security-* package dependencies
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
* 5.0:
Handle fetch mode deprecation of DBAL 2.11.
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
* 4.4:
Handle fetch mode deprecation of DBAL 2.11.
Fixed handling of CSRF logout error
[WebProfilerBundle] changed label of memory usage in time panel (Mb into MiB)
[DotEnv][WebLink][Templating][ErrorHandler] Updated README with minimal example
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing translations for cs locale (Czech)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Is it enough to submit this only against 3.4 to have it included also in 5.1 version?
Commits
-------
3d18c1c185 [Validator] add missing Czech translations
* 5.1:
[Contracts/Deprecation] fix composer.json for PHP 8
bumped Symfony version to 5.1.0
updated VERSION for 5.1.0-RC2
updated CHANGELOG for 5.1.0-RC2
This PR was merged into the 5.1 branch.
Discussion
----------
Fix extra SQL support in Doctrine migrations
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
/cc @weaverryan
Commits
-------
1d1f3e1cd4 Fix extra SQL support in Doctrine migrations
* 5.1:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
* 5.0:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
* 4.4:
Allow email message to have "To", "Cc", or "Bcc" header to be valid
[FrameworkBundle] Removed detection of Serializer < 3.2
Update pull request template for 5.1.
[Security/Core] fix PHP8 deprecation
* 5.1:
[FrameworkBundle] Fix MicroKernelTrait for php 8
[DependencyInjection] Fixed tests for wither with static return type.
[HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc().
Don't call method_exists() with non-objects.
[Lock] skip tests when ext-mongo is not installed
[HttpClient] Adjust AmpResponse to the stricter trait handling in php 8.
[FrameworkBundle] don't use abstract methods in MicroKernelTrait, their semantics changed in PHP 8
This PR was merged into the 5.1 branch.
Discussion
----------
[HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc()
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
This should fix the remaining red php 8 test of the HttpFoundation suite.
Commits
-------
12f734d8b3 [HttpFoundation] Avoid TypeError when calling \SessionHandlerInterface::gc().
This PR was merged into the 5.1 branch.
Discussion
----------
[FrameworkBundle] don't use abstract methods in MicroKernelTrait, their semantics changed in PHP 8
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In PHP 8, abstract methods on traits are now enforcing that their using classes match the signature.
But this is not the semantics we need in this trait: we want to allow ppl to use a different type of configurators, to provide extensibility of the DSL each provide.
This makes nightly job fail with fatal error currently.
There is no other options here.
/cc @nikic FYI
Commits
-------
4473f454ca [FrameworkBundle] don't use abstract methods in MicroKernelTrait, their semantics changed in PHP 8
* 5.1:
[travis] display deprecations in nightly jobs
Parse and render anonymous classes correctly on php 8
Enable APCu for the php 8 build.
[Process] Fix failing test on php 8.
[HttpKernel] fix test
Make PHP 8 green on Travis
Revert "[Cache] allow DBAL v3"
[PropertyAccessor] Added missing property path on php 8.
Don't execute tests with DBAL 2.x on php 8.
* 5.0:
Parse and render anonymous classes correctly on php 8
Enable APCu for the php 8 build.
[Process] Fix failing test on php 8.
[HttpKernel] fix test
Make PHP 8 green on Travis
Revert "[Cache] allow DBAL v3"
[PropertyAccessor] Added missing property path on php 8.
Don't execute tests with DBAL 2.x on php 8.
* 4.4:
Parse and render anonymous classes correctly on php 8
Enable APCu for the php 8 build.
[Process] Fix failing test on php 8.
[HttpKernel] fix test
Make PHP 8 green on Travis
Revert "[Cache] allow DBAL v3"
[PropertyAccessor] Added missing property path on php 8.
Don't execute tests with DBAL 2.x on php 8.
This PR was merged into the 4.4 branch.
Discussion
----------
Parse and render anonymous classes correctly on php 8
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
The format of the value that `get_class()` returns for anonymous classes has changed in php 8. This PR attempts to detect both formats, with the help of the PHP80 polyfill where possible.
Commits
-------
9d702fd94b Parse and render anonymous classes correctly on php 8
This PR was merged into the 4.4 branch.
Discussion
----------
[PropertyAccessor] Added missing property path on php 8
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
This PR adds the property path to the exception message to fix failing tests on php 8.
Commits
-------
6a73bcdb8e [PropertyAccessor] Added missing property path on php 8.
* 5.1: (33 commits)
[Cache] $lifetime cannot be null
[Serializer] minor cleanup
fix merge
Run PHP 8 as 7.4.99
Remove calls to deprecated ReflectionParameter::getClass().
[VarDumper] fix PHP 8 support
Removed "services" prototype node from "custom_authenticator"
Add php 8 to travis.
[Cache] Accessing undefined constants raises an Error in php8
[Cache] allow DBAL v3
Skip Doctrine DBAL on php 8 until we have a compatible version.
[DomCrawler] Catch expected ValueError.
Made method signatures compatible with their corresponding traits.
[ErrorHandler] Apply php8 fixes from Debug component.
[DomCrawler] Catch expected ValueError.
[Validator] Catch expected ValueError.
[VarDumper] ReflectionFunction::isDisabled() is deprecated.
[BrowserKit] Raw body with custom Content-Type header
Revert https://github.com/symfony/symfony/pull/34986
Make ExpressionLanguageSyntax validator usable with annotation
...
* 5.0: (28 commits)
[Cache] $lifetime cannot be null
[Serializer] minor cleanup
fix merge
Run PHP 8 as 7.4.99
Remove calls to deprecated ReflectionParameter::getClass().
[VarDumper] fix PHP 8 support
Add php 8 to travis.
[Cache] Accessing undefined constants raises an Error in php8
[Cache] allow DBAL v3
Skip Doctrine DBAL on php 8 until we have a compatible version.
[DomCrawler] Catch expected ValueError.
Made method signatures compatible with their corresponding traits.
[ErrorHandler] Apply php8 fixes from Debug component.
[DomCrawler] Catch expected ValueError.
[Validator] Catch expected ValueError.
[VarDumper] ReflectionFunction::isDisabled() is deprecated.
[BrowserKit] Raw body with custom Content-Type header
[PropertyAccess] Parse php 8 TypeErrors correctly.
[Intl] Fix call to ReflectionProperty::getValue() for static properties.
[HttpKernel] Prevent calling method_exists() with non-string values.
...
* 4.4: (27 commits)
[Serializer] minor cleanup
fix merge
Run PHP 8 as 7.4.99
Remove calls to deprecated ReflectionParameter::getClass().
[VarDumper] fix PHP 8 support
Add php 8 to travis.
[Cache] Accessing undefined constants raises an Error in php8
[Cache] allow DBAL v3
Skip Doctrine DBAL on php 8 until we have a compatible version.
[DomCrawler] Catch expected ValueError.
Made method signatures compatible with their corresponding traits.
[ErrorHandler] Apply php8 fixes from Debug component.
[DomCrawler] Catch expected ValueError.
[Validator] Catch expected ValueError.
[VarDumper] ReflectionFunction::isDisabled() is deprecated.
[BrowserKit] Raw body with custom Content-Type header
[PropertyAccess] Parse php 8 TypeErrors correctly.
[Intl] Fix call to ReflectionProperty::getValue() for static properties.
[HttpKernel] Prevent calling method_exists() with non-string values.
Fix wrong roles comparison
...
This PR was merged into the 4.4 branch.
Discussion
----------
[OptionsResolver][Serializer] Remove calls to deprecated ReflectionParameter::getClass()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
Following #36891, this PR removes the remaining calls to `ReflectionParameter::getClass()` from the 4.4 branch.
Commits
-------
1575d853f1 Remove calls to deprecated ReflectionParameter::getClass().
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] Accessing undefined constants raises an Error in php8
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
Calling `constant()` for an undefined constant will raise an `Error` on php 8. This PR adjust the Memcached tests to this new behavior.
Commits
-------
49fd0efb12 [Cache] Accessing undefined constants raises an Error in php8
* 3.4:
Skip Doctrine DBAL on php 8 until we have a compatible version.
[DomCrawler] Catch expected ValueError.
[Validator] Catch expected ValueError.
[VarDumper] ReflectionFunction::isDisabled() is deprecated.
[PropertyAccess] Parse php 8 TypeErrors correctly.
[Intl] Fix call to ReflectionProperty::getValue() for static properties.
[HttpKernel] Prevent calling method_exists() with non-string values.
[Debug] php 8 does not pass $context to error handlers.
[Config] Removed implicit cast of ReflectionProperty to string.
[Debug] Undefined variables raise a warning in php 8.
[Debug] Skip test that would trigger a fatal error on php 8.
Address deprecation of ReflectionType::getClass().
Properties $originalName and $mimeType are never null in UploadedFile
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Apply php8 fixes from Debug component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
The changes of #36898 and #36897 ported to the ErrorHandler component.
Commits
-------
54f18698af [ErrorHandler] Apply php8 fixes from Debug component.
This PR was merged into the 3.4 branch.
Discussion
----------
Address deprecation of ReflectionType::getClass()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
Calling `ReflectionType::getClass()` will trigger a deprecation warning on php 8. This PR switches to `getType()` if available.
Commits
-------
53b1677a4e Address deprecation of ReflectionType::getClass().
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] ReflectionFunction::isDisabled() is deprecated
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
See php/php-src#5473. Calling `ReflectionFunction::isDisabled()` is pointless on php 8 and doing so triggers a deprecation warning.
Someone who is more familiar with that component might want to have a second look on this PR. I'm not really sure if this is the right way to fix the issue.
Commits
-------
1da347e5ba [VarDumper] ReflectionFunction::isDisabled() is deprecated.
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Catch expected ValueError
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
`mb_check_encoding()` raises a `ValueError` on php 8 if an invalid encoding was passed. The validator that was patched here is expected to fail gracefully in that situation. This PR restores that behavior under php 8.
Maybe we can reconsider this behavior for Symfony 5.2. It feels a bit odd to me because we swallow a potential misconfiguration of the validator.
Commits
-------
8f3f67f82a [Validator] Catch expected ValueError.
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyAccess] Parse php 8 TypeErrors correctly
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
The wording of `TypeError` messages has changed in php 8. Since `PropertyAccessor` parses those messages, the logic needed some adjustments.
Commits
-------
7100c3ce1b [PropertyAccess] Parse php 8 TypeErrors correctly.
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] php 8 does not pass $context to error handlers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
php 8 will call error handlers without the optional `$context` parameter. Thus, error handlers that make that parameter mandatory will break.
Commits
-------
593897c9e1 [Debug] php 8 does not pass $context to error handlers.
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[BrowserKit] Raw body with custom Content-Type header
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
Currently, if you try to send POST/PUT request with custom `Content-Type` header and specified body, the real request will contain `text/plain` content type.
Following code
```php
$client->request(
'POST',
'/url',
[],
[],
[
'CONTENT_TYPE' => 'application/json'
],
'{"foo":"bar"}'
);
```
produces next request
```
POST /
Content-Type: text/plain; charset=utf-8
{"foo":"bar"}
```
With this fix, the request will be
```
POST /
Content-Type: application/json
{"foo":"bar"}
```
Commits
-------
d2dd92be77 [BrowserKit] Raw body with custom Content-Type header
This PR was merged into the 3.4 branch.
Discussion
----------
UploadedFile minor fixes
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | none <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | no
According to the [constructor assignments](cb7e78c809/src/Symfony/Component/HttpFoundation/File/UploadedFile.php (L60)), properties `$originalName` and `$mimeType` are never null in `UploadedFile`, so `getClientOriginalName()` and `getClientMimeType()` always return `string`. Also `$test` does not need a default value because it's always set in the constructor.
Commits
-------
eb8d626c27 Properties $originalName and $mimeType are never null in UploadedFile
This PR was merged into the 3.4 branch.
Discussion
----------
[Intl] Fix call to ReflectionProperty::getValue() for static properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
When we call `ReflectionProperty::getValue()` for a static property, we don't need to pass any arguments. The code that was fixed here raised a `TypeError` on php 8 because the argument has to be an object now.
Commits
-------
d4045897d6 [Intl] Fix call to ReflectionProperty::getValue() for static properties.
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Removed implicit cast of ReflectionProperty to string
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
PHP 8 does not allow casting `ReflectionProperty` instances to string anymore.
Commits
-------
8adbadede7 [Config] Removed implicit cast of ReflectionProperty to string.
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] Undefined variables raise a warning in php 8
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
`ErrorHandlerTest` executes code with undefined variables to test how the error handler handles the triggered errors. In php 8.0, the severity and error message for this class of errors has been changed. I've adjusted the test accordingly.
