This PR was squashed before being merged into the 3.4 branch (closes#27903).
Discussion
----------
[Lock] fix lock file permissions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | see discussion below
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
See [this comment](https://github.com/symfony/symfony/pull/27668#issuecomment-403392924). Since we are using `r+` now to fix an issue on Solaris, we also need to change the file permissions when the lock file is created for the first time. Otherwise
```php
fopen($fileName, 'r+')
```
will fail due to the file permissions and while
```php
fopen($fileName, 'r')
```
will work, the subsequent locking will again fail on Solaris.
Changing the file permissions to `0666` fixes this issue. __However__ any lock file that was generated _prior_ to this change will still cause issues and would need to be manually deleted. Usually the default `sys_get_temp_dir()` location is used for the lock files and _usually_ these files are purged periodically, so it probably won't matter that much. But it still might cause some confusion since it will not be transparent, why the file lock failed on Solaris systems.
Commits
-------
23481a112e [Lock] fix lock file permissions
This PR was squashed before being merged into the 3.4 branch (closes#27886).
Discussion
----------
[Form] Removed .form-control-label class.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
There is no such a class neither in [bootstrap 4.0](https://getbootstrap.com/docs/4.0/components/forms/#form-controls) nor in [bootstrap 4.1](https://getbootstrap.com/docs/4.1/components/forms/#form-controls).
Commits
-------
cb3e712698 [Form] Removed .form-control-label class.
This PR was merged into the 3.4 branch.
Discussion
----------
Fix the detection of the Process new argument
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This fixes the detection of the new method signature when triggering the deprecation warning. The new `$env` parameter is the second argument, not the first one.
Commits
-------
57e95f3f9a Fix the detection of the Process new argument
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] don't encode cookie name for BC
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As reported by @Seldaek in https://github.com/symfony/symfony/pull/25348#issuecomment-401696990
Commits
-------
d28949b846 [HttpFoundation] don't encode cookie name for BC
This PR was squashed before being merged into the 3.4 branch (closes#27435).
Discussion
----------
[OptionResolver] resolve arrays
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Option resolver didn't work with nested arrays
Before:
$resolver->setDefaults([
'integer' => [
[
12,
23,
],
],
]);
$resolver->setAllowedTypes('integer', 'integer[][]');
Error
The option "host" with value array is expected to be of type "integer[][]", but is of type "integer[][]".
Option expetcted type `integer[][]` but get... `integer[][]`. So strange
Now that case work correct, and we get
array (size=1)
'integer' =>
array (size=1)
0 =>
array (size=2)
0 => int 12
1 => int 23
Commits
-------
6d4812e995 [OptionResolver] resolve arrays
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Console] changed warning verbosity; fixes typo
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes*
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* Tests pass, but I do not have an installation of MacOS to run tests on. Tests should be unaffected (the test is simply [skipped on MacOS](https://github.com/symfony/console/blob/master/Tests/Command/CommandTest.php#L345)).
When a Console Command fails to change the process title on MacOS, a warning is issued to output. This warning is relevant to developers of Console applications, but to end users is largely meaningless and potentially confusing.
This PR changes the verbosity of the warning to "very verbose" so it does not interrupt normal usage.
I've also fixed a typo in the message ("get" vs. "set").
Commits
-------
86c771a changed warning verbosity; fixes typo
* 2.8:
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
[HttpFoundation] add tests for FlashBagInterface::setAll()
Check for Hyper terminal on all operating systems.
Prevent toolbar links color override by css
This PR was merged into the 2.8 branch.
Discussion
----------
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
It's allowed by `setValue`, it works, and it makes sense for `<select multiple>` fields.
Commits
-------
154ce9c170 [DomCrawler] Fix ChoiceFormField::select() PHPDoc
This PR was squashed before being merged into the 2.8 branch (closes#27836).
Discussion
----------
[HttpFoundation] add tests for FlashBagInterface::setAll()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Adding documentation for the `FlashBagInterface::setAll()` function
Commits
-------
af96475e2a [HttpFoundation] add tests for FlashBagInterface::setAll()
* 2.8:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] added handling of nullable types in PhpDoc
While not specified in PSR-5, PhpDocumentor does support parsing nullable types in the PHP 7.1 syntax (i.e. `?string`), and returns those in a `Nullable` wrapper type. We currently don't handle this and neither throw an error, which results in all kind of weird breakage when this syntax is used (e.g. "class string|int not found").
Correctly parse this syntax into a nullable type.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
38b369be3f [PropertyInfo] added handling of nullable types in PhpDoc
While not specified in PSR-5, PhpDocumentor does support parsing
nullable types in the PHP 7.1 syntax (i.e. ?string), and returns those
in a Nullable wrapper. We currently don't handle this and neither throw
an error, which results in all kind of weird breakage when this syntax
is used (e.g. "class string|int not found").
Correctly parse this syntax into a nullable type.
This PR was squashed before being merged into the 3.4 branch (closes#27659).
Discussion
----------
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
#26157 started to send a new cookie in `AbstractTestSessionListener`, but is incompatible with `CookieClearingLogoutHandler` as it overrides its `Set-Cookie` by setting a new cookie (breaking my test that checked to see that the cookie was removed after a log out).
Commits
-------
f54d96926a [HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
This PR was squashed before being merged into the 3.4 branch (closes#27752).
Discussion
----------
[Cache] provider does not respect option maxIdLength with versioning enabled
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27746
| License | MIT
| Doc PR |
Component symfony/cache generates cache item ID longer then maxIdLength when versioning is enabled
Commits
-------
ba8b63b195 [Cache] provider does not respect option maxIdLength with versioning enabled
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Fix SemaphoreStoreTest on OS X
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | https://github.com/symfony/symfony/pull/27755#pullrequestreview-132772372 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
As spotted in https://github.com/symfony/symfony/pull/27755#pullrequestreview-132772372, for OS X.
If other OS X users could give it a try (`/phpunit src/Symfony/Component/Lock/ --filter=SemaphoreStoreTest`), that would be awesome.
Commits
-------
9055611dc3 [Lock] Fix SemaphoreStoreTest on OS X
* 2.8:
[HttpFoundation] update phpdoc of FlashBagInterface::add()
bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas)
[Validator] Fix the namespace of RegexTest
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] fix locale dependent test case
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Right now, I get a failure with `Exception: Failed to extract list of opend semaphores. Expect a Semaphore status, got ------ États des sémaphores --------` :)
Commits
-------
e665da0c9a [Lock] fix locale dependent test case
This PR was squashed before being merged into the 2.8 branch (closes#27765).
Discussion
----------
[HttpFoundation] update phpdoc of FlashBagInterface::add()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
**Reason why I propose to change the docblock like this: **
The `FlashBagInterface::add()` function does not work only with the `string` type in second parameter
Commits
-------
9135e18ded [HttpFoundation] update phpdoc of FlashBagInterface::add()
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] fix session tracking counter
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
As just discussed with @nicolas-grekas I found this issue today while upgrading my app to 3.4.12. Somehow its not possible anymore to set caching headers correctly since this commit: 146e01cb44 (diff-5350dc763df30ada9d00563c115f6652)
Commits
-------
89ed756462 failing test to reproduce session problem
26fc4e683f [HttpFoundation] fix session tracking counter
* 2.8:
[DI] fix dumping deprecated service in yaml
bumped Symfony version to 2.8.43
updated VERSION for 2.8.42
update CONTRIBUTORS for 2.8.42
updated CHANGELOG for 2.8.42
* 2.8:
Add note about changed form processing when using PUT requests
The debug class loader is always loaded by Debug::enable().
[Intl] Update ICU data to 62.1
This PR was merged into the 2.8 branch.
Discussion
----------
[Intl] Update ICU data to 62.1
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | -
| License | MIT
| Doc PR | -
It's this time of the year again to update ICU data. http://site.icu-project.org/download/62
Not many actual changes this time. Few new scripts added and some metadata for the VEF currency.
Commits
-------
5f2e6c2f12 [Intl] Update ICU data to 62.1
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Cleanup unused service_subscriber.locator tag
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Cleanup internal DI tag `container.service_subscriber.locator` so it's _not_ reported as unused tag, i.e.:
```
Tag "container.service_subscriber.locator" was defined on service(s) "App\Controller\MainController", "translation.warmer", "router.cache_warmer", "twig.cache_warmer", "twig.template_cache_warmer",
but was never used. Did you mean "container.service_subscriber", "container.service_locator"?
```
Commits
-------
8e060fa45d [DI] Cleanup unused service_subscriber.locator tag
This PR was merged into the 2.8 branch.
Discussion
----------
[Serializer] Updates DocBlock to a mixed param type
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | Yes
| New feature? | No
| BC breaks? | No
| Deprecations? | Non added.
| Tests pass? | Yes , no new tests added.
| Fixed tickets | #27457
| License | MIT
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
The JSON serializers make use of the JsonSerializable interface and return arrays to the NormalizerInterface. This PR updates the DocBlock to reflect that.
Moving towards PHP 7.2 and the use of object type-hints would require changes to the [JsonSerializableNormalizer@L41](92c37b9711/src/Symfony/Component/Serializer/Normalizer/JsonSerializableNormalizer.php (L41)) at a minimum.
Truly not much of a PR I'm afraid!
