* 2.8:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
* 2.7:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
This PR was squashed before being merged into the 3.4 branch (closes#26600).
Discussion
----------
[Routing] Fixed the importing of files using glob patterns that match multiple resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22160
| License | MIT
| Doc PR | n/a
This fixes the import of resources specified using glob patterns in `XmlFileLoader` and `YamlFileLoader`.
@nicolas-grekas This supersedes #25633 that's been in limbo since December despite your comments, so I decided to take care of it as I need this to work. I took care of the two loaders that are affected, and added tests.
Commits
-------
948b4cf [Routing] Fixed the importing of files using glob patterns that match multiple resources
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] use the router to resolve file links
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22290, #25886
| License | MIT
| Doc PR | -
Commits
-------
2cfc573 [WebProfilerBundle] use the router to resolve file links
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] no type errors with invalid submitted data types
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26557
| License | MIT
| Doc PR |
Commits
-------
4217cc1348 no type errors with invalid submitted data types
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Change datetime to datetime-local for HTML5 datetime input
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | Unknown
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24307
| License | MIT
| Doc PR | N/A
Change the input type from datetime to datetime-local for HTML5 date input (https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/datetime)
Commits
-------
802c67c324 Change datetime input to datetime-local
* 2.8: (29 commits)
[Console] Fix docblock of DescriptorInterface::describe
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
Php Inspections (EA Ultimate): address some of one-time used local variables
[Intl] Load locale aliases to support alias fallbacks
[CssSelector] Fix CSS identifiers parsing - they can start with dash
...
* 2.7:
[Config] Handle nullable node name + fix inheritdocs
[Security] added userChecker to SimpleAuthenticationProvider
[Debug] fix test
Fix typo in test method name
Fixes#26563 (open_basedir restriction in effect)
[Debug] Reset previous exception handler ealier to prevent infinite loop
add hint in Github pull request template
[Validator] Fix docblock of ClassMetadata#members
[BrowserKit] Fix cookie path handling when $domain is null
[DoctrineBridge] Don't rely on ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser anymore
[BrowserKit] Improves CookieJar::get
[BrowserKit] Fix Cookie's PHPDoc
[DomCrawler] Change bad wording in ChoiceFormField::untick
[DomCrawler] Fix the PHPDoc of ChoiceFormField::setValue
[DomCrawler] Avoid a useless call to strtolower
[FrameworkBundle] HttpCache is not longer abstract
[DomCrawler] extract(): fix a bug when the attribute list is empty
[Config] Backport string|null api for node names
This PR was squashed before being merged into the 2.7 branch (closes#26335).
Discussion
----------
[Config] Handle nullable node name + fix inheritdocs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no-ish
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Small split from #26297 that can be merged until master/4.1. Whereas the doc fixes only apply until 3.4, hence the split.
Small change regarding `getName/Path()` for not returning a `null` value anymore which violates `NodeInterface::getName/Path()`
Remainng issue left at
cd5f4105a4/src/Symfony/Component/Config/Definition/Builder/ArrayNodeDefinition.php (L381-L383)
which i tend to leave untouched across all branches for now.
Commits
-------
5c3e6a9 [Config] Handle nullable node name + fix inheritdocs
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Fix cookie path handling when $domain is null
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? |no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The bug is highlighted by the new test: there is an inconsistency in the path handling regarding if a domain is set or not. If it is set, and the cookie is set to a subpath of the passed path, the cookie is returned. However if no domain is set, it is not. This PR fixes this bug.
Commits
-------
acc20fc [BrowserKit] Fix cookie path handling when $domain is null
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Backport string|null api for node names
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
fe586ac [Config] Backport string|null api for node names
This PR was merged into the 3.4 branch.
Discussion
----------
[DependencyInjection] fix regression when extending the Container class without a constructor
| Q | A
| ------------- | ---
| Branch? | 3.4+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/26397
| License | MIT
| Doc PR | -
fix regression introduced in c026ec63e3 (diff-f7b23d463cba27ac5e4cb677f2be7623R985)
Commits
-------
0beb64a fix regression when extending the Container class without a constructor
This PR was squashed before being merged into the 3.4 branch (closes#26542).
Discussion
----------
[DI] Add tests for EnvVarProcessor
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Add tests for the `EnvVarProcessor` as it doesn't have any at the moment.
Originally from this PR against master, https://github.com/symfony/symfony/pull/26498
Commits
-------
2992bb3 [DI] Add tests for EnvVarProcessor
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Allow generators in registerBundle
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Flex recipe [utilizes generator in Kernel.php](a067bebf03/symfony/framework-bundle/3.3/src/Kernel.php (L33)). This needs to be explicitly allowed in interface.
Commits
-------
f36cfd4 [HttpKernel] Allow generators in registerBundle
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix docblock of ClassMetadata#members
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Structure of this array is in reality array<string, array<int, PropertyMetadata>>, so MemberMetadata is 2 levels deep in this array, instead of one
Commits
-------
44008c4 [Validator] Fix docblock of ClassMetadata#members
This PR was merged into the 3.4 branch.
Discussion
----------
Make sure form errors is valid HTML
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26461
| License | MIT
| Doc PR |
Using `<div>` and `<ul>` in a `<label>` is not valid HTML. This PR uses `<span>`s instead and some Bootstrap 4 classes to make it look just like before.
Commits
-------
5dcaaadb5e Make sure form errors is valid HTML
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Improves CookieJar::get
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? |no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
* change a call to `substr` + `strlen` to a single `strpos`
Commits
-------
57993143a9 [BrowserKit] Improves CookieJar::get
This PR was merged into the 3.4 branch.
Discussion
----------
[Fix][3.4][HttpFoundation] Fix the updating of timestamp in the MemcachedSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Conditions: Symfony 3.4, PHP7 and sessions handled over memcache.
Apparently `memcached::touch()` returns `false` on a subsequent call with the same parameters. Since `updateTimestamp` is used in `AbstractSessionHandler::write()`
```
public function write($sessionId, $data)
{
if (\PHP_VERSION_ID < 70000 && $this->prefetchData) {
$readData = $this->prefetchData;
$this->prefetchData = null;
if ($readData === $data) {
return $this->updateTimestamp($sessionId, $data);
}
}
...
```
the result is that `write()` will return `false` on **any subsequent request within the same second** causing the following error:
```
HP Fatal error: Uncaught Symfony\Component\Debug\Exception\ContextErrorException: Warning: session_write_close(): Failed to write session data (user). Please verify that the current setting of session.save_path is correct (/var/lib/php/sessions) in Unknown:0
Stack trace:
#0 [internal function]: Symfony\Component\Debug\ErrorHandler->handleError(2, 'session_write_c...', 'Unknown', 0, NULL)
#1 [internal function]: session_write_close()
#2 {main}
thrown in Unknown on line 0
```
Can be reproduced on `symfony/skeleton:3.4` adding the following code to `public/index.php` and performing two consecutive requests:
```
$session = $kernel->getContainer()->get('session');
$session->set("foo", "bar");
```
Commits
-------
d007469877 fix the updating of timestamp in the MemcachedSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Add characters to the regex
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
dff88d44be [Config] Add characters to the regex
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] ReflectionClassResource check abstract class
generate Signature
update hash methods `ServiceSubscriberInterface::getSubscribedServices` and `EventSubscriberInterface::getSubscribedEvents` if the class is not abstract
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26459, #26501
| License | MIT
Commits
-------
e85151483c [Config] ReflectionClassResource check abstract ServiceSubscriberInterface and EventSubscriberInterface
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] extract(): fix a bug when the attribute list is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
028c9f2366 [DomCrawler] extract(): fix a bug when the attribute list is empty
This PR was squashed before being merged into the 3.4 branch (closes#26041).
Discussion
----------
Display the Welcome Page when there is no homepage defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony-docs/issues/9178
| License | MIT
| Doc PR | -
In 3.4 we added a trick to display the Welcome Page when the user browses `/` and there are no routes defined. However, when using the `website-skeleton` (which is what most newcomers use ... and they are the ones that mostly need the "Welcome Page") the premise about *"no routes are defined"* is never true and the Welcome Page is never shown (see https://github.com/symfony/symfony-docs/issues/9178 for one of the multiple error reports we've received).
So, I propose to make this change to always define the "Welcome Page" as the fallback:
* If no routes are defined for `/`, the Welcome Page is displayed.
* If there is a route defined for `/`, this code will never be executed because it's the last condition of the routing matcher.
Commits
-------
5b0d9340d7 Display the Welcome Page when there is no homepage defined
* 2.7:
Php Inspections (EA Ultimate): address some of one-time used local variables
[Intl] Load locale aliases to support alias fallbacks
[CssSelector] Fix CSS identifiers parsing - they can start with dash
This PR was squashed before being merged into the 2.7 branch (closes#26452).
Discussion
----------
[Intl] Load locale aliases to support alias fallbacks
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21457
| License | MIT
| Doc PR | -
For example, `zh_TW` is an alias to `zh_Hant_TW`. Without aliases,` zh_TW` would fall back to `zh` (which is incorrect). With aliases loaded, `zh_TW` will fall back properly to `zh_Hant_TW`.
Judging by git history this has never worked.
```php
\Locale::setDefault('zh'); dump(Intl::getRegionBundle()->getCountryName('AD'));
\Locale::setDefault('zh_TW'); dump(Intl::getRegionBundle()->getCountryName('AD'));
\Locale::setDefault('zh_Hant_TW'); dump(Intl::getRegionBundle()->getCountryName('AD'));
```
Before:
```
"安道尔"
"安道尔"
"安道爾"
```
After:
```
"安道尔"
"安道爾"
"安道爾"
```
All tests are passing, including those from the `intl-data` group.
Commits
-------
1debf79430 [Intl] Load locale aliases to support alias fallbacks
This PR was squashed before being merged into the 3.4 branch (closes#26327).
Discussion
----------
[Form][WCAG] Errors sign for people that do not see colors
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
According to my friend and WCAG2 expect [Sandra](https://twitter.com/sandrability):
> The form errors is correctly encoded and works great. But visually they may be hard to see for people that do not see colors very well. Try to improve errors with an icon to make it more visual clear that an error has occurred.
Commits
-------
3f8cd05 [Form][WCAG] Errors sign for people that do not see colors
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix GC control of PHP-DSL
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Adding fluently in a collection is broken currently.
Commits
-------
239f2e2 [Routing] Fix GC control of PHP-DSL
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo] throw exception if docblock factory does not exist
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26259
| License | MIT
| Doc PR |
Commits
-------
5cfceed throw exception if docblock factory does not exist
* 2.8:
Another PR template tweak
[PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
Clean calls to http_build_query()
[WebProfilerBundle] limit ajax request to 100 and remove the last one
[HttpFoundation] Fix missing "throw" in JsonResponse
Improve the documentation of
Suppress warning from sapi_windows_vt100_support on stream other than STDIO
removed extra-verbose comments
Fixes#26136: Avoid emitting warning in hasParameterOption()
Added a README entry to the PR template
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
[DI] Add null check for removeChild
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25803 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
For instance when using `__call()`, see #25803.
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
270147b04f [PropertyInfo] ReflectionExtractor: give a chance to other extractors if no properties
This PR was merged into the 3.4 branch.
Discussion
----------
Add support for URL-like DSNs for the PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25186
| License | MIT
| Doc PR |
This allows migrating away from the deprecated DbalSessionHandler when DBAL was used for its ability to be configured through a URL (which is what is provided on Heroku and some other PaaS).
I know that this is technically a new feature (and so may target master instead), but we currently have no way to configure a database session storage on Heroku in 4.0 (and in 3.4, it requires using a deprecated class).
I decided to add support for the URL-like configuration directly rather than adding support for passing a DBAL connection, to minimize the code changes.
I also left out the support for OCI in this feature, as the PDO DSN for the Oracle driver is totally crazy (it has nothing in common with other drivers). If someone wants to use a Oracle DB, they should pass the PDO DSN directly instead of a URL.
Differences with the URL handling in Doctrine DBAL:
- schemeless URLs are not supported (DBAL allows configuring the driver separately in case you don't have it in the URL)
- the query string is ignored (DBAL allows to use the query string to configure any supported DBAL params, which are driver-specific. Just use a DSN directly if you need them. PaaS are unlikely to provide such params anyway and they are the main motivation for this PR)
Commits
-------
14c35ad13c Add support for URL-like DSNs for the PdoSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Send new session cookie from AbstractTestSessionListener after session invalidation
When we call `\Symfony\Component\HttpFoundation\Session\Session::invalidate` the session will be emptied and given a new ID, however, since it is empty this `AbstractTestSessionListener` will not send a new cookie to the user, so the user is not caught up to the latest session ID and will re-generate a session with the old session ID on a new visit.
Thus, we the sessionID has changed during a request we must always send a new cookie with the new sessionID, even though the session is empty.
This behaviour is also what is shown in production (non-test) mode.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
Commits
-------
98f5d53 [HttpKernel] Send new session cookie from AbstractTestSessionListener after session invalidation
* 2.7:
Clean calls to http_build_query()
[HttpFoundation] Fix missing "throw" in JsonResponse
Improve the documentation of
Suppress warning from sapi_windows_vt100_support on stream other than STDIO
removed extra-verbose comments
Fixes#26136: Avoid emitting warning in hasParameterOption()
Added a README entry to the PR template
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
[DI] Add null check for removeChild
This allows migrating away from the deprecated DbalSessionHandler when
DBAL was used for its ability to be configured through a URL (which is
what is provided on Heroku and some other PaaS).
This PR was squashed before being merged into the 3.4 branch (closes#25787).
Discussion
----------
Yaml parser regression with comments and non-strings
| Q | A
| ------------- | ---
| Branch? | 3.3 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | #25786
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
a7e2a49 Yaml parser regression with comments and non-strings
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes (kinda)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Zip files uploaded on Windows often have a mime type of `x-zip-compressed`. This patch adds support for this mime type to `MimeTypeExtensionGuesser`.
The mime type seems to be a valid mime type for zip files according to http://filext.com/file-extension/ZIP
Commits
-------
ba3e19ae21 [HttpFoundation] Add x-zip-compressed to MimeTypeExtensionGuesser.
This PR was squashed before being merged into the 2.7 branch (closes#26156).
Discussion
----------
Fixes#26136: Avoid emitting warning in hasParameterOption()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26136
| License | MIT
| Doc PR | n/a
When hasParameterOption / getParameterOption is passed invalid parameters, a warning may be emitted. While the root cause of the warning is an invalid parameter supplied by the caller, earlier versions of Symfony accepted these parameters, which were effectively ignored.
In the context of these methods, what I mean by "invalid parameter" is an empty string, which is the correct datatype, but is not ever a useful thing to provide to these methods. Since empty strings here did not cause a problem in previous versions, and since Symfony is used by all sorts of projects for all sorts of purposes, it seems best to continue to be flexible about the parameters accepted by Symfony APIs.
Commits
-------
b32fdf1ca3Fixes#26136: Avoid emitting warning in hasParameterOption()
Zip files uploaded on Windows often have a mime type of `x-zip-compressed`. This patch adds support for this mime type to `MimeTypeExtensionGuesser`.
The mime type seems to be a valid mime type for zip files according to http://filext.com/file-extension/ZIP
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBridge] Apply some changes to support Bootstrap4-stable
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25655#25635#24435
| License | MIT
| Doc PR | -
Follow up of https://github.com/symfony/symfony/pull/25715, see discussion there.
This fixes the following errors:
- Delete form-control-label, don't used in Bootstrap 4
- Replace col-form-legend by col-form-label
- Separate the label and input (before the input was in the label)
- Use form-check-inline to put radio and/or checkboxes inline
- Add support of custom form for radio and checkboxes
- Fix input-group: MoneyType (Issue #25655), PercentType
- Remove form-control duplication (Issue #25635)
- Fix Errors in label (#24435)
Commits
-------
14e2282 Fixed broken tests
cf4e956 [TwigBridge] Apply some changes to support Bootstrap4-stable
This PR was squashed before being merged into the 2.7 branch (closes#26141).
Discussion
----------
[Serializer] optims and cleanup
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Tiny optimizations and small code cleanup. The opcode triggering is especially useful in the hot path (normalizers and encoders) because it's a recursive process.
Commits
-------
8ee8387 [Serializer] optims and cleanup
This PR was merged into the 3.4 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
777acfb do not mock the container builder in tests
* 2.8:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
* 2.7:
[Routing] Throw 405 instead of 404 when redirect is not possible
[Process] fix test case
Add security.tl.xlf to legacy directory
[Security][Validator] Add translations for Tagalog
fixed typo
Typo fix in security component lithuanian translation.
[Process] Check PHP_BINDIR before $PATH in PhpExecutableFinder
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Throw 405 instead of 404 when redirect is not possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Finishes #25962.