Commits
-------
1d20b514f2 [Debug] Undefined variables raise a warning in php 8.
This PR was merged into the 5.1 branch.
Discussion
----------
[Messenger] Fixed check for allowed options in AwsSqs configuration
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
Before this fix it was unavailable to create Connection with access_key and secret_key in options, because they were added to $clientConfiguration var, and check for extra options was against $configuration var. Which lead to exception.
The idea is to check input options against self::DEFAULT_OPTIONS (which contains all available options)
Commits
-------
fb1967210e [Messenger] Fixed check for allowed options in AwsSqs configuration
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] Skip test that would trigger a fatal error on php 8
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #36872
| License | MIT
| Doc PR | N/A
This PR skips a test of `DebugClassLoader`. The test uses incompatible method signatures in class inheritance to provoke a php warning that should be handled by the debug class loader. On php 8 however, this error is not recoverable anymore, so the tested logic will be obsolete there.
Commits
-------
573d0dd493 [Debug] Skip test that would trigger a fatal error on php 8.
* 5.1:
[PhpUnitBridge] fix leftover
[PhpUnitBridge] fix installing under PHP >= 8
Use ">=" for the "php" requirement
bump icu 67.1
[DI] Remove preload primitive types
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
[Validator] allow passing a validator to Validation::createCallable()
This PR was merged into the 5.1 branch.
Discussion
----------
[Validator] allow passing a validator to Validation::createCallable()
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/pull/31466#issuecomment-630054227
Commits
-------
1357cbf8ed [Validator] allow passing a validator to Validation::createCallable()
This PR was merged into the 5.1 branch.
Discussion
----------
[DI][Preload] Remove preload primitive types
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no, but it could be for the future
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
After bump my project to 5.1.x-dev I saw the generated file of `*.preload.php` contains classes that are primitive types like int, string, bool.
```
composer create-project symfony/website-skeleton preload "5.1.x-dev"
cat preload/var/cache/dev/App_KernelDevDebugContainer.preload.php | grep "bool\|string\|int"
```
```
$ cat test/var/cache/dev/App_KernelDevDebugContainer.preload.php | grep "bool\|string\|int"
$classes[] = 'int';
$classes[] = 'string';
$classes[] = 'Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntityValidator';
$classes[] = 'Symfony\Component\Security\Http\EntryPoint\RetryAuthenticationEntryPoint';
$classes[] = 'Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator';
$classes[] = 'Symfony\Component\Serializer\Normalizer\ConstraintViolationListNormalizer';
$classes[] = 'bool';
$classes[] = 'Symfony\Component\Validator\ContainerConstraintValidatorFactory';
$classes[] = 'Symfony\Component\Validator\Constraints\EmailValidator';
$classes[] = 'Symfony\Component\Validator\Constraints\ExpressionValidator';
$classes[] = 'Symfony\Component\Validator\Constraints\NotCompromisedPasswordValidator';
$classes[] = 'Symfony\\Component\\Form\\Extension\\Validator\\Constraints\\Form';
```
I don't know if it is expected behaviour, but if not - then PR fix it.
~~In addition, classes are sorted for better reading.~~
Commits
-------
4d05dbbfb5 [DI] Remove preload primitive types
* 5.0:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
* 4.4:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
* 3.4:
[Validator] Add missing translations of nn locale
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
[Intl] bump icu 67.1
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing translations of nn locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#30178
| License | MIT
Added missing translations to validator with locale nn
Commits
-------
040d01e53b [Validator] Add missing translations of nn locale
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Responses fetched from upstream sources might have a `X-Content-Digest` header, for example if the Symfony Cache is used upstream. This currently prevents the `Store` from saving such responses. In general, the value of this header should not be trusted.
As I consider this header an implementation detail of the `Store`, the fix tries to be local to that class; we should not rely on the `HttpCache` or other classes to remove untrustworthy headers for us.
This fixes the issue that when using the `HttpCache` in combination with the Symfony HttpClient, responses that have also been cached upstream in an instance of `HttpCache` are not cached locally. It adds the overhead of re-computing the content digest every time the `HttpCache` successfully re-validated a response.
Commits
-------
d8964fb8b7 [HttpKernel] Fix that the `Store` would not save responses with the X-Content-Digest header present
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Intl] bump icu 67.1
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
mainly some new locales+scripts (see 3a3a9ba)
Commits
-------
29eb271184 [Intl] bump icu 67.1
Before this fix it was unavailable to create Connection with access_key and secret_key in options, because they were added to $clientConfiguration var, and check for extra options was against $configuration var. Which lead to exception.
The idea is to check input options against self::DEFAULT_OPTIONS (which contains all available options)
* 5.1:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 5.0:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 4.4:
[PhpUnitBridge] fix bad detection of unsilenced deprecations
[Security] Unserialize $parentData, if needed, to avoid errors
[HttpKernel] Fix error logger when stderr is redirected to /dev/null (FPM)
* 5.1:
Revert "Change priority of KernelEvents::RESPONSE subscriber"
bumped Symfony version to 5.1.0
updated VERSION for 5.1.0-RC1
updated CHANGELOG for 5.1.0-RC1
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Improved upgrade path for custom remember me services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | -
| Deprecations? | -
| Tickets | https://github.com/symfony/symfony/pull/36806#issuecomment-628592543
| License | MIT
| Doc PR |
This improves the upgrade path for custom remember me services now `LogoutHandlerInterface` has been deprecated.
As suggested in https://github.com/symfony/symfony/pull/36806#issuecomment-628592543, the `logout()` method should be added to the `RememberMeServicesInterface` in Symfony 6.
This patch allows developers to write a custom class implementing only `RememberMeServicesInterface` with a `logout()` method. Requiring them to implement `LogoutHandlerInterface` will mean they have to maintain 2 version of the class to support both Symfony 5.1+ and 6.0.
Commits
-------
c49d00f984 Added deprecation for RememberMe services without logout() method
* 5.0:
[VarDumper] fix for change in PHP 7.4.6 (bis)
[VarExporter] fix for change in PHP 7.4.6
[BrowserKit] Allow Referer set by history to be overridden (3.4)
* 4.4:
[VarDumper] fix for change in PHP 7.4.6 (bis)
[VarExporter] fix for change in PHP 7.4.6
[BrowserKit] Allow Referer set by history to be overridden (3.4)
This PR was merged into the 3.4 branch.
Discussion
----------
[BrowserKit] Allow Referer set by history to be overridden
| Q | A
| ------------- | ---
| Branch? | 3.4, see https://github.com/symfony/symfony/pull/36591 for 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
4774946fbd [BrowserKit] Allow Referer set by history to be overridden (3.4)
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[DI] Renamed some PHP-DSL functions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As discussed in #36778, Symfony wants to move from XML to PHP for its own configuration. I propose these function renames to make the PHP-DSL a bit easier to understand:
```php
<?php
// Before
$services->set(Foo::class)
->args([ref(Bar::class), service('stdClass')]);
// After
$services->set(Foo::class)
->args([service(Bar::class), inline_service('stdClass')]);
```
Commits
-------
366405b93d [DI] Renamed some PHP-DSL functions
This PR was merged into the 5.1-dev branch.
Discussion
----------
RememberMeLogoutListener should depend on LogoutHandlerInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
`RememberMeLogoutListener`, which was introduced together with the new authenticator security in Symfony 5.1, depends on `AbstractRememberMeServices`. This forces people to always extend from `AbstractRememberMeServices`, even when they're implementing the correct interface.
I'd suggest to depend on the minimum interface, which is `LogoutHandlerInterface`, instead.
Example of the type errors you'd get otherwise:
`
Argument 1 passed to Symfony\Component\Security\Http\EventListener\RememberMeLogoutListener::__construct() must be an instance of Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices, instance of Scheb\TwoFactorBundle\Security\Authentication\RememberMe\RememberMeServicesDecorator given, called in var/cache/dev/Container3IpOCEd/getSecurity_Logout_Listener_RememberMe_MainService.php on line 22
`
with
```php
class RememberMeServicesDecorator implements RememberMeServicesInterface, LogoutHandlerInterface
[...]
```
Commits
-------
994700fbae Depend on LogoutHandlerInterface
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Move Inflector's polyfill-ctype dependency to String
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
With #35092, the inflector implementation was moved to the string component, including all calls to `ext-ctype`. This is why I think the dependency on the corresponding polyfill should be moved as well, which is what this PR does.
Commits
-------
de960b8007 [String] Move Inflector's polyfill-ctype dependency to String.
* 5.0:
[VarDumper] fix for change in PHP 7.4.6
Added regression test for AccountStatusException behavior (ref #36822)
[HttpClient] fix PHP warning + accept status code >= 600
[Security/Core] fix compat of `NativePasswordEncoder` with pre-PHP74 values of `PASSWORD_*` consts
embed resource name in error message
[FrameworkBundle] fix stringable annotation
Change priority of KernelEvents::RESPONSE subscriber
Fix register event listeners compiler pass
Missing description in `messenger:setup-transports` command
[Serializer] fix issue with PHP 8
[WebProfiler] Remove 'none' when appending CSP tokens
[TwigBundle] FormExtension does not have a constructor anymore since sf 4.0
[Yaml] Fix escaped quotes in quoted multi-line string
* 4.4:
[VarDumper] fix for change in PHP 7.4.6
Added regression test for AccountStatusException behavior (ref #36822)
[HttpClient] fix PHP warning + accept status code >= 600
[Security/Core] fix compat of `NativePasswordEncoder` with pre-PHP74 values of `PASSWORD_*` consts
embed resource name in error message
[FrameworkBundle] fix stringable annotation
Change priority of KernelEvents::RESPONSE subscriber
Fix register event listeners compiler pass
Missing description in `messenger:setup-transports` command
[Serializer] fix issue with PHP 8
[WebProfiler] Remove 'none' when appending CSP tokens
[TwigBundle] FormExtension does not have a constructor anymore since sf 4.0
[Yaml] Fix escaped quotes in quoted multi-line string
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix PHP warning + accept status code >= 600
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36717
| License | MIT
| Doc PR | -
This fixes the PHP warning reported in the linked issue.
This also relaxes the accepted status codes, with https://www.linkedin.com/company/linkedin/ as an example that returns a non-conformant one (`999`).
These are now handled as 5xx codes, ie they trigger a ServerException.
Commits
-------
c764b5c36e [HttpClient] fix PHP warning + accept status code >= 600
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Core] fix compat of `NativePasswordEncoder` with pre-PHP74 values of `PASSWORD_*` consts
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36451
| License | MIT
| Doc PR | -
Commits
-------
df32171cb2 [Security/Core] fix compat of `NativePasswordEncoder` with pre-PHP74 values of `PASSWORD_*` consts
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection] Fix register event listeners compiler pass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
I've wanted to use the simpler event listener registration syntax (https://symfony.com/blog/new-in-symfony-4-4-simpler-event-listeners) in my project and it didn't work so I'm sending this fix.
We use the `KnpPaginatorBundle` bundle which also [calls the `RegisterListenersPass` compiler pass](https://github.com/KnpLabs/KnpPaginatorBundle/blob/v5.2.0/src/DependencyInjection/Compiler/PaginatorConfigurationPass.php#L22) in order to register with the event dispatcher their custom tags for listeners and subscribers (`knp_paginator.listener` and `knp_paginator.subscriber`).
Their compiler pass is `TYPE_BEFORE_REMOVING` and priority zero which is the same type and priority as the pass that gets [added by FrameworkBundle](https://github.com/symfony/symfony/blob/v4.4.8/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php#L125). Since both the type and priority is the same the order of execution is `undefined` (because [that is how regular sort behaves in PHP which is used by default by `krsort`](https://github.com/symfony/symfony/blob/v4.4.8/src/Symfony/Component/DependencyInjection/Compiler/PassConfig.php#L264)) and the `RegisterListenersPass` currently removes the `eventAliasesParameter` parameter from the container if it is set (which is [set here](https://github.com/symfony/symfony/blob/v4.4.8/src/Symfony/Bundle/FrameworkBundle/Resources/config/services.xml#L9)). So what happens in my app is that the Knp compiler pass runs first, the `event_dispatcher.event_aliases` parameter is removed and then the FrameworkBundle registered compiler pass runs and since the aliases are not present anymore the events do not get aliased properly. The event dispatcher service in the compiled container looks like:
```php
$instance->addListener('Symfony\Component\HttpKernel\Event\RequestEvent', ...);
```
instead of the expected
```php
$instance->addListener('kernel.request', ...);
```
This means that my listener never gets called on the kernel request event.