Commits
-------
dca9ff529a [Serializer] Updates DocBlock to a mixed param type
This PR was squashed before being merged into the 3.4 branch (closes#27668).
Discussion
----------
[Lock] use 'r+' for fopen (fixes issue on Solaris)
| Q | A
| ------------- | ---
| Branch? | 3.4 (also applicable to _LockHandler_ in 2.8 and 3.3)
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes [1]
| Fixed tickets | -
| License | MIT
| Doc PR | -
We discovered a curious case on a specific hosting environment: the `FlockStorage` (or `LockHandler` in previous Symfony versions) could never get a file lock on **existing files**. So if you run a script for the first time and the lock file did not exist yet, the `FlockStorage` could get a lock on that file just fine. However on the second and subsequent runs, `FlockStorage` could _never_ get a file lock anymore. You can follow the discussion [here](https://github.com/contao/core-bundle/issues/1551) (if you speak German).
We have been using this little script to confirm the issue on the hosting environment:
```php
$fileName = __DIR__ . '/file.lock';
if (!$handle = @fopen($fileName, 'r')) {
$handle = fopen($fileName, 'x');
}
if (!$handle) {
echo "Could not open $fileName\n";
exit;
}
if (flock($handle, LOCK_EX | LOCK_NB)) {
echo "Got a lock on $fileName\n";
flock($handle, LOCK_UN | LOCK_NB);
} else {
echo "Could not get a lock on $fileName\n";
}
```
Whenever `file.lock` already existed prior to running the script, a lock could not be made.
After contacting the hosting provider's support on this they confirmed the issue and told us they are using **Solaris** instead of a Linux environment. And this is supposedly why it does not work. Instead you have to use `'r+'` instead of `'r'` for `fopen`.
I was able to confirm that changing from `'r'` to `'r+'` fixes the issue. However I am wondering who's actually at fault here. Is it Solaris? PHP? The compiled PHP version under Solaris? The hosting provider's operating system configuration?
### System information
```
uname -a
SunOS vlek 5.11 11.3 i86pc i386 i86pc Solaris
```
```
phpinfo:
SunOS localhost 5.10 Generic_150401-49 i86pc
```
```
php -v
PHP 7.2.5 (cli) (built: May 4 2018 12:57:43) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
```
### Footnotes
[1] Previously one failed test on the first run and two failing tests on the second run with the proposed changes:
```
1) Symfony\Component\Lock\Tests\Store\FlockStoreTest::testSaveSanitizeName
Symfony\Component\Lock\Exception\LockStorageException: fopen(C:\Users\[…]\AppData\Local\Temp/sf.-php-echo-hello-word-.Sz2dDSf.lock)
: failed to open stream: Permission denied
```
```
2) Symfony\Component\Lock\Tests\Store\FlockStoreTest::testSaveWithDifferentKeysOnSameResources
Symfony\Component\Lock\Exception\LockStorageException: fopen(C:\Users\[…]\AppData\Local\Temp/sf.Symfony-Component-Lock-Tests-Store-
AbstractStoreTest-testSaveWithDifferentKeysOnSameResources5b2b5f00872538.64807920.2u9bH+a.lock): failed to open stream: Permission denied
```
The latter failed both on the first run and on the second run.
After the [proposed changes](https://github.com/symfony/symfony/pull/27668#discussion_r197054198) from @nicolas-grekas everything works fine 👍
Commits
-------
9c9ae7d9c9 [Lock] use 'r+' for fopen (fixes issue on Solaris)
* 2.8:
[HttpKernel] fix test compat with PHP 5.3
fix file lock on SunOS
change `evaluate()` docblock return type from string to mixed
Set serialize_precision explicitly to avoid fancy float rounding
This PR was merged into the 2.8 branch.
Discussion
----------
Set serialize_precision explicitly to avoid fancy float rounding
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | -
This is fixing some of the test failures I was seeing locally due to increased `serialize_precision` INI setting:
```
2) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testConstructorWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
/www/symfony/symfony/src/Symfony/Component/HttpFoundation/Tests/JsonResponseTest.php:46
3) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testStaticCreateWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
```
The test assertions should not depend on externally configured PHP configuration.
Also default value for this option was changed multiple times: http://php.net/manual/en/ini.core.php#ini.serialize-precision
For compatibility reasons (with PHP <7.x) `-1` can't be used.
https://3v4l.org/HBNsT
HHVM doesn't seem to support this though, how to handle this?
Commits
-------
b5ee7c3ccd Set serialize_precision explicitly to avoid fancy float rounding
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Fixing GlobResource when inside phar archive
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes if old broken behavior counts as stable
| Deprecations? | no
| Tests pass? | no tests yet
| Fixed tickets |
| License | MIT
| Doc PR | N/A
When packaging an Sf4 application as a PHAR archive using globs at various locations (`Kernel`, `services.yaml`) most glob files are not found because the `glob()` PHP method [does not support PHAR streams](https://stackoverflow.com/questions/8203188/unexpected-problems-with-php-phar).
Using the regex fallback instead when operating inside PHAR archives fixes the behavior for me.
## Examples:
`src/Kernel.php::configureContainer()`:
```php
$loader->load($confDir.'/{services}'.self::CONFIG_EXTS, 'glob');
```
Expected behavior: `config/services.yaml` inside PHAR archive is found and parsed
Actual behavior: the file will not be loaded
`config/services.yaml` (hard-coded in Kernel without using glob pattern)
```yaml
App\:
resource: '../src/*'
exclude: '../src/{Entity,Migrations,Tests,Kernel.php}'
```
Expected behavior: service classes in `src/` will be found and auto-wired
Actual behavior: services are not auto-wired because the class files are not found
Commits
-------
e336ebeecf Fixing GlobResource when inside phar archive
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fix Memcached tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Clearing a memcached pool works only when versioning is enabled. Dunno why this has not be caught before, but it's making tests fail now.
Commits
-------
09ec9e7cce [Cache] fix Memcached tests
* 2.8:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[Validator] Remove BOM in some xlf files
When packaging an Sf4 application as a PHAR archive using globs at various locations (`Kernel`, `services.yaml`) most glob files are not found because the `glob()` PHP method [does not support PHAR streams](https://stackoverflow.com/questions/8203188/unexpected-problems-with-php-phar).
Using the regex fallback instead when operating inside PHAR archives fixes the behavior for me.
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fix error when rendering a DateIntervalType form with exactly 0 weeks
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27378
| License | MIT
Fixes the issue described in #27378
Commits
-------
dae704ad2fFix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] fix session tracking in surrogate master requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted while looking at ESI fragments resolved by`HttpCache`: right now when the master request starts the session, fragments are not cacheable anymore, even when they do not use the session.
Commits
-------
146e01cb44 [HttpKernel] fix session tracking in surrogate master requests
This PR was submitted for the master branch but it was squashed and merged into the 2.8 branch instead (closes#27508).
Discussion
----------
[Finder] Update RealIteratorTestCase
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27480
| License | MIT
| Doc PR | n/a
Makes the entire test directory empty instead of trying to delete particular files and directories. The old method failed when trying to remove a directory which was not empty.
Commits
-------
7d0ebd41ab [Finder] Update RealIteratorTestCase
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Properties added on child classes of `ArrayObject` and `ArrayIterator`, or dynamic properties added on instances of them were now properly dumped. This fixes it.
Commits
-------
3ecabfc36e [VarDumper] Fix dumping ArrayObject and ArrayIterator instances
This PR was squashed before being merged into the 3.4 branch (closes#27556).
Discussion
----------
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is the sister PR to #27452, which covered all the other authentication listeners.
Commits
-------
c06f3229de Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
This PR was squashed before being merged into the 2.8 branch (closes#27452).
Discussion
----------
Avoid migration on stateless firewalls
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is a proof-of-concept. Once we agree / are happy, I need to add this to all of the other authentication mechanisms that recently got the session migration code & add tests.
Basically, this avoids migrating the session if the firewall is stateless. There were 2 options to do this:
A) Make the `SessionAuthenticationStrategy` aware of all stateless firewalls. **This is the current approach**
or
B) Make each individual authentication listener aware whether or not *its* firewall is stateless.
Commits
-------
cca73bb564 Avoid migration on stateless firewalls
This PR was squashed before being merged into the 3.4 branch (closes#27326).
Discussion
----------
[Serializer] deserialize from xml: Fix a collection that contains the only one element
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27279
| License | MIT
| Doc PR |
In xml when parent node (`restaurants`) contains several children nodes with the same tag (`restaurant`) it is clear that the children form a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
0 = {array} [2]
name = "Some restaurant name"
type = "Chinese"
1 = {array} [2]
name = "Another restaurant name"
type = "Italian"
```
Afterwards the object denormalizer has no problem to create a collection of restaurants.
But when there is only one child (`restaurant`) the decoded normalized array will not contain a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
name = "Some restaurant name"
type = "Chinese"
```
In this situation the object denormalizer threw unexpected exception. This PR modifies `AbstractObjectNormalizer` that is it will fill a collection containing the sole element properly.
Commits
-------
1f346f446d [Serializer] deserialize from xml: Fix a collection that contains the only one element
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Remove released semaphore
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27356
| License | MIT
| Doc PR | NA
This PR remove the semaphore with `sem_remove`. By removing without releasing the semaphore, all pending blocking acquiring will fail that's why the acquire method has also been update to handle such case
Commits
-------
77b9f90a32 Remove released semaphore
This PR was merged into the 3.4 branch.