Commits
-------
92842814f6 [Routing] Throw 405 instead of 404 when redirect is not possible
* 2.8:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
* 2.7:
[Bridge\PhpUnit] Exit as late as possible
Update Repository Symlink Helper
Document explicitly that dotfiles and vcs files are ignored by default
do not mock the container builder in tests
This PR was squashed before being merged into the 3.4 branch (closes#26067).
Discussion
----------
[YAML] Issue #26065: leading spaces in YAML multi-line string literals
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26065
| License | MIT
| Doc PR | no
Doing this:
Yaml::dump(
["text" => " leading space in first line\nno leading space in last line\n"],
2,
4,
Yaml::DUMP_MULTI_LINE_LITERAL_BLOCK
);
Will produce this:
text: |
leading space in first line
no leading space in last line
Which is invalid YAML because when the first line has leading spaces it needs a [block indentation indicator](http://www.yaml.org/spec/1.2/spec.html#id2793979) like this:
text: |4
leading space in first line
no leading space in last line
This pull requests contains a test and a patch.
Commits
-------
aa95663 [YAML] Issue #26065: leading spaces in YAML multi-line string literals
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][WebProfiler][3.4] fix collecting cache stats with sub-requests + allow clearing calls
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/23820
| License | MIT
| Doc PR | -
This is a follow-up PR for https://github.com/symfony/symfony/pull/26080. It additionally adds the reset behavior for the `TraceableAdapter` back.
Commits
-------
132bba6 [Cache][WebProfiler] fix collecting cache stats with sub-requests + allow clearing calls
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Log already-locked errors as "notice" instead of "warning"
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25887 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo
We add the ability to specify the log level we want in the lock component. That could be useful when parsing the logs.
Commits
-------
2a74edb [Lock] Log already-locked errors as "notice" instead of "warning"
This PR was merged into the 3.4 branch.
Discussion
----------
Deterministic time in cache items for reproducible builds
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Allows setting a deterministic time for cache entries. This can be used to seed builds with a deterministic timestamp for reproducibility.
Parent issue is symfony/symfony#25958
Commits
-------
b4259a6 Use 0 for unlimited expiry
This PR was merged into the 3.4 branch.
Discussion
----------
Make kernel build time optionally deterministic
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As part of the effort to enable reproducible builds, this PR allows setting a deterministic build time for the dumped kernel. Parent issue is symfony/symfony#25958.
Commits
-------
48e8249 Make kernel build time optionally deterministic
This PR was merged into the 2.7 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
dab4222 do not mock the container builder in tests
* 2.8:
[SecurityBundle] Backport test
[Security] fix merge of 2.7 into 2.8 + add test case
backport regression test from 3.4
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
* 2.7:
[SecurityBundle] Backport test
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] backport regression test from 3.4
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
a9ab167 backport regression test from 3.4
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#26112).
Discussion
----------
Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | yes/no
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
bdf9efc Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix hasParameterOption / getParameterOption when used with multiple flags
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (Fixes BC break in #24987)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25825
| License | MIT
| Doc PR | n/a
Proposed resolution to #25825:
- Back out #24987
- Fix getParameterOption for short options with values, e.g. `-edev`
Commits
-------
35f98e2089 Follow-on to #25825: Fix edge case in getParameterOption.
This PR was squashed before being merged into the 3.4 branch (closes#25947).
Discussion
----------
PhpDocExtractor::getTypes() throws fatal error when type omitted
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When omitting a type in a `DocBlock` `Tag`, it will throw a fatal error due to the type being null with a call to `$tag->getType()`.
Commits
-------
54253ecfff PhpDocExtractor::getTypes() throws fatal error when type omitted
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] keep the context when validating forms
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25542
| License | MIT
| Doc PR |
Commits
-------
317da3bdf8 keep the context when validating forms
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor: use a strict comparison in setDecoratedService
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
f167b50 [DI] minor: use a strict comparision in setDecoratedService
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I recently let Europe's leading accessibility experts (Funkanu.se) review a site of mine, they gave me (among other) the feedback that errors should be a part of the label.
They said that it makes no sense for blind users to read label, read input and then read errors.
I know the implementation might look strange. But I wish something like this would be merged. That would be great for accessibility for all apps using Symfony.
We *could* also make sure it prints something like:
```
<label for=”name”>Name: <span class=”hidden”>Error message</span></label>
<input id=”name” type=”text”>
<span aria-hidden=”true”>Error message</span>
```
Commits
-------
a0b40f5 [Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Only using filemtime to check file freshness
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25999
| License | MIT
Commits
-------
52c9cb4 [Config] Only using filemtime to check file freshness
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25906
| License | MIT
| Doc PR | -
@weaverryan that should fix an issue you reported.
Commits
-------
67e821b [Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
* 2.8:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
* 2.7:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
This PR was merged into the 2.7 branch.
Discussion
----------
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/css-selector/pull/3
Commits
-------
76b40dc [CssSelector] For AND operator, the left operand should have parentheses, not only right operand
* 2.8:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 2.7:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
This PR was merged into the 2.7 branch.
Discussion
----------
[Intl] Fixed the broken link
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/intl/pull/6
Commits
-------
5733e02960 [Intl] Fixed the broken link
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] collect extension information as late as possible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25660
| License | MIT
| Doc PR |
Commits
-------
58cdbd03e1 collect extension information as late as possible
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix tracking of source class changes for lazy-proxies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
4f18e4b0dc [DI] Fix tracking of source class changes for lazy-proxies
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix bad registration of exception handler, leading to mem leak
| Q | A
| ------------- | ---
| Branch? | 27
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25965
| License | MIT
| Doc PR | -
Commits
-------
926b1bee18 [Debug] Fix bad registration of exception handler, leading to mem leak
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Fix trailing slash redirection for non-safe verbs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This test dumped matchers using the existing test cases for (Redirectable)UrlMatcher so that we are sure they behave the same. Fixes the differences found while doing so.
Commits
-------
ad593aef2f [Routing] Fix trailing slash redirection for non-safe verbs
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed empty data on expanded ChoiceType and FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25896
| License | MIT
| Doc PR | ~
Alternative of https://github.com/symfony/symfony/pull/25924.
I don't think we have to do this by adding overhead in master and getting it properly fixed in 2 years.
This is bug I've introduced while fixing another bug #17822. Which then has been replicated in #20418 and #24993.
I propose instead to clean up the code for all LTS, since this is a wrong behaviour that has never been documented, and most of all unreliable.
The `empty_data` can by anything in the view format as long as the reverse view transformation supports it. Even an object derived from the data class could be invokable.
I think we should remain consistent with https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/Form.php#L615.
Commits
-------
9722c063fb [Form] Fixed empty data on expanded ChoiceType and FileType
* 2.8:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
* 2.7:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
This PR was squashed before being merged into the 2.7 branch (closes#25878).
Discussion
----------
[HttpFoundation] Added "null" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Continuation of #24902 and #25875
Commits
-------
b18f9e76a5 [HttpFoundation] Added "null" type on Request::create docblock
This PR was merged into the 3.4 branch.
Discussion
----------
Don't stop PSR-4 service discovery if a parent class is missing
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25929
| License | MIT
| Doc PR | N/A
Commits
-------
3d6c3ba836 Don't stop PSR-4 service discovery if a parent class is missing.
* 3.3:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.8:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Removed assertDateTimeEquals() methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
All PHPUnit versions that we use on Travis support comparing `DateTime` objects via `assertEquals()`. Yet, we have our own code in place to check for equality of `DateTime` objects. This PR removes that code.
Commits
-------
5b73d1c1e6 Removed assertDateTimeEquals() methods.
* 2.7:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Improve assertions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following #25420 before start other branches.
Btw, the other branches are 2.8, 3.3, 3.4, 4.0 and master?
Commits
-------
3d90a2217d Improve assertions
This PR was merged into the 2.7 branch.
Discussion
----------
Disable CSP header on exception pages only in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR |
Based on a feedback we received, there are situations on production when it's desired to have CSP header in place even if exception occurred.
This uses now same condition that is used by ExceptionController in TwigBridge to evaluate if styled exception template is going to be shown, minus `showException` request attribute which don't make sense in this context, because it's used by PreviewController only and in such case this listener isn't triggered.
Overriding CSP header via HTML meta tag unfortunately, but not surprisingly, doesn't work.
Commits
-------
b77538c2fe Disable CSP header on exception pages only in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed Button::setParent() when already submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
The `Button` does not respect the [FormInterface](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/FormInterface.php#L28), by extension the `SubmitButton` neither.
Commits
-------
9f0c7bf549 Fixed Button::setParent() when already submitted
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Provide a DX where an array could be passed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25394
| License | MIT
| Doc PR | none
I think that this is not fixing the root causes that does not appears in 4.1, so maybe there is something better to do. I did not find the root cause So I think it can bo good to fix the problem too.
Commits
-------
de502f7 [Console] Provide a bugfix where an array could be passed
This PR was merged into the 3.3 branch.
Discussion
----------
Restore RoleInterface import
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| License | MIT
The import is use on PHPDoc but was accidentally removed. Maybe because PHPStorm does not match with the import when you use parenthesis.
Not really a bug as it is concerning only PHPDoc, but it make some analysis tools like PHPStan yelling:
```
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Line src/AppBundle/Security/Authentication/ApiKeyAuthenticator.php
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
64 Parameter #4 $roles of class Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken constructor expects array<string|Symfony\Component\Security\Core\Authentication\Token\RoleInterface>, array<string|Symfony\Component\Security\Core\Role\Role>
given.
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Line tests/AppBundle/Controller/WebTestCase.php
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
59 Parameter #4 $roles of class Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken constructor expects array<string|Symfony\Component\Security\Core\Authentication\Token\RoleInterface>, array<string|Symfony\Component\Security\Core\Role\Role>
given.
------ -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
```
Commits
-------
8ecfeb1e31 Restore RoleInterface import
This PR was merged into the 2.7 branch.
Discussion
----------
[minor] SCA: reduce repetitive method calls (sequential and in loop)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
609372252f SCA: get rid of repetitive calls
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix initialization of legacy containers by delaying include_once
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Best reviewed ignoring whitespaces:
https://github.com/symfony/symfony/pull/25858/files?w=1
Noticed while removing a package: silencing the failing `include_once` as introduced in #25255 is not working for the `$oldContainer` in `Kernel`, and fails with a fatal error when an include succeeds but the class inside misses a parent.
Delaying the calls to `include_once` to the moment where the fresh container is actually used first, when setting the "kernel" service, works around the situation.
Commits
-------
5e750ec4b5 [DI] Fix initialization of legacy containers by delaying include_once
It confused me a lot that the method took an array and that the phpdoc said we should pass a string instead of an array. This small change should clear up the confusion.
* 3.3:
Have weak_vendors ignore deprecations from outside
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
[Process] Skip environment variables with false value in Process
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Formatting fix in upgrade 3.0 document
don't split lines on carriage returns when dumping
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[DI] compilation perf tweak
[Validator] Conflict with egulias/email-validator 2.0
[Validator] add missing parent isset and add test
* 2.8:
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Formatting fix in upgrade 3.0 document
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[Validator] add missing parent isset and add test
* 2.7:
[HttpFoundation] fixed return type of method HeaderBag::get
[HttpFoundation] Added "resource" type on Request::create docblock
Revert "bug #25789 Enableable ArrayNodeDefinition is disabled for empty configuration (kejwmen)"
Revert "bug #25851 [Validator] Conflict with egulias/email-validator 2.0 (emodric)"
[Validator] add missing parent isset and add test
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] fixed return type of method HeaderBag::get
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
6b608e8 [HttpFoundation] fixed return type of method HeaderBag::get
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Added "resource" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Replaces #24902
Commits
-------
d1a96ca [HttpFoundation] Added "resource" type on Request::create docblock
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] add missing parent isset and add test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25843 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
This is a little PR to fix the error and to add the parent::__isset to the Constraints class, I'm adding a test too to be sure that this is not possible again.
Btw, since this is instagihub, I'm coding at home and then I see a squirrel :
Commits
-------
bcb79a3 [Validator] add missing parent isset and add test
This PR was merged into the 3.3 branch.
Discussion
----------
[Process] Skip environment variables with false value in Process
| Q | A
| ------------- | ---
| Branch? | master, 4.0, 3.3, 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
With the commit 03adce239d, all env variables are injecting in the process, and the env variable with the `false` value are converted in empty string.
For example, it's problematic with the bundle SymfonyWebServerBundle and the last version of the [symfony/framework-bundle recipe](https://github.com/symfony/recipes/blob/master/symfony/framework-bundle/3.3/public/index.php#L11), because the WebServer override the value of `APP_ENV` with `false` to override previously loaded variables (c5a1218555), and with the commit 03adce239d, the `APP_ENV` variable is injected with a empty string value, instead of not being injected, as was the case before.
This PR not use the same logic as the [getDefaultEnv()](https://github.com/symfony/symfony/blob/4.0/src/Symfony/Component/Process/Process.php#L1553) method.
Commits
-------
2daf4f9 [Process] Skip environment variables with false value in Process
* 3.3:
[HttpKernel] DebugHandlersListener should always replace the existing exception handler
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
[Cache] Fix handling of apcu_fetch() edgy behavior
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
[Console] Improve phpdoc on StyleInterface::ask()
* 2.8:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
* 2.7:
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Console] Improve phpdoc on StyleInterface::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Always decorate existing exception handlers to deal with fatal errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25827
| License | MIT
| Doc PR | -
Decorating the exception is seamless, let's always do it and fix handling of fatal errors.
Related to #25408 also.
Commits
-------
205d7ae3f7 [Debug] Always decorate existing exception handlers to deal with fatal errors
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Notify that symfony/expression-language is not installed if ExpressionLanguage is used
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25742
| License | MIT
| Doc PR | not requested
Commits
-------
6aa2b7cce0 [Security] Notify that symfony/expression-language is not installed if ExpressionLanguage and ExpressionLanguagePrivider are used
This PR was merged into the 3.4 branch.
Discussion
----------
[OptionsResolver] Fix options resolver with array allowed types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
When playing a simple test:
```php
use Symfony\Component\OptionsResolver\Options;
$resolver = new OptionsResolver();
$resolver->setDefined('foo');
$resolver->setAllowedTypes('foo', 'string[]');
$options = $resolver->resolve(['foo' => ['bar', 'baz']]);
```
I get this error:
```
Symfony\Component\OptionsResolver\Exception\InvalidOptionsException: The option "foo" with value array is expected to be of type "string[]", but is of type "string[]"
```
This PR should fix this.
Commits
-------
cc215f7347 Fix options resolver with array allowed types
This PR was squashed before being merged into the 2.7 branch (closes#25789).
Discussion
----------
Enableable ArrayNodeDefinition is disabled for empty configuration
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25760
| License | MIT
Fixes#25760.
Currently, documented behavior is not true:
70c8c2d47b/src/Symfony/Component/Config/Definition/Builder/ArrayNodeDefinition.php (L207-L208)
Commits
-------
a6a330dcd9 Enableable ArrayNodeDefinition is disabled for empty configuration
This PR was squashed before being merged into the 2.7 branch (closes#25816).
Discussion
----------
Problem in phar see mergerequest #25579
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
If packed into phar the old version creates path like 'file:///phar%3A/'. see https://github.com/symfony/symfony/pull/25579
Commits
-------
3e0c8ffb43 Problem in phar see mergerequest #25579
This PR was squashed before being merged into the 2.7 branch (closes#25781).
Discussion
----------
[Form] Disallow transform dates beyond the year 9999
Fixes#14727
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | not really
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14727
| License | MIT
Explicitly locked out submission of dates beyond December 31st 9999 in forms as PHP is highly incapable of consistently handling such dates. Before this patch dates were randomly transformed or mangled.
Technically there is a BC break as this will now cause validation to fail on input that was *accepted* before, but it was mangled. Not my call but I prefer the rejection over data corruption:
```
// Old behavior
$transformer = new DateTimeToLocalizedStringTransformer('UTC', 'UTC', null, null, \IntlDateFormatter::GREGORIAN, 'yyyy-MM-dd');
$result = $transformer->reverseTransform('20107-03-21');
// $result is now 2007-03-21
```
Commits
-------
70cc969537 [Form] Disallow transform dates beyond the year 9999
This PR was merged into the 3.3 branch.
Discussion
----------
[Serializer] DateTimeNormalizer handling of null and empty values (returning it instead of new object)
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | #23964
| License | MIT
| Doc PR |
I'm openning the disucussion on this as I think that should be returning null and not a new object.
WDYT ?
Working at home ;)
Commits
-------
74726f3896 [Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
This PR was merged into the 2.7 branch.
Discussion
----------
Copied NO language files to the new NB locale
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25792
| License | MIT
| Doc PR | N/A
This PR copies all `NO` language files to a new locale `NB`. It also adds unit tests to ensure that `NB` and `NO` will always contain the same translations. This way, we allow application developers to either use the generic `NO` language code or the more precise `NB` (e.g. if they need to distinguish between the `NB` and `NN` variants of the Norwegian language).
For further details, please have a look at the discussion in #25792.