Another potential fix would be to adjust the Knp compiler pass priority, but seeing as that would fix only that bundle (who knows how many bundles out there have the same problem) and that I don't see any drawback in letting the `event_dispatcher.event_aliases` parameter stay in the container I think that this is better to fix here.
Commits
-------
646878d072 Fix register event listeners compiler pass
* 3.4:
[VarDumper] fix for change in PHP 7.4.6
Added regression test for AccountStatusException behavior (ref #36822)
embed resource name in error message
[Serializer] fix issue with PHP 8
[Yaml] Fix escaped quotes in quoted multi-line string
This PR was merged into the 3.4 branch.
Discussion
----------
[Translator] embed resource name in error message
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Someone reported on Slack that they accidentally stored a translation file with the `.twig` extension and that the error message was quite confusing.
Commits
-------
507a5963e4 embed resource name in error message
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Change priority of KernelEvents::RESPONSE subscriber
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
This PR changes the priority of the `KernelEvents::RESPONSE` subscriber of the `ProfilerListener` so that it is the penultimate to be executed (just before `StreamedResponseListener`).
The reason is that other listeners that were executed after this one CAN change the response (such as `SessionListener` for example). This creates a headache when debugging, with a discrepancy between what is shown in a curl command, and by the Symfony profiler.
Commits
-------
6ed624ad16 Change priority of KernelEvents::RESPONSE subscriber
This PR was merged into the 4.4 branch.
Discussion
----------
[WebProfiler] Remove 'none' when appending CSP tokens
| Q | A
| ------------- | ---
| Branch? | 3.4, 4.4, 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36645
| License | MIT
| Doc PR | n/a
@nicolas-grekas asked me to to have a look at this after #36678.
If a user has a CSP policy of `default-src 'none'`, then the WebProfiler copies `'none'` to `script-src` and `style-src` then adds other sources. This creates an invalid policy since `'none'` is only allowed when it's the only item in the source list.
This will probably need to be merged into 3.4 first, I started on 4.4 so I can test in my current symfony project which requires 4.4.
Commits
-------
967bc4a860 [WebProfiler] Remove 'none' when appending CSP tokens
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] preserve the identity of responses streamed by TraceableHttpClient
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
afc44dae16 [HttpClient] preserve the identity of responses streamed by TraceableHttpClient
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] fix dealing with informational response
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Skipping the test was a bad idea, the failure was legit.
Commits
-------
9068aa48e2 [HttpClient] fix dealing with informational response
* 5.0:
[PhpUnitBridge] fix bad test
[4.4] CS fixes
[3.4] CS fixes
Disable phpunit verbosity
Queue name is a required parameter
[FrameworkBundle] display actual target for error in AssetsInstallCommand
Remove patches for Doctrine bugs and deprecations
[Mime] fix bad method call on "EmailAddressContains"
[DI][EventDispatcher] added contract for implementation
* 4.4:
[PhpUnitBridge] fix bad test
[4.4] CS fixes
[3.4] CS fixes
Disable phpunit verbosity
Queue name is a required parameter
[FrameworkBundle] display actual target for error in AssetsInstallCommand
Remove patches for Doctrine bugs and deprecations
[Mime] fix bad method call on "EmailAddressContains"
[DI][EventDispatcher] added contract for implementation
This PR was merged into the 4.4 branch.
Discussion
----------
[Mime] fix bad method call on `EmailAddressContains`
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | -
| License | MIT
| Doc PR | -
There is no method `Address` on [`MailboxHeader`](https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Mime/Header/MailboxHeader.php), but a method `getAddress`.
Commits
-------
227ebd2fe9 [Mime] fix bad method call on "EmailAddressContains"
* 3.4:
[FrameworkBundle] display actual target for error in AssetsInstallCommand
Remove patches for Doctrine bugs and deprecations
[DI][EventDispatcher] added contract for implementation
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][EventDispatcher] added contract for implementation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36708
| License | MIT
As described in the attached issue a comment in the documentation of the `EventSubscriberInterface` would be helpful to make sure users do not use logic based on runtime state in their implementation of `getSubscribedEvents`.
Commits
-------
88e43d4d4c [DI][EventDispatcher] added contract for implementation
When assets:install fails because the target directory does not exist, it should display the actual directory it wanted to have instead of the configuration directive. In most cases, the target directory is retrieved from the kernel config and thus differs from the argument.
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] give priority to container.hot_path over container.no_preload
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Spotted by looking at a website skeleton: `ConsoleHandler` is not preloaded right now (because it listens to console events only) while it should (because it is also wired as a monolog handle and is thus on the hot path.)
Commits
-------
461041f87d [DI] give priority to container.hot_path over container.no_preload
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] remove getProjectDir method from MicroKernelTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36719
| License | MIT
| Doc PR | not needed
Remove method added in trait, to be able to use same method in base kernel class.
Commits
-------
f2f3ebac8b remove getProjectDir method from MicroKernelTrait
* 5.0:
[PhpUnitBridge] fix PHP 5.3 compat
[PhpUnitBridge] Mark parent class also covered in CoverageListener
prevent notice for invalid octal numbers on PHP 7.4
* 4.4:
[PhpUnitBridge] fix PHP 5.3 compat
[PhpUnitBridge] Mark parent class also covered in CoverageListener
prevent notice for invalid octal numbers on PHP 7.4
* 3.4:
[PhpUnitBridge] fix PHP 5.3 compat
[PhpUnitBridge] Mark parent class also covered in CoverageListener
prevent notice for invalid octal numbers on PHP 7.4
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] use the router context by default for assets
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follows #36651 and #21027
This means assets are going to be configured automatically most of the time. The only case where `asset.request_context.base_path` is useful is when the webserver still keeps a `/index.php/` in URLs. (I'm not sure if the doc should tell ppl to use the parameter, or if we should tell ppl to improve the config of their server...)
Commits
-------
1ac5f68810 [FrameworkBundle] use the router context by default for assets
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] allow passing a string of custom characters to ByteString::fromRandom
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes/
| Deprecations? | no
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
5d15c0be60 [String] allow passing a string of custom characters to ByteString::fromRandom
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Inflector][String] Move Inflector in String
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | https://github.com/orgs/symfony/projects/1#card-30499514
| License | MIT
| Doc PR | -
Needs https://github.com/symfony/symfony/pull/35091.
Should we have a standalone inflector (like the Slugger) or 2 new methods (pluralize and singularize) on the AbstractString class? I implemented both but since we only handle English I finally preferred the first one.
TODO (after the "move" is OK):
- [x] Deprecate the Inflector component
- [x] Use the String inflector in Symfony's code
Commits
-------
9c6a5c0093 [String] Move Inflector in String
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Add the html5 option to ColorType to validate the input
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | TODO
Continuation of https://github.com/symfony/symfony/pull/35626.
I'm resubmitting the initial implementation, this time in the Form component.
This `Color` constraint is dedicated to the HTML5 input type="color".
Commits
-------
454b6ff48b [Form] Add the html5 option to ColorType to validate the input
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
Automatically provide Messenger Doctrine schema to "diff"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Alternative to #36629
| License | MIT
| Doc PR | TODO - WILL be needed
This follows this conversation: https://github.com/symfony/symfony/pull/36629#issuecomment-621745821 - it automatically adds SQL to Doctrine's migration/diff system when features are added the require a database table:
The new feature works for:
### A) Messenger Doctrine transport
**FULL support**
Works perfectly: configure a doctrine transport and run `make:migration`
**Note**: There is no current way to disable this. So if you have `auto_setup` ON and you
run `make:migration` before trying Messenger, it will generate the table SQL. Adding a
flag to disable it might be very complicated, because we need to know (in DoctrineBundle, at compile time) whether or not this feature is enabled/disabled so that we can decide *not* to add `messenger_messages` to the `schema_filter`.
### B) `PdoAdapter` from Cache
**FULL support**
Works perfectly: configure a doctrine transport and run `make:migration`
### C) `PdoStore` from Lock
**PARTIAL support**
I added `PdoStore::configureSchema()` but did NOT add a listener. While `PdoStore` *does* accept a DBAL `Connection`, I don't think it's possible via the `framework.lock` config to create a `PdoStore` that is passed a `Connection`. In other words: if we added a listener that called `PdoStore::configureSchema` if the user configured a `pdo` lock, that service will *never* have a `Connection` object... so it's kind of worthless.
**NEED**: A proper way to inject a DBAL `Connection` into `PdoStore` via `framework.lock` config.
### D) `PdoSessionHandler`
**NO support**
This class doesn't accept a DBAL `Connection` object. And so, we can't reliably create a listener to add the schema because (if there are multiple connections) we wouldn't know which Connection to use.
We could compare (`===`) the `PDO` instance inside `PdoSessionHandler` to the wrapped `PDO` connection in Doctrine. That would only work if the user has configured their `PdoSessionHandler` to re-use the Doctrine PDO connection.
The `PdoSessionHandler` *already* has a `createTable()` method on it to help with manual migration. But... it's not easy to call from a migration because you would need to fetch the `PdoSessionHandler` service from the container. Adding something
**NEED**: Either:
A) A way for `PdoSessionHandler` to use a DBAL Connection
or
B) We try to hack this feature by comparing the `PDO` instances in the event subscriber
or
C) We add an easier way to access the `createTable()` method from inside a migration.
TODOs
* [X] Determine service injection XML needed for getting all PdoAdapter pools
* [ ] Finish DoctrineBundle PR: https://github.com/doctrine/DoctrineBundle/pull/1163
Commits
-------
2dd9c3c3c8 Automatically provide Messenger Doctrine schema to "diff"
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[ExpressionLanguage] Added expression language syntax validator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #35700
| License | MIT
| Doc PR | N/A <!-- required for new features -->
Proposal implementation #35700
The current solution is a compromise between support complexity and cleanliness.
I tried different solutions to the issue. A beautiful solution was obtained only with full duplication of the parser code. That is unacceptable because parser complexity is quite high.
The main problem in this solution is that nodes instances are created which are then not used. I do not think that linter can be a bottleneck and will greatly affect performance. If this is corrected, the parser code becomes a bunch of if's.
JFI: I did not added parsing without variable names, because this breaks caching and potential location for vulnerabilities.
Commits
-------
a5cd965494 [ExpressionLanguage] Added expression language syntax validator
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security/Core] Add CustomUserMessageAccountStatusException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | Not really needed
When implementing the `UserCheckerInterface`, we can throw `AccountStatusException`. Similar to `CustomUserMessageAuthenticationException`, this exception allow to throw an `AccountStatusException` with a custom message.
Commits
-------
9233efbe06 Add CustomUserMessageAccountStatusException
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Mark parent class also covered in CoverageListener
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
dcb5653728 [PhpUnitBridge] Mark parent class also covered in CoverageListener
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add support for RecoverableException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
The messenger supports the `UnrecoverableException` preventing the messenger retry mechanism
when the Handler will never be able to process the Message.
This PR adds the opposite behavior to always retry the message.
UseCase:
- High concurency Consumers use non-blocking lock
- 503/429 errors from 3rd party API
Commits
-------
e7c31675f7 [Messenger] Add support for RecoverableException
* 5.0: (26 commits)
[Filesystem] Handle paths on different drives
[WebProfiler] Do not add src-elem CSP directives if they do not exist
[Yaml] fix parse error when unindented collections contain a comment
Execute docker dependent tests with github actions
Update exception.html.php
[3.4][Inflector] Improve testSingularize() argument name
[Inflector] Fix testPluralize() arguments names
[PhpUnitBridge] fix PHP 5.3 compat again
Skip validation when email is an empty object
fix sr_Latn translation
[Validator] fix lazy property usage.
Fix annotation
[Debug][ErrorHandler] cleanup phpunit.xml.dist files
[Translation] Fix for translation:update command updating ICU messages
[PhpUnitBridge] fix compat with PHP 5.3
bumped Symfony version to 5.0.9
updated VERSION for 5.0.8
updated CHANGELOG for 5.0.8
bumped Symfony version to 4.4.9
updated VERSION for 4.4.8
...
* 4.4: (23 commits)
[Filesystem] Handle paths on different drives
[WebProfiler] Do not add src-elem CSP directives if they do not exist
[Yaml] fix parse error when unindented collections contain a comment
Execute docker dependent tests with github actions
Update exception.html.php
[3.4][Inflector] Improve testSingularize() argument name
[Inflector] Fix testPluralize() arguments names
[PhpUnitBridge] fix PHP 5.3 compat again
Skip validation when email is an empty object
fix sr_Latn translation
[Validator] fix lazy property usage.