Discussion
----------
TagAwareAdapter over non-binary memcached connections corrupts memcache
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #27405
| License | MIT
| Doc PR |
TagAwareAdapter uses non-ascii symbols in key names. It breaks memcached connections in non-binary mode.
Commits
-------
67d4e6dd29 bug #27405 [Cache] TagAwareAdapter should not corrupt memcached connection in ascii mode
Corrected return type which causes following error with (psalm)[https://getpsalm.org/]
```
ERROR: PossiblyInvalidArgument - src/Command/Utils/CheckVendorDependencies.php:170:62 - Argument 1 of iterator_to_array expects Traversable, possibly different type array<mixed, Symfony\Component\Finder\SplFileInfo>|Iterator provided $directories = array_map($closure, iterator_to_array($finder->getIterator()));
```
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Pass previous exception to FatalErrorException
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27483
| License | MIT
Add a previous parameter to FatalErrorException.
Call \ErrorException with this parameter.
Update parent::__constructor for inherited classes with default parameters and the new one
Commits
-------
7f9780b5df Pass previous exception to FatalErrorException
This PR was merged into the 3.4 branch.
Discussion
----------
Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27212
| License | MIT
| Doc PR | -
This reverts commit b213c5a758, reversing
changes made to 61af0e3a25.
This breaks BC and is more like a new feature, let's move this on master.
Commits
-------
c6acad719d Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
* 2.8:
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27259
| License | MIT
| Doc PR | no
Hello!
There is fix for #27259 issue. It changes priority of `AddConsoleCommandPass` to `TYPE_BEFORE_REMOVING` as @chalasr advised. I'm not sure about side effects by that.
Commits
-------
e36099503f [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
This PR was squashed before being merged into the 2.8 branch (closes#26973).
Discussion
----------
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | improvement
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ---
| License | MIT
| Doc PR | ---
SubRequest used in `InlineFragmentRendered` explicitly sets `$server['REMOTE_ADDR']` to `127.0.0.1`. Therefore, it's required to configure `127.0.0.1` address in TRUSTED_PROXIES environment variable. Without that, `Request::isFromTrustedProxy()` will return false.
The current behavior might be a little bit problematic, for instance, in case where images are rendered through subrequests. These might end-up with an incorrect schema in URL (`http` instead of `https`).
Commits
-------
18f55feef8 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
This PR was squashed before being merged into the 2.8 branch (closes#27303).
Discussion
----------
[Process] Consider "executable" suffixes first on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Executable finder should consider "executable" suffixes first on Windows because we basically ignore executability on Windows (on the lines below changed), which leads, for example, to finding usually-non-executable `phpunit` file first where both `phpunit` and `phpunit.bat` are present.
I may miss something here, so please tell me if this makes any sense.
Same change against master: #27301
Commits
-------
9372e7a813 [Process] Consider \"executable\" suffixes first on Windows
* 2.8:
Add code of Conduct links in our README
[DI] never inline lazy services
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
This PR was squashed before being merged into the 3.4 branch (closes#27344).
Discussion
----------
[HttpKernel] reset kernel start time on reboot
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27319
| License | MIT
| Doc PR | n/a
I created branch from 3.4, since the furthest thing I could find for the reboot feature was a4fc49294e and it originated during stabilization phase of 3.4.
ping @nicolas-grekas
Commits
-------
b7feef00ae [HttpKernel] reset kernel start time on reboot
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Update sl translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This patch updates Slovenian sl_SI translation for the 3.4 branches and up to master.
Commits
-------
a7a1325eab [Validator] Update sl translation
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] Check the value of enable_max_depth if defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Because it confuses some users that `['enable_max_depth' => false]` actually triggers the check.
Commits
-------
e88e0f30f1 [Serializer] Check the value of enable_max_depth if defined
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix bad exception on uninitialized references to non-shared services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27360
| License | MIT
| Doc PR | -
This restriction is unneeded complexity that prevents legit use cases (see linked issue #27360).
Commits
-------
8bba68f811 [DI] Fix bad exception on uninitialized references to non-shared services
* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
* 2.8:
do not mock the session in token storage tests
Add Occitan plural rule
Fix security/* cross-dependencies
Disallow illegal characters like "." in session.name
fix rounding from string
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] do file_exists() check instead of silent notice
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27234
| License | MIT
| Doc PR | -
Commits
-------
f8cde70ba1 [HttpKernel] do file_exists() check instead of silent notice
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Use strict type in URL validator
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Fixed tickets | -
| License | MIT
| Doc PR | -
Using `checkDNS` option with value `true` generate error `Warning: checkdnsrr(): Type '1' not supported`.
In SF 3.4 it was mark as depreciation and silently converted to `ANY` https://github.com/symfony/symfony/blob/v3.4.9/src/Symfony/Component/Validator/Constraints/UrlValidator.php#L79
~~Test are failing on `Symfony\Component\HttpKernel\Tests\ControllerMetadata\ArgumentMetadataFactoryTest::testSignature1` - I think its not related~~
Commits
-------
2400e71962 use strict compare in url validator
This PR was squashed before being merged into the 3.4 branch (closes#27267).
Discussion
----------
[DependencyInjection] resolve array env vars
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27239
| License | MIT
| Doc PR | n/a
## Why
This bugfix solves a problem where environment variables resolved as an array would cause an error while compiling the container if they aren't the last parameter in the ParameterBag: the next parameter to be resolved would fail at the `stripos()` check. More information about the bug is available at #27239
## Tests
- This PR modifies existing ContainerBuilder tests to make use of the EnvVarProcessor to resolve json strings into arrays, instead of relying upon a TestingEnvPlaceholderParameterBag class.
- I would liked to have kept EnvVarProcessor logic out of the ContainerBuilder tests, but it was the interaction between the ContainerBuilder and EnvVarProcessor that caused the bug
- This PR adds a new ContainerBuilder test to verify that an environment variable resolved into an array doesn't cause an error when the next variable attempts to be resolved
## Code
- ~This PR adds an `\is_string()` sanity check before the `stripos()` method call so that only a string are passed into `stripos()`~
- This PR also adds a `$completed` flag so that completely resolved environment variables (currently only determined by `$placeholder === $value`) can break out of the loop early (handled via `break 2;`
Commits
-------
4c3b950dc2 [DependencyInjection] resolve array env vars
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Skip test if posix extension is not installed
This isn't installed by default on Fedora
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
97cbea0 [Lock] Skip test if posix extension is not installed
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR |
Related issue https://github.com/symfony/symfony/issues/21026.
Previous PR https://github.com/symfony/symfony/pull/24036.
Similar fix for `transform()` method.
Commits
-------
f94b7aadd3 fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Allow defining bindings on ChildDefinition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted by @stof while trying to put https://github.com/symfony/monolog-bundle/pull/254 into practice.
Binding log channels doesn't work because we put this artificial restriction in place.
Let's allow ChildDefinition to have bindings (but only at the DI extension level, loaders still forbid defining them at their level because of the parent vs _defaults ambiguity.)
Commits
-------
1c3b1055df [DI] Allow defining bindings on ChildDefinition
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix dealing with self/parent in ArgumentMetadataFactory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Applies CS fixes that where merged on 4.0 to 3.4, embeds a fix in ArgumentMetadataFactory, which couldn't deal with self/parent type hints.
Commits
-------
ba5cb1a245 fixed CS
* 2.8:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
* 2.7:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Suppress warnings when open_basedir is non-empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a3 made it more likely that a warning is triggered.
Commits
-------
34f136e01b Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix populating error_get_last() for handled silent errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
d7e612d2ac [Debug] Fix populating error_get_last() for handled silent errors
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][Lock] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
7904784a94 [Cache][Lock] Fix usages of error_get_last()
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #27232 for 2.7.
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
9d015c7c50 [Filesystem] Fix usages of error_get_last()
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle][Cache] Fix misses calculation when calling getItems
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Hello,
This PR fixes a bug in the misses calculation in the cache data collector when calling the `getItems` method.
Found this while trying to understand why I had an inconsistency in the profiler:
Commits
-------
3d1ab6df13 Fix misses calculation when calling getItems
* 2.8:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.7:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a37cb7ed6199548dc70dc33168e6cb2d made it more likely that a warning is triggered.
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
d2c5813239 [Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
30970c7a9b [Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.8:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
* 2.7:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock][PhpDoc] There is no attempt to create the directory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When the lock component [was](https://github.com/symfony/symfony/pull/21093) [created](https://github.com/symfony/symfony/pull/22597), the `FlockStore` implementation was copied from the filesystem component. But the dependency to its origin was dropped, and as part of that, the attempt to create the parent directory for the locks. The PhpDoc wasn’t updated to reflect this change.
Commits
-------
93a9bd3 PhpDoc: There is no attempt to create the directory
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Catch HttpExceptions when templating is not installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #25844
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
- [x] Test manually
- [x] Check for BC breaks
- [x] Needs tests
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
4e527aa bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed that we have a race condition window when invalidating tags.
This PR fixes it by making `invalidateTags()` commit deferred items before actually invalidating tags on the back end. Deferred items are stored with the future version of the invalidated tags so that they can be fetched by concurrent processes and considered valid before and after the invalidation is committed.