Commits
-------
aee9b1ea3e Copied NO language files to the new NB locale.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Improve phpdoc on StyleInterface::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
In a CLI command i keep asking an optional question until i get an answer. So interactively it's a required question. It looks like..
```php
do {
$value = $io->ask('Value', null, function ($value) { return $value; });
} while (null === $value);
```
Which works nice.. but SA is complaining about
```
Strict comparison using === between null and string will always evaluate to false.
```
This should fix it. The mixed API goes back to https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Console/Helper/QuestionHelper.php#L38
Commits
-------
499d04f [Console] Improve phpdoc on StyleInterface::ask()
* 3.3:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
Make sure we only build once and have one time the prefix when importing routes
[Security] Fix fatal error on non string username
* 2.8:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
* 2.7:
[appveyor] set memory_limit=-1
[Router] Skip anonymous classes when loading annotated routes
Fixed Request::__toString ignoring cookies
[Security] Fix fatal error on non string username
This PR was merged into the 2.7 branch.
Discussion
----------
[appveyor] set memory_limit=-1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
10e33ac [appveyor] set memory_limit=-1
This PR was squashed before being merged into the 2.7 branch (closes#25801).
Discussion
----------
[Router] Skip anonymous classes when loading annotated routes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25796
| License | MIT
| Doc PR |
Skip any usage of anonymous classes when parsing files in `AnnotationFileLoader`
Commits
-------
d76a545 [Router] Skip anonymous classes when loading annotated routes
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix fatal error on non string username
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25612
| License | MIT
| Doc PR | n/a
That's consistent with what #22569 did for the `json_login` listener.
Commits
-------
8f095683d0 [Security] Fix fatal error on non string username
This PR was merged into the 3.3 branch.
Discussion
----------
[Routing] Make sure we only build routes once
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25746
| License | MIT
| Doc PR | ø
We need to build the collection(s) only once, else the prefix would be duplicated.
Commits
-------
927a75ac3e Make sure we only build once and have one time the prefix when importing routes
This PR was merged into the 3.3 branch.
Discussion
----------
Remove polyfill-util dependency from fullstack and security
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | kinda
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Applies #22709 to the two higher-level packages. I've applied it to 3.3 as that's where that change was merged (though it was `master` as the time); these may actually apply earlier though?
(#16382 was mentioned and applied to 2.8, though is for the serializer which is unrelated? Should have been 3.0 when `StringUtils` was removed?)
Commits
-------
939efd59b9 Remove polyfill-util dependency from fullstack and security
* 3.3:
fix merge
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
Add missing @ in phpdoc return statement
Don't right trim the deprecation message
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.8:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.7:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 3.3:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
Add type string to docblock for Process::setInput()
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
Run simple-phpunit with --no-suggest option
[FrameworkBundle] Fix using "annotations.cached_reader" in after-removing passes
bumped Symfony version to 3.3.16
updated VERSION for 3.3.15
updated CHANGELOG for 3.3.15
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
* 2.8:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
Tweaked some styles in the profiler tables
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.8.34
updated VERSION for 2.8.33
updated CHANGELOG for 2.8.33
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
* 2.7:
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
[Security] Fail gracefully if the security token cannot be unserialized from the session
[Form] AbstractLayoutTest - fix DOMDocument casing
bumped Symfony version to 2.7.41
updated VERSION for 2.7.40
update CONTRIBUTORS for 2.7.40
updated CHANGELOG for 2.7.40
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix session handling: decouple "save" from setting response "private"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fixes https://github.com/symfony/symfony/pull/25583#issuecomment-355717344 from @Tobion, and provides extra laziness for the "session" service, related to https://github.com/symfony/recipes/pull/333.
(deps=high failure will be fixed by merging to upper branches.)
Commits
-------
f8727b8827 [HttpKernel] Fix session handling: decouple "save" from setting response "private"
This PR was merged into the 2.7 branch.
Discussion
----------
[Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Php function json_encode/decode with option JSON_PARTIAL_OUTPUT_ON_ERROR return result on error, but if have is error json_last_error() always return error code even if there is a result and it is not false. Because of this is impossible set JSON_PARTIAL_OUTPUT_ON_ERROR option across variable $context.
Current fix solves this problem.
Verification on the false is completely correct, since json_encode / decode returns false only on error if not set JSON_PARTIAL_OUTPUT_ON_ERROR option.
Such have a problem e.g when encoding data is not utf-8 (emoji from facebook).
Commits
-------
e7e410b [Serializer] Fixed throwing exception with option JSON_PARTIAL_OUTPUT_ON_ERROR
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Add tests for request collector and cookie redirection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (#25719)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | ø
Not that I felt bad doing a PR without tests (#25719) but this one adds tests to be sure we stabilize this cookie-based redirection.
Commits
-------
7b4f5a15e7 Add tests for the HttpKernel request collector and redirection via cookies
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Noticed by @jpauli: the native file session handler needs a call to `destroy()` to remove session files, even for new empty sessions.
Commits
-------
e5e2d5ddd2 [HttpFoundation] Always call proxied handler::destroy() in StrictSessionHandler
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fail gracefully if the security token cannot be unserialized from the session
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).
This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)
Commits
-------
053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
This PR was submitted for the 3.4 branch but it was squashed and merged into the 3.3 branch instead (closes#25585).
Discussion
----------
Add type string to docblock for Process::setInput()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
Add `string` as valid `$input` for `Process::setInput()`. Since `getInput()` will also return as string and the internal method `ProcessUtils::validateInput()` will accept a string, this should be a viable input type.
Commits
-------
e3de68f2 Add type string to docblock for Process::setInput()
This PR was merged into the 3.4 branch.
Discussion
----------
Remove randomness from dumped containers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
With this PR, the generated container is immutable by cache clearing: it doesn't contain any random string anymore (well, third party bundles can add random things back, but at least core doesn't).
Since the class+file name of the container is based on a hash of its content, it means that they are now stable also. This should help fix some edge cases/race conditions during cache clears/rebuilds.
(fabbot failure is false positive)
Commits
-------
14dd5d1dbd Remove randomness from dumped containers
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Use the default host even if context is empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25464
| License | MIT
| Doc PR | ø
When the host in the context is empty... we should still use the default host.
**Note:** it seems like a lot of changes but all I did was to remove the `if` and de-indent the code that was inside.
Commits
-------
8f357df75b Use the default host even if context is empty and fallback to relative URL if empty host
* 3.3:
PHP CS Fixer: clean up repo and adjust config
use interface_exists instead of class_exists
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.8:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
* 2.7:
PHP CS Fixer: clean up repo and adjust config
Dumper shouldn't use html format for phpdbg
[Validator] Fix access to root object when using composite constraint
This PR was squashed before being merged into the 2.7 branch (closes#25653).
Discussion
----------
PHP CS Fixer: clean up repo and adjust config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Reason for this PR is that one want to have `php-cs-fixer fix -v` command executed without changes that shall not be applied for this repo. To achieve that, we need to groom config to exclude files that violate CS willingly, fix files that are violating CS unwillingly, and deliver missing case handling at PHP CS Fixer itself (https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/3359) (already merged!).
Commits
-------
b14cbc1 PHP CS Fixer: clean up repo and adjust config
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Fix access to root object when using composite constraint
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12315, #20477, #21706
| License | MIT
| Doc PR |
Commits
-------
b18cdcf417 [Validator] Fix access to root object when using composite constraint
* 3.3:
Clean up
Update return type in docblock.
PHP CS Fixer: no need to exclude xml and yml files
PHP CS Fixer: no need to exclude json file
Update LICENSE year... forever
This PR was merged into the 2.7 branch.
Discussion
----------
Update LICENSE year... forever
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
By using the same trick than Facebook: https://github.com/facebook/react/blob/master/LICENSE
Commits
-------
8ce8bd5 Update LICENSE year... forever
This PR was squashed before being merged into the 2.7 branch (closes#25652).
Discussion
----------
Clean up
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I've removed all white spaces and extra lines from our `markdown` files. Recently [I did it in our documentation](https://github.com/symfony/symfony-docs/pull/8944), and thought would be interesting to replicate here 😄
Commits
-------
acd0d7c Clean up
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Remove group options without data on debug:form command
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25394
| License | MIT
| Doc PR | -
This also fix the normalization of the options column for text descriptor, regardless of changes in `collectOptions()` method (which is enough to fix the related bug).
@maidmaid could you confirm if these changes solve the problem?
Commits
-------
083c8af706 Remove group options without data and fix normalization
* 3.3:
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
[2.7][DX] Use constant message contextualisation for deprecations
This PR was squashed before being merged into the 2.7 branch (closes#25430).
Discussion
----------
Fixes for Oracle in PdoSessionHandler
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #18305 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | <!--highly recommended for new features-->
<!--
Fixes missing session data for Oracle in PdoSessionHandler
-->
Commits
-------
e7a4002b4f Fixes for Oracle in PdoSessionHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] Skip DebugClassLoader checks for already parsed files
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Perf. fix for the dev mode only: I propose to run the checks done by DebugClassLoader only once, when the file is changed/parsed.
This should improve DX much, by making the dev env faster. Here is a bench on the hello world of the standard edition (class inlining by the DIC disabled, but still):
https://blackfire.io/profiles/compare/31ff0792-9992-4658-9707-cac87a320d1f/graph
Commits
-------
f0c12234b9 [Debug] Skip DebugClassLoader checks for already parsed files
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7][DX] Use constant message contextualisation for deprecations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Since many projects are using this mechanism for deprecating feature, it is sometimes difficult to understand which vendor triggers a deprecation.
Sometimes we're using `since Symfony x.y` format, sometimes we are using `since x.y`. I propose to always use `since Symfony x.y` format.
Commits
-------
c2338cbd7a [2.7][DX] Use constant message contextualisation for deprecations
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/24988
| License | MIT
| Doc PR | -
As described in #24988 I think the current handling of the `Cache-Control` header set by the `NativeSessionStorage` causes inconsistent behaviour.
In #24988 @nicolas-grekas states that if you start a session a response should be considered to be private. I do agree with this but up until now, nobody takes care of this on `kernel.response`.
I think we must always suppress the `NativeSessionStorage` from generating any headers by default. Otherwise the `Cache-Control` header never makes it to the `Response` instance and is thus missed by `kernel.response` listeners and for example the Symfony HttpCache. So depending on whether you use Symfony's HttpCache or Varnish as a reverse proxy, caching would be handled differently. Varnish would consider the response to be private if you set the php.ini setting `session.cache_limiter` to `nocache` (which is default) because it will receive the header. HttpCache would not because the `Cache-Control` header is not present on the `Response`. That's inconsistent and may cause confusion or problems when switching proxies.
Commits
-------
dbc1c1c4b6 [HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
This PR was merged into the 3.4 branch.
Discussion
----------
[DX][DependencyInjection] Suggest to write an implementation if the interface cannot be autowired
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ø
| License | MIT
| Doc PR | ø
This would add a hint for the developers when the interface cannot be wired. This suggests creating the implementation of the interface.
**Note:** this is 3.4 because I believe DX should be treated as bugs.
**Note 2:** fabbot issue is false positive
Commits
-------
961e3e7 Suggest to write an implementation if the interface cannot be autowired
* 3.3:
Add application/ld+json format associated to json
[HttpFoundation] Fix false-positive ConflictingHeadersException
[WebServerBundle] Fix escaping of php binary with arguments
Error handlers' $context should be optional as it's deprecated
[Serializer] Correct typing mistake in DocBlock
[Config] Fix closure CS
PHP CS Fixer: use PHPUnit Migration ruleset
Update MemcachedTrait.php
[Bridge/PhpUnit] thank phpunit/phpunit
[Process] Fix setting empty env vars
[Process] Dont use getenv(), it returns arrays and can introduce subtle breaks accros PHP versions
[WebServerBundle] fix a bug where require would not require the good file because of env
[Console] Commands with an alias should not be recognized as ambiguous
This PR was squashed before being merged into the 2.7 branch (closes#25599).
Discussion
----------
Add application/ld+json format associated to json
| Q | A
| ------------- | ---
| Branch? | 2.7 up to 4.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Add `application/ld+json` Content-Type as json format in Request.
Commits
-------
0917c4c Add application/ld+json format associated to json
This PR was merged into the 3.3 branch.
Discussion
----------
Error handlers' $context should be optional as it's deprecated
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f4fcbcd Error handlers' $context should be optional as it's deprecated
* 2.8:
[Serializer] Correct typing mistake in DocBlock
[Config] Fix closure CS
PHP CS Fixer: use PHPUnit Migration ruleset
[Console] Commands with an alias should not be recognized as ambiguous
* 2.7:
[Serializer] Correct typing mistake in DocBlock
[Config] Fix closure CS
PHP CS Fixer: use PHPUnit Migration ruleset
[Console] Commands with an alias should not be recognized as ambiguous
| Q | A
| ------------- | ---
| Branch? | 2.1 to 4.0
| Bug fix? | yes (comment only)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | na
| Fixed tickets | na
| License | MIT
| Doc PR |
DocBlock comment referred to `NormalizableInterface` but code was using `DenormalizableInterface`
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] fix cleaning legacy containers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The suffix used to be `.legacyContainer` (length=16) but we forgot to update the length when it was changed to `.legacy` (length=7).
Commits
-------
324821d [HttpKernel] fix cleaning legacy containers
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Commands with an alias should not be recognized as ambiguous
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | no <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR |
When having two commands with the same starting name and an alias equal to the starting name, we should not have an ambiguous error because we are setting the alias.
Commits
-------
863f632 [Console] Commands with an alias should not be recognized as ambiguous
* 3.3:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[WebProfilerBundle] Let fetch() cast URL to string
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.8:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
improve FormType::getType exception message details
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
* 2.7:
[2.7] Fix issues found by PHPStan
Add php_unit_dedicate_assert to PHPCS
[Intl] Update ICU data to 60.2
[Console] fix a bug when you are passing a default value and passing -n would ouput the index
This PR was merged into the 2.7 branch.
Discussion
----------
Add php_unit_dedicate_assert to PHPCS
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25420
| License | MIT
| Doc PR | -
Forgot to add this in #25420😅
Commits
-------
e913b68 Add php_unit_dedicate_assert to PHPCS
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] fix a bug when you are passing a default value and passing -n would output the index
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25470
| License | MIT
| Doc PR |
We are fixing a bug when you are using a default value with -n, it would output the index instead of the value.
Simple reproducer 5079dd19d5 (diff-77efcc28bc5309e1af9ac07a1e073009R40)
Commits
-------
41ffc69 [Console] fix a bug when you are passing a default value and passing -n would ouput the index
This PR was submitted for the master branch but it was squashed and merged into the 2.8 branch instead (closes#25492).
Discussion
----------
improve FormType::getType exception message details
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This pull request improves the exception thrown when a Type is requested from Symfony\Component\Form\FormRegistry.
The same exception message was thrown if either the Type class wasn't found or the Type class did not implement the Symfony\Component\Form\FormTypeInterface.
This pull request adds some explaination of the reason why a type could not be found and helps application developpers to find the source of the Symfony\Component\Form\Exception\InvalidArgumentException thrown when getting a Type.
Commits
-------
945f236 improve FormType::getType exception message details
Not much has changed in data we actually use in Symfony.
However, the extension compiled for ICU 60.2 behaves slightly differently in some cases.
This can be observed on one assertion that had to be disabled. There's no point in keeping it since the Symfony implementation does not support the behaviour.
* 2.8:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
* 2.7:
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
[Console] Fix a bug when passing a letter that could be an alias
add missing validation options to XSD file
This PR was squashed before being merged into the 2.7 branch (closes#25427).
Discussion
----------
Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While investigating #25373, I found that when the *dumped* `UrlMatcher` performs redirections due to missing trailing slashes on URLs, it does so using an url*de*coded URL.
This is wrong, as it may lead to wrong interpretations of URLs upon the next request. For example, think of an URL that contains `%23` in the middle of the path info. Upon redirection, this will be turned into `#` with an obvious effect.
Commits
-------
8146510304 Preserve percent-encoding in URLs when performing redirects in the UrlMatcher
This PR was merged into the 3.3 branch.
Discussion
----------
[HttpFoundation] Fix tests
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Remains filesystem ones due to #25420, going to have a look in this PR in the next hour if nobody does before.
Commits
-------
ef6adb8 Fix tests
This PR was merged into the 3.3 branch.
Discussion
----------
[Console] Fix console tests by adding the missing condition
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
The old conditions was testing that the exit code is different than 0. I just add this tests back since it is needed.
Commits
-------
57f8129 [Console] Fix console tests by adding the missing condition
* 3.3:
fix merge
[Translation] Fix InvalidArgumentException when using untranslated plural forms from .po files
Fixed exit code with non-integer throwable code
Add suggestions
Added instructions to upgrade Symfony applications to 4.x
This PR was squashed before being merged into the 3.3 branch (closes#24594).