Fix annotation
[Debug][ErrorHandler] cleanup phpunit.xml.dist files
[Translation] Fix for translation:update command updating ICU messages
[PhpUnitBridge] fix compat with PHP 5.3
bumped Symfony version to 4.4.9
updated VERSION for 4.4.8
updated CHANGELOG for 4.4.8
provide a useful message when extension types don't match
[Cache] Fixed not supported Redis eviction policies
...
* 3.4:
[Filesystem] Handle paths on different drives
[WebProfiler] Do not add src-elem CSP directives if they do not exist
[Yaml] fix parse error when unindented collections contain a comment
[3.4][Inflector] Improve testSingularize() argument name
[PhpUnitBridge] fix PHP 5.3 compat again
Skip validation when email is an empty object
fix sr_Latn translation
[Validator] fix lazy property usage.
Fix annotation
[PhpUnitBridge] fix compat with PHP 5.3
[DX] Show the ParseException message in YAML file loaders
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Default hidden question to 1 attempt for non-tty session
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36565
| License | MIT
| Doc PR |
### Problem 1
`validateAttempts()` method repeats validation forever by default, until exception extending `RuntimeException` isn't thrown. This currently happens disregarding if user is in tty session where they can actually type input, or non-tty session. This presents a problem when user code throws custom exceptions for hidden questions -> loop doesn't stop. As far as I can tell this issue is in all Symfony versions, but it was uncovered only after we stopped marking interactive flag to false automatically ourselves. Actually, all 3 problems were already existing problems, just hidden until now.
### Problem 2
Infinite loop problem is related to hidden questions, but this one isn't. If validation fails, another attempt to read & validate happens. This means user will get two prompts: 2x same question with 2 different error messages. One error message coming from validator, second error message about inability to read input (because this loop repeats until this kind of error happens, so last output will always be this error). As an example, output in practice would look like following
```
What do you want to do:
>
[ERROR] Action must not be empty.
What do you want to do:
>
Aborted.
```
So even if loop stops, output is more than expected.
### Problem 3
This is purely cosmetic issue, but currently user gets `stty: stdin isn't a terminal` printed additionally when question helper tries to ask a hidden question without having tty. I have fixed this in same fashion as was already done for [getShell() method](ee7fc5544e/src/Symfony/Component/Console/Helper/QuestionHelper.php (L500)).
### More details
Well root of the first problem is that `\Symfony\Component\Console\Helper\QuestionHelper::getHiddenResponse` is inconsistent. In some cases it does throw `MissingInputException` (which extends `RuntimeException`), in others doesn't. This is because in others, `shell_exec` is used, which won't return `false` even in non-tty sessions. Initially I attempted to fix this and make them consistent by checking for empty result + `isTty` call, but during my testing I found that at least last, `bash -c` method returns `\n` as output both when passing empty input and when passing newline as input. This means we cannot differentiate with this technique when input is really empty, or at least I can't currently tell how, maybe someone does. I had also idea to use proc_open and check if `STDERR` cotains message about stdin not being a terminal, but I realized these functions might not be available. In future we should modernize this method to use less hacky techniques. Other solutions, eg. Inquirer.js or [hoa/console](https://github.com/hoaproject/Console/blob/master/Source/Readline/Readline.php) have much more elegant solutions. Anyway, since I encountered this issue and additionally this doesn't solve Problem 2, I stopped trying to fix this on this level.
### Alternative solution
Alternative solution to problem 1 and 3 would be to fallback to default in case of hidden questions when tty is missing. But this still doesn't solve problem 2 and I can't think about solution right now which would fix problem 2 separately. We also didn't really reach consensus if reading passwords via stdin is desired. I tried this in `Inquirer.js` and this library *does read password from stdin*
Commits
-------
ee7fc5544e [Console] Default hidden question to 1 attempt for non-tty session
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Filesystem] Handle paths on different drives
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
`makePathRelative` strips and ignores the drive letters given Windows paths on different drives, resulting in a relative path which does not resolve to the desired target.
This PR makes `makePathRelative` notice paths on different drives, and return the full (absolute) target path in case instead.
Commits
-------
00e727ae4e [Filesystem] Handle paths on different drives
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfiler] Do not add src-elem CSP directives if they do not exist
| Q | A
| ------------- | ---
| Branch? | 3.4, 4.4, 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36643
| License | MIT
| Doc PR | n/a
In the latest 3.4.*, 4.4.* and 5.0.* branches the `script-src-elem` and `style-src-elem` directives are added to the Content-Security-Policy header if they don't exist by copying the `default-src`. This causes browsers to ignore the `script-src` and `style-src` directives which likely contain scripts and styles the developer wanted to allow.
As mentioned in the fixed ticket, we shouldn't be adding these directives if they don't exist because the browser will automatically fallback to `script-src` and `style-src` which we have already added `unsafe-inlen` and the `nonce-*` to.
This will need to be merged into 3.4, 4.4 and 5.0, but I was unsure which branch I am meant to base it off to start with. I've put it on 4.4 but can move it to another if required.
Commits
-------
d9c47087c9 [WebProfiler] Do not add src-elem CSP directives if they do not exist
This PR was merged into the 3.4 branch.
Discussion
----------
[DX] Show the ParseException message in all YAML file loaders
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR synchronizes the exception message in the Routing, Validator and Translation YAML file loaders with the DependencyInjection YAML file loader behavior. Adding the ParseException message is a big DX gain because it highlights the problem directly instead of having to scroll down 7 previous exceptions.
I'm targetting 3.4 because DX can be considered as a bug fix AFAIK.
Commits
-------
fc6cf3d3c6 [DX] Show the ParseException message in YAML file loaders
This PR was merged into the 4.4 branch.
Discussion
----------
Execute docker dependent tests with github actions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fixes#36427
| License | MIT
| Doc PR | -
* redis, memcached, rabbitmq and vulcain dependent tests moved to the github action
* run on PHP 7.1 and 7.4 only
* use the `integration` group for all tests that depend on docker services
* do not exclude the `integration` group on Travis, but make sure tests that depend on docker services are skipped properly
[<img width="1222" alt="image" src="https://user-images.githubusercontent.com/190447/80806323-48339100-8bb2-11ea-95cd-5ce773c74ce6.png">](https://github.com/jakzal/symfony/runs/636461875?check_suite_focus=true)
Commits
-------
d710c1b654 Execute docker dependent tests with github actions
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Skip validation when email is an empty object
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
When the value passed to the email validator is an empty object the validator is still called and will mark the value as invalid. The object should be skipped in this case, as it is also done in the `UrlValidator`
bfdbb244fe/src/Symfony/Component/Validator/Constraints/UrlValidator.php (L59-L62)
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
de5d68ef2a Skip validation when email is an empty object
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Allow configuring the default base URI with a DSN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#35121, replaces #35580, partially reverts #35281
| License | MIT
| Doc PR | -
Instead of defining 3-4 parameters, this PR enables using a single DSN to configure the default URL context (for commands mainly):
```
framework:
router:
base_uri: 'https://my.host:8443/base-path/'
```
When using parameters directly, one can now set the same absolute URI in the `router.request_context.base_url` parameter, this will provide the same benefit.
Commits
-------
250fa7e979 [FrameworkBundle] Allow configuring the default base URI with a DSN
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Added LDAP support to Authenticator system
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The last missing authenticator in the new system 🎉
I have no experience with LDAP at all and I didn't succeed in setting up a server locally. So I can't test whether this works, but the unit test works (and also tested in a real app, while adding a `dd()` call in the listener).
---
I want to share with you the current state of Security LDAP, how this PR implements it and a possible other solution (which I think I would prefer most). Is there anyone who can share their opinions on this? (hopefully @weaverryan and @csarrazi can share their opinion, as they have most experience on this topic)
1. **Current Solution: An LDAP authentication provider + duplicated `SecurityFactory` classes**
LDAP is done in one centralized authentication provider. This provider is configured by security factories for each core factory (e.g. `form_login` becomes `form_login_ldap`, `http_basic` becomes `http_basic_ldap`).
2. **Implementation in this PR: A listener is executed before the default `VerifyCredentialsListener`, to verify `PasswordCredentials`**
This listener must be configured for each specific authenticator wanting to use LDAP. This is a technique similar to (1). It's a bit difficult to use this for your own authenticator (you need to configure a custom listener service) and still needs the duplicated factory classes
3. **Proposal: Introduce a `LdapCredentials` class and always register a listener**
If an authentictor returns `LdapCredentials`, it'll be checked using the LDAP verification listener. This is the easiest for custom authenticators and would remove the duplicated factories, I can imagine `form_login` getting a new `ldap` sub option to configure the settings.
The main disadvantage (I think) is that we would need to make `LdapCredentials` configure all options: ldap service, dnString, searchDn, searchPassword & queryString. Especially passing around the ldap service seems a bit weird. The main questions here are: Is it weird to pass all these things in the `LdapCredentials`? And, do we really need to support having multiple LDAP configuration sets for different authenticators? Or can we e.g. add a global `security.ldap` configuration, that registers the listener for all authenticators returning `LdapCredentials`?
Commits
-------
20962e604a [Security] Added LDAP support to Authenticator system
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Translations] Throw exception if xFileLoader dependencies don't exist.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36658
| License | MIT
| Doc PR |
`XliffFileLoader` & `QtFileLoader` both require `XmlUtils::class` from the `Config` component. This PR throws a friendly exception is the `Config` component does not exist.
Original idea by @xabbuh was to throw the exception from the __constructor. This PR throws the exception from the `load()` method to be consistent with the `YamlFileLoader::class`. But that can easily be changed.
Commits
-------
627e476eb4 [Translations] Throw exception if xFileLoader dependencies don't exist.
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[AmazonSqsMessenger] Use AsyncAws to handle SQS communication
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
Similar to #35992 this PR use AsyncAws to handle Sqs messages sent/receive
It move complexity of authentication/streaming outside Symfony while keeping HttpClient integration.
Commits
-------
7c4888eed1 [AmazonSqsMessenger] Use AsyncAws to handle SQS communication
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Fix messenger:failed:remove can not remove single message
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36659
| License | MIT
| Doc PR | -
Fix this error:
```
count(): Parameter must be an array or an object that implements Countable
```
When calling `messenger:failed:remove` command from other code with single id
Commits
-------
e66cd97ec3 [Messenger] Fix messenger:failed:remove can not remove single message
This PR was merged into the 5.1-dev branch.
Discussion
----------
Add support of PHP8 static return type for withers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/orgs/symfony/projects/1#card-35852557
| License | MIT
| Doc PR |
Commits
-------
04fdf05cff Add support of PHP8 static return type for withers
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] allow loading and dumping tags with an attribute named "name"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This is a minor feature added for consistency: using PHP, we can already define tags with an attribute named `"name"`. But then, we cannot dump such definitions in YAML nor XML since we don't have a syntax to declare such tags in these formats.
I spotted this while looking at a dumped container: we already use an attribute named `"name"` on two tags: `cache.pool` and `workflow.definition`. Currently, the dumped XML is wrong because of this.
This PR enables the following new syntaxes (the current style still works as usual):
- in YAML, consistently with the new syntax for method calls:
```yaml
tags:
- cache.pool: { name: my_cache_pool }
```
- in XML:
```xml
<tag name="my_cache_pool">cache.pool</tag>
```
Commits
-------
b023e4cac3 [DI] allow loading and dumping tags with an attribute named "name"
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] make kernels implementing `WarmableInterface` be part of the cache warmup stage
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This allows your kernel to return extra classes to preload also (which was my main motivation for creating this PR actually.)
```php
// ...
use Symfony\Component\HttpKernel\CacheWarmer\WarmableInterface;
// ...
class Kernel ... implements ..., WarmableInterface
{
// ...
public function warmUp(string $cacheDir): array
{
// ...
return [
SomeClassToPreload::class,
AnotherClassClassToPreload::class,
$cacheDir.'/some-file-to-preload.php',
// ...
];
}
// ...
}
```
Commits
-------
649e530356 [HttpKernel] make kernels implementing `WarmableInterface` be part of the cache warmup stage
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] deprecate not using a rounding mode
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
25ba1a241d deprecate not using a rounding mode
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Mailer] Use AsyncAws to handle SES requests
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #33183, #35468 and #35037
| License | MIT
| Doc PR | TODO
alternative to #33326
This PR replace the native code to call AWS SES by the new [AsyncAws](https://github.com/async-aws/aws) project maintained by @Nyholm and me.
This removes complexity of signing request, and adds new features likes:
- authentication via .aws/config.ini, Instance profile, WebIdentity (K8S service account)
- usesignature V4 (the one recommanded by the Official SDK )
- fully compatible with API (uses the official AWS SDK interface contract to generate classes)
Because it's based on `symfony/http-client`, it's fully integrable with Symfony application.