Commits
-------
212c469 [Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Don't clean legacy containers that are still loaded
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27053
| License | MIT
| Doc PR | -
Commits
-------
be8dbc3 [HttpKernel] Don't clean legacy containers that are still loaded
* 2.8:
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
Fixed being logged out on failed attempt in guard
* 2.7:
[VarDumper] Remove decoration from actual output in tests
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
This PR was merged into the 2.8 branch.
Discussion
----------
[Security][Guard] GuardAuthenticationProvider::authenticate cannot return null
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26942
| License | MIT
Authenticate method in GuardAuthenticationProvider returned null when the token does not originate from any of the guard authenticators. This check was not done in the supports method. According to the interface authenticate cannot return null. This patch copies theguard authenticator checks to the supports method.
Commits
-------
9dff22c [Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Remove decoration from actual output in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes green again
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
AppVeyor has color support since #26910, that breaks the build.
Fixes it by removing decoration from tested DumpDataCollector CLI outputs, same as what's already done for HTML dumps
Commits
-------
c4daef9 [VarDumper] Remove decoration from actual output in tests
This PR was squashed before being merged into the 2.8 branch (closes#27003).
Discussion
----------
[PropertyInfo] Minor cleanup and perf improvement
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
4a8306e [PropertyInfo] Minor cleanup and perf improvement
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Fixed being logged out on failed attempt in guard
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25992
| License | MIT
| Doc PR | ~
This fixes the issue described in the ticket. After this fix, guard will no longer "forget" your authentication when your next attempt fails.
Commits
-------
4fc0ecbf90 Fixed being logged out on failed attempt in guard
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Send cookies using header() to fix "SameSite" ones
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25344
| License | MIT
| Doc PR | -
Commits
-------
73fec237da [HttpFoundation] Add functional tests for Response::sendHeaders()
e350ea000f [HttpFoundation] Send cookies using header() to fix "SameSite" ones
This PR was squashed before being merged into the 2.7 branch (closes#26910).
Discussion
----------
Use new PHP7.2 functions in hasColorSupport
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes bc break in #26609
Reference: https://github.com/composer/xdebug-handler/blob/master/src/Process.php#L111
Commits
-------
b0c92254a0 Use new PHP7.2 functions in hasColorSupport
This PR was squashed before being merged into the 2.7 branch (closes#26938).
Discussion
----------
[minor] SCA
| Q | A
| ------------- | ---
| Branch? | 2.7
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- Control flow tweaks
Commits
-------
877e678 [minor] SCA
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] Inline some hot function calls
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The Cache component is typically found in critical code paths, let's inline some calls.
I didn't change all calls but only those in potential hot paths.
Submitted against 3.4 to reduce future merge conflicts.
The PR also embeds edge-case behavior fixes for `ChainAdapter`.
Commits
-------
52b4bfc [Cache] Inline some hot function calls
* 2.8:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
* 2.7:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
This PR was merged into the 2.7 branch.
Discussion
----------
Don't assume that file binary exists on *nix OS
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Certain lightweight distributions such as Alpine Linux (popular for smaller Docker images) do not include it by default.
Commits
-------
e2c1f24fbd Don't assume that file binary exists on *nix OS
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix loading multiple class annotations for invokable classes
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
The support for full route definition for invokable controllers as class annotation was introduced by
https://github.com/symfony/symfony/pull/2172, but that works with one route only, which is inconsistent with how `@Route` works at other places. This PR adds support for multiple class annotations for invokable controllers and fixes the inconsistency.
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
2a9c668ad7 [Routing] Fix loading multiple class annotations for invokable classes
This PR was squashed before being merged into the 2.7 branch (closes#26643).
Discussion
----------
Fix that ESI/SSI processing can turn a "private" response "public"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Under the condition that
* we are merging in at least one *embedded* response,
* all *embedded* responses are `public`,
* the *main* response is `private` and
* all responses use expiration-based caching (note: no `s-maxage` on the *main* response)
... the resulting response will turn to `Cache-Control: public`.
The real issue is that when all responses use expiration-based caching, a combined max age is computed. This is set on the *main* response using `Response::setSharedMaxAge()`, which implicitly sets `Cache-Control: public`.
The fix provided in this PR solves the problem by applying the same logic to the *main* response that is applied for *embedded* responses, namely that responses with `!Response::isCacheable()` will make the resulting response have `Cache-Control: private, no-cache, must-revalidate` and have `(s)max-age` removed.
This makes the change easy to understand, but makes responses uncacheable too often. This is because the `Response::isCacheable()` method was written to determine whether it is safe for a shared cache to keep the response, which is not the case as soon as a `private` response is involved. This might be improved upon in another PR.
Commits
-------
3d27b5946d Fix that ESI/SSI processing can turn a \"private\" response \"public\"
* 2.8:
[Console] Don't go past exact matches when autocompleting
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
* 2.7:
[Console] Don't go past exact matches when autocompleting
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Dont create mock cookie for new sessions in tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26493
| License | MIT
| Doc PR | -
@romainneutron can you please check if this fixes your issue?
Commits
-------
86b850e [HttpKernel] Dont create mock cookie for new sessions in tests
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Don't go past exact matches when autocompleting
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21789
| License | MIT
| Doc PR | -
Commits
-------
adba79a [Console] Don't go past exact matches when autocompleting
* 2.8:
bumped Symfony version to 2.8.39
updated VERSION for 2.8.38
updated CHANGELOG for 2.8.38
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
* 2.7:
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
This PR was merged into the 2.7 branch.
Discussion
----------
Update da translations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The Danish translations have several serious errors. This PR adjusts to official Danish orthography, and updates some texts for internal consistency and to better reflect the original English text.
Commits
-------
d0ea26bd15 Update da translations
* 2.8:
[Security] Load the user before pre/post auth checks when needed
[SecurityBundle] Add test for simple authentication config
[SecurityBundle] Add missing argument to security.authentication.provider.simple
[Finder] fix tests
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Skip some tests on custom xdebug.file_link_format
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A <!-- required for new features -->
Those tests are failing locally if a custom `xdebug.file_link_format` value is set.
Let's skip them as for `FrameworkExtensionTest::testFileLinkFormat`.
This will prevent some WTF moments and any actual error on these tests will be reported by the CI (IMHO isn't worth the hassle of updating the tests to handle both cases).
Commits
-------
f9216ed [VarDumper] Skip some tests on custom xdebug.file_link_format
* 2.8:
Add PHPDbg support to HTTP components
bumped Symfony version to 2.8.38
updated VERSION for 2.8.37
updated CHANGELOG for 2.8.37
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
* 2.7:
Add PHPDbg support to HTTP components
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix check of color support on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the stream is redirected, `StreamOutput::hasColorSupport()` returns `false` on POSIX systems.
On Windows, this is not always true. Before PHP 7.2 we can't say if the stream is redirected, but since PHP 7.2 we have the `stream_isatty` function that works on Windows too: let's use it.
Sure, `sapi_windows_vt100_support` should return `false` if the stream is redirected, but it's in `or` with the other conditions, so the logic was flawed.
Commits
-------
f7f81892a0 Fix check of color support on Windows
* 2.8:
fixed deprecated messages in tests
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 2.7:
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | 3db14045d4/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php (L208-L209) <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
This explains [the workaround I initially used](3db14045d4/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php (L208-L209)) in the server dumper PR original code.
I might be wrong on the intent, but as soon as a dumper is provided (e.g by setting `debug.dump_destination: php://stderr`), I think there is no need to set the `DumpDataCollector::$isCollected` flag to `false` as we explicitly ask for the dump to be output directly somewhere. So ne need to output again on `__destruct`.
Spotted by running tests on the `symfony/demo` with the server dumper enabled: dumps were output twice. Once on the server, once at the end of the tests.
But this can be easily seen as well by using `debug.dump_destination: php://stderr` on `test` env:
```diff
diff --git a/src/Controller/BlogController.php b/src/Controller/BlogController.php
index e3e30aa..bf9744e 100644
--- a/src/Controller/BlogController.php
+++ b/src/Controller/BlogController.php
@@ -50,6 +50,7 @@ class BlogController extends AbstractController
*/
public function index(int $page, string $_format, PostRepository $posts): Response
{
+ dump(get_class($posts));
$latestPosts = $posts->findLatest($page);
// Every template name also has two extensions that specify the format and
```
### Before
```sh
vendor/bin/simple-phpunit --filter=BlogControllerTest::testIndex
PHPUnit 6.5.7 by Sebastian Bergmann and contributors.
Testing Project Test Suite
BlogController.php on line 53:
"App\Repository\PostRepository"
. 1 / 1 (100%)
Time: 3.34 seconds, Memory: 44.25MB
OK (1 test, 1 assertion)
BlogController.php on line 53:
"App\Repository\PostRepository"
```
### After
```sh
vendor/bin/simple-phpunit --filter=BlogControllerTest::testIndex
PHPUnit 6.5.7 by Sebastian Bergmann and contributors.
Testing Project Test Suite
BlogController.php on line 53:
"App\Repository\PostRepository"
. 1 / 1 (100%)
Time: 731 ms, Memory: 28.00MB
OK (1 test, 1 assertion)
```
Commits
-------
11a0392516 [HttpKernel] DumpDataCollector: do not flush when a dumper is provided
This PR was squashed before being merged into the 2.7 branch (closes#26663).