Discussion
----------
[Translation] Fix InvalidArgumentException when using untranslated plural forms from .po files
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24593
| License | MIT
This PR fixes the bug in #24593. It's not the absolutely ideal way to address the issue, but I don't see how else to handle it without either dropping support for pips in translation strings, or rearchitecting the code that feeds translations to the MessageSelector as pipe separated in the first place.
Commits
-------
fea815b2f5 [Translation] Fix InvalidArgumentException when using untranslated plural forms from .po files
* 3.3:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
[DI] Impossible to set an environment variable and then an array as container parameter
[LDAP] added missing dots at the end of some exception messages.
Set `width: auto` on WebProfiler toolbar's reset.
[Process] Dont rely on putenv(), it fails on ZTS PHP
[HttpKernel] detect deprecations thrown by container initialization during tests
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
[VarDumper] Fixed file links leave blank pages when ide is configured
Fix hidden currency element with Bootstrap 3 theme
* 2.8:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
Set `width: auto` on WebProfiler toolbar's reset.
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
Fix hidden currency element with Bootstrap 3 theme
* 2.7:
[HttpFoundation] Support 0 bit netmask in IPv6 ()
Set `width: auto` on WebProfiler toolbar's reset.
[HttpKernel] Fix logging of post-terminate errors/exceptions
[Debug] Fix catching fatal errors in case of nested error handlers
Fix hidden currency element with Bootstrap 3 theme
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge][Form] Fix hidden currency element with Bootstrap 3 theme
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When using a `MoneyType` field, one can pass `currency=false` option to hide the currency symbol. This does not work well when using the Bootstrap 3 theme: the symbol is not displayed but HTML elements that are supposed to contain it are still rendered.
Commits
-------
c5af7fd938 Fix hidden currency element with Bootstrap 3 theme
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix catching fatal errors in case of nested error handlers
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8703, #16980
| License | MIT
| Doc PR | -
Fixing a bug from 2013 :)
Commits
-------
27dc9a6c7c [Debug] Fix catching fatal errors in case of nested error handlers
This PR was squashed before being merged into the 2.7 branch (closes#25330).
Discussion
----------
[HttpFoundation] Support 0 bit netmask in IPv6 (`::/0`)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | —
| License | MIT
| Doc PR | —
Proxy settings allow `0.0.0.0/0` but not `::/0`. This PR adds IpUtils support for 0 masked bits in IPv6.
Tests pass in the sense that results before and after are unchanged on my local PHP 7.2 / macOS setup. The IpUtils test cases were extended for the changes in this PR.
I've rebased on 2.7, but the issue is present up to 4.0 and master.
Commits
-------
9f1c9bd964 [HttpFoundation] Support 0 bit netmask in IPv6 ()
This PR was merged into the 3.3 branch.
Discussion
----------
[VarDumper] Fixed file links leave blank pages when ide is configured
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25377
| License | MIT
| Doc PR | n/a
Commits
-------
138cd09948 [VarDumper] Fixed file links leave blank pages when ide is configured
This PR was merged into the 3.3 branch.
Discussion
----------
[Process] Dont rely on putenv(), it fails on ZTS PHP
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24924
| License | MIT
| Doc PR | -
`putenv()` is not thread safe, but ZTS is PHP defaults on Windows.
Commits
-------
ef632ec721 [Process] Dont rely on putenv(), it fails on ZTS PHP
This PR was merged into the 3.3 branch.
Discussion
----------
[LDAP] Add missing dots at the end of some exception messages
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
For consistency sake.
Commits
-------
8d0b7528bc [LDAP] added missing dots at the end of some exception messages.
This PR was squashed before being merged into the 3.3 branch (closes#25333).
Discussion
----------
[DI] Impossible to set an environment variable and then an array as container parameter
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25245
| License | MIT
When an environment variables and then an array is set as container parameters, an error is thrown (Warning: stripos() expects parameter 1 to be string, array given).
You can run my test without the fix in the Container builder to see it.
Commits
-------
484a082eb1 [DI] Impossible to set an environment variable and then an array as container parameter
* 3.3:
Tweaking class not found autowiring error
[TwigBridge] Add missing dev requirement for workflow
fixed#25440
empty lines don't count for indent detection
This PR was merged into the 3.4 branch.
Discussion
----------
[Process] remove false-positive BC breaking exception on Windows
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25446
| License | MIT
| Doc PR | -
Commits
-------
fe41155ea1 [Process] remove false-positive BC breaking exception on Windows
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Add context to service-not-found exceptions thrown by service locators
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (DX)
| New feature? | yes (...)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25342, #25196
| License | MIT
| Doc PR | -
Here hopefully is the fully-context aware message you're looking for @weaverryan @curry684.
Commits
-------
9512f268f4 [DI] Add context to service-not-found exceptions thrown by service locators
This PR was squashed before being merged into the 3.3 branch (closes#24599).
Discussion
----------
Tweaking class not found autowiring error
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
A trainee in my workshop today hit this error, and it struck me as not as clear as it could be - it's really a "Class Not Found" error.
Commits
-------
48832e640a Tweaking class not found autowiring error
This PR was merged into the 4.1-dev branch.
Discussion
----------
grammar typo in docs
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | yes/no
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
d53c889 grammar typo in docs
This PR was merged into the 3.4 branch.
Discussion
----------
Remove some unused variables and properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
Analyzing symfony/symfony using https://insight.sensiolabs.com, I found several chunks of dead code. This PR removes them in the 3.4 branch.
Commits
-------
ec92d9b Remove some unused variables and properties
* 3.3: (21 commits)
[appveyor] disable memory limit on composer up
Remove some unused variables and properties
Remove some unused variables, properties and methods
fix some edge cases with indented blocks
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[DI] Fix circular-aliases message
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Prevent a loop in aliases within the `findDefinition` method
Fix php doc in Table class
bumped Symfony version to 3.3.15
updated VERSION for 3.3.14
updated CHANGELOG for 3.3.14
bumped Symfony version to 2.8.33
updated VERSION for 2.8.32
updated CHANGELOG for 2.8.32
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
...
This PR was merged into the 3.3 branch.
Discussion
----------
[Yaml] fix some edge cases with indented blocks
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25329, #25341
| License | MIT
| Doc PR |
Now that comment-like lines are no longer ignored when subparsers are
created, we need to ignore them in some functions (e.g. when detecting
the indentation depth of the next block).
Commits
-------
b201c22 fix some edge cases with indented blocks
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fix debug:form command definition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Sadly these changes were forgotten in https://github.com/symfony/symfony/pull/25011 and the `debug:form` command does not work properly right now :(
Commits
-------
97fdf31 Fix debug:form definition
* 2.8:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.8.33
updated VERSION for 2.8.32
updated CHANGELOG for 2.8.32
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
* 2.7:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
Now that comment-like lines are no longer ignored when subparsers are
created, we need to ignore them in some functions (e.g. when detecting
the indentation depth of the next block).
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix non-string class handling in PhpDumper
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25353
| License | MIT
| Doc PR | -
Commits
-------
28f00866b1 Ensure that inlined services with parameterized class name can be dumped
730b156f35 [DI] Fix non-string class handling in PhpDumper
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Force root-namespace for function calls in the dumper container
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Was not needed before 3.4, but now that the dumped container is namespaced, it is required.
Commits
-------
f87380c22a [DI] Force root-namespace for function calls in the dumper container
This PR was merged into the 3.3 branch.
Discussion
----------
[Serializer] Unset attributes when creating child context
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
In some cases, the `attributes` key isn't overrode when creating the context passed to nested normalizers.
It's definitely a bug, but an attacker cannot access to non public data (ignored attributes are checked before the `attributes` key). However some data that must be public may be missing as highlighted by the test.
I've introduced the initial bug here: https://github.com/symfony/symfony/pull/18834
Commits
-------
4ff9d99f23 [Serializer] Unset attributes when creating child context
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] do not evaluate PHP constant names
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25307
| License | MIT
| Doc PR |
PHP constant identifiers must be strings anyway. Thus, we only need to
parse quoted strings, but do not have to evaluate the data types.
Commits
-------
956287be72 do not evaluate PHP constant names
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] improved CsvEncoder::decode performance
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Improved CsvEncoder::decode performance by caching duplicate count calls.
Blackfire profiles before and after change tested on collection of 10000 elements:
[before] https://blackfire.io/profiles/9c08f789-cd29-4eae-92c8-046e3849a2b8/graph
[after] https://blackfire.io/profiles/a17bfb6b-ef82-41ee-9edd-9403f829d6ab/graph
Commits
-------
3b910a9fad [Serializer] improved CsvEncoder::decode performance by caching duplicate count calls
This PR was merged into the 2.7 branch.
Discussion
----------
[ExpressionLanguage] throw an SyntaxError instead of an undefined index notice
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25214
| License | MIT
| Doc PR | none
I think this is a bug when the components throws a notice instead of an exception.
it's too early and too dark to see something outside so here is my couch :
Commits
-------
78abc89648 [ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
This PR was merged into the 3.4 branch.
Discussion
----------
[DX][HttpKernel] Throw a sensible exception when controller has been removed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25335
| License | MIT
| Doc PR | ø
Following on #25201, we need to throw the same kind of sensible exception when the controller service is not found.
Commits
-------
458d63fbb9 Throw a sensible exception when controller has been removed
This removes the exclusive lock that was introduced in #24960.
NFS File Systems do not support exclusive locking, and generates a lot
of errors every time you try to do anything with che cache.
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Register singly-implemented interfaces when doing PSR-4 discovery
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm feeling bad for not having this idea before 3.4.0 went out, therefore submitting on 3.4, despite this being a new feature, technically. On a DX pov still, this is a bugfix :) I'll let you accept the argument or not...
So, when doing PSR-4-based service registration, we keep only classes as services.
This systematically leads to the question: "But what about interfaces, shouldn't we type-hint against abstractions and not classes?!"
And the answer has invariably been: "Well, just create an alias!"
Which means doing configuration manually.
I fear that if we leave things as is, we're going to grow a "generation" of devs that will hijack autowiring and abuse hinting for classes instead of interfaces.
BUT, here is the idea implemented by this PR: let's create an alias for every singly-implemented interface we discover while looking for classes!
Plain local, simple, and obvious, isn't it?
Votes pending :)
Commits
-------
fcd4aa7807 [DI] Register singly-implemented interfaces when doing PSR-4 discovery
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Throw an exception if Expression Language is not installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25277
| License | MIT
| Doc PR | ø
The [`PhpDumper` already has this check](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php#L1688-L1690) but it is missing here.
Commits
-------
75b21e9 Throw an exception is expression language is not installed
* 3.3:
Fail as early and noisily as possible
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
do not eagerly filter comment lines
[WebProfilerBundle], [TwigBundle] Fix Profiler breaking XHTML pages (Content-Type: application/xhtml+xml)
* 2.8:
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
* 2.7:
[FrameworkBundle] Fix visibility of a test helper
[link] clear the cache after linking
[link] Prevent warnings when running link with 2.7
[Validator] ExpressionValidator should use OBJECT_TO_STRING to allow value in message
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fixed the @Valid(groups={"group"}) against null exception case
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When `@Valid(groups={"group"})` has non-empty groups and the value is `null`, validator throws `Cannot validate values of type "NULL" automatically. Please provide a constraint.` at `RecursiveContextualValidator:164`.
I don't really understand, why everything is okay for `@Valid()` without groups, but hope that my fix is correct anyway.
Commits
-------
56f24d0 Fixed the null value exception case.
This PR was merged into the 3.4 branch.
Discussion
----------
Remove rc/beta suffix from composer.json files
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25291
| License | MIT
| Doc PR | -
We don't need that anymore.
Commits
-------
9fb6a88580 Remove rc/beta suffix from composer.json files
This PR was merged into the 3.4 branch.
Discussion
----------
[Console][DI] Fail gracefully
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/flex/issues/212, #25280
| License | MIT
| Doc PR | -
I already experienced this issue a few times without spending time digging it:
sometimes, you call `cache:clear`, and the command quits without any output, and with 255 status code.
The reason is the `@include` in `Kernel`, which makes everything silent, especially fatal errors (thanks PHP...)
So if the to-be-removed container is broken for some fatal reason, the failure is really bad.
To fix that, here are two measures:
- use `include_once` instead of `require_once` in the dumped container: that's OK there to actually not immediately load the file, any hard failure will happen later anyway, and any soft failure will allow the `cache:clear` command to complete (like when you remove a package)
- register `Application::renderException()` as the main PHP exception handler, via `Debug::ErrorHandler` when it's available
End result when it fails:
instead of a blank output.
Commits
-------
4a5a3f52ab [Console][DI] Fail gracefully
Trying to be clever by filtering commented lines inside
`getNextEmbedBlock()` does not work as expected. The `#` may as well be
part of a multi-line quoted string where it must not be treated as the
beginning of a comment. Thus, we only must ensure that a comment-like
line does not skip the process of getting the next line of the embed
block.
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Add Session::isEmpty(), fix MockFileSessionStorage to behave like the native one
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
MockFileSessionStorage should not create any file when the session is empty. Like the native session storage, it should ignore the metadataBag to decide if the session is empty.
And to prevent AbstractTestSessionListener from registered a wrong cookie, it must have access to this empty state, which is now possible thanks to a new `Session::isEmpty()` method. Implementing is requires access to the internal storage of bags, which is possible via an internal proxy.
Commits
-------
56846ac [HttpFoundation] Add Session::isEmpty(), fix MockFileSessionStorage to behave like the native one
* 3.3:
[VarDumper] Dont use empty(), it chokes on eg GMP objects
[Dotenv] Changed preg_match flags from null to 0
remove upgrade instructions for kernel.root_dir
[HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
[HttpKernel] add a test for FilterControllerEvents
This PR was merged into the 3.3 branch.
Discussion
----------
[VarDumper] Dont use empty(), it chokes on eg GMP objects
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25198
| License | MIT
| Doc PR | -
Commits
-------
1b14173 [VarDumper] Dont use empty(), it chokes on eg GMP objects
This PR was merged into the 3.3 branch.
Discussion
----------
[HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25191
| License | MIT
| Doc PR | none
Coding in the train to Paris !
Commits
-------
d84b47f [HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Add a better error messages when passing a private or non-tagged controller
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25192 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | none
- [x] Add more tests
Commits
-------
b1173f3 [HttpKernel] Add a better error messages when passing a private or non-tagged controller
This PR was merged into the 3.3 branch.
Discussion
----------
[HttpKernel] add a test for FilterControllerEvents
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | no
| Fixed tickets | no <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | no
Commits
-------
b746e8a [HttpKernel] add a test for FilterControllerEvents
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix circular reference when using setters
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I did not manage to make a reproducing test case, yet @deguif provided me an app that I could play with to debug and fix.
Commits
-------
de5eecc [DI] Fix circular reference when using setters
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Clear service reference graph
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (memory usage)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted while playing with the container: we keep this graph in memory even it its stale already.
Clearing it also leave circular refs for the php garbage collector, better clean ourselves.
Commits
-------
2744b41 [DI] Clear service reference graph
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix race condition when clearing old containers
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Missed in #25190: when two concurrent requests create the new container concurrently, the last one would drop the old container files, because the first one just created the `*.legacyContainer` file.
Commits
-------
9d553f533f [HttpKernel] Fix race condition when clearing old containers
* 3.3:
[DI] Fix infinite loop in InlineServiceDefinitionsPass
Do not cache cache attributes if `attributes` is in the context
Test that it do not remove the new flashes when displaying the existing ones
[HttpFoundation] AutExpireFlashBag should not clear new flashes
[FrameworkBundle][Serializer] Remove YamlEncoder definition if Yaml component isn't installed
[DI] Fix tracking of env vars in exceptions
[Form] Don't rely on if http-foundation isn't in FileType
Fix merge
substitute aliases in inline mappings
added ability for substitute aliases when mapping in YAML is on single line
[Console] Fix global console flag when used in chain
* 2.8:
Test that it do not remove the new flashes when displaying the existing ones
[HttpFoundation] AutExpireFlashBag should not clear new flashes
[Form] Don't rely on if http-foundation isn't in FileType
Fix merge
substitute aliases in inline mappings
added ability for substitute aliases when mapping in YAML is on single line
[Console] Fix global console flag when used in chain
* 2.7:
Test that it do not remove the new flashes when displaying the existing ones
[HttpFoundation] AutExpireFlashBag should not clear new flashes
[Form] Don't rely on if http-foundation isn't in FileType
substitute aliases in inline mappings
added ability for substitute aliases when mapping in YAML is on single line
[Console] Fix global console flag when used in chain
This PR was merged into the 3.3 branch.
Discussion
----------
[DI] Fix infinite loop in InlineServiceDefinitionsPass
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a non-shared is involved in a setter-circular loop, the pass enters an infinite loop right now.
Commits
-------
b988aa7 [DI] Fix infinite loop in InlineServiceDefinitionsPass
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Keep legacy container files for concurrent requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25177
| License | MIT
| Doc PR | -
Because concurrent requests might still be using them,
old container files should not be removed immediately,
but on a next dump of the container.