Commits
-------
21243874bc [Mailer] Use AsyncAws to handle SES requests
This PR was merged into the 4.4 branch.
Discussion
----------
[Translation] Fix for translation:update command updating ICU messages
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36459
| License | MIT
If `translation:update` command executed with option `--domain=messages` – it ignore `messages-intl-icu` file and just create new `messages`
Method `TranslationUpdateCommand::filterCatalogue()` on `MessageCatalogue::all()` method to get all messages for domain
But `MessageCatalogue::all()` method disredard `intl-icu` domains and simply merge all.
[Translation] added $strict parameter for MessageCatalogueInterface::all() to be able to get only defined domain messages
[FrameworkBundle] modified translation:update command to respect intl-icu domain
Commits
-------
567cee5f02 [Translation] Fix for translation:update command updating ICU messages
* Anonymous users are actual to unauthenticated users, both are now represented by no token
* Added a PUBLIC_ACCESS Security attribute to be used in access_control
* Deprecated "anonymous: lazy" in favor of "lazy: true"
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[SecurityBundle] Fixed entry point service ID resolving and multiple guard entry points
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | n/a
@fabpot I am not able to reproduce [the error you reported](https://github.com/symfony/symfony/pull/36575#issuecomment-622272051) in any of my demo applications or in the tests introduced in this PR. The error indicates that no entry point is configured in your application, can you maybe try out this patch (given it now makes a hard error when more than one guard is used)? If it still doesn't work, can you maybe share your firewall configuration?
---
_build failures are unrelated_
Commits
-------
c75659350e Do not make AbstractFactory internal and revert method rename
6870a18803 Fixed entry point resolving and guard entry point configuration
This PR was squashed before being merged into the 3.4 branch (closes#36627).
Discussion
----------
[Validator] fix lazy property usage.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36343
| License | MIT
| Doc PR |
This attempts to fix a large regression introduced in #36343, which broke recursing values returned from `getter` Constraints, because they are now wrapped in in a `LazyProperty`. The `LazyProperty` needs to be evaluated because some checks are done on the type of `$value`, i.e `is_array` etc... in `validateGenericNode`.
I'm concerned that the original PR didn't really add sufficient test coverage for the introduction of `LazyProperty`, and I'm not 100% sure that I've caught all the cases where the `instanceof` check are needed in this PR.
For the tests, I added the `@dataProvider getConstraintMethods` to every test that hit the problem area of code.
~~The only issue is that my fixed has broken the test introduced in #36343, `testGroupedMethodConstraintValidateInSequence`.~~
~~I think I need @HeahDude to help me work through this. Maybe there is a more simple solution, one that doesn't require doing `instanceof LazyPropery` checks in multiple places, because this feels very brittle.~~
EDIT: fixed that test.
Commits
-------
281861e788 [Validator] fix lazy property usage.
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] provide a useful message when extension types don't match
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36610
| License | MIT
| Doc PR |
Commits
-------
88d836643a provide a useful message when extension types don't match
This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] do not transform empty \Traversable to Array
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | na
| License | MIT
| Doc PR | na
Today, using `PRESERVE_EMPTY_OBJECTS` ([introduced in 4.0](f28e826627)), the JSON serialization of:
```php
<?php
$object = [];
$object['foo'] = new \ArrayObject();
$object['bar'] = new \ArrayObject(['notempty']);
$object['baz'] = new \ArrayObject(['nested' => new \ArrayObject()]);
```
Outputs:
```json
{"foo":[],"bar":["notempty"],"baz":{"nested":[]}}
```
Instead of the expected:
```json
{"foo":{},"bar":["notempty"],"baz":{"nested":{}}}
```
This issue comes from the Serializer that transforms `Traversable` to an Array [here](11a707200d/src/Symfony/Component/Serializer/Serializer.php (L159)). Also, the `AbstractObjectNormalizer` [doesn't support Traversable](11a707200d/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L134)), but he allows to preserve empty objects.
I propose this patch where the fix doesn't transform a `Traversable` to an Array. I see another way to patch this in which we could allow empty Traversable in the `AbstractObjectNormalizer` (not sure it's better though). See attached [other-fix.patch](https://github.com/symfony/symfony/files/4539865/other-fix.log) to see the alternative patch.
Commits
-------
e5c20293fa Fix serializer do not transform empty \Traversable to Array
This PR was merged into the 5.1-dev branch.
Discussion
----------
Add missing port SQS Host Header request
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
When user provides a custom endpoint, the port is missing from the `Host` headers, leading to wrong URL when calling `getQueueUrl`
Commits
-------
41165beb48 Add missing port SQS Host Header request
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Fixed not supported Redis eviction policies
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | no
**Steps to reproduce:**
1. Define the following redis service on SymfonyCloud:
```
rediscache:
type: redis:5.0
size: S
configuration:
maxmemory_policy: allkeys-lru
```
2. Deploy the change
**Expected result:**
No redis cache will be populated
**Actual result:**
Following exception is thrown:
```
[2020-04-28T05:35:58.440403-04:00] php.CRITICAL: Uncaught Error: Return value of Symfony\Component\Cache\Adapter\RedisTagAwareAdapter::doSave() must be of the type array, bool returned {"exception":"[object] (TypeError(code: 0): Return value of Symfony\\Component\\Cache\\Adapter\\RedisTagAwareAdapter::doSave() must be of the type array, bool returned at /app/vendor/symfony/cache/Adapter/RedisTagAwareAdapter.php:100)"} []
```
Commits
-------
3d6e942da5 [Cache] Fixed not supported Redis eviction policies
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][CacheWarmupCommand] Append files to preload
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Files returned by the warmUp() method must be added to the preload file.
I also added checks to avoid empty preload calls in the preload file like this:
```
$classes = [];
Preloader::preload($classes);
```
Commits
-------
a82c7ab4c0 [FrameworkBundle][CacheWarmupCommand] Append files to preload
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation][HttpKernel] Add more preload always-needed symbols
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Part of https://github.com/orgs/symfony/projects/1#card-37082675
| License | MIT
| Doc PR | -
`ConfigCache` is in the hot path because it is used for every request in the kernel boot (initializeContainer() method). I guess we can consider that every kernel is going to be booted so it should always be used.
`InputBag` should be added too - it is used in the Request initialization so it will likely be hit on every request as well - but maybe it wasn't added in the first place for a reason since other bags are already there?
Commits
-------
636a8bdf12 [HttpFoundation][HttpKernel] Add more preload always-needed symbols
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] Require entry_point to be configured with multiple authenticators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | tbd
See @weaverryan's comment at https://github.com/symfony/symfony/pull/33558#discussion_r403740402:
> I have it on my list to look at the entrypoint stuff more closely. But my gut reaction is this: let's fix them (or try to... or maybe in a PR after this) :). What I mean is this:
>
> - It's always been confusing that your firewall may have multiple auth mechanisms that have their own "entry point"... and one is chosen seemingly at random :). I know it's not random, but why does the entrypoint from `form_login` "win" over `http_basic` if I have both defined under my firewall?
>
> - Since we're moving to a new system, why not throw an exception the _moment_ that a firewall has multiple entrypoints available to it. Then we _force_ the user to choose the _one_ entrypoint that should be used.
---
**Before** (one authenticator)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
form_login: ...
# form login is your entry point
```
**After**
Same as before
---
**Before** (multiple authenticators)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
# for some reason, FormLogin is now your entry point! (config order doesn't matter)
```
**After**
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: form_login
```
---
**Before** (custom entry point service)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: App\Security\CustomEntryPoint
```
**After**
Same as before
Commits
-------
7e861698e7 [Security] Require entry_point to be configured with multiple authenticators
* 5.0:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
remove getContainer overwrites in tests
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
Fix profiler nullable string type
* 4.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
* 3.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Form] apply automatically step=1 for datetime-local input
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Allow invalidateTags calls to be traced by data collector
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #34810
| License | MIT
| Doc PR |
`TraceableTagAwareAdapter` is not used in the fullstack framework since tag aware pools don't have the `cache.pool` tag (it's the decorated adapter that has it). This PR aims to use `TraceableTagAwareAdapter` when a pool is configured with `tags: true`
Commits
-------
28fdb3a879 Allow invalidateTags calls to be traced by data collector
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36533
| License | MIT
| Doc PR | none
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
This PR changes the label of the peak memory usage from `MB` into `MiB` in the time and memory panels of the web profiler, as discussed in #36533.
The changed file `Resources/views/Collector/time.html.twig` is completely updated by commit c9433b0090 for v4.3. So for correctly displaying the label in 4.4 (& 5.0), the file `Resources/views/Collector/time.js` needs to be updated.
Commits
-------
89fb0799cd [WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36401
| License | MIT
| Doc PR | -
Commits
-------
6dce90d47b [PhpUnitBridge] Use COMPOSER_BINARY env var if available
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] add syntax to stack decorators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#30599
| License | MIT
| Doc PR | -
Declare this:
```yaml
services:
my_stack_of_decorators:
stack:
- class: App\ExternalDecorator
- class: App\InternalDecorator
- class: App\DecoratoredClass
```
And get this:
![image](https://user-images.githubusercontent.com/243674/78615803-b8c8e580-7872-11ea-95c2-22cb78f88ca8.png)
The PR is now ready with support for Yaml, XML and the PHP-DSL. It needs #36388, #36392 and #36389 to pass, and relates to #36390 to be DX-friendly.
The new syntax now supports composable stacks - i.e stack you can reuse in the middle of another stack.
RIP middleware, simple decorators FTW :)
From the test cases:
```yaml
services:
reusable_stack:
stack:
- class: stdClass
properties:
label: A
inner: '@.inner'
- class: stdClass
properties:
label: B
inner: '@.inner'
concrete_stack:
stack:
- parent: reusable_stack
- class: stdClass
properties:
label: C
```
This will create a service similar to:
```php
(object) [
'label' => 'A',
'inner' => (object) [
'label' => 'B',
'inner' => (object) [
'label' => 'C',
]
],
];
```
When used together with autowiring, this is enough to declare a stack of decorators:
```yaml
services:
my_processing_stack:
stack:
- App\ExternalDecorator: ~
- App\InternalDecorator: ~
- App\TheDecoratedClass: ~
```
See fixtures for the other configuration formats.
See also https://twitter.com/nicolasgrekas/status/1248198573998604288
Todo:
- [x] rebase on top of #36388, #36392 and #36389 once they are merged
- [x] test declaring deeper nested stacks
Commits
-------
98eeeae3d1 [DI] add syntax to stack decorators
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] fix definition and usage of AbstractArgument
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Reading https://symfony.com/blog/new-in-symfony-5-1-abstract-service-arguments and the comments there made me realize that the current implementation is not generic enough. Abstract arguments can be found anywhere, not only as service arguments. Also, `AbstractArgument` instances should not convey the key/id since that makes them harder to use in the PHP-DSL.
Commits
-------
abb463c749 [DI] fix definition and usage of AbstractArgument
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Serializer] Add an @Ignore annotation
| Q | A
| ------------- | ---
| Branch? | master
Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #24071
| License | MIT
| Doc PR | n/a
Add an `@Ignore` annotation to configure [ignored attributes](https://symfony.com/doc/current/components/serializer.html#ignoring-attributes) in a convenient way, as well as the related XML and YAML loaders.
TODO:
* [x] Add tests
Commits
-------
8526d7c050 [Serializer] Add an @Ignore annotation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Add locale-sensitive map for slugging symbols
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36383
| License | MIT
By default chars '@' and '&' are respectively replaced by 'at' and 'and' (so limited by enlgish language).
I had an $options arguments to 'slug' method to replace chars with your own logic.
Commits
-------
1331584fa1 [String] Add locale-sensitive map for slugging symbols
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] skip APCu in chains when the backend is disabled
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34962
| License | MIT
| Doc PR | -
I think this should do it.
Commits
-------
5a7208481d [Cache] skip APCu in chains when the backend is disabled
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] skip preloading dependencies of non-preloaded services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Suggested by @stof on Slack: this improves preloading by propagating the `container.no_preload` tag to services that are referenced only by not-preloaded services.
The benefit is double:
1. this fixes potential over-preloading
2. this requires less work from the community: no need to add the tag anymore most of the time
As a corollary, listeners of console events are tagged with `container.no_preload` automatically now.
Commits
-------
add867020a [DI] skip preloading dependencies of non-preloaded services
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] debug:autowiring: Fix wrong display when using class_alias
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR | not needed
Imagine that `FooInterface` is an alias, but it is deprecated and so has a `class_alias` to `BarInterface`. Currently, `debug:autowiring` will actually print that's the autowiring alias is `BarInterface`, despite there being no such id in the container.