Discussion
----------
[TwigBridge] Fix rendering of currency by MoneyType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | todo
| Fixed tickets | #25135
| License | MIT
| Doc PR | -
Split from #25167 as suggested by @nicolas-grekas to see if this can be reasonably fixed on 2.7, the right way using this itsy-bitsy new feature.
#25167 still contains some valuable changes regarding tests. Ill continue either one PR depending on the target branch / proposed fix.
Commits
-------
a3a2ff0c74 [TwigBridge] Fix rendering of currency by MoneyType
* 2.8:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
* 2.7:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
This PR was squashed before being merged into the 3.4 branch (closes#26600).
Discussion
----------
[Routing] Fixed the importing of files using glob patterns that match multiple resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22160
| License | MIT
| Doc PR | n/a
This fixes the import of resources specified using glob patterns in `XmlFileLoader` and `YamlFileLoader`.
@nicolas-grekas This supersedes #25633 that's been in limbo since December despite your comments, so I decided to take care of it as I need this to work. I took care of the two loaders that are affected, and added tests.
Commits
-------
948b4cf [Routing] Fixed the importing of files using glob patterns that match multiple resources
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] use the router to resolve file links
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22290, #25886
| License | MIT
| Doc PR | -
Commits
-------
2cfc573 [WebProfilerBundle] use the router to resolve file links
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] no type errors with invalid submitted data types
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26557
| License | MIT
| Doc PR |
Commits
-------
4217cc1348 no type errors with invalid submitted data types
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Change datetime to datetime-local for HTML5 datetime input
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | Unknown
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24307
| License | MIT
| Doc PR | N/A
Change the input type from datetime to datetime-local for HTML5 date input (https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/datetime)
Commits
-------
802c67c324 Change datetime input to datetime-local
* 2.8: (29 commits)
[Console] Fix docblock of DescriptorInterface::describe
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
Php Inspections (EA Ultimate): address some of one-time used local variables
[Intl] Load locale aliases to support alias fallbacks
[CssSelector] Fix CSS identifiers parsing - they can start with dash
...
* 2.7:
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
[DomCrawler] extract(): fix a bug when the attribute list is empty
[Config] Backport string|null api for node names
This PR was squashed before being merged into the 2.7 branch (closes#26335).
Discussion
----------
[Config] Handle nullable node name + fix inheritdocs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no-ish
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Small split from #26297 that can be merged until master/4.1. Whereas the doc fixes only apply until 3.4, hence the split.
Small change regarding `getName/Path()` for not returning a `null` value anymore which violates `NodeInterface::getName/Path()`
Remainng issue left at
cd5f4105a4/src/Symfony/Component/Config/Definition/Builder/ArrayNodeDefinition.php (L381-L383)
which i tend to leave untouched across all branches for now.
Commits
-------
5c3e6a9 [Config] Handle nullable node name + fix inheritdocs
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Fix cookie path handling when $domain is null
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? |no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The bug is highlighted by the new test: there is an inconsistency in the path handling regarding if a domain is set or not. If it is set, and the cookie is set to a subpath of the passed path, the cookie is returned. However if no domain is set, it is not. This PR fixes this bug.
Commits
-------
acc20fc [BrowserKit] Fix cookie path handling when $domain is null
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Backport string|null api for node names
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
fe586ac [Config] Backport string|null api for node names
This PR was merged into the 3.4 branch.
Discussion
----------
[DependencyInjection] fix regression when extending the Container class without a constructor
| Q | A
| ------------- | ---
| Branch? | 3.4+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/26397
| License | MIT
| Doc PR | -
fix regression introduced in c026ec63e3 (diff-f7b23d463cba27ac5e4cb677f2be7623R985)
Commits
-------
0beb64a fix regression when extending the Container class without a constructor
This PR was squashed before being merged into the 3.4 branch (closes#26542).
Discussion
----------
[DI] Add tests for EnvVarProcessor
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Add tests for the `EnvVarProcessor` as it doesn't have any at the moment.
Originally from this PR against master, https://github.com/symfony/symfony/pull/26498
Commits
-------
2992bb3 [DI] Add tests for EnvVarProcessor
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Allow generators in registerBundle
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Flex recipe [utilizes generator in Kernel.php](a067bebf03/symfony/framework-bundle/3.3/src/Kernel.php (L33)). This needs to be explicitly allowed in interface.
Commits
-------
f36cfd4 [HttpKernel] Allow generators in registerBundle
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix docblock of ClassMetadata#members
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Structure of this array is in reality array<string, array<int, PropertyMetadata>>, so MemberMetadata is 2 levels deep in this array, instead of one
Commits
-------
44008c4 [Validator] Fix docblock of ClassMetadata#members
This PR was merged into the 3.4 branch.
Discussion
----------
Make sure form errors is valid HTML
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26461
| License | MIT
| Doc PR |
Using `<div>` and `<ul>` in a `<label>` is not valid HTML. This PR uses `<span>`s instead and some Bootstrap 4 classes to make it look just like before.
Commits
-------
5dcaaadb5e Make sure form errors is valid HTML
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Improves CookieJar::get
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? |no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* change a call to `substr` + `strlen` to a single `strpos`
Commits
-------
57993143a9 [BrowserKit] Improves CookieJar::get
This PR was merged into the 3.4 branch.
Discussion
----------
[Fix][3.4][HttpFoundation] Fix the updating of timestamp in the MemcachedSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Conditions: Symfony 3.4, PHP7 and sessions handled over memcache.
Apparently `memcached::touch()` returns `false` on a subsequent call with the same parameters. Since `updateTimestamp` is used in `AbstractSessionHandler::write()`
```
public function write($sessionId, $data)
{
if (\PHP_VERSION_ID < 70000 && $this->prefetchData) {
$readData = $this->prefetchData;
$this->prefetchData = null;
if ($readData === $data) {
return $this->updateTimestamp($sessionId, $data);
}
}
...
```
the result is that `write()` will return `false` on **any subsequent request within the same second** causing the following error:
```
HP Fatal error: Uncaught Symfony\Component\Debug\Exception\ContextErrorException: Warning: session_write_close(): Failed to write session data (user). Please verify that the current setting of session.save_path is correct (/var/lib/php/sessions) in Unknown:0
Stack trace:
#0 [internal function]: Symfony\Component\Debug\ErrorHandler->handleError(2, 'session_write_c...', 'Unknown', 0, NULL)
#1 [internal function]: session_write_close()
#2 {main}
thrown in Unknown on line 0
```
Can be reproduced on `symfony/skeleton:3.4` adding the following code to `public/index.php` and performing two consecutive requests:
```
$session = $kernel->getContainer()->get('session');
$session->set("foo", "bar");
```
Commits
-------
d007469877 fix the updating of timestamp in the MemcachedSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Add characters to the regex
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
dff88d44be [Config] Add characters to the regex
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] ReflectionClassResource check abstract class
generate Signature
update hash methods `ServiceSubscriberInterface::getSubscribedServices` and `EventSubscriberInterface::getSubscribedEvents` if the class is not abstract
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26459, #26501
| License | MIT
Commits
-------
e85151483c [Config] ReflectionClassResource check abstract ServiceSubscriberInterface and EventSubscriberInterface
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] extract(): fix a bug when the attribute list is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
028c9f2366 [DomCrawler] extract(): fix a bug when the attribute list is empty
This PR was squashed before being merged into the 3.4 branch (closes#26041).
Discussion
----------
Display the Welcome Page when there is no homepage defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/9178
| License | MIT
| Doc PR | -
In 3.4 we added a trick to display the Welcome Page when the user browses `/` and there are no routes defined. However, when using the `website-skeleton` (which is what most newcomers use ... and they are the ones that mostly need the "Welcome Page") the premise about *"no routes are defined"* is never true and the Welcome Page is never shown (see https://github.com/symfony/symfony-docs/issues/9178 for one of the multiple error reports we've received).
So, I propose to make this change to always define the "Welcome Page" as the fallback:
* If no routes are defined for `/`, the Welcome Page is displayed.
* If there is a route defined for `/`, this code will never be executed because it's the last condition of the routing matcher.
Commits
-------
5b0d9340d7 Display the Welcome Page when there is no homepage defined
* 2.7:
Php Inspections (EA Ultimate): address some of one-time used local variables
[Intl] Load locale aliases to support alias fallbacks
[CssSelector] Fix CSS identifiers parsing - they can start with dash
This PR was squashed before being merged into the 2.7 branch (closes#26452).
Discussion
----------
[Intl] Load locale aliases to support alias fallbacks
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21457
| License | MIT
| Doc PR | -
For example, `zh_TW` is an alias to `zh_Hant_TW`. Without aliases,` zh_TW` would fall back to `zh` (which is incorrect). With aliases loaded, `zh_TW` will fall back properly to `zh_Hant_TW`.
Judging by git history this has never worked.
```php
\Locale::setDefault('zh'); dump(Intl::getRegionBundle()->getCountryName('AD'));
\Locale::setDefault('zh_TW'); dump(Intl::getRegionBundle()->getCountryName('AD'));
\Locale::setDefault('zh_Hant_TW'); dump(Intl::getRegionBundle()->getCountryName('AD'));
```
Before:
```
"安道尔"
"安道尔"
"安道爾"
```
After:
```
"安道尔"
"安道爾"
"安道爾"
```
All tests are passing, including those from the `intl-data` group.