Commits
-------
ee3b6fe642 [HttpKernel] Keep legacy container files for concurrent requests
This PR was merged into the 3.4 branch.
Discussion
----------
[Translation] modify definitions only if the do exist
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the `TranslatorPass` is used an application without the Console
component, the commands will not be registered. Thus, their service
definitions must not be modified.
Commits
-------
eab90ef1cf modify definitions only if the do exist
If the `TranslatorPass` is used an application without the Console
component, the commands will not be registered. Thus, their service
definitions must not be modified.
This PR was squashed before being merged into the 3.4 branch (closes#25160).
Discussion
----------
[DI] Prevent a ReflectionException during cache:clear when the parent class doesn't exist
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Currently, if you just run the following commands:
```
composer create-project -s beta symfony/skeleton:^3.4 test
composer req orm
```
You get the following error:
```
In UniqueEntityValidator.php line 27:
[ReflectionException]
Class Symfony\Component\Validator\ConstraintValidator not found
```
`UniqueEntityValidator` is in the bridge, but it's parent class is in the validator (that is not installed by default). The hot path optimization feature (enabled by default) uses reflection, and the reflection API throws an exception in this specific case.
This PR fixes the error.
Commits
-------
6e622c6 [DI] Prevent a ReflectionException during cache:clear when the parent class doesn't exist
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] don't override existing verbosity env var
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While playing with the changes from #25162 I noticed that setting the `SHELL_VERBOSITY` env var in `phpunit.xml.dist` did not work as the kernel was setting the variable before the logic in the `Logger` class was executed.
Commits
-------
df4d6d6 don't override existing verbosity env var
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Read $_ENV when checking SHELL_VERBOSITY
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Needed so that we can set the env var from `phpunit.xml.dist`.
Commits
-------
7de1af4d53 [HttpKernel] Read $_ENV when checking SHELL_VERBOSITY
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Remove unreachable code
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
#24033 added the ability to ignore uninitialized references, but the regex above the conditional would lead to an `InvalidArgumentException` being thrown.
Commits
-------
ced0857560 Remove unreachable code
This PR was squashed before being merged into the 2.7 branch (closes#25152).
Discussion
----------
[Form] Don't rely on `Symfony\Component\HttpFoundation\File\File` if http-foundation isn't in FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | may need discussion
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Currently `FileType` may depend on `Symfony\Component\HttpFoundation\File\File` regardless `http-foundation` has been installed or not.
It leads to occur the class-not-found error.
(Attached the screen capture, please see below and I provided the representation [here](https://github.com/issei-m/form-bug-representation/issues/1) for your information)
So I ensure `Symfony\Component\HttpFoundation\File\File` does exist, and if not, we don't specify any classes for this type.
While setting no specified class to `data_class` means making [property path behavior changed](7234bfd56a/src/Symfony/Component/Form/Form.php (L229-L231)),
[NativeRequestHandler](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/NativeRequestHandler.php) which is usually expected to be used in non-full-stack env handles a pure array like `$_FILES` holds, fully intended behavior AFAIK.
Commits
-------
a264238e8a [Form] Don't rely on if http-foundation isn't in FileType
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix global console flag when used in chain
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #23876
| License | MIT
| Doc PR |
Because SymfonyCon is great we can create pull request in it ! (this was preparer in the plane and I can push it just right now ;))
Finished in the #SymfonyConHackday2017
Commits
-------
1f8db73 [Console] Fix global console flag when used in chain
* 3.3:
[DI] Dont resolve envs in service ids
Add tests proving it can load annotated files
[WebProfilerBundle] Reset letter-spacing in toolbar
Prefer overflow-wrap to word-break
[Routing] Fix "config-file-relative" annotation loader resources
Make search in debug:container command case-insensitive
`resolveEnvPlaceholders` will return a mixed value
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Update translation commands to work with default paths
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25062
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/8634
This should make translation commands (debug & update) work with `translator.default_path` and `twig.default_path` directories (introduced here in 3.4) and their overridden paths if available.
Would be great to include also the custom paths mapping by the user, either `translator.paths` as `twig.paths`, but I'm not sure about the right way and probably it should be implemented on another branch.
TODO
- [x] Add some tests.
Commits
-------
dc7286625b Update translation commands to work with default paths
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] added ability for substitute aliases when mapping is on single line
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11569
| License | MIT
| Doc PR |
Commits
-------
dd26c80aa9 substitute aliases in inline mappings
675a3fe7f6 added ability for substitute aliases when mapping in YAML is on single line
This PR was squashed before being merged into the 2.7 branch (closes#25102).
Discussion
----------
[Form] Fixed ContextErrorException in FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25063
| License | MIT
| Doc PR | --
Fixed an issue that ContextErrorException occurs when multiple is enabled.
Commits
-------
1b408e6 [Form] Fixed ContextErrorException in FileType
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] Fixing PropertyNormalizer supports parent properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
With 5ecafc5e25 support for parent properties was added to 3.4, but supports method was not updated for child classes without properties.
Commits
-------
a879e4f fixing that PropertyNormalizer supports parent properties
This PR was squashed before being merged into the 3.4 branch (closes#25014).
Discussion
----------
Move deprecation under use statements
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
Commits
-------
0a5b016 Move deprecation under use statements
* 3.3:
[Bridge\PhpUnit] Disable broken auto-require mechanism of phpunit
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 3.3.14
bumped Symfony version to 2.8.32
bumped Symfony version to 2.7.39
updated VERSION for 3.3.13
updated CHANGELOG for 3.3.13
updated VERSION for 2.8.31
updated CHANGELOG for 2.8.31
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
* 2.8:
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 2.8.32
bumped Symfony version to 2.7.39
updated VERSION for 2.8.31
updated CHANGELOG for 2.8.31
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
* 2.7:
[SecurityBundle] Fix syntax error in test
[Console] Remove remaining dead code
bumped Symfony version to 2.7.39
updated VERSION for 2.7.38
updated CHANGELOG for 2.7.38
Replace array|\Traversable by iterable
Fix ambiguous pattern
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Fix ability to disable lazy commands
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Properly throw when running them and don't show them in the list, as for non lazy ones.
Commits
-------
6787d8e [Console] Fix disabling lazy commands
This PR was merged into the 2.7 branch.
Discussion
----------
Replace array|\Traversable by iterable
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Replace `array|\Traversable` by `iterable`, favoring pure API (or less mixed at least :)) and be clear whenever phpdoc is replaced.
https://secure.php.net/manual/en/language.types.iterable.php
Commits
-------
278088931b Replace array|\Traversable by iterable
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Remove remaining dead code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Since they are always re-thrown, no need to catch `\Error` instances at all.
Commits
-------
3822c07f65 [Console] Remove remaining dead code
This PR was merged into the 3.4 branch.
Discussion
----------
[DependencyInjection] Single typed argument can be applied on multiple parameters
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ø
| License | MIT
| Doc PR | ø
I'm @nicolas-grekas' test writer today. This makes the argument resolution working when injecting the same type multiple times (sub-set of PR #24978)
Commits
-------
d51265447d Test that named arguments are prioritized over typehinted
bf7eeef3fb Prove that change is working with tests
2176be74d8 [DI] Fix by-type args injection
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] enter the context in which to validate
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24246
| License | MIT
| Doc PR |
Commits
-------
7359cbe063 [Validator] enter the context in which to validate
This PR was merged into the 2.7 branch.
Discussion
----------
Fix ambiguous pattern
[Validator][Constraints][UrlValidator] Fix domain name pattern.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`\pS` is a unicode character class, `\pS-\.` pretends to be a range which is not. This pattern fails with PCRE2.
Thanks.
Commits
-------
059f59a106 Fix ambiguous pattern
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] remove services resetter even when it's an alias
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
All the other places in the compiler pass do not care whether the
resetter service is aliased or not. Let's just also properly deal with
the case that the services resetter service was aliased by another
bundle.
Commits
-------
f7e634b remove services resetter even when it's an alias
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix service arg resolver for controllers as array callables
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24970
| License | MIT
| Doc PR | ø
Replacing #24970 as I can't push tests directly to @nicolas-grekas' PR.
> As spotted today during a Symfony 4 workshop at SymfonyCon Cluj, setting a controller as an array [SomeController::class, 'helloAction'] works, it is defined as a service, BUT the actions don't get the services as arguments. This is fixing it.
Commits
-------
fc3d3bb [HttpKernel] Fix service arg resolver for controllers as array callables
a9e9f36 Add service value resolver tests Prove that the service value resolver will not work with the array notation
* 3.3:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 3.3.13
updated VERSION for 3.3.12
updated CHANGELOG for 3.3.12
bumped Symfony version to 2.8.31
updated VERSION for 2.8.30
updated CHANGELOG for 2.8.30
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
* 2.8:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 2.8.31
updated VERSION for 2.8.30
updated CHANGELOG for 2.8.30
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
* 2.7:
fixed CS
fixed CS
[Security] Namespace generated CSRF tokens depending of the current scheme
ensure that submitted data are uploaded files
[Console] remove dead code
bumped Symfony version to 2.7.38
updated VERSION for 2.7.37
updated CHANGELOG for 2.7.37
[Security] Validate redirect targets using the session cookie domain
prevent bundle readers from breaking out of paths
This PR was merged into the 2.7 branch.
Discussion
----------
Validate redirect targets using the session cookie domain
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
52b06f1c21 [Security] Validate redirect targets using the session cookie domain
This PR was merged into the 2.7 branch.
Discussion
----------
Prevent bundle readers from breaking out of paths
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
c8f9f916b4 prevent bundle readers from breaking out of paths
This PR was merged into the 2.7 branch.
Discussion
----------
Ensure that submitted data are uploaded files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
f9e210cc7b ensure that submitted data are uploaded files
All the other places in the compiler pass do not care whether the
resetter service is aliased or not. Let's just also properly deal with
the case that the services resetter service was aliased by another
bundle.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] remove dead code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Part of #24961 for 2.7
Commits
-------
65f2b13 [Console] remove dead code
* 3.3:
[DI] Fix dumping with custom base class
[HttpFoundation] Add test
[HttpFoundation] Fix session-related BC break
[Process] Workaround PHP bug #75515 in ProcessTest::testSimpleInputStream()
fix method name
This PR was merged into the 3.3 branch.
Discussion
----------
[DI] Fix dumping with custom base class
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24948
| License | MIT
| Doc PR | -
ping @kbond please confirm it's OK for you
Commits
-------
2dd74ab [DI] Fix dumping with custom base class
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] fix method name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
b862168 fix method name
This PR was squashed before being merged into the 3.4 branch (closes#24928).
Discussion
----------
[Filesystem] toIterable() in favor of toIterator()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Enables to leverage iterable type as of 4.0, but really to avoid any useless `ArrayObject` inits.
Commits
-------
36462d678b [Filesystem] toIterable() in favor of toIterator()
* 3.3:
[Console] Fix traversable autocomplete values
[ExpressionLanguage] Fix PhpDoc type-hints on Token value
bumped Symfony version to 3.3.12
updated VERSION for 3.3.11
updated CHANGELOG for 3.3.11
bumped Symfony version to 2.8.30
updated VERSION for 2.8.29
updated CHANGELOG for 2.8.29
bumped Symfony version to 2.7.37
updated VERSION for 2.7.36
update CONTRIBUTORS for 2.7.36
updated CHANGELOG for 2.7.36
* 2.8:
[Console] Fix traversable autocomplete values
[ExpressionLanguage] Fix PhpDoc type-hints on Token value
bumped Symfony version to 2.8.30
updated VERSION for 2.8.29
updated CHANGELOG for 2.8.29
bumped Symfony version to 2.7.37
updated VERSION for 2.7.36
update CONTRIBUTORS for 2.7.36
updated CHANGELOG for 2.7.36
* 2.7:
[Console] Fix traversable autocomplete values
[ExpressionLanguage] Fix PhpDoc type-hints on Token value
bumped Symfony version to 2.7.37
updated VERSION for 2.7.36
update CONTRIBUTORS for 2.7.36
updated CHANGELOG for 2.7.36
This PR was squashed before being merged into the 3.4 branch (closes#24874).
Discussion
----------
[TwigBridge] Fixed the .form-check-input class in the bs4 templates
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If I am not mistaken, the `form-check-input` class should always be present in inputs of checkboxes and radios
Commits
-------
95a90e4231 [TwigBridge] Fixed the .form-check-input class in the bs4 templates
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Friendlier name for generated container in "as_files" mode
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Noticed while looking at Blackfire profiles of a 3.4 app.
Gives friendlier profiles/stack traces.
Commits
-------
7db5d40a26 [DI] Friendlier name for generated container in "as_files" mode
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix traversable autocomplete values
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
`Question::setAutocompleterValues` implies passing a `\Traversable` value is allowed, yet it doesnt work :) It also restricts the traversable to be countable, which is not really needed (blocking pure API / iterable type as of 4.0).
Commits
-------
965b5b5f8d [Console] Fix traversable autocomplete values
* 3.3:
[Intl] Update ICU data to 60.1
[YAML] Allow to parse custom tags when linting yaml files
[HttpKernel][Debug] Remove noise from stack frames of deprecations
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
[WebserverBundle] fixed the bug that caused that the webserver would …
update the pull request template
[Stopwatch] minor fix
* 2.8:
[Intl] Update ICU data to 60.1
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
update the pull request template
[Stopwatch] minor fix
* 2.7:
[Intl] Update ICU data to 60.1
[Validator] Fix Costa Rica IBAN format
[Bridge/ProxyManager] Remove direct reference to value holder property
[Validator] Add Belarus IBAN format
[FrameworkBundle] Specifically inject the debug dispatcher in the collector
update the pull request template
[Stopwatch] minor fix
This PR was squashed before being merged into the 2.7 branch (closes#24909).
Discussion
----------
[Intl] Update ICU data to 60.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
http://site.icu-project.org/download/60
All tests are passing, including those from the intl-data group.
Commits
-------
cf04e7cefe [Intl] Update ICU data to 60.1
This PR was squashed before being merged into the 3.3 branch (closes#24870).
Discussion
----------
[YAML] Allow to parse custom tags when linting yaml files
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
When using custom tags in yaml, currently the `lint:yaml` command fails since the flag `Yaml::PARSE_CUSTOM_TAGS` is not passed through
Commits
-------
d8dd91d919 [YAML] Allow to parse custom tags when linting yaml files
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] More aggressively aggregate silenced notices per file+line
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24625
| License | MIT
| Doc PR | -
By aggregating silenced notices (deprecations mostly) per file+line instead of just per message, we loose some accuracy, but gain performance.
Commits
-------
9ab7559fb5 [Debug] More aggressively aggregate silenced notices per file+line
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][Lock] Add RedisProxy for lazy Redis connections
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24865
| License | MIT
| Doc PR | -
That's the only provider that is not lazy by default, leading to bad DX (see linked issue.)
Best reviewed [ignoring whitespaces](https://github.com/symfony/symfony/pull/24887/files?w=1).
Commits
-------
1f5e3538d8 [Cache][Lock] Add RedisProxy for lazy Redis connections
This PR was squashed before being merged into the 2.7 branch (closes#24900).
Discussion
----------
[Validator] Fix Costa Rica IBAN format
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Fix Costa Rica IBAN format: https://bank.codes/iban/structure/costa-rica/
Commits
-------
b9b5e18f8b [Validator] Fix Costa Rica IBAN format
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Add "container.hot_path" tag to flag the hot path and inline related services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This PR is the result of my quest to squeeze some performance out of 3.4/4.0.
It builds on two ideas:
- a new `container.inline` tag that identifies the services that are *always* needed. This tag is only applied to a very short list of bootstrapping services (`router`, `event_dispatcher`, `http_kernel` and `request_stack` only). Then, it is propagated to all dependencies of these services, with a special case for event listeners, where only listed events are propagated to their related listeners.
- replacing the PHP autoloader by plain inlined `require_once` in generated service factories, with the benefit of completely bypassing the autoloader for services and their class hierarchy.
The end result is significant, even on a simple Hello World.
Here is the Blackfire profile, results are consistent with `ab` benchmarks:
https://blackfire.io/profiles/compare/b5fa5ef0-755c-4967-b990-572305f8f381/graph
Commits
-------
f7cb559a06 [DI] Add "container.hot_path" tag to flag the hot path and inline related services
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix cannot bind env var
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #24845 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
In #24602 we removed the processing of bindings from the `AbstractRecursivePass`. But there is actually one case where we want a recursive pass to process them: to resolve env param placeholders.
Commits
-------
f8f3a15 [DI] Fix cannot bind env var
This PR was merged into the 3.4 branch.
Discussion
----------
Fix some signatures in PHP-DSLs
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
af85431 Fix some signatures in PHP-DSLs
* 3.3:
Random fixes
Docblock fixes
[HttpKernel] Enhance deprecation message
[SecurityBundle] Fix the datacollector to properly support decision.object being null
This PR was squashed before being merged into the 3.3 branch (closes#24610).