@nicolas-grekas originally (on purpose) made the 2nd argument to `Descriptor::getClassDescription()` be passed by reference *for* this exact feature - 56aab09b01 - but I can't figure out why. This change (which effectively removes the by-reference modifying) made no existing tests fail.
Discovered this because the whole deprecated`Doctrine\Common\Persistence\ManagerRegistry` vs newer `Doctrine\Persistence\ManagerRegistry` causes the issue.
Thanks!
Commits
-------
d34b437ce0 Fixing a bug where class_alias would cause incorrect items in debug:autowiring
This PR was squashed before being merged into the 5.1-dev branch (closes#36525).
Discussion
----------
Improve SQS interoperability
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | NA
| License | MIT
| Doc PR | NA
The Symfony Messenger component provides a SerializerInterface to encode/decode the `Envelope`, this can be used to improve the Interoperability (see [article from jolicode](https://jolicode.com/blog/symfony-messenger-et-linteroperabilite) (french))
Sadly, the current implementation of SQS adapter json_encode the elements of the `Envelope` (`string body` + `string[] headers`) and store everything in the SQS message `Body`. That partially defect the interoperability: 3rd party have to also wrap (unwrap) message form json_encoded Body.
This PR leverage the AWS SQS `Body` and `MessageAttribute` properties to store message information:
```yaml
# before
SQS Message:
Body: {"body": "hello world", "headers": {"foo": "bar"}}
MessageAttributes: {}
# after
SQS Message:
Body: hello world
MessageAttributes:
foor: bar
```
Commits
-------
00d84c125e Improve SQS interoperability
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][ServiceSubscriber] Support late aliases
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A service subscriber that references a service that is aliased after optimization passes (after ResolveReferencesToAliasesPass technically) end up being dumped with the real service and not the alias.
I would consider it a bug but @nicolas-grekas told me it's a feature for him, this is why I'm submitting this on master.
@nicolas-grekas, feel free to close this one and open with your solution since you definitely know the subject better.
Commits
-------
24150370c3 [DependencyInjection][ServiceSubscriber] Support late aliases
This PR was merged into the 5.1-dev branch.
Discussion
----------
[OptionsResolver] remove not needed BC layer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
1452619a52 remove not needed BC layer
This PR was merged into the 5.0 branch.
Discussion
----------
[Profiler] Fix profiler nullable string type
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | -
This PR fixes nullable string types in setter for the Profile class.
The detected issue comes from [the Profiler class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpKernel/Profiler/Profiler.php#L149) :
```php
$profile->setIp($request->getClientIp()); // string or null
```
The corresponding return types for the Profile getters are allready good:
```php
/**
* Returns the IP.
*
* @return string|null The IP
*/
public function getIp()
{
return $this->ip;
}
```
Commits
-------
b5d406117d Fix profiler nullable string type
* 5.0:
[FrameworkBundle] Fix session.attribute_bag service definition
[Routing] Remove unused properties from the Route annotation
[Routing] Add missing _locale requirements
Update LdapBindAuthenticationProvider.php
Add reproducer to for hit after update expire cacheItem
[Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
* 4.4:
[FrameworkBundle] Fix session.attribute_bag service definition
[Routing] Remove unused properties from the Route annotation
[Routing] Add missing _locale requirements
Update LdapBindAuthenticationProvider.php
Add reproducer to for hit after update expire cacheItem
[Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
This PR was merged into the 3.4 branch.
Discussion
----------
[Security/Core] fix escape for username in LdapBindAuthenticationProvider.php
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
I think that when we call `ldap_search()` as definitely it will do the `$this->ldap->query()` call, the proper filter applied should be `LdapInterface::ESCAPE_FILTER` as documented in
https://www.php.net/manual/en/function.ldap-escape.php while `LdapInterface::ESCAPE_DN` should be used for `dn` only
This simple change should fix, I'm sorry if I'm wrong.
Commits
-------
4bda68a9a2 Update LdapBindAuthenticationProvider.php
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier] Throw an exception when the Slack DSN is not valid
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes-ish
| New feature? | yes-ish <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
Improved errors in case of a DSN issue.
+ proper error for the Slack DSN when path is empty (will help catch when people haven't updated their Slack DSN for 5.1).
Commits
-------
6b1a64a642 [Notifier] Throw an exception when the Slack DSN is not valid
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] AuthenticatorManager to make "authenticators" first-class security
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | tbd
The tl;dr
---
The old authentication listener + authentication provider system was replaced by a new "authenticator" system (similar to Guard authentication). All existing "auth systems" (e.g. `form_login` are now written as an "authenticator" in core).
Instead of each "authentication system" registering its own listener in the `Firewall`, there is now only one listener: `AuthenticatorManagerListener`
* `Firewall` -> executes `AuthenticatorManagerListener`
* `AuthenticatorManagerListener` -> calls `AuthenticatorManager`
* `AuthenticatorManager` -> calls each authenticator
This PR contains *no deprecations* and the "new system" is *marked as experimental*. This allows to continue to develop the new Security system during the 5.x release cycle without disturbing Symfony users. In 5.4, we can deprecate "old" Security and remove it completely in 6.0.
Important Decisions
---
* A) **The new authentication manager - `AuthenticatorManager` - now dispatches 3 important "hook" events**:
* `VerifyAuthenticatorCredentialsEvent`: occurs at the point when a "password" needs to be checked. Allows us to centralize password checking, CSRF validation, password upgrading and the "user checker" logic.
* `LoginSuccessEvent`: Dispatched after a successful authentication. E.g. used by remember me listener.
* `LoginFailedEvent`: Dispatched after an unsuccessful authentication. Also used by remember me (and in theory could be used for login throttling).
* B) **`getCredentials()`, `getUser()` and `checkCredentials()` methods from old Guard are gone: their logic is centralized**.
Authenticators now have an `authenticate(Request $request): PassportInterface` method. A passport contains the user object, the credentials and any other add-in Security badges (e.g. CSRF):
```php
public function authenticate(Request $request): PassportInterface
{
return new Passport(
$user,
new PasswordCredentials($request->get('_password')),
[
new CsrfBadge($request->get('_token'))
]
);
}
```
All badges (including the credentials) need to be resolved by listeners to `VerifyAuthenticatorCredentialsEvent`. There is build-in core support for the following badges/credentials:
* `PasswordCredentials`: validated using the password encoder factory
* `CustomCredentials`: allows a closure to do credentials checking
* `CsrfTokenBadge`: automatic CSRF token verification
* `PasswordUpgradeBadge`: enables password migration
* `RememberMeBadge`: enables remember-me support for this authenticator
* C) **`AuthenticatorManager` contains all logic to authenticate**
As authenticators always relate to HTTP, the `AuthenticatorManager` contains all logic to authenticate. It has three methods, the most important two are:
* `authenticateRequest(Request $request): TokenInterface`: Doing what is previously done by a listener and an authentication provider;
* `authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = [])` for manual login in e.g. a controller.
* D) **One AuthenticatorManager per firewall**
In the old system, there was 1 authentication manager containing all providers and each firewall had a specific firewall listener. In the new system, each firewall has a specific authentication manager.
* E) **Pre-authentication tokens are dropped.**
As everything is now handled inside `AuthenticatorManager` and everything is stored in the Security `Passport`, there was no need for a token anymore (removing lots of confusion about what information is inside the token).
This change deprecates 2 authentication calls: one in `AuthorizationChecker#isGranted()` and one in `AccessListener`. These seem now to be mis-used to reload users (e.g. re-authenticate the user after you change their roles). This (some "way" to change a user's roles *without* logging them out) needs to be "fixed"/added in another PR.
* F) **The remember me service now uses *all* user providers**
Previously, only user providers of authentication providers listening on that firewall were used. This change is due to practical reasons and we don't think it is common to have 2 user providers supporting the same user instance. In any case, you can always explicitly configure the user provider under `remember_me`.
* G) **Auth Providers No Longer Clear the Token on Auth Failure**
Previously, authentication providers did `$this->tokenStorage->setToken(null)` upon authentication failure. This is not yet implemented: our reasoning is that if you've authenticated successfully using e.g. the login form, why should you be logged out if you visit the same login form and enter wrong credentials?
The pre-authenticated authenticators are an exception here, they do reset the token upon authentication failure, just like the old system.
* H) **CSRF Generator Service ID No Longer Configurable**
The old Form login authentication provider allowed you to configure the CSRF generator service ID. This is no longer possible with the automated CSRF listener. This feature was introduced in the first CSRF commit and didn't get any updates ever since, so we don't think this feature is required. This could also be accomplished by checking CSRF manually in your authenticator, instead of using the automated check.
Future Considerations
---
* Remove Security sub-components: Move CSRF to `Symfony\Component\Csrf` (just like mime); Deprecated Guard; Put HTTP + Core as `symfony/security`. This means moving the new classes to `Symfony\Component\Security`
* Convert LDAP to the new system
* This is fixed (and merged) by #36243 <s>There is a need for some listeners to listen for events on one firewall, but not another (e.g. `RememberMeListener`). This is now fixed by checking the `$providerKey`. We thought it might be nice to introduce a feature to the event dispatcher:</s>
* <s>Create one event dispatcher per firewall;</s>
* <s>Extend the `kernel.event_subscriber` tag, so that you can optionally specify the dispatcher service ID (to allow listening on events for a specific dispatcher);</s>
* <s>Add a listener that always also triggers the events on the main event dispatcher, in case you want a listener that is listening on all firewalls.</s>
* Drop the `AnonymousToken` and `AnonymousAuthenticator`: Anonymous authentication has never made much sense and complicates things (e.g. the user can be a string). For access control, an anonymous user has the same meaning as an un-authenticated one (`null`). This require changes in the `AccessListener` and `AuthorizationChecker` and probably also a new Security attribute (to replace `IS_AUTHENTICATED_ANONYMOUSLY`). Related issues: #34909, #30609
> **How to test**
> 1. Install the Symfony demo application (or any Symfony application)
> 2. Clone my Symfony fork (`git clone git@github.com:wouterj/symfony`) and checkout my branch (`git checkout security/deprecate-providers-listeners`)
> 3. Use the link utility to link my fork to the Symfony application: `/path/to/symfony-fork/link /path/to/project`
> 4. Enable the new system by setting `security.enable_authenticator_manager` to `true`
Commits
-------
b1e040f311 Rename providerKey to firewallName for more consistent naming
50224aa285 Introduce Passport & Badges to extend authenticators
9ea32c4ed3 Also use authentication failure/success handlers in FormLoginAuthenticator
0fe5083a3e Added JSON login authenticator
7ef6a7ab03 Use the firewall event dispatcher
95edc806a1 Added pre-authenticated authenticators (X.509 & REMOTE_USER)
f5e11e5f32 Reverted changes to the Guard component
ba3754a80f Differentiate between interactive and non-interactive authenticators
6b9d78d5e0 Added tests
59f49b20ca Rename AuthenticatingListener
60d396f2d1 Added automatically CSRF protected authenticators
bf1a452e94 Merge AuthenticatorManager and AuthenticatorHandler
44cc76fec2 Use one AuthenticatorManager per firewall
09bed16d3d Only load old manager if new system is disabled
ddf430fc1e Added remember me functionality
1c810d5d2a Added support for lazy firewalls
7859977324 Removed all mentions of 'guard' in the new system
999ec2795f Refactor to an event based authentication approach
b14a5e8c52 Moved new authenticator to the HTTP namespace
b923e4c4f6 Enabled remember me for the GuardManagerListener
873b949cf9 Mark new core authenticators as experimental
4c06236933 Fixes after testing in Demo application
fa4b3ec213 Implemented password migration for the new authenticators
5efa892395 Create a new core AuthenticatorInterface
50132587a1 Add provider key in PreAuthenticationGuardToken
526f75608b Added GuardManagerListener
a172bacaa6 Added FormLogin and Anonymous authenticators
9b7fddd10c Integrated GuardAuthenticationManager in the SecurityBundle
a6890dbcf0 Created HttpBasicAuthenticator and some Guard traits
c321f4d73a Created GuardAuthenticationManager to make Guard first-class Security
The AuthenticatorManager now performs the whole authentication process. This
allows for manual authentication without duplicating or publicly exposing parts
of the process.
This to remove confusion between the new system and Guard. When using the new
system, guard should not be installed. Guard did however influence the idea
behind the new system. Thus keeping the mentions of "guard" makes it confusing
to use the new system.
This allows more flexibility for the authentication manager (to e.g. implement
login throttling, easier remember me, etc). It is also a known design pattern
in Symfony HttpKernel.