Commits
-------
1debf79430 [Intl] Load locale aliases to support alias fallbacks
This PR was squashed before being merged into the 3.4 branch (closes#26327).
Discussion
----------
[Form][WCAG] Errors sign for people that do not see colors
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
According to my friend and WCAG2 expect [Sandra](https://twitter.com/sandrability):
> The form errors is correctly encoded and works great. But visually they may be hard to see for people that do not see colors very well. Try to improve errors with an icon to make it more visual clear that an error has occurred.
Commits
-------
3f8cd05 [Form][WCAG] Errors sign for people that do not see colors
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix GC control of PHP-DSL
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Adding fluently in a collection is broken currently.
Commits
-------
239f2e2 [Routing] Fix GC control of PHP-DSL
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] throw exception if docblock factory does not exist
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26259
| License | MIT
| Doc PR |
Commits
-------
5cfceed throw exception if docblock factory does not exist
* 2.8:
Another PR template tweak
[PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
Clean calls to http_build_query()
[WebProfilerBundle] limit ajax request to 100 and remove the last one
[HttpFoundation] Fix missing "throw" in JsonResponse
Improve the documentation of
Suppress warning from sapi_windows_vt100_support on stream other than STDIO
removed extra-verbose comments
Fixes#26136: Avoid emitting warning in hasParameterOption()
Added a README entry to the PR template
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
[DI] Add null check for removeChild
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25803 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
For instance when using `__call()`, see #25803.
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
270147b04f [PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
This PR was merged into the 3.4 branch.
Discussion
----------
Add support for URL-like DSNs for the PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25186
| License | MIT
| Doc PR |
This allows migrating away from the deprecated DbalSessionHandler when DBAL was used for its ability to be configured through a URL (which is what is provided on Heroku and some other PaaS).
I know that this is technically a new feature (and so may target master instead), but we currently have no way to configure a database session storage on Heroku in 4.0 (and in 3.4, it requires using a deprecated class).
I decided to add support for the URL-like configuration directly rather than adding support for passing a DBAL connection, to minimize the code changes.
I also left out the support for OCI in this feature, as the PDO DSN for the Oracle driver is totally crazy (it has nothing in common with other drivers). If someone wants to use a Oracle DB, they should pass the PDO DSN directly instead of a URL.
Differences with the URL handling in Doctrine DBAL:
- schemeless URLs are not supported (DBAL allows configuring the driver separately in case you don't have it in the URL)
- the query string is ignored (DBAL allows to use the query string to configure any supported DBAL params, which are driver-specific. Just use a DSN directly if you need them. PaaS are unlikely to provide such params anyway and they are the main motivation for this PR)
Commits
-------
14c35ad13c Add support for URL-like DSNs for the PdoSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Send new session cookie from AbstractTestSessionListener after session invalidation
When we call `\Symfony\Component\HttpFoundation\Session\Session::invalidate` the session will be emptied and given a new ID, however, since it is empty this `AbstractTestSessionListener` will not send a new cookie to the user, so the user is not caught up to the latest session ID and will re-generate a session with the old session ID on a new visit.
Thus, we the sessionID has changed during a request we must always send a new cookie with the new sessionID, even though the session is empty.
This behaviour is also what is shown in production (non-test) mode.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
98f5d53 [HttpKernel] Send new session cookie from AbstractTestSessionListener after session invalidation
* 2.7:
Clean calls to http_build_query()
[HttpFoundation] Fix missing "throw" in JsonResponse
Improve the documentation of
Suppress warning from sapi_windows_vt100_support on stream other than STDIO
removed extra-verbose comments
Fixes#26136: Avoid emitting warning in hasParameterOption()
Added a README entry to the PR template
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
[DI] Add null check for removeChild
This allows migrating away from the deprecated DbalSessionHandler when
DBAL was used for its ability to be configured through a URL (which is
what is provided on Heroku and some other PaaS).
This PR was squashed before being merged into the 3.4 branch (closes#25787).
Discussion
----------
Yaml parser regression with comments and non-strings
| Q | A
| ------------- | ---
| Branch? | 3.3 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | #25786
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
a7e2a49 Yaml parser regression with comments and non-strings
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes (kinda)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Zip files uploaded on Windows often have a mime type of `x-zip-compressed`. This patch adds support for this mime type to `MimeTypeExtensionGuesser`.
The mime type seems to be a valid mime type for zip files according to http://filext.com/file-extension/ZIP
Commits
-------
ba3e19ae21 [HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
This PR was squashed before being merged into the 2.7 branch (closes#26156).
Discussion
----------
Fixes#26136: Avoid emitting warning in hasParameterOption()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26136
| License | MIT
| Doc PR | n/a
When hasParameterOption / getParameterOption is passed invalid parameters, a warning may be emitted. While the root cause of the warning is an invalid parameter supplied by the caller, earlier versions of Symfony accepted these parameters, which were effectively ignored.
In the context of these methods, what I mean by "invalid parameter" is an empty string, which is the correct datatype, but is not ever a useful thing to provide to these methods. Since empty strings here did not cause a problem in previous versions, and since Symfony is used by all sorts of projects for all sorts of purposes, it seems best to continue to be flexible about the parameters accepted by Symfony APIs.
Commits
-------
b32fdf1ca3Fixes#26136: Avoid emitting warning in hasParameterOption()
Zip files uploaded on Windows often have a mime type of `x-zip-compressed`. This patch adds support for this mime type to `MimeTypeExtensionGuesser`.
The mime type seems to be a valid mime type for zip files according to http://filext.com/file-extension/ZIP
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBridge] Apply some changes to support Bootstrap4-stable
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25655#25635#24435
| License | MIT
| Doc PR | -
Follow up of https://github.com/symfony/symfony/pull/25715, see discussion there.
This fixes the following errors:
- Delete form-control-label, don't used in Bootstrap 4
- Replace col-form-legend by col-form-label
- Separate the label and input (before the input was in the label)
- Use form-check-inline to put radio and/or checkboxes inline
- Add support of custom form for radio and checkboxes
- Fix input-group: MoneyType (Issue #25655), PercentType
- Remove form-control duplication (Issue #25635)
- Fix Errors in label (#24435)
Commits
-------
14e2282 Fixed broken tests
cf4e956 [TwigBridge] Apply some changes to support Bootstrap4-stable
This PR was squashed before being merged into the 2.7 branch (closes#26141).
Discussion
----------
[Serializer] optims and cleanup
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Tiny optimizations and small code cleanup. The opcode triggering is especially useful in the hot path (normalizers and encoders) because it's a recursive process.
Commits
-------
8ee8387 [Serializer] optims and cleanup
This PR was merged into the 3.4 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
777acfb do not mock the container builder in tests
* 2.8:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 2.7:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Throw 405 instead of 404 when redirect is not possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Finishes #25962.
Commits
-------
92842814f6 [Routing] Throw 405 instead of 404 when redirect is not possible
* 2.8:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
* 2.7:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
This PR was squashed before being merged into the 3.4 branch (closes#26067).
Discussion
----------
[YAML] Issue #26065: leading spaces in YAML multi-line string literals
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26065
| License | MIT
| Doc PR | no
Doing this:
Yaml::dump(
["text" => " leading space in first line\nno leading space in last line\n"],
2,
4,
Yaml::DUMP_MULTI_LINE_LITERAL_BLOCK
);
Will produce this:
text: |
leading space in first line
no leading space in last line
Which is invalid YAML because when the first line has leading spaces it needs a [block indentation indicator](http://www.yaml.org/spec/1.2/spec.html#id2793979) like this:
text: |4
leading space in first line
no leading space in last line
This pull requests contains a test and a patch.
Commits
-------
aa95663 [YAML] Issue #26065: leading spaces in YAML multi-line string literals
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][WebProfiler][3.4] fix collecting cache stats with sub-requests + allow clearing calls
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/23820
| License | MIT
| Doc PR | -
This is a follow-up PR for https://github.com/symfony/symfony/pull/26080. It additionally adds the reset behavior for the `TraceableAdapter` back.
Commits
-------
132bba6 [Cache][WebProfiler] fix collecting cache stats with sub-requests + allow clearing calls
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Log already-locked errors as "notice" instead of "warning"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25887 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo
We add the ability to specify the log level we want in the lock component. That could be useful when parsing the logs.
Commits
-------
2a74edb [Lock] Log already-locked errors as "notice" instead of "warning"
This PR was merged into the 3.4 branch.
Discussion
----------
Deterministic time in cache items for reproducible builds
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Allows setting a deterministic time for cache entries. This can be used to seed builds with a deterministic timestamp for reproducibility.
Parent issue is symfony/symfony#25958
Commits
-------
b4259a6 Use 0 for unlimited expiry
This PR was merged into the 3.4 branch.
Discussion
----------
Make kernel build time optionally deterministic
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As part of the effort to enable reproducible builds, this PR allows setting a deterministic build time for the dumped kernel. Parent issue is symfony/symfony#25958.
Commits
-------
48e8249 Make kernel build time optionally deterministic
This PR was merged into the 2.7 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
dab4222 do not mock the container builder in tests
* 2.8:
[SecurityBundle] Backport test
[Security] fix merge of 2.7 into 2.8 + add test case
backport regression test from 3.4
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
* 2.7:
[SecurityBundle] Backport test
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] backport regression test from 3.4
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
a9ab167 backport regression test from 3.4
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#26112).