Discussion
----------
[HttpKernel] Enhance deprecation message
Q | A
-- | --
Branch? | 3.4
Bug fix? | no
New feature? | no
BC breaks? | no
Deprecations? | no (Docblock with info on how to handle deprecation)
Tests pass? | yes
Fixed tickets | NA
License | MIT
Doc PR | symfony/symfony-docs#...
Commits
-------
9e9d01684e [HttpKernel] Enhance deprecation message
This PR was merged into the 2.8 branch.
Discussion
----------
Fix dump panel hidden when closing a dump
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
In the dump panel of the debug bar, when closing a dump the panel sometimes get hidden:
This is because when the size of the panel is reduced, if the mouse is not over it anymore, the `:hover` pseudo-class does not apply anymore.
I "fixed" it by setting a min-height on the panel when closing a dump. The min-height is removed when leaving the panel _on purpose_:
For now I only tested it on Firefox 56 on Arch Linux.
Commits
-------
2e0b263d9c Fix dump panel hidden when closing a dump
* 3.3:
[Serializer] Fix extra attributes when no group specified
[Intl] Make intl-data tests pass and save language aliases again
[Console] Fix CommandTester::setInputs() docblock
[Serializer] readd default argument value
[VarDumper] fix trailling comma when dumping an exception
Remove useless docblocks
[FrameworkBundle] Fix docblocks
[PropertyInfo] Remove useless docblocks
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Nullable FormInterface::getPropertyPath()
| Q | A
| ------------- | ---
| Branch? | 4.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24560
| License | MIT
| Doc PR |
`Symfony\Component\Form\Form::getPropertyPath()` returns `null` when the form has an empty name. It allows for unprefixed children.
```php
<?php
namespace App\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\Form\Extension\Core\Type\TextType;
class IndexController extends AbstractController
{
/**
* @Route(name="index")
* @Template()
*/
public function indexAction()
{
$form = $this->get('form.factory')
->createNamedBuilder('')
->add('text', TextType::class)
->getForm();
return [
'form' => $form->createView(),
];
}
}
```
```html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Welcome!</title>
</head>
<body>
<form name="" method="post">
<label for="text">Text</label>
<input type="text" id="text" name="text">
</form>
</body>
</html>
```
But the return type of the `Symfony\Component\Form\FormInterface::getPropertyPath()` is not nullable.
We cannot change the behaviour, obviously. At least it's useful in API controllers.
So I decided to change the doc block of the interface.
Commits
-------
d56632a45f FormInterface::getPropertyPath(): PropertyPathInterface|null
This PR was merged into the 3.3 branch.
Discussion
----------
[Serializer] Fix extra attributes when no group specified
| Q | A
| ------------- | ---
| Branch? | 3.3 <!-- see comment below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #24783 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
~~Two commits, for two possible solutions, but I think the last one is probably the most efficient one, as the first one will also impact normalization and systematically try to intersect allowedAttributes and extractedAttributes.~~
Commits
-------
d1b343c015 [Serializer] Fix extra attributes when no group specified
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix "almost-circular" dependencies handling
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19362, #24775
| License | MIT
| Doc PR | -
In a situation like the following one, we used to trigger a circular reference exception. But this was a false positive, as the reference is resolvable without hitting the circle. Fixing this exception could be considered as a new feature (because no existing config needs it, since it fails). But for 3.4, this should be considered a bug fix, as reported in #24775: not handling this situation now means creating broken service trees.
``` php
$containerBuilder = new ContainerBuilder();
$container->register('foo', FooCircular::class)->setPublic(true)
->addArgument(new Reference('bar'));
$container->register('bar', BarCircular::class)
->addMethodCall('addFoobar', array(new Reference('foobar')));
$container->register('foobar', FoobarCircular::class)
->addArgument(new Reference('foo'));
$foo = $containerBuilder->get('foo');
```
Commits
-------
beb4df712c [DI] Fix "almost-circular" dependencies handling
This PR was squashed before being merged into the 2.7 branch (closes#24814).
Discussion
----------
[Intl] Make intl-data tests pass and save language aliases again
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Due to changes in ICU 5.5 aliases were not being saved since that version.
Commits
-------
661a4b6 [Intl] Make intl-data tests pass and save language aliases again
This PR was squashed before being merged into the 3.4 branch (closes#24774).
Discussion
----------
[HttpKernel] Let the storage manage the session starts
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24730
| License | MIT
| Doc PR | ø
HttpKernel's request collector should not really care if the session has started or not, be let the storage decide. Without the session, it is not possible to track the redirected pages.
I don't think the consideration of "we should not start the session if not needed by the user's code" applies here as if this is running, that is very likely that the user is running the dev environment anyway.
Commits
-------
95d0b7235f [HttpKernel] Let the storage manage the session starts
* 3.3:
removed extra whitespace
Removes \n or space when / are empty
[HttpFoundation] add Early Hints in Reponse to fix test
Throwing exception if redis and predis unavailable
This PR was squashed before being merged into the 3.4 branch (closes#24728).
Discussion
----------
[Bridge\Twig] fix bootstrap checkbox_row to render properly & remove spaceless
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24711
| License | MIT
| Doc PR | -
As discussed in #24711 i reverted the change i did in `bootstrap_3_layout.html.twig` (which caused an unnecessary empty div-container in the vertical-layout), added the `checkbox_row` block to the `bootstrap_3_horizontal_layout.html.twig` and removed `spaceless` (as proposed in #24727).
since i added `{#--#}` in bootstrap 3, i did the same for the same horizontal blocks in bootstrap 4 as well.
I moved the `form_label_class` & `form_group_class` blocks to the top of `bootstrap_3_horizontal_layout.html.twig` & `bootstrap_4_horizontal_layout.html.twig`, this should improve DX as they were spreaded across the file.
#24702 affected the bootstrap 4 horizontal layout as well, so i added the `checkbox_row` block to bootstrap 4 too.
ping @fabpot @nicolas-grekas
Commits
-------
f84749f745 [Bridge\Twig] fix bootstrap checkbox_row to render properly & remove spaceless
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Move services reset to Kernel::handle()+boot()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24552
| License | MIT
| Doc PR | -
This is an alternative to #24697 (which uses middlewares).
This PR adds a new `services_resetter` service that the Kernel calls on 2nd root requests to reset services.
Instead of #24697 which plans for optional enabling of the services reset, this approach moves the responsibility of calling the services resetter to the core Kernel class, so that no configuration/middleware/etc. is required at all, and no overhead exists at all for regular requests.
Commits
-------
4501a3688b [HttpKernel] Move services reset to Kernel
* 3.3:
Fixing a bug where non-existent classes would cause issues
[SecurityBundle] hotfix: update phpdocs on logout url
[FrameworkBundle] Do not load property_access.xml if the component isn't installed
Fixed a few spelling mistakes in Luxembourgish translation
* 2.8:
[SecurityBundle] hotfix: update phpdocs on logout url
[FrameworkBundle] Do not load property_access.xml if the component isn't installed
Fixed a few spelling mistakes in Luxembourgish translation
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Mark new methods on Response as final
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
a913f70583 [HttpFoundation] Mark new methods on Response as final
* 3.3:
Ensure DeprecationErrorHandler::collectDeprecations() is triggered
[FrameworkBundle] Allow to disable assets via framework:assets xml configuration
fixed $_ENV/$_SERVER precedence in test framework
[HttpFoundation] Fix FileBag issue with associative arrays
[DI] Throw when a service name or an alias contains dynamic values (prevent an infinite loop)
fix the phpdoc that is not really inherited from response
Minor docblock cleanup
Remove redundant sprintf arguments.
* 2.8:
[HttpFoundation] Fix FileBag issue with associative arrays
fix the phpdoc that is not really inherited from response
Minor docblock cleanup
Remove redundant sprintf arguments.
* 2.7:
[HttpFoundation] Fix FileBag issue with associative arrays
fix the phpdoc that is not really inherited from response
Minor docblock cleanup
Remove redundant sprintf arguments.
This PR was squashed before being merged into the 3.4 branch (closes#24701).
Discussion
----------
Config: mark builder property deprecated
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR |
`builder` protected property is not used at all in class. Mark as deprecated to enable removing asap. This is to avoid keeping dead code up to symfony `5.0` and still having this dead code in the `4.4` LTS version
Commits
-------
206fb74 Config: mark builder property deprecated
This PR was merged into the 3.3 branch.
Discussion
----------
Fix $_ENV/$_SERVER precedence in test framework
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When defining env vars values in `phpunit.xml.dist`, we are using `<env ...>`. PHPUnit registers those env vars in `$_ENV`, but not in `$_SERVER`. This means that those values might not be used by Symfony if env vars defined in `.env` are automatically registered (which is my case).
In any case, I think it makes sense to make `$_ENV` take precedence as this is how we register them in `phpunit.xml.dist`.
Commits
-------
6ed9919d24 fixed $_ENV/$_SERVER precedence in test framework
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor docblock fixes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As found in #24611
Commits
-------
0c9edaf [DI] minor docblock fixes
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Handle container.autowiring.strict_mode to opt-out from legacy autowiring
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
To preserve BC, autowiring still wires things in hybrid 2.8/3.3 modes.
But 2.8 mode is really a foot gun.
I propose to add a new parameter in SF3.4, to opt-out of this 2.8 mode, and enable this strict mode for all new projects.
WDYT?
(see https://github.com/symfony/recipes/pull/221 for corresponding change on Flex recipe)
Commits
-------
a4a0ae2 [DI] Handle container.autowiring.strict_mode to opt-out from legacy autowiring
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Fix missing BC layer for AbstractGuardAuthenticator::getCredentials()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
If a guard authenticator extends `AbstractGuardAuthenticator` and returns `null` from `getCredentials()`, an `\UnexpectedValueException` is thrown when upgrading to 3.4 because the abstract already implements the new interface.
This triggers a deprecation notice instead.
Commits
-------
b6bb84b [Security] Fix BC layer for AbstractGuardAuthenticator subclasses
Fixessymfony/symfony#24652
Trailing backslash, being unescaped, used to escape closing formatting
tag and, thus, formatting tag appeared in autocompletion
* 3.3: (22 commits)
[Routing] Fix resource miss
[Security] Fixed auth provider authenticate() cannot return void
declare argument type
[FrameworkBundle][Serializer] Move normalizer/encoders definitions to xml file & remove unnecessary checks
streamed response should return $this
$isClientIpsVali is not used
content can be a resource
Adding the Form default theme files to be warmed up in Twig's cache
Remove BC Break label from `NullDumper` class
Username and password in basic auth are allowed to contain '.'
Remove obsolete PHPDoc from UriSigner
[Serializer] YamlEncoder: throw if the Yaml component isn't installed
[Serializer] ObjectNormalizer: throw if PropertyAccess isn't installed
[PropertyInfo] Add support for the iterable type
pdo session fix
Fixed pathinfo calculation for requests starting with a question mark. - fix bad conflict resolving issue - port symfony/symfony#21968 to 3.3+
Fixed unsetting from loosely equal keys OrderedHashMap
add DOMElement as return type in Crawler::getIterator to support foreach support in ide
Fixed mistake in exception expectation
[Debug] Fix same vendor detection in class loader
...
* 2.8:
[Routing] Fix resource miss
[Security] Fixed auth provider authenticate() cannot return void
declare argument type
streamed response should return $this
content can be a resource
Adding the Form default theme files to be warmed up in Twig's cache
* 2.7:
[Security] Fixed auth provider authenticate() cannot return void
declare argument type
streamed response should return $this
content can be a resource
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fixed auth provider authenticate() cannot return void
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (arguably)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The `AuthenticationManagerInterface` [requires](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Security/Core/Authentication/AuthenticationManagerInterface.php#L30) that `authenticate()` must return a TokenInterface, never null. Several authentication providers are violating this. Changed to throw exception instead.
See discussion in earlier PR https://github.com/symfony/symfony/pull/24585 which was changing the docblock rather than the implementations.
Commits
-------
6e18b56b77 [Security] Fixed auth provider authenticate() cannot return void
This PR was merged into the 2.7 branch.
Discussion
----------
declare type AcceptHeaderItem for array_map
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In `array_filter` , argument type is declared.
https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/HttpFoundation/AcceptHeader.php#L133
So It's natural to do so in `array_map` too.
Commits
-------
ab8f5be40c declare argument type
The AuthenticationManagerInterface requires that authenticate() must return a TokenInterface, never null.
Several authentication providers are violating this. Changed to throw exception instead.
This PR was merged into the 2.7 branch.
Discussion
----------
content can be a resource
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes (bug in a comment)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
c63742daef content can be a resource
* 2.8:
Username and password in basic auth are allowed to contain '.'
Remove obsolete PHPDoc from UriSigner
[Serializer] ObjectNormalizer: throw if PropertyAccess isn't installed
[PropertyInfo] Add support for the iterable type
pdo session fix
Fixed unsetting from loosely equal keys OrderedHashMap
[Debug] Fix same vendor detection in class loader
Updated the source text and translation
reject remember-me token if user check fails
* 2.7:
Username and password in basic auth are allowed to contain '.'
Remove obsolete PHPDoc from UriSigner
[Serializer] ObjectNormalizer: throw if PropertyAccess isn't installed
pdo session fix
Fixed unsetting from loosely equal keys OrderedHashMap
[Debug] Fix same vendor detection in class loader
Updated the source text and translation
reject remember-me token if user check fails
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Don't bind scalar values to controller method arguments
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/24555#issuecomment-337071029
| License | MIT
| Doc PR | -
See linked issue.
Let's suppose we have this configuration:
```yaml
services:
_defaults:
# ...
bind:
$foo: '%foobar%'
```
`$foo` was successfully bound to any controller constructor, but in another controller I have this edit action (nothing to do with the intention of bind such a parameter, but it has the same name):
```php
/**
* @Route("/{foo}/edit")
*/
public function editAction(string $foo) {}
```
triggering:
> Type error: Argument 1 passed to Symfony\Component\DependencyInjection\Argument\ServiceClosureArgument::__construct() must be an instance of Symfony\Component\DependencyInjection\Reference, string given, called in /home/yceruto/github/symfony/symfony-demo/vendor/symfony/dependency-injection/Compiler/ServiceLocatorTagPass.php on line 81
or after https://github.com/symfony/symfony/pull/24582:
> Invalid service locator definition: only services can be referenced, "string" found for key "foo". Inject parameter values using constructors instead.
Commits
-------
a1df9af20f don't bind scalar values to controller method arguments
This PR was merged into the 2.7 branch.
Discussion
----------
Username and password in basic auth are allowed to contain '.'
Initially reported by Fede Isas in https://github.com/beberlei/assert/pull/234
| Q | A
| ------------- | ---
| Branch? | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
e5d57dd050 Username and password in basic auth are allowed to contain '.'
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Do not process bindings in AbstractRecursivePass
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24559
| License | MIT
| Doc PR | n/a
Commits
-------
6a6256c6a8 Do not process bindings in AbstractRecursivePass
This PR was merged into the 3.3 branch.
Discussion
----------
add DOMElement as return type in Crawler::getIterator to support foreach support in ide
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
In `Crawler::getIterator` return type is missing so ide (PhpStorm) is not able to provide completion inside foreach statements. This PR adds `DOMElement[]` to it
```php
$crawler = new Crawler('foobar');
foreach($crawler->filter('a') as $link) {
# support completion
$link->...
}
```
Commits
-------
2350597288 add DOMElement as return type in Crawler::getIterator to support foreach support in ide
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix same vendor detection in class loader
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fix about same vendor detection in ClassLoader. Actually, detected namespace for `Doctrine\ORM\Configuration` is `Doctrine\ORM` instead of `Doctrine\`. So deprecations are triggered for classes in same namespace.
Commits
-------
d2ab0d8019 [Debug] Fix same vendor detection in class loader
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Make sessions secure and lazy
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | not yet
| Fixed tickets | #6388, #6036, #12375, #12325
| License | MIT
| Doc PR | -
The `SessionUpdateTimestampHandlerInterface` (new to PHP 7.0) is mostly undocumented, and just not implemented anywhere. Yet, it's required to implement session fixation preventions and lazy write in userland session handlers (there is https://wiki.php.net/rfc/session-read_only-lazy_write which describes the behavior.)
By implementing it, we would make Symfony session handling much better and stronger. Meanwhile, doing some cookie headers management, this also gives the opportunity to fix the "don't start if session is only read issue".
So, here we are for the general idea. Now needs more (and green) tests, and review of course.
Commits
-------
347939c9b3 [HttpFoundation] Make sessions secure and lazy
This PR was merged into the 3.3 branch.
Discussion
----------
[3.3] Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24487
| License | MIT
| Doc PR | no
Fix of bad merge conflict resolving as mentioned in #24487. Port #21968 to 3.3+
Commits
-------
c17a92259a Fixed pathinfo calculation for requests starting with a question mark. - fix bad conflict resolving issue - port symfony/symfony#21968 to 3.3+
This PR was squashed before being merged into the 3.4 branch (closes#24556).