This removes the introduced dependency on Guard from core. It also allows an
easier migration path, as the complete Guard subcomponent can now be deprecated
later in the 5.x life.
This is an iteration on the AuthenticatorInterface of the Guard, to allow more
flexibility so it can be used as a real replaced of the authentication
providers and listeners.
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] CacheItem with tag is never a hit after expired
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36458
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
It seems like a tag cacheItem is never a hit again. Not sure how fix this but the cache component is really hard to debug 🙈 .
It need to be somewhere generally as all TagAware caches are effected:
```
1) Symfony\Component\Cache\Tests\Adapter\FilesystemTagAwareAdapterTest::testRefreshAfterExpires
Failed asserting that false is true.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:194
2) Symfony\Component\Cache\Tests\Adapter\PredisTagAwareClusterAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
3) Symfony\Component\Cache\Tests\Adapter\RedisTagAwareAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
4) Symfony\Component\Cache\Tests\Adapter\RedisTagAwareClusterAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
```
Commits
-------
d082eca7dd Add reproducer to for hit after update expire cacheItem
f815b011c3 [Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
* 4.4:
[HttpFoundation] workaround PHP bug in the session module
[SecurityBundle] fix accepting env vars in remember-me configurations
[Form] Fixed handling groups sequence validation
[Cache] Avoid memory leak in TraceableAdapter::reset()
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] fix accepting env vars in remember-me configurations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36271
| License | MIT
| Doc PR | -
As @wouterj explained we cannot use env variables after #35910 merged.
> Hmm, so I'm guessing this is what happens:
>
> * `lifetime` is now an `integerNode()`
> * For the Config component (which IIRC doesn't know anything about env variables), you're passing a string: `"%env(int:REMEMBER_ME_COOKIE_LIFETIME)%"`
> * This throws an error, although if it wouldn't, the DI component would sucessfully process the string into a integer before it's used by any PHP class.
>
> So we either make Config aware of environment variables (that's probably a huge feature) or we revert the `integerNode()` changes (as you suggested).
>
> @HeahDude am I mislooking something, or would reverting these 2 lines not result in much harm? (only a little less strict config processor)
Commits
-------
46c278316c [SecurityBundle] fix accepting env vars in remember-me configurations
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fixed handling groups sequence validation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | FIx https://github.com/symfony/symfony/issues/9939#issuecomment-607459505, Fix#35556
| License | MIT
| Doc PR | ~
This is not the same as the original issue fixed by #36245, that was reported in https://github.com/symfony/symfony/issues/9939#issuecomment-607459505.
The form also fails to cascade sequence validation properly because each nested field is validated against the sequence, and one can fail at a step independently from another which could failed in another step. I've added a lot of tests to ensure this is working properly and tested in a website skeleton too.
This PR aims to close#35556 which tries to fix the same issue but afterwards in its implementation as said in https://github.com/symfony/symfony/pull/35556#discussion_r379289230.
Commits
-------
dfb61c204c [Form] Fixed handling groups sequence validation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[RedisMessengerBridge] Add a delete_after_ack option
This allows Messenger to clean up processed messages from memory, avoiding a mem "leak" in redis
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/33715
| License | MIT
| Doc PR | symfony/symfony-docs#... TODO - will pile it on to https://github.com/symfony/symfony-docs/pull/11869 as it kinda binds together and a bigger refactor of the docs here is much needed to avoid all these gotchas
Right now by default a redis transport for messenger will leak memory as all messages stay in redis forever. You can configure `stream_max_entries` to automatically trim to a max of X entries, but that means if you have big peaks in messages you might start losing messages which have not been processed.
This PR provides an alternative to that, by deleting message as they are processed. This is ideal as it avoids having to find the right number for `stream_max_entries` (do you want to risk losing data or use more memory than needed on average?). The only catch is that if you have multiple groups consuming the same stream, the first one processing a message will delete it, so other groups will not see it. For that reason `setup()` attempts to detect this and fails hard if it is misconfigured to prevent data loss.
Commits
-------
7c416a7173 [RedisMessengerBridge] Add a delete_after_ack option to automatically clean up processed messages from memory
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add FIFO support to the SQS transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | --
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html
Commits
-------
37601753f1 [Messenger] Add FIFO support to the SQS transport
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Cache] Added context to log messages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | n/a
In my application logs, I've got many entries like:
> Failed to save key "foobar" of type string.
I know it is related to the cache, But I dont know from what adapter. I use a chain of Array, Apcu and Redis. This PR adds some context to that log entry so I know which one of my cache adapter that fails.
Commits
-------
a4d9e0fc94 [Cache] Added context to log messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
Use ExpectDeprecationTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
08febef500 Use ExpectDeprecationTrait
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] Avoid memory leak in TraceableAdapter::reset()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When we call `ServicesResetter::reset()`, we want to reset the
application to its initial states. We don't want a memory leak :p
Commits
-------
15a8610c0c [Cache] Avoid memory leak in TraceableAdapter::reset()
* 5.0:
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
[Messenger] Make sure redis transports are initialized correctly
Remove return type for Twig function workflow_metadata()
[DI] fix typo
* 4.4:
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
[Messenger] Make sure redis transports are initialized correctly
Remove return type for Twig function workflow_metadata()
[DI] fix typo
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | na
| License | MIT
| Doc PR | na
expectExceptionMessageRegExp is deprecated coming phpunit 8.5.3 see https://github.com/sebastianbergmann/phpunit/issues/4133
Not sure if I need to add something else lmk.
Commits
-------
cfd5a29eaf [PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
This PR was merged into the 4.4 branch.
Discussion
----------
Remove return type for Twig function workflow_metadata()
Technically it is allowed to have metadata other than string, even data that does not cast to string, like an array.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36391
| License | MIT
| Doc PR | n/a
The workflow metadata store can contain not only strings, but setting nested metadata results in an error when workflow_metadata() is used in Twig.
Also see #36391
Commits
-------
55664c5a17 Remove return type for Twig function workflow_metadata()
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Add InputBag
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| License | MIT
When ppl read a request attribute, they never check if an array is returned
This means many apps just fail with a 500 when adding `[]` in the query string.
This PR turns them to 400 basically (with a deprecation for now)
Commits
-------
0a2ef70c04 [HttpFoundation] add InputBag
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mailer][Messenger] add return statement for MessageHandler
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
By returning the result of the transporter in `MessageHandler` we can get hold of `SentMessage` from `HandledStamp::getResult()`.
![image](https://user-images.githubusercontent.com/4582866/79046122-3bed9100-7c0f-11ea-878f-65a6eb610758.png)
Commits
-------
7854cb488e [Mailer][Messenger] add return statement for MessageHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] RepeatedType should always have inner types mapped
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Doc PR| https://github.com/symfony/symfony-docs/pull/13519 |
| Tickets | Fix#36410
| License | MIT
Always set mapped=true to override inner type mapped setting.
Throw an exception if inner types of RepeatedType has mapped=false
Commits
-------
728cd66a13 RepeatedType should always have inner types mapped
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Deprecated unused old `ServerParams` util
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | ~
| License | MIT
| Doc PR | ~
A left over after https://github.com/symfony/symfony/pull/11924#issuecomment-56511557, this class is unused since Symfony 2.3 ^^'. I've noticed it before but never took the time to submit a PR because this is very minor IMHO. But since this deprecation should not impact anyone, let's keep the codebase clean and remove it in 6.0.
Commits
-------
e05e924c5a [Form] Deprecated unused old `ServerParams` util
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Console] cursor tweaks
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Refs #27444
| License | MIT
| Doc PR | n/a
While playing with the new cursor class, I realized that I would like to make some changes. Mainly having a fluent interface: `$cursor->moveUp(10)->clearOutput()` for instance.
I have also separater the `clearLine()` method in two method to avoid the bool arg.
/cc @pierredup
Commits
-------
5a7b3146f5 Make the Cursor class final
b0e7eb66e0 Make Cursor fluent
55fef914cc Split a method
d00b5b5e08 Remove default value
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier][Slack] Send messages using Incoming Webhooks
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
> Legacy tokens are a deprecated method of generating tokens for testing and development.
As tokens will became deprecated on May 5th, 2020 we should use Incoming Webhooks app for using this bundle.
**Usage:**
_`slack://hooks.slack.com/services/xxx/xxx/xxx`_
Commits
-------
4b0807bd1a [Notifier] Tweak Slack support
e242cc35e9 Git rebase form master
* 5.0:
[travis] fix CI (ter)
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
Force ping after transport Exception
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
* 4.4:
[travis] fix CI (ter)
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
Force ping after transport Exception
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
* 3.4:
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fixed default group for nested composite constraints
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33986
| License | MIT
| Doc PR | ~
Take a breath: when composite constraints are nested in a parent composite constraint without having non composite nested constraints (i.e empty), then the default group is not added, making the validator failing to validate in any group (including default), because there is no group at all, which should never happen.
Commits
-------
117ee34698 [Validator] Fixed default group for nested composite constraints
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36419
| License | MIT
| Doc PR | -
Commits
-------
a5b884cd94 [HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
This PR was merged into the 4.4 branch.
Discussion
----------
Force ping after transport exception
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36301
| License | MIT
| Doc PR |
SMTP transport fails for long running processes after tranport exception, if stream is closed all messages will throw a transport exception until $lastMessageTime exceds $pingThreshold.
With this PR, after transport expception the transport will ping the server to check if the connection is still alive.
Commits
-------
7ccbef62f6 Force ping after transport Exception
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] do not merge constraints within interfaces
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#22538
| License | MIT
| Doc PR |
This fix disables merge constraints within interfaces.
There is no reason to merge constraints from one interface to another because each class merges the constraints of all its interfaces. Only one check is needed is to eliminate all interfaces that comes from parent class to avoid duplication.
Commits
-------
67f336b808 do not merge constraints within interfaces
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Removed legacy check in `ValidationListener`
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
A left over of #13198, should have been removed in 3.0. The tests don't use `null` anymore, no update needed here, this is just about removing dead code.
Commits
-------
e479e51f7c [Form] Removed legacy check in `ValidationListener`
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Serializer] UnwrappingDenormalizer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
UnwrappingDenormalizer, registered with very high priority. Unwrapping the data if UNWRAP_PATH is provided.
Very often some APIs give nested responses in which we need only the child object. With UnwrappingDenormalizer we can get the needed object without creating unnecessary Model class that we don't really need.
Regarding to https://github.com/symfony/symfony/pull/28887 and https://github.com/symfony/symfony/pull/30894
Usage:
`$serialiser->deserialize('{"baz": {"foo": "bar", "inner": {"title": "value", "numbers": [5,3]}}}', Object::class, ['UnwrappingDenormalizer::UNWRAP_PATH' => '[baz][inner]'])`
Commits
-------
00d103d5f7 UnwrappingDenormalizer
This PR was merged into the 5.1-dev branch.
Discussion
----------
[ErrorHandler] Remove trigger_deprecation frame from trace
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This accounts for the new `trigger_deprecation` function from [symfony/deprecation-contracts](https://github.com/symfony/deprecation-contracts).
Replaces #36329
Commits
-------
d4eb4a4bd7 [ErrorHandler] Remove trigger_deprecation frame from trace (add tests)
c293aee9ab [ErrorHandler] Remove trigger_deprecation frame from trace
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] deprecate the `inline()` function from the PHP-DSL in favor of `service()`
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
In the PHP-DSL, the `inline()` function helps declaring ... inline services.
I'm proposing to rename it to `service()`, for consistency with yaml tags. All other helpers but this one have the same name as the yaml tag.
Let's do this while "nobody" uses this format yet :)
Commits
-------
647d971ae4 [DI] deprecate the `inline()` function from the PHP-DSL in favor of `service()`
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] allow decorators to reference their decorated service using the special `.inner` id
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, when one wants to decorate a service, one needs to reference the decorated service using `foo.inner`, where `foo` is the id of the decorating service.
There are two issues with this IMHO:
- it's weird to have to repeat the name of declaring service inside of it;
- it doesn't play well with child definitions.
In this PR, I propose to use `.inner` to fix both issues.