Discussion
----------
Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | yes/no
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
bdf9efc Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix hasParameterOption / getParameterOption when used with multiple flags
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (Fixes BC break in #24987)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25825
| License | MIT
| Doc PR | n/a
Proposed resolution to #25825:
- Back out #24987
- Fix getParameterOption for short options with values, e.g. `-edev`
Commits
-------
35f98e2089 Follow-on to #25825: Fix edge case in getParameterOption.
This PR was squashed before being merged into the 3.4 branch (closes#25947).
Discussion
----------
PhpDocExtractor::getTypes() throws fatal error when type omitted
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When omitting a type in a `DocBlock` `Tag`, it will throw a fatal error due to the type being null with a call to `$tag->getType()`.
Commits
-------
54253ecfff PhpDocExtractor::getTypes() throws fatal error when type omitted
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] keep the context when validating forms
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25542
| License | MIT
| Doc PR |
Commits
-------
317da3bdf8 keep the context when validating forms
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor: use a strict comparison in setDecoratedService
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
f167b50 [DI] minor: use a strict comparision in setDecoratedService
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I recently let Europe's leading accessibility experts (Funkanu.se) review a site of mine, they gave me (among other) the feedback that errors should be a part of the label.
They said that it makes no sense for blind users to read label, read input and then read errors.
I know the implementation might look strange. But I wish something like this would be merged. That would be great for accessibility for all apps using Symfony.
We *could* also make sure it prints something like:
```
<label for=”name”>Name: <span class=”hidden”>Error message</span></label>
<input id=”name” type=”text”>
<span aria-hidden=”true”>Error message</span>
```
Commits
-------
a0b40f5 [Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Only using filemtime to check file freshness
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25999
| License | MIT
Commits
-------
52c9cb4 [Config] Only using filemtime to check file freshness
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25906
| License | MIT
| Doc PR | -
@weaverryan that should fix an issue you reported.
Commits
-------
67e821b [Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
* 2.8:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
* 2.7:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
This PR was merged into the 2.7 branch.
Discussion
----------
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/css-selector/pull/3
Commits
-------
76b40dc [CssSelector] For AND operator, the left operand should have parentheses, not only right operand
* 2.8:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 2.7:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
This PR was merged into the 2.7 branch.
Discussion
----------
[Intl] Fixed the broken link
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/intl/pull/6
Commits
-------
5733e02960 [Intl] Fixed the broken link
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] collect extension information as late as possible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25660
| License | MIT
| Doc PR |
Commits
-------
58cdbd03e1 collect extension information as late as possible
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix tracking of source class changes for lazy-proxies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
4f18e4b0dc [DI] Fix tracking of source class changes for lazy-proxies
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix bad registration of exception handler, leading to mem leak
| Q | A
| ------------- | ---
| Branch? | 27
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25965
| License | MIT
| Doc PR | -
Commits
-------
926b1bee18 [Debug] Fix bad registration of exception handler, leading to mem leak
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Fix trailing slash redirection for non-safe verbs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This test dumped matchers using the existing test cases for (Redirectable)UrlMatcher so that we are sure they behave the same. Fixes the differences found while doing so.
Commits
-------
ad593aef2f [Routing] Fix trailing slash redirection for non-safe verbs
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed empty data on expanded ChoiceType and FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25896
| License | MIT
| Doc PR | ~
Alternative of https://github.com/symfony/symfony/pull/25924.
I don't think we have to do this by adding overhead in master and getting it properly fixed in 2 years.
This is bug I've introduced while fixing another bug #17822. Which then has been replicated in #20418 and #24993.
I propose instead to clean up the code for all LTS, since this is a wrong behaviour that has never been documented, and most of all unreliable.
The `empty_data` can by anything in the view format as long as the reverse view transformation supports it. Even an object derived from the data class could be invokable.
I think we should remain consistent with https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/Form.php#L615.
Commits
-------
9722c063fb [Form] Fixed empty data on expanded ChoiceType and FileType
* 2.8:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
* 2.7:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
This PR was squashed before being merged into the 2.7 branch (closes#25878).
Discussion
----------
[HttpFoundation] Added "null" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Continuation of #24902 and #25875
Commits
-------
b18f9e76a5 [HttpFoundation] Added "null" type on Request::create docblock
This PR was merged into the 3.4 branch.
Discussion
----------
Don't stop PSR-4 service discovery if a parent class is missing
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25929
| License | MIT
| Doc PR | N/A
Commits
-------
3d6c3ba836 Don't stop PSR-4 service discovery if a parent class is missing.
* 3.3:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.8:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Removed assertDateTimeEquals() methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
All PHPUnit versions that we use on Travis support comparing `DateTime` objects via `assertEquals()`. Yet, we have our own code in place to check for equality of `DateTime` objects. This PR removes that code.
Commits
-------
5b73d1c1e6 Removed assertDateTimeEquals() methods.
* 2.7:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Improve assertions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following #25420 before start other branches.
Btw, the other branches are 2.8, 3.3, 3.4, 4.0 and master?
Commits
-------
3d90a2217d Improve assertions
This PR was merged into the 2.7 branch.
Discussion
----------
Disable CSP header on exception pages only in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR |
Based on a feedback we received, there are situations on production when it's desired to have CSP header in place even if exception occurred.
This uses now same condition that is used by ExceptionController in TwigBridge to evaluate if styled exception template is going to be shown, minus `showException` request attribute which don't make sense in this context, because it's used by PreviewController only and in such case this listener isn't triggered.
Overriding CSP header via HTML meta tag unfortunately, but not surprisingly, doesn't work.
Commits
-------
b77538c2fe Disable CSP header on exception pages only in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed Button::setParent() when already submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
The `Button` does not respect the [FormInterface](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/FormInterface.php#L28), by extension the `SubmitButton` neither.
Commits
-------
9f0c7bf549 Fixed Button::setParent() when already submitted
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Provide a DX where an array could be passed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25394
| License | MIT
| Doc PR | none
I think that this is not fixing the root causes that does not appears in 4.1, so maybe there is something better to do. I did not find the root cause So I think it can bo good to fix the problem too.
Commits
-------
de502f7 [Console] Provide a bugfix where an array could be passed
This PR was merged into the 3.3 branch.
Discussion
----------
Restore RoleInterface import
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| License | MIT
The import is use on PHPDoc but was accidentally removed. Maybe because PHPStorm does not match with the import when you use parenthesis.
Not really a bug as it is concerning only PHPDoc, but it make some analysis tools like PHPStan yelling:
```
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Line src/AppBundle/Security/Authentication/ApiKeyAuthenticator.php
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
64 Parameter #4 $roles of class Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken constructor expects array<string|Symfony\Component\Security\Core\Authentication\Token\RoleInterface>, array<string|Symfony\Component\Security\Core\Role\Role>
given.
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Line tests/AppBundle/Controller/WebTestCase.php
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
59 Parameter #4 $roles of class Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken constructor expects array<string|Symfony\Component\Security\Core\Authentication\Token\RoleInterface>, array<string|Symfony\Component\Security\Core\Role\Role>
given.
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
```
Commits
-------
8ecfeb1e31 Restore RoleInterface import
This PR was merged into the 2.7 branch.
Discussion
----------
[minor] SCA: reduce repetitive method calls (sequential and in loop)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
609372252f SCA: get rid of repetitive calls
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix initialization of legacy containers by delaying include_once
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Best reviewed ignoring whitespaces:
https://github.com/symfony/symfony/pull/25858/files?w=1
Noticed while removing a package: silencing the failing `include_once` as introduced in #25255 is not working for the `$oldContainer` in `Kernel`, and fails with a fatal error when an include succeeds but the class inside misses a parent.
Delaying the calls to `include_once` to the moment where the fresh container is actually used first, when setting the "kernel" service, works around the situation.
Commits
-------
5e750ec4b5 [DI] Fix initialization of legacy containers by delaying include_once
It confused me a lot that the method took an array and that the phpdoc said we should pass a string instead of an array. This small change should clear up the confusion.
* 3.3:
Have weak_vendors ignore deprecations from outside
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
[Process] Skip environment variables with false value in Process
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Formatting fix in upgrade 3.0 document
don't split lines on carriage returns when dumping
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[DI] compilation perf tweak
[Validator] Conflict with egulias/email-validator 2.0
[Validator] add missing parent isset and add test
* 2.8:
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Formatting fix in upgrade 3.0 document
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[Validator] add missing parent isset and add test
* 2.7:
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[Validator] add missing parent isset and add test
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] fixed return type of method HeaderBag::get
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
6b608e8 [HttpFoundation] fixed return type of method HeaderBag::get
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Added "resource" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Replaces #24902
Commits
-------
d1a96ca [HttpFoundation] Added "resource" type on Request::create docblock
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] add missing parent isset and add test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25843 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
This is a little PR to fix the error and to add the parent::__isset to the Constraints class, I'm adding a test too to be sure that this is not possible again.
Btw, since this is instagihub, I'm coding at home and then I see a squirrel :
Commits
-------
bcb79a3 [Validator] add missing parent isset and add test
This PR was merged into the 3.3 branch.
Discussion
----------
[Process] Skip environment variables with false value in Process
| Q | A
| ------------- | ---
| Branch? | master, 4.0, 3.3, 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
With the commit 03adce239d, all env variables are injecting in the process, and the env variable with the `false` value are converted in empty string.
For example, it's problematic with the bundle SymfonyWebServerBundle and the last version of the [symfony/framework-bundle recipe](https://github.com/symfony/recipes/blob/master/symfony/framework-bundle/3.3/public/index.php#L11), because the WebServer override the value of `APP_ENV` with `false` to override previously loaded variables (c5a1218555), and with the commit 03adce239d, the `APP_ENV` variable is injected with a empty string value, instead of not being injected, as was the case before.
This PR not use the same logic as the [getDefaultEnv()](https://github.com/symfony/symfony/blob/4.0/src/Symfony/Component/Process/Process.php#L1553) method.
Commits
-------
2daf4f9 [Process] Skip environment variables with false value in Process
* 3.3:
[HttpKernel] DebugHandlersListener should always replace the existing exception handler
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
[Cache] Fix handling of apcu_fetch() edgy behavior
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
[Console] Improve phpdoc on StyleInterface::ask()
* 2.8:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
* 2.7:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Always decorate existing exception handlers to deal with fatal errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25827
| License | MIT
| Doc PR | -
Decorating the exception is seamless, let's always do it and fix handling of fatal errors.
Related to #25408 also.
Commits
-------
205d7ae3f7 [Debug] Always decorate existing exception handlers to deal with fatal errors
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Notify that symfony/expression-language is not installed if ExpressionLanguage is used
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25742
| License | MIT
| Doc PR | not requested
Commits
-------
6aa2b7cce0 [Security] Notify that symfony/expression-language is not installed if ExpressionLanguage and ExpressionLanguagePrivider are used
This PR was merged into the 3.4 branch.
Discussion
----------
[OptionsResolver] Fix options resolver with array allowed types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
When playing a simple test:
```php
use Symfony\Component\OptionsResolver\Options;
$resolver = new OptionsResolver();
$resolver->setDefined('foo');
$resolver->setAllowedTypes('foo', 'string[]');
$options = $resolver->resolve(['foo' => ['bar', 'baz']]);
```
I get this error:
```
Symfony\Component\OptionsResolver\Exception\InvalidOptionsException: The option "foo" with value array is expected to be of type "string[]", but is of type "string[]"
```
This PR should fix this.
Commits
-------
cc215f7347 Fix options resolver with array allowed types
This PR was squashed before being merged into the 2.7 branch (closes#25789).
Discussion
----------
Enableable ArrayNodeDefinition is disabled for empty configuration
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25760
| License | MIT
Fixes#25760.
Currently, documented behavior is not true:
70c8c2d47b/src/Symfony/Component/Config/Definition/Builder/ArrayNodeDefinition.php (L207-L208)
Commits
-------
a6a330dcd9 Enableable ArrayNodeDefinition is disabled for empty configuration
This PR was squashed before being merged into the 2.7 branch (closes#25816).
Discussion
----------
Problem in phar see mergerequest #25579
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
If packed into phar the old version creates path like 'file:///phar%3A/'. see https://github.com/symfony/symfony/pull/25579
Commits
-------
3e0c8ffb43 Problem in phar see mergerequest #25579
This PR was squashed before being merged into the 2.7 branch (closes#25781).
Discussion
----------
[Form] Disallow transform dates beyond the year 9999
Fixes#14727
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | not really
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14727
| License | MIT
Explicitly locked out submission of dates beyond December 31st 9999 in forms as PHP is highly incapable of consistently handling such dates. Before this patch dates were randomly transformed or mangled.
Technically there is a BC break as this will now cause validation to fail on input that was *accepted* before, but it was mangled. Not my call but I prefer the rejection over data corruption:
```
// Old behavior
$transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, null, \IntlDateFormatter::GREGORIAN, 'yyyy-MM-dd');
$result = $transformer->reverseTransform('20107-03-21');
// $result is now 2007-03-21
```
Commits
-------
70cc969537 [Form] Disallow transform dates beyond the year 9999
This PR was merged into the 3.3 branch.
Discussion
----------
[Serializer] DateTimeNormalizer handling of null and empty values (returning it instead of new object)
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | #23964
| License | MIT
| Doc PR |
I'm openning the disucussion on this as I think that should be returning null and not a new object.
WDYT ?
Working at home ;)
Commits
-------
74726f3896 [Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
This PR was merged into the 2.7 branch.
Discussion
----------
Copied NO language files to the new NB locale
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25792
| License | MIT
| Doc PR | N/A
This PR copies all `NO` language files to a new locale `NB`. It also adds unit tests to ensure that `NB` and `NO` will always contain the same translations. This way, we allow application developers to either use the generic `NO` language code or the more precise `NB` (e.g. if they need to distinguish between the `NB` and `NN` variants of the Norwegian language).
For further details, please have a look at the discussion in #25792.
Commits
-------
aee9b1ea3e Copied NO language files to the new NB locale.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Improve phpdoc on StyleInterface::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
In a CLI command i keep asking an optional question until i get an answer. So interactively it's a required question. It looks like..
```php
do {
$value = $io->ask('Value', null, function ($value) { return $value; });
} while (null === $value);
```
Which works nice.. but SA is complaining about
```
Strict comparison using === between null and string will always evaluate to false.
```
This should fix it. The mixed API goes back to https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Console/Helper/QuestionHelper.php#L38
Commits
-------
499d04f [Console] Improve phpdoc on StyleInterface::ask()
* 3.3:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
* 2.8:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 2.7:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
This PR was merged into the 2.7 branch.
Discussion
----------
[appveyor] set memory_limit=-1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
10e33ac [appveyor] set memory_limit=-1
This PR was squashed before being merged into the 2.7 branch (closes#25801).
Discussion
----------
[Router] Skip anonymous classes when loading annotated routes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25796
| License | MIT
| Doc PR |
Skip any usage of anonymous classes when parsing files in `AnnotationFileLoader`
Commits
-------
d76a545 [Router] Skip anonymous classes when loading annotated routes
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix fatal error on non string username
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25612
| License | MIT
| Doc PR | n/a
That's consistent with what #22569 did for the `json_login` listener.
Commits
-------
8f095683d0 [Security] Fix fatal error on non string username
This PR was merged into the 3.3 branch.
Discussion
----------
[Routing] Make sure we only build routes once
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25746
| License | MIT
| Doc PR | ø
We need to build the collection(s) only once, else the prefix would be duplicated.
Commits
-------
927a75ac3e Make sure we only build once and have one time the prefix when importing routes
This PR was merged into the 3.3 branch.
Discussion
----------
Remove polyfill-util dependency from fullstack and security
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | kinda
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Applies #22709 to the two higher-level packages. I've applied it to 3.3 as that's where that change was merged (though it was `master` as the time); these may actually apply earlier though?
(#16382 was mentioned and applied to 2.8, though is for the serializer which is unrelated? Should have been 3.0 when `StringUtils` was removed?)
Commits
-------
939efd59b9 Remove polyfill-util dependency from fullstack and security
* 3.3:
fix merge
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
Add missing @ in phpdoc return statement
Don't right trim the deprecation message
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.8:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.7:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 3.3:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
Add type string to docblock for Process::setInput()
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
Run simple-phpunit with --no-suggest option
[FrameworkBundle] Fix using "annotations.cached_reader" in after-removing passes
bumped Symfony version to 3.3.16
updated VERSION for 3.3.15
updated CHANGELOG for 3.3.15
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
* 2.8:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
* 2.7:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix session handling: decouple "save" from setting response "private"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fixes https://github.com/symfony/symfony/pull/25583#issuecomment-355717344 from @Tobion, and provides extra laziness for the "session" service, related to https://github.com/symfony/recipes/pull/333.
(deps=high failure will be fixed by merging to upper branches.)
Commits
-------
f8727b8827 [HttpKernel] Fix session handling: decouple "save" from setting response "private"
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Php function json_encode/decode with option JSON_PARTIAL_OUTPUT_ON_ERROR return result on error, but if have is error json_last_error() always return error code even if there is a result and it is not false. Because of this is impossible set JSON_PARTIAL_OUTPUT_ON_ERROR option across variable $context.
Current fix solves this problem.
Verification on the false is completely correct, since json_encode / decode returns false only on error if not set JSON_PARTIAL_OUTPUT_ON_ERROR option.
Such have a problem e.g when encoding data is not utf-8 (emoji from facebook).
Commits
-------
e7e410b [Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Add tests for request collector and cookie redirection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (#25719)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | ø
Not that I felt bad doing a PR without tests (#25719) but this one adds tests to be sure we stabilize this cookie-based redirection.
Commits
-------
7b4f5a15e7 Add tests for the HttpKernel request collector and redirection via cookies
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Noticed by @jpauli: the native file session handler needs a call to `destroy()` to remove session files, even for new empty sessions.
Commits
-------
e5e2d5ddd2 [HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fail gracefully if the security token cannot be unserialized from the session
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).
This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)
Commits
-------
053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
This PR was submitted for the 3.4 branch but it was squashed and merged into the 3.3 branch instead (closes#25585).
Discussion
----------
Add type string to docblock for Process::setInput()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
Add `string` as valid `$input` for `Process::setInput()`. Since `getInput()` will also return as string and the internal method `ProcessUtils::validateInput()` will accept a string, this should be a viable input type.
Commits
-------
e3de68f2 Add type string to docblock for Process::setInput()