Discussion
----------
[Routing] Ensure uniqueness without repeated check
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The RouteCollection ensures uniqueness of resources by using array_unique. The current implementation suffers from the following problems.
1. The array_unique method calls __toString for every element in the array but it is very inefficient in terms of the number of calls made. I.e. if the array has 50 elements it does not do 50 __toString calls. I did some tests with Blackfire in PHP 7.1 and found the following numbers.
25 elements => 240 calls
50 elements => 607 calls
100 elements => 1382 calls
200 elements => 3333 calls
2. The array_unique function is called every time the getResources() method is called, even when the resources did not change in the mean time. Combined with the above this leads to lower performance.
Many applications have a low number of routes so this is not a big issue. But for larger applications or bundles that generate routes (i.e. for CRUD or API / doc generation) this will have a bigger impact.
Commits
-------
16f7281178 [Routing] Ensure uniqueness without repeated check
This PR was merged into the 3.3 branch.
Discussion
----------
Fixed mistake in exception expectation
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In some cases, (5 to be exact), the `expectException` is misused while attempting to provide compatibility with the older `setExpectedException` by making use of a non-existent parameter.
Firstly, this makes the tests inconsistent (old PHPUnit version test exception message, while newer one doesn't). Secondly, if PHPUnit interface suddenly starts making use of a 2nd parameter in `expectException`, the existing code might break or cause unexpected side-effects.
Original report: 87bb726712 (commitcomment-24848315)
Commits
-------
03be003 Fixed mistake in exception expectation
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Reject remember-me token if UserCheckerInterface::checkPostAuth() fails
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24525
| License | MIT
| Doc PR | -
I think this is a security hole - a user can remain logged in with a remember me cookie even though they can no longer pass `UserCheckInterface::checkPostAuth()` (could be disabled).
This is a small BC break but shouldn't be an issue as I think it is a bug. I don't think this requires a BC layer but if so, I can add.
Commits
-------
fe190b6ee9 reject remember-me token if user check fails
* 3.3:
[BrowserKit] Handle deprecations triggered in insulated requests
[Bridge\PhpUnit] Handle deprecations triggered in separate processes
[Validator] added magic method __isset() to File Constraint class
[DI] Fix possible incorrect php-code when dumped strings contains newlines
[Translation] minor: remove unused variable in test
never match invalid IP addresses
* 2.8:
[Validator] added magic method __isset() to File Constraint class
[DI] Fix possible incorrect php-code when dumped strings contains newlines
[Translation] minor: remove unused variable in test
never match invalid IP addresses
* 2.7:
[Validator] added magic method __isset() to File Constraint class
[DI] Fix possible incorrect php-code when dumped strings contains newlines
[Translation] minor: remove unused variable in test
never match invalid IP addresses
This PR was squashed before being merged into the 3.4 branch (closes#24321).
Discussion
----------
added ability to handle parent classes for PropertyNormalizer
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #24152 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the 3.4,
legacy code removals go to the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
This adds the ability for PropertyNormalizer to normalize/denormalize properties from parent classes.
Commits
-------
5ecafc5e25 added ability to handle parent classes for PropertyNormalizer
This PR was merged into the 3.4 branch.
Discussion
----------
[Console][HttpKernel] Handle new SHELL_VERBOSITY env var, also configures the default logger
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
On the CLI, the behavior of the new default logger is not nice: it's verbosity is controlled by `kernel.debug`, where I would expect to be able to control it by mean of verbosity.
To achieve this, I propose to handle a new `SHELL_VERBOSITY` env var, and use it to control both commands' verbosity, and the logger's log level.
Commits
-------
87bd741f2d [Console][HttpKernel] Handle new SHELL_VERBOSITY, also configures the default logger
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] never match invalid IP addresses
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24424
| License | MIT
| Doc PR |
Commits
-------
8ad32f0ef5 never match invalid IP addresses
* the `phpdocumentor/type-resolver` package was not PHP 7.2 compatible
before release 0.2.1 (see see phpDocumentor/TypeResolver@e224fb2)
* the validator must not call `get_class()` if no object but a class
name was passed to the `validatePropertyValue()` method
* 2.8:
fix merge
Fix 7.2 compat layer
Fix PHP 7.2 support
[HttpFoundation] Add missing session.lazy_write config option
[HttpFoundation] Combine Cache-Control headers
[Form] fix parsing invalid floating point numbers
Escape command usage when displaying it in the text descriptor
Use for=ID on radio/checkbox label.
* 2.7:
Fix 7.2 compat layer
Fix PHP 7.2 support
[HttpFoundation] Add missing session.lazy_write config option
[HttpFoundation] Combine Cache-Control headers
[Form] fix parsing invalid floating point numbers
Escape command usage when displaying it in the text descriptor
Use for=ID on radio/checkbox label.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Combine Cache-Control headers
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If multiple `Cache-Control` headers are added to a `ResponseHeaderBag`, only the first is returned by `$bag->get('Cache-Control')`.
Commits
-------
1f76a70b6f [HttpFoundation] Combine Cache-Control headers
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Throw accurate failures when accessing removed services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24444
| License | MIT
| Doc PR | -
See linked issue.
This will throw a useful message when accessing a removed service.
When setting a removed service, a deprecation notice will be thrown also so that in master we can throw an exception then.
Commits
-------
fe7f26d4f3 [DI] Throw accurate failures when accessing removed services
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Prefixed env vars and load time inlining are incompatible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
That's because env var processors are not registered yet.
Commits
-------
91c9287c55 [DI] Prefixed env vars and load time inlining are incompatible
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Turn private defs to non-public ones before removing passes
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24465
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/issues/24465#issuecomment-334786670.
Commits
-------
e5d0934b87 [DI] Turn private defs to non-public ones before removing passes
This PR was merged into the 2.7 branch.
Discussion
----------
Fix support for PHP 7.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #23671
| License | MIT
| Doc PR | -
There are still the deprecation problem with phpunit since it use `each()`.
There are 3 tests linked to session that I don't know how to fix / what to do, do you have any idea @nicolas-grekas ?
Commits
-------
fdf285b5c9 Fix 7.2 compat layer
e229dd0302 Fix PHP 7.2 support
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Exclude inline services declared in XML from autowiring candidates
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24311
| License | MIT
| Doc PR | -
As reported in #24311, inline services should not be candidates for autowiring.
This PR fixes the issue, but is submitted against 3.4 because there is a potential BC break here, for ppl that didn't realize they relied on this (already deprecated) behavior.
We *could* not merge this PR and consider the deprecation is fine - but in practice, the WTF is hitting several ppl already AFAIK, so we should close that door IMHO.
Commits
-------
d90e7212ea [DI] Exclude inline services declared in XML from autowiring candidates
This PR was merged into the 3.3 branch.
Discussion
----------
[DependencyInjection] remove unused fixtures file
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I was wondering why the conflict markers in the `master` branch (see b6e9471ded/src/Symfony/Component/DependencyInjection/Tests/Fixtures/php/services31.php (L43-L52)) did not cause any issues. Turned out that this fixtures file was not used anymore (it was only partially removed in #23022).
Commits
-------
3702e5ff37 remove unused fixtures file
This PR was merged into the 3.4 branch.
Discussion
----------
[Workflow] add guard is_valid() method support
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | Yes
| License | MIT
Workflow guard configuration support expression language like **is_fully_authenticated()**, **has_role()** or **is_granted()**, etc...
I would like to add the support for a new **is_valid()** expression.
Configuration allow to validate subject against specific validation groups to check if a transition can be applied.
In the next configuration exemple, my issue must validate "affectable" validation group to apply "affect" transistion:
```yaml
framework:
workflows:
issue:
marking_store:
type: single_state
arguments:
- state
supports: AppBundle\Entity\Issue
initial_place: created
places:
- created
- affected
- closed
transitions:
affect:
guard: "is_valid(subject, ['affectable'])"
from: created
to: affected
close:
from: completed
to: closed
```
Commits
-------
06d8198714 [Workflow] Added tests for the is_valid() guard expression
9499bc291c [Workflow] Added guard 'is_valid()' method support
* 3.3: (23 commits)
bumped Symfony version to 3.3.11
updated VERSION for 3.3.10
updated CHANGELOG for 3.3.10
bumped Symfony version to 2.8.29
updated VERSION for 2.8.28
updated CHANGELOG for 2.8.28
bumped Symfony version to 2.7.36
updated VERSION for 2.7.35
update CONTRIBUTORS for 2.7.35
updated CHANGELOG for 2.7.35
[Session] fix MongoDb session handler to gc all expired sessions
Updated Test name and exception name to be more accurate
newline at end of file
changed exception message
Ahh, I see. It actually wants a newline!
Removed newline
Created new Exception to throw and modified tests.
Created new Exception to throw and modified tests
Code standard fixes
Changed automatic token generation to throw an exception instead
...
* 2.8:
bumped Symfony version to 2.7.36
updated VERSION for 2.7.35
update CONTRIBUTORS for 2.7.35
updated CHANGELOG for 2.7.35
[Session] fix MongoDb session handler to gc all expired sessions
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Look at headers for switch_user username
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24260
| License | MIT
| Doc PR | n/a
Allowing `switch_user.parameter` config node to be a header name.
It's supported by SwitchUserStatelessBundle and I think it makes sense.
Forgotten in #24260 so targets 3.4 but not a blocker.
Commits
-------
3c801951c8 [Security] Look at headers for switch user username parameter
* 2.7:
bumped Symfony version to 2.7.36
updated VERSION for 2.7.35
update CONTRIBUTORS for 2.7.35
updated CHANGELOG for 2.7.35
[Session] fix MongoDb session handler to gc all expired sessions
This PR was merged into the 3.3 branch.
Discussion
----------
Added support for guards when advancing workflow from a command
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23904
| License | MIT
| Doc PR | symfony/symfony-docs
Added support for advancing a workflow from the command line when the transition has guards.
Commits
-------
15fd863112 Updated Test name and exception name to be more accurate
fefc20233b newline at end of file
8f2fa6b047 changed exception message
49839e3c28 Ahh, I see. It actually wants a newline!
2c9d1e2d42 Removed newline
92308b4815 Created new Exception to throw and modified tests.
2ebc71a616 Created new Exception to throw and modified tests
3a8b2eded1 Code standard fixes
22b44e251f Changed automatic token generation to throw an exception instead
8ab59cb1c2 Updated if statement
324c208e12 Code standards update
b044ffb4a2 Added support for guards when advancing workflow from a command
This PR was merged into the 3.4 branch.
Discussion
----------
[Session] deprecate MemcacheSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
memcache extension didn't get a release since 4.5 years and is not compatible with PHP 7. see https://pecl.php.net/package/memcache
also the cache and lock components only provide adapters for memcached as well, no memcache
Commits
-------
989326b988 [Session] deprecate MemcacheSessionHandler
* 3.3:
[FrameworkBundle] Fix bad interface hint in AbstractController
[DI] Improve some deprecation messages
[Cache] Fix race condition in TagAwareAdapter
[Yaml] parse references on merge keys
treat trailing backslashes in multi-line strings
This PR was merged into the 3.4 branch.
Discussion
----------
[Bridge\Doctrine][FrameworkBundle] Deprecate some remaining uses of ContainerAwareTrait
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
With this PR, the last two remaining uses of ContainerAwareTrait will be `Symfony\Component\HttpKernel\Bundle\Bundle` and `Symfony\Bundle\FrameworkBundle\Controller\Controller`.
For Bundle, I think it's legitimate, for Controller, I think it's not, but that we should wait for 4.1 before considering its deprecation, alongside with `ContainerAwareCommand` (maybe).
Commits
-------
df9c8748e3 [Bridge\Doctrine][FrameworkBundle] Deprecate some remaining uses of ContainerAwareTrait
This PR was squashed before being merged into the 3.4 branch (closes#24438).
Discussion
----------
[Session][VarDumper] Deprecate accepting legacy mongo extension
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The old ext-mongo is deprecated and does not work with PHP 7. See http://php.net/manual/en/mongo.setup.php
People should use mongodb/mongodb and ext-mongodb instead. This deprecates functionality using the old ext-mongo classes.
Commits
-------
d535ff60c2 [VarDumper] deprecate MongoCaster
6651af07c2 [HttpFoundation] deprecate using with the legacy mongo extension; use it with the mongodb/mongodb package and ext-mongodb instead
This PR was merged into the 3.3 branch.
Discussion
----------
[Cache] Fix race condition in TagAwareAdapter
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24240
| License | MIT
| Doc PR | -
This code is not needed, and might create a race condition (see linked issue). Let's drop it.
When no tags are set on an item, this stores an empty tags array, instead of deleting the tags array entry at all.
Commits
-------
fa24fa8a3c [Cache] Fix race condition in TagAwareAdapter
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Add Guard authenticator <supports> method
This method will be called before starting an authentication against a guard authenticator.
The authentication will be tried only if the supports method returned `true`
This improves understanding of code, increase consistency and removes responsability for `getCredentials` method to decide if the current request should be supported or not.
| Q | A |
| --- | --- |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | yes |
| Deprecations? | yes |
| Tests pass? | yes |
| Fixed tickets | none |
| License | MIT |
| Doc PR | |
Commits
-------
78eecba780 Fix BC layer
a7a6f8a678 [Security] Add Guard authenticator <supports> method
This method will be called before starting an authentication against a guard authhenticator.
The authentication will be tried only if the supports method returned <true>
This improves understanding of code, increase consistency and removes responsability for <getCredentials> method
To decide if the current request should be supported or not.
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] fix refreshing line numbers for the inline parser
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
5518896c26 fix refreshing line numbers for the inline parser
* 3.3: (23 commits)
Tests and fix for issue in array model data in EntityType field with multiple=true
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
removed useless PHPDoc
[Form] Fix FormInterface::submit() annotation
[PHPUnitBridge] don't remove when set to empty string
PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_per_character > 4
HttpCache does not consider ESI resources in HEAD requests
Fix translation for "This field was not expected"
[Routing] Enhance Route(Collection) docblocks
Added improvement for accuracy in MoneyToLocalizedStringTransformer.
Removed unused private property
Use correct verb form in the pull request template
Use PHP_MAXPATHLEN in Filesystem.
Added null as explicit return type (?TokenInterface)
[FrameworkBundle] Fix Routing\DelegatingLoader
Render all line breaks according to the exception message
[Form] Fix phpdoc
[DI] remove confusing code
[Form] Fixed GroupSequence with "constraints" option
[Validator] Clarify UUID validator behavior
...
* 2.8: (22 commits)
Tests and fix for issue in array model data in EntityType field with multiple=true
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
removed useless PHPDoc
[Form] Fix FormInterface::submit() annotation
PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_per_character > 4
HttpCache does not consider ESI resources in HEAD requests
Fix translation for "This field was not expected"
[Routing] Enhance Route(Collection) docblocks
Added improvement for accuracy in MoneyToLocalizedStringTransformer.
Removed unused private property
Use correct verb form in the pull request template
Use PHP_MAXPATHLEN in Filesystem.
Added null as explicit return type (?TokenInterface)
[FrameworkBundle] Fix Routing\DelegatingLoader
Render all line breaks according to the exception message
[Form] Fix phpdoc
[DI] remove confusing code
[Form] Fixed GroupSequence with "constraints" option
[Validator] Clarify UUID validator behavior
[Filesystem] Fixed makePathRelative
...
* 2.7: (22 commits)
Tests and fix for issue in array model data in EntityType field with multiple=true
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
removed useless PHPDoc
[Form] Fix FormInterface::submit() annotation
PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_per_character > 4
HttpCache does not consider ESI resources in HEAD requests
Fix translation for "This field was not expected"
[Routing] Enhance Route(Collection) docblocks
Added improvement for accuracy in MoneyToLocalizedStringTransformer.
Removed unused private property
Use correct verb form in the pull request template
Use PHP_MAXPATHLEN in Filesystem.
Added null as explicit return type (?TokenInterface)
[FrameworkBundle] Fix Routing\DelegatingLoader
Render all line breaks according to the exception message
[Form] Fix phpdoc
[DI] remove confusing code
[Form] Fixed GroupSequence with "constraints" option
[Validator] Clarify UUID validator behavior
[Filesystem] Fixed makePathRelative
...
This PR was squashed before being merged into the 2.7 branch (closes#23980).
Discussion
----------
Tests and fix for issue in array model data in EntityType field with multiple=true
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| License | MIT
| Fixed tickets | #23927
Provided some tests and the fix for #23927.
Rebased to 2.7, replaces #23930
Commits
-------
aaba6b4c2b Tests and fix for issue in array model data in EntityType field with multiple=true
This PR was squashed before being merged into the 3.4 branch (closes#22132).
Discussion
----------
[Lock] Automaticaly release lock when user forget it
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The objective of this PR is to automatically release the Lock when the user forget to call the `release` method (like the `fclose` function does in, php core).
The implementation is comparable to #22115 but the purpose is not the same.
I create a new PR to not mix things.
Commits
-------
2eedc1fd37 [Lock] Automaticaly release lock when user forget it
This PR was squashed before being merged into the 2.7 branch (closes#22586).
Discussion
----------
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see comment below -->
| Bug fix? | yes-ish
| New feature? | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | <!-- #-prefixed issue number(s), if any -->
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Implements the same behaviour that `NumberToLocalizedStringTransformer` in order to accept both comma and dot implemented in #5941
Commits
-------
f96a7f81b8 [Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
This PR was merged into the 3.4 branch.
Discussion
----------
Bootstrap4 support for Twig form theme
**This PR is a followup from #19648. That PR was closed because GitHub thought my branch contained no commits after a force push...**
| Q | A |
| --- | --- |
| Branch? | master |
| Bug fix? | no |
| New feature? | yes |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #16289 |
| License | MIT |
| Doc PR | - |
I have made a port of the Twig form theming code for Bootstrap 3 to the α-5 version of Bootstrap 4.
- The (inheritance) structure of the form theming files has changed because a number of blocks are the same between BS 3 and 4. They have been migrated to `bootstrap_base_layout.html.twig`.
The new tree is as follows:
```
bootstrap_base_layout.html.twig
|-- bootstrap_3_layout.html.twig
| `-- bootstrap_3_horizontal_layout.html.twig
`-- bootstrap_4_layout.html.twig
`-- bootstrap_4_horizontal_layout.html.twig
```
- Any occurances of `.form-horizontal` have been removed from the BS 4 code.
- Checkboxes and radio buttons have been stacked using the `.form-check`, `.form-check-label` and `.form-check-input` classes. There is now no distinction between checkboxes and radio buttons in the markdown.
- All layout tests have been added and updated for BS4. The inheritance tree is as follows:
```
AbstractLayoutTest
`-- AbstractBootstrap3LayoutTest
|-- AbstractBootstrap3HorizontalLayoutTest
`-- AbstractBootstrap4LayoutTest
`-- AbstractBootstrap4HorizontalLayoutTest
```
All tests pass. The classes `FormExtensionBootstrap4LayoutTest` and `FormExtensionBootstrap4HorizontalLayoutTest` have been created similarly to the BS 3 versions.
- ~~The label coloring on an validation is not correct. I've made an issue (twbs/bootstrap#20535) of the problem.~~
- No [custom form elements](http://v4-alpha.getbootstrap.com/components/forms/#custom-forms) have been used.
- A docs PR can be created if this PR is accepted.
- The new code might have to be updated if large changes occur in the BS 4 α.
Screenshot of BS3 and 4 comparison for the same form:
Commits
-------
f12e5887ff Removed unneeded wrapping quotes around a Twig key
709f134dc8 Removed unneeded wrapping quotes around a Twig key
4222d54a53 Initial commit for Bootstrap 4 form theme, based on Bootstrap 3 form theme
This PR was merged into the 2.7 branch.
Discussion
----------
[Intl] Fixed support of Locale::getFallback
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24154
| License | MIT
| Doc PR |
Commits
-------
256055218e [Intl] Fixed support of Locale::getFallback
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix file upload multiple with no files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
```php
<form method="post" enctype="multipart/form-data">
<input type="file" multiple name="img[]">
<input type="submit">
</form>
<?php
$loader = require __DIR__ . '/../app/autoload.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
var_export($request->files->all()['img']);
}
```
Expected result when I send the form without any files:
```
array ()
```
Actual result:
```
array ( 0 => NULL, )
```
This causes a problem later when using FileType with multiple option - if no files are sent the form data are `[0 => '']` instead of `[]`.
Of course I need to add a test for this.
Commits
-------
d4f6039dcd [HttpFoundation] Fix file upload multiple with no files
This PR was squashed before being merged into the 3.4 branch (closes#24374).
Discussion
----------
[HttpFoundation] Return instance in StreamedResponse
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the 3.4,
legacy code removals go to the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
2080582a75 [HttpFoundation] Return instance in StreamedResponse
This PR was squashed before being merged into the 3.4 branch (closes#24300).
Discussion
----------
[HttpKernel][FrameworkBundle] Add a minimalist default PSR-3 logger
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR provides a minimalist PSR-3 logger that is always available when FrameworkBundle is installed.
By default, it writes errors on `stderr`, regular logs on `stdout` and discards debug data (this is configurable).
This approach has several benefits:
- It's what expect from an app logging systems of major containerization and orchestration tools including [Docker](https://docs.docker.com/engine/admin/logging/view_container_logs/) and [Kubernetes](https://kubernetes.io/docs/concepts/cluster-administration/logging/), as well as most cloud providers such as [Heroku](https://devcenter.heroku.com/articles/logging#writing-to-your-log) and [Google Container Engine](https://kubernetes.io/docs/tasks/debug-application-cluster/logging-stackdriver/). If the app follows this standard (and it's not currently the case with Symfony by default) logs will be automatically collected, aggregated and stored.
- It's in sync with the "back to Unix roots" philosophy of Flex
- Logs are directly displayed in the console when running the integrated PHP web server (`bin/console server:start` or Flex's `make serve`), Create React App also do that for instance.
- It fixes a common problem when installing Flex recipes: many bundles expect a logger service but currently there is none available by default, and you usually get a `"logger" service not found error` (because packages depend of the PSR, but the PSR doesn't provide a logger service).
Commits
-------
9a06513ec7 [HttpKernel][FrameworkBundle] Add a minimalist default PSR-3 logger
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions and multiplications
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| License | MIT
There is a [PHP Bug](https://bugs.php.net/bug.php?id=75004) with the accuracy of divisions and multiplications when `/=` and `*=` are used.
Here is the proof: https://3v4l.org/u1DkX
It would be better to use `bcmul()` and `bcdiv()` in the `MoneyToLocalizedStringTransformer.php` to prevent this bug.
Commits
-------
ab47c7878e Added improvement for accuracy in MoneyToLocalizedStringTransformer.
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Argon2i Password Encoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | WIP
Since the [libsodium RFC](https://wiki.php.net/rfc/libsodium) passed with flying colours, I'd like to kick start a discussion about adding Argon2i as a password encoder to the security component. The initial code proposal in this PR supports both the upcoming public API confirmed for PHP 7.2, and the [libsodium PECL extension](https://pecl.php.net/package/libsodium) for those below 7.2 (available for PHP 5.4+).
#### Concerns
- Should the test cover hash length? At the moment the result of Argon2i is 96 characters, but because the hashing parameters are included in the result (`$argon2i$v=19$m=32768,t=4,p=1$...`) this is not guaranteed.
- I've used one password encoder class because the result *should* be the same whether running natively in 7.2 or from the PECL extension, but should the logic be split out into separate private methods (like `Argon2iPasswordEncoder::encodePassword()`) or not (like in `Argon2iPasswordEncoder::isPasswordValid()`)? Since I can't really find anything concrete on Symfony choosing one way over another I'm assuming it's down to personal preference?
#### The Future
Whilst the libsodium RFC has been approved and the public API confirmed, there has been no confirmation of Argon2i becoming an official algorithm for `passhword_hash()`. If that is confirmed, then the implementation should *absolutely* use the native `password_*` functions since the `sodium_*` functions do not have an equivalent to the `password_needs_rehash()` function.
Any feedback would be greatly appreciated 😃
Commits
-------
be093dd79a Argon2i Password Encoder
This PR was merged into the 3.4 branch.
Discussion
----------
[DowCrawler] Default to UTF-8 when possible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17258
| License | MIT
| Doc PR | -
This can't be ambiguous, let's use UTF-8 when possible.
Commits
-------
73eda66b99 [DowCrawler] Default to UTF-8 when possible
Add the Argon2i hashing algorithm provided by libsodium as a core encoder in the Security component, and enable it in the SecurityBundle.
Credit to @chalasr for help with unit tests.
This PR was merged into the 3.3 branch.
Discussion
----------
[DependencyInjection] include file and line number in deprecation
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In #23108 we removed line numbers from deprecation messages created by the YAML parser because those numbers were quite useless without the file being parsed. I suggest to revert this change and add the file being parsed to the deprecation message.
Commits
-------
cf03552 include file and line number in deprecation
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Deprecate some compiler passes in favor of tagged iterator args
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
More code that we can drop :)
Commits
-------
fa62e5068e [HttpKernel] Deprecate some compiler passes in favor of tagged iterator args
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Use cache connection factories in lock
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no (feature removal)
| BC breaks? | no (if merged in 3.4)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
An alternative to https://github.com/symfony/symfony/pull/24267 to share code between cache and lock.
Commits
-------
95358ac98f Share connection factories between cache and lock
This PR was squashed before being merged into the 3.4 branch (closes#21027).
Discussion
----------
[Asset] Provide default context
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19396
| License | MIT
| Doc PR | should be noted somewhere, ill create an issue
Allows configuring the default asset context to make things works on CLI for example. Same approach as the routing component.
Introduces
```yaml
# parameters.yml
asset.request_context.base_path: '/base/path'
asset.request_context.secure: false
```
Commits
-------
9137d57ecd [Asset] Provide default context
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Reference tagged services in config
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12269
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/issues/8404
This is a proof of concept to reference a sequence of tagged services.
The problem bugs me for some time, and at first i thought the solution was to have some super generic compiler pass. If it could replace a lot of compilers in core.. perhaps worth it, but eventually each tag comes with it's own logic, including how to deal with tag attributes.
However, writing the passes over and over again becomes tedious for the most basic usecase. So given the recent developments, this idea came to mind.
```yml
services:
a:
class: stdClass
properties: { a: true }
tags: [foo]
b:
class: stdClass
properties: { b: true }
tags: [foo]
c:
class: stdClass
properties:
#stds: !tagged_services foo (see #22198)
stds: !tagged_services
foo
```
```
dump(iterator_to_array($this->get('c')->stds));
```
```
array:2 [▼
0 => {#5052 ▼
+"a": true
}
1 => {#4667 ▼
+"b": true
}
]
```
Given the _basic_ example at https://symfony.com/doc/current/service_container/tags.html, this could replace that.
Any thoughts?
Commits
-------
979e58f [DI] Reference tagged services in config
This PR was squashed before being merged into the 3.4 branch (closes#24337).
Discussion
----------
Adding a shortcuts for the main security functionality
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | Big ol' TODO
I'd like one class that I can inject (especially with autowiring) to get access to the User and `isGranted()` methods. This is *really* important... because to get the User currently, you need to type-hint `TokenStorageInterface`... and there are *two*! That's really bad DX!
Questions:
A) I hi-jacked the existing `Security` class... I wanted a simple class called Security
B) I called the service `security.helper`... for lack of a better id.
C) I did not make `Security` implement the 2 other interfaces (`TokenStorageInterface`, `AuthorizationCheckerInterface`... but I suppose we could?)
Cheers!
Commits
-------
0851189 Adding a shortcuts for the main security functionality
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml] include file and line no in deprecation message
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Now that we know the filename being parsed we can improve deprecation messages which is especially useful when trying to find the DI config file that triggers a particular deprecation.
Commits
-------
f618e43234 include file and line no in deprecation message
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] minor translation text fix
Update validators.cs.xlf - Fix czech translation for "This field was not expected"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | none
| License | none
| Doc PR | none
This commit fixes grammatical issue for czech translation only.
Commits
-------
fbe7148000 Fix translation for "This field was not expected"
* 3.3:
Set a NullLogger in ApcuAdapter when Apcu is disabled in CLI
Minor reword
[HttpKernel] Make array vs "::" controller definitions consistent
Fix tests
[TwigBundle] Remove profiler related scripting
[TwigBundle][WebProfilerBundle] Switch to DOMContentLoaded event
[WebProfilerBundle] Hide inactive tabs from CSS
[TwigBundle] Make deprecations scream in logs
[TwigBundle] Hide logs if unavailable, i.e. webprofiler
[TwigBundle] Break long lines in exceptions
[WebProfilerBundle] Added missing link to profile token
[DI] Fix decorated service merge in ResolveInstanceofConditionalsPass
Preserve URI fragment in HttpUtils::generateUri()
[PhpUnitBridge] do not require an error context
This PR was squashed before being merged into the 2.7 branch (closes#24243).
Discussion
----------
HttpCache does not consider ESI resources in HEAD requests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Due to this shortcut:
3b42d8859e/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php (L634-L642)
... the `HttpCache` never looks at the response body for `HEAD` requests. This makes it completely miss ESI-related tweaks like computing the correct TTL, removing validation headers or updating the `Content-Length`.
From RFC2616 (https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.4):
> The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request.
Although it says "SHOULD", I think it can be misleading at best when HEAD requests do, for example, return different (greater) `s-maxage` values than a corresponding GET request.
Commits
-------
4dd0e53171 HttpCache does not consider ESI resources in HEAD requests
This PR was squashed before being merged into the 3.4 branch (closes#21716).
Discussion
----------
[Serializer] Add Support for `object_to_populate` in CustomNormalizer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21715
| License | MIT
| Doc PR | n/a
This pulls a trait out of `AbstractNormalizer` with a method to extract the object to populate and adds some tests for it. Then uses that trait in both `AbstractNormalizer` and `CustomNormalizer` so both can support the `object_to_populate` key.
Commits
-------
ec9242d1ee [Serializer] Add Support for in CustomNormalizer
This PR was squashed before being merged into the 3.4 branch (closes#21960).
Discussion
----------
Remove Validator\TypeTestCase and add validator logic to base TypeTestCase
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no/possibly
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | symfony/symfony-docs#7587
Based on a discussion in the docs, users should not really extend classes in the `Tests` namespace. This means that if you want to unit test forms, you need to extend the `Test\TypeTestCase` class which doesn't have the validation logic (Not adding the validator extension gives an error if you use the `constraints` option in your forms).
So I propose to remove the `Validator\TypeTestCase` class (or it can possibly be deprecated if it is wrongly used by someone), and add the validator extension logic to the base `TypTestCase` class.
The benefit is that there is only one class to extend (both for internal or userland tests), and it makes it easy to add more core extensions if necessary.
The one part that I don't like too much at the moment, is keeping the extension in the `getExtensions` method. This means that you extend the class and need to register custom extensions, that you would need to do `return array_merge(parent::getExtensions(), ... ` (only in the case when you want core extensions enabled). So I don't know if we rather want to add a private method like `getCoreExtensions`?
Commits
-------
5ab50103ae Remove Validator\TypeTestCase and add validator logic to base TypeTestCase
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] throw more specific exceptions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20534
| License | MIT
| Doc PR |
Commits
-------
aa30d04243 [Serializer] throw more specific exceptions
This PR was squashed before being merged into the 3.4 branch (closes#24256).
Discussion
----------
CsvEncoder handling variable structures and custom header order
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23278
| License | MIT
| Doc PR | TBD
This PR improves the CsvEncoder to handle variable nesting structures and adds a context option that allows custom csv header order.
Commits
-------
d173494e48 CsvEncoder handling variable structures and custom header order
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Saltless Encoder Interface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
A new interface for encoders that do not require a user-generated salt (generate their own built-in) as suggested by @stof ([comment](https://github.com/symfony/symfony/pull/21604/files#r101225470)), this will become useful as more password encoders are added in the future (such as symfony/symfony#21604).
Commits
-------
7c4aa0bccb Saltless Encoder Interface
This PR was merged into the 3.4 branch.
Discussion
----------
[Finder] Add a method to check if any results were found
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
If I want to know if any results were found, but I don't want to start trawling through them, I have to do the rather ugly:
```php
$found = false;
foreach ($finder as $thing) {
$found = true;
break;
}
if ($found) {
```
This PR enables the much more readable:
```php
if ($finder->found()) {
```
This seemed like an obvious thing to me, so I suspect there might be a reason this doesn't exist already, but I couldn't find any previous discussion. If it'll be accepted then I'll glady create a docs PR
Commits
-------
24dcb5202c Add a method to check if any results were found
This PR was merged into the 3.4 branch.
Discussion
----------
[Security][Firewall] Passing the newly generated security token to the event during user switching
Event allows listeners to easily switch out the token if custom token updates are required
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Updated SwitchUserEvent to include the generated security Token. Allows the listeners to replace the token with their own (in case an application has some custom logic for token generation). The SwitchUserListener will now use the token returned by the event, so if token was not changed the self generated token will be used. If token was changed in the event then the new token would get used.
Reasons for this feature
--------------------------
In our current project users can have different Role sets depending on which organization they switch to. Our `User->getRoles()` always returns ["ROLE_USER"] and after login user is presented with choice of organizations they want to work in. Based on selected organization roles get updated with then stored token.
Without the change proposed in this PR. The only way we can setup the proper roles during user switch is by replacing `security.authentication.switchuser_listener` service with our own implementation of the listener.
With the proposed change, we can replace the security token with the one having all the roles we require directly inside our listener for `security.switch_user` event that gets thrown by Symfony's `SwitchUserListener`
Commits
-------
4205f1b Passing the newly generated security token to the event during user switching.