Before:
```yaml
services:
decorating_service:
arguments: [@decorating_service.inner]
decorates: decorated_service
```
After:
```yaml
services:
decorating_service:
arguments: [@.inner]
decorates: decorated_service
```
Commits
-------
7b6f767fbe [DI] allow decorators to reference their decorated service using the special `.inner` id
* 5.0:
[appveyor] bump cache
[Twig][Mime] Removed extra quotes in missing package exception message
[DI] µfix
Allowing empty secrets to be set
[DI] add missing property declarations in InlineServiceConfigurator
[DI] fix detecting short service syntax in yaml
Supress error from fread when reading a unix pipe
[HttpClient] Fix scoped client without query option configuration
[Workflow] Use a strict comparison when retrieving raw marking in MarkingStore
[Workflow] Use a strict comparison when retrieving raw markin in MarkingStore
* 4.4:
[appveyor] bump cache
[Twig][Mime] Removed extra quotes in missing package exception message
[DI] µfix
Allowing empty secrets to be set
[DI] add missing property declarations in InlineServiceConfigurator
[DI] fix detecting short service syntax in yaml
Supress error from fread when reading a unix pipe
[HttpClient] Fix scoped client without query option configuration
[Workflow] Use a strict comparison when retrieving raw marking in MarkingStore
[Workflow] Use a strict comparison when retrieving raw markin in MarkingStore
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Fix scoped client without query option configuration
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
The `query` key default value is an [empty array](https://github.com/symfony/symfony/blob/v4.4.7/src/Symfony/Component/Config/Definition/PrototypedArrayNode.php#L30) and because of that it is always set. Processing a configuration for a scoped HTTP client (which has a `scope` and does not have a `base_uri`) results in the configuration being invalid. The error message says that query parameters cannot be aplied to the base URI since it is not defined (which doesn't make sense since the query parameters don't exist because they are empty).
Commits
-------
a07578dba3 [HttpClient] Fix scoped client without query option configuration
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] fix detecting short service syntax in yaml
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
We do allow interfaces/classes as keys in arguments, yet the short syntax fails to know about those.
This fixes it, allowing one to use:
```
services:
App\Foo:
App\BarInterface: '@App\BarClass'
```
As a reminder, by-name is also allowed:
```
services:
App\Foo: {
$bar: '@App\BarClass'
}
```
Commits
-------
bf17165fb1 [DI] fix detecting short service syntax in yaml
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] add missing property declarations in InlineServiceConfigurator
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
These are accessed by the traits used by the class.
Commits
-------
a6a4442cd9 [DI] add missing property declarations in InlineServiceConfigurator
This PR was merged into the 4.4 branch.
Discussion
----------
Allowing empty secrets to be set
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR | Not needed
Setting secrets to an empty string is a valid value - you can already do this by consuming from an empty file or `stdin` with no input. But it's *not* currently possible to use the interactive prompt to set a secret to an empty string. This fixes that.
Commits
-------
c9bf0c8683 Allowing empty secrets to be set
This PR was merged into the 4.4 branch.
Discussion
----------
[Process] Fixed input/output error on PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34945
| License | MIT
| Doc PR |
This PR aims to fix the error from #34945, but i'm unsure if this is the best solution. The issue is that on PHP 7.4 the input/output error may come up.
php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.fread-fwrite
> fread() and fwrite() will now return FALSE if the operation failed. Previously an empty string or 0 was returned. EAGAIN/EWOULDBLOCK are not considered failures. These functions now also raise a notice on failure, such as when trying to write to a read only file resource.
Commits
-------
b98abde65a Supress error from fread when reading a unix pipe
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
Update Connection.php
Get `region` from `host` to prevent error "Credential should be scoped to a valid region, not '...'" and make it easier to setup DSN
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4, 4.4 or 5.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
af6804828b Update Connection.php
This PR was merged into the 5.1-dev branch.
Discussion
----------
[OptionsResolver] Improve the deprecation feature by handling package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? |no
| New feature? | yes
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR | TODO
Commits
-------
c3f5e2c1c8 [OptionsResolver] Improve the deprecation feature by handling package + version
* 5.0:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[HttpKernel][FrameworkBundle] fix compat with Debug component
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
Track session usage when setting the token
[4.4][MonologBridge] Fix $level type
[5.0][MonologBridge] Fix $level type
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
[Security][Http][SwitchUserListener] Ignore all non existent username protection errors
Add installation and minimal example to README
* 4.4:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[HttpKernel][FrameworkBundle] fix compat with Debug component
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
Track session usage when setting the token
[4.4][MonologBridge] Fix $level type
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
[Security][Http][SwitchUserListener] Ignore all non existent username protection errors
Add installation and minimal example to README
* 3.4:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36079
| License | MIT
| Doc PR | -
Check the related tickets that have a very descriptive example.
If the property is singular, we should prioritize non array mutator prefixes and do the opposite for plural property. It relies on some guessing but it actually fixes real world scenarios.
Commits
-------
b4df2b9dff [PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[PropertyAccess] Improve message of unitialized property in php 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36277
| License | MIT
Improve message of unitialized property in php 7.4 ;
Before
You should either initialize it or make it nullable using "?string" instead.
After
You should either initialize it or make it nullable using "?string $var = null" instead.
Commits
-------
3c8bf2d29d [PropertyAccess] Improve message of unitialized property in php 7.4
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Add support for all core response http control directives
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35720
| License | MIT
| Doc PR | N/A
Add support for all core cache-control directives
see : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
Commits
-------
011cd38974 [HttpFoundation] Add support for all core http control directives
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Fixed session migration with custom cookie lifetime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28577
| License | MIT
| Doc PR |
This PR adds the fix proposed in https://github.com/symfony/symfony/issues/28577#issuecomment-578052397
Commits
-------
3e824de385 [HttpFoundation] Fixed session migration with custom cookie lifetime
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] allow cache warmers to add to the list of preloaded classes and files
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
This PR makes cache warmers responsible for returning a list of classes or files to preload. It does so by adding the following to `WarmableInterface::warmUp()`:
`@return string[] A list of classes or files to preload on PHP 7.4+`
Of course, this return value is properly implemented so that we can see what this provides in practice. Here are the benchmarks on a simple Hello World rendered with Twig:
- without preloading: 360 req/s
- with preloading in master: 560 req/s (+55%)
- with preloading and this PR: 630 req/s (+75%)
Commits
-------
8ab75d99d4 [HttpKernel] allow cache warmers to add to the list of preloaded classes and files
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mime] strengthen is_resource() checks
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Improves seekable checks by using
`stream_get_meta_data($h)['seekable'] && 0 === fseek($h, 0, SEEK_CUR)`
instead of just
`stream_get_meta_data($h)['seekable']`
which is better when using userland stream wrappers.
Commits
-------
be9c675710 [Mime] strengthen is_resource() checks
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] Refactor logout listener to dispatch an event instead
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes (sort of...)
| New feature? | yes
| Deprecations? | yes
| Tickets | Fix#25212, Fix#22473
| License | MIT
| Doc PR | tbd
The current `LogoutListener` has some extension points, but they are not really DX-friendly (ref #25212). It requires hacking a `addMethodCall('addHandler')` in the container builder to register a custom logout handler.
Also, it is impossible to overwrite the default logout functionality from a bundle (ref #22473).
This PR introduces a `LogoutEvent` that replaces both the `LogoutSuccessHandlerInterface` and `LogoutHandlerInterface`. This provides a DX-friendly extension point and also cleans up the authentication factories (no more `addMethodCall()`'s).
In order to allow different logout handlers for different firewalls, I created a specific event dispatcher for each firewall (as also shortly discussed in #33558). The `dispatcher` tag attribute allows you to specify which dispatcher it should be registered to (defaulting to the global dispatcher). The `EventBubblingLogoutListener` also dispatches logout events on the global dispatcher, to be used for listeners that should run on all firewalls.
_@weaverryan and I discussed this feature while working on #33558, but figured it was unrelated and could be done while preservering BC. So that's why a separate PR is created._
Commits
-------
a9f096eb1f [Security] Refactor logout listener to dispatch an event instead
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Add installation and minimal example to README
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#13431
Similair to what I did in #35552, this PR updates the README of the Routing component to include a minimal example and installation command.
Commits
-------
be6612060c Add installation and minimal example to README
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
If a `style-src-elem` or `script-src-elem` Content Security Policy exist, the WebProfiler Styles or Scripts will be rejected as the nonce is missing.
Commits
-------
7f33f1fa3a Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add a \Throwable argument in RetryStrategyInterface methods
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36182
| License | MIT
This allows to define new retry strategies based on the exceptions thrown during the last handling.
Commits
-------
5fa9d68e8b [Messenger] Add a \Throwable argument in RetryStrategyInterface methods
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] No need to reconnect the bags to the session after session_regenerate_id
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Bug https://bugs.php.net/70013 was fixed before the release of PHP v7.0
https://3v4l.org/A8YmY
Related to https://github.com/symfony/symfony/pull/15243
Commits
-------
923c24f438 No need to reconnect the bags to the session
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Track session usage whenever a new token is set
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36208
| License | MIT
| Doc PR | -
When using `anonymous: lazy`, the programatic login using the guard handler is broken. As the `setToken()` does not track usage, the index remains equal.
I tried fixing this more properly in e.g. the `SessionStrategy::onAuthentication` class, but I couldn't get it working (as `$request->hasPreviousSession()` returns false, the session strategy isn't called). `setToken()` can also not be made usage tracking afaics, because it would directly break (`setToken(null)` is called in `ContextListener`).
The current fix does however look really ugly, but I can't find anything better with my minor knowledge of this session usage tracking feature. I'm open for all ideas :)
Commits
-------
8d96dbd08b Track session usage when setting the token
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/35574https://github.com/doctrine/orm/issues/8030
| License | MIT
| Doc PR | N/A
This bug only happens on the following conditions:
- A Doctrine entity (`Book`) having a relation with another entity (`Author`) is used;
- The `Author` entity uses typed properties (PHP 7.4) not initialized;
- The `Serializer` is used with the `Book` in the `OBJECT_TO_POPULATE` key in the context.
For instance:
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Book
{
/**
* @ORM\ManyToOne(targetEntity="Author")
*/
public Author $author;
public ?string $isbn;
}
```
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Author
{
public ?string $name;
}
```
Or even:
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Author
{
private string $name;
public function __construct()
{
$this->name = 'Leo';
}
}
```
If the following is done (it's the case for instance in API Platform when a `PUT` is made):
```php
$serializer->deserialize('{"isbn":"2038717141"}', Book::class, 'json', ['object_to_populate' => $book]);
```
Then there will be the following error:
> Fatal error: Typed property Proxies\__CG__\App\Entity\Author::$ must not be accessed before initialization (in __sleep)
It's because of these lines in the `getCacheKey` method of the `AbstractObjectNormalizer`:
5da141b8d0/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L405-L409)
Since the lazy proxyfied relation has a `__sleep` with unitialized properties, the `serialize` method will throw (since https://bugs.php.net/bug.php?id=79002: 846b647953).
I propose to fix this issue by unsetting the `OBJECT_TO_POPULATE` key in the context because I don't think it's useful for determining the attributes of the object.
For the next versions of Symfony, the fix should probably be elsewhere, in the default context.
For instance in Symfony 4.4, instead of:
15edfd39d4/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L118)
It should be:
```php
$this->defaultContext[self::EXCLUDE_FROM_CACHE_KEY] = [self::CIRCULAR_REFERENCE_LIMIT_COUNTERS, self::OBJECT_TO_POPULATE];
```
But I'm not sure how it should be merged (another PR maybe?).
Commits
-------
1fafff7c10 [Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing Ukrainian and Russian translations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
Commits
-------
d43ef4ec92 [Validator] Add missing Ukrainian and Russian translations
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Config] Improve the deprecation features by handling package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | https://github.com/orgs/symfony/projects/1#card-32681032
| License | MIT
| Doc PR | TODO
Commits
-------
f4de76dba0 [Config] Improve the deprecation features by handling package and version
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DependencyInjection] Fix alias deprecations with package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Firstly, this PR fixes the alias dump by the XmlDumper to be consistent with stof comment in the inital PR (the message is the node content) - it is the case for deprecated services. Otherwise, we need to add the "message" attribute in the XSD.
Secondly, it fixes the arguments when the deprecation is actually triggered as well as two related tests.
Commits
-------
5ee5654171 [DependencyInjection] Fix alias deprecations with package and version
* 5.0:
Fix wrong namespaces
Fix wrong namespaces
Fix the reporting of deprecations in twig:lint
forward multiple attributes voting flag
bumped Symfony version to 5.0.8
updated VERSION for 5.0.7
updated CHANGELOG for 5.0.7
bumped Symfony version to 4.4.8
updated VERSION for 4.4.7
updated CHANGELOG for 4.4.7
[Validator] Fixed calling getters before resolving groups
[HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing
* 4.4:
Fix wrong namespaces
Fix wrong namespaces
Fix the reporting of deprecations in twig:lint
forward multiple attributes voting flag
bumped Symfony version to 4.4.8
updated VERSION for 4.4.7
updated CHANGELOG for 4.4.7
[Validator] Fixed calling getters before resolving groups
[HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing