* 5.1:
Don't skip Doctrine tests on php 8.
Stop using set-env in GitHub actions.
Allow setting AMQP option "login"
Bump igbinary to v3.1.6
Add myself to CODEOWNERS for Form, OptionsResolver and TwigBundle
Reference the correct interface in the RegistryInterface deprecation in upgrade notes
Add myself to CODEOWNERS for Security and Console
Add wouterj as codeowner for Security related packages
* 4.4:
Don't skip Doctrine tests on php 8.
Stop using set-env in GitHub actions.
Bump igbinary to v3.1.6
Add myself to CODEOWNERS for Form, OptionsResolver and TwigBundle
Reference the correct interface in the RegistryInterface deprecation in upgrade notes
Add myself to CODEOWNERS for Security and Console
Add wouterj as codeowner for Security related packages
* 5.1:
[Contracts] add branch-aliases for dev-main
[Cache] Make Redis initializers static
[Messenger] Fixed typos in Connection
[CI] Fixed build on AppVeyor
Fix tests typo
[Lock] Reset Key lifetime time before we acquire it
[CI] Silence errors when remove file/dir on test tearDown()
Fix tests
Remove content-type check on toArray methods
* 4.4:
[Contracts] add branch-aliases for dev-main
[Cache] Make Redis initializers static
Fix tests typo
[Lock] Reset Key lifetime time before we acquire it
[CI] Silence errors when remove file/dir on test tearDown()
This PR was merged into the 5.2-dev branch.
Discussion
----------
[lock] Prevent user serializing the key when store does not support it.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
Some store relies on connection with the running process. ie. kernel relaease flock/semaphore, or zookeeper neeeds a connection to the database.
When the users tries to serialize the key to send it to another process, they are not aware that they lose the lock.
This PR throws an exception in that situation.
Commits
-------
1ec0630262 Prevent user serializing the key
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Lock] Fix StoreFactory to accept same DSN syntax as AbstractAdapter
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35350
| License | MIT
| Doc PR |
Updates `Symfony\Component\Lock\Store\StoreFactory` to accept same DSN syntax as `Symfony\Component\Cache\Adapter\AbstractAdapter` which is used to create Redis class instance.
Commits
-------
4ebbe3d86b [Lock] Fix StoreFactory to accept same DSN syntax as AbstractAdapter
* 5.1:
[Filesystem] fix for PHP 8
[Cache] fix DBAL v3 compat
Bump Symfony version to 5.1.7
Update VERSION for 5.1.6
Update CHANGELOG for 5.1.6
Bump Symfony version to 4.4.15
Update VERSION for 4.4.14
Update CHANGELOG for 4.4.14
Bump Symfony version to 3.4.46
Update VERSION for 3.4.45
Update CONTRIBUTORS for 3.4.45
Update CHANGELOG for 3.4.45
* 4.4:
[Filesystem] fix for PHP 8
[Cache] fix DBAL v3 compat
Bump Symfony version to 4.4.15
Update VERSION for 4.4.14
Update CHANGELOG for 4.4.14
Bump Symfony version to 3.4.46
Update VERSION for 3.4.45
Update CONTRIBUTORS for 3.4.45
Update CHANGELOG for 3.4.45
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[lock] Provides default implementation when store does not supports the behavior
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | /
| License | MIT
| Doc PR | /
All stores does not provide the same behaviors. Some are blocking, some allows shared Locks, ...
Issue is: When people use `lock` to use a behavior that is not supported by the store, they get an `UnsuportedException`, but they don't have any way to know if the store supports or not the behavior they want to use.
ie: when using the FrameworkBundle
```yaml
framework:
lock: '%env(LOCK_DSN)%'
```
User (or bundle) can't use safely `$lock->acquire(true)` or `$lock->acquireRead()`.
Given it's very easy to provide an fallback implementation to those behavior, this PR
- use fallback implementation when store does not support the behavior
- deprecate the RetryTillSaveStore (not needed anymore)
Commits
-------
575b391b9b [lock] Provides default implementation when store does not supports the behavior
This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[RFC] Introduce a RateLimiter component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Refs #37444
| License | MIT
| Doc PR | tbd
Based on the discussions in #37444, I decided to write a general purpose RateLimiter component. This implementation uses the token bucket algorithm, inspired by the [Go's time/rate](3af7569d3a/rate/rate.go) library and the [PHP `bandwidth-throttle/token-bucket` package](https://github.com/bandwidth-throttle/token-bucket) (which is [unmaintained for years](https://github.com/bandwidth-throttle/token-bucket/issues/19)).
### Usage
The component has two main methods:
* `Limiter::reserve(int $tokens, int $maxTime)`, allocates `$tokens` and returns a `Reservation` containing the wait time. Use this method if your process wants to wait before consuming the token.
* `Limiter::consume(int $tokens)`, checks if `$tokens` are available now and discards the reservation if that's not the case. Use this method if you want to skip when there are not enough tokens at this moment.
The component uses the Lock component to make sure it can be used in parallel processes.
Example:
```php
<?php
namespace App\EventListener;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\RateLimiter\LimiterFactory;
class LimitListener
{
private $limiterFactory;
public function __construct(LimiterFactory $apiLimiterFactory)
{
$this->limiterFactory = $apiLimiterFactory;
}
public function __invoke(RequestEvent $event)
{
$ip = $event->getRequest()->getClientIp();
$limiter = $this->limiterFactory->createLimiter(preg_replace('/[^a-zA-Z0-9]/', '-', $ip));
if (!$limiter->consume()) {
$event->setResponse(new Response('Too many requests', 429));
}
}
}
```
### Usefullness of the component
I think a generic rate limiter is usefull in quite some places:
* Add a login throttling feature in Symfony
* <s>Rate limiting outgoing API calls (e.g. HttpClient), to prevent hitting upstream API limits.</s> See #37471 (and https://blog.heroku.com/rate-throttle-api-client )
* Allowing users to easily implement API rate limits in their own Symfony-based APIs.
### State of the art
There are some rate limiting packages in PHP, but I think there is no precendent for this component:
* [`graham-campbell/throttle`](https://github.com/GrahamCampbell/Laravel-Throttle) is heavily relying on Laravel. It is however very popular, proofing there is a need for such feature
* [`nikolaposa/rate-limit`](https://github.com/nikolaposa/rate-limit) does not implement reservation of tokens and as such less feature complete. Also its architecture combines the rate limiter and storage, making it harder to implement different storages.
### Todo
If it is agreed that this component can bring something to Symfony, it needs some more love:
* [x] Add more tests
* [x] Integrate with the FrameworkBundle
* [x] Add sliding window implementation
* [x] Add integration with the Security component
* <s>Maybe add more storage implementations? I didn't want to duplicate storage functionalities already existing in the Lock and Cache component, thus I for now focused mostly on integrating the Cache adapters. But maybe a special Doctrine adapter makes sense?</s>
Commits
-------
67417a693e [RFC] Introduce a RateLimiter component
* 5.1:
Enable "native_constant_invocation" CS rule
Make AbstractPhpFileCacheWarmer public
Fix CS
Add a warning comment on ldap empty password
Bump Symfony version to 4.4.14
Update VERSION for 4.4.13
Update CHANGELOG for 4.4.13
[PhpunitBridge] Fix deprecation type detection
* 5.1:
Fix CS
[Serializer] Fix configuration of the cache key
[Messenger] Do not stack retry stamp
[FrameworkBundle] Add missing mailer transports in xsd
[Lock] MongoDbStore skim non-standard options from uri
[ErrorHandler][DebugClassLoader] Add mixed and static return types support
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Lock] MongoDbStore skim non-standard options from uri
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37180
| License | MIT
| Doc PR |
Don't allow non-standard connection uri options reach `MongoDB\Client`
Commits
-------
67912faf9f [Lock] MongoDbStore skim non-standard options from uri
* 5.1:
reduce column length for MySQL 5.6 compatibility
Minor improvement
Removed redundant strtolower in ConsumeMessagesCommand
getContainer cannot return null anymore
HttpClient profiler error
Fix RedisStore constructor signature
Bump Symfony version to 5.1.4
Update VERSION for 5.1.3
Update CHANGELOG for 5.1.3
Bump Symfony version to 4.4.12
Update VERSION for 4.4.11
Update CHANGELOG for 4.4.11
Bump Symfony version to 3.4.44
updated VERSION for 3.4.43
update CONTRIBUTORS for 3.4.43
updated CHANGELOG for 3.4.43
Fix author for class CachePoolClearerCacheWarmer
* 4.4:
reduce column length for MySQL 5.6 compatibility
Minor improvement
Removed redundant strtolower in ConsumeMessagesCommand
Fix RedisStore constructor signature
Bump Symfony version to 4.4.12
Update VERSION for 4.4.11
Update CHANGELOG for 4.4.11
Bump Symfony version to 3.4.44
updated VERSION for 3.4.43
update CONTRIBUTORS for 3.4.43
updated CHANGELOG for 3.4.43
* 5.1:
[Cache] Use the default expiry when saving (not when creating) items
Fix typo
Fix DBAL deprecation
[Form] Fix ChoiceType translation domain
Add Tagalog translations for new form messages
[Form] Add missing vietnamese translations
sync translations from master
[OptionsResolver] Fix force prepend normalizer
add vietnamese translation for html5 color validation
* 5.0:
[Cache] Use the default expiry when saving (not when creating) items
Fix typo
Fix DBAL deprecation
[Form] Fix ChoiceType translation domain
Add Tagalog translations for new form messages
[Form] Add missing vietnamese translations
sync translations from master
[OptionsResolver] Fix force prepend normalizer
add vietnamese translation for html5 color validation
* 4.4:
[Cache] Use the default expiry when saving (not when creating) items
Fix typo
Fix DBAL deprecation
[Form] Fix ChoiceType translation domain
Add Tagalog translations for new form messages
[Form] Add missing vietnamese translations
sync translations from master
[OptionsResolver] Fix force prepend normalizer
add vietnamese translation for html5 color validation
* 5.1:
[String] Added a help message when translation-contracts is not installed
Add: ExcludeList usage for PHPUnit 9.4
[Cache] Fix compat wth DBAL v3
[String] throw when Alpine is used and translit fails
* 5.0:
[String] Added a help message when translation-contracts is not installed
Add: ExcludeList usage for PHPUnit 9.4
[Cache] Fix compat wth DBAL v3
[String] throw when Alpine is used and translit fails
* 5.1: (28 commits)
[DI] fix
Use "composer/package-versions-deprecated" when possible
Fix
Small update in our internal terminology
Fix support for PHP8 union types
[VarDumper] fix typo
[Lock][Messenger] Fix precedence of DSN options for 5.1
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
Remove unnecessary null check
[HttpFoundation] Allow `null` in InputBag@set
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
Fix package rename when releasing
bumped Symfony version to 5.1.3
updated VERSION for 5.1.2
updated CHANGELOG for 5.1.2
...
* 5.0:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
* 4.4:
[VarDumper] fix typo
Fix support for PHP8 union types
[FrameworkBundle] preserve dots in query-string when redirecting
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[HttpClient] Convert CurlHttpClient::handlePush() to instance method
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
Fix precendence in 4.4
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
* 3.4:
[3.4] Fix support for PHP8 union types
[PhpUnitBridge] Streamline ansi/no-ansi of composer according to phpunit --colors option
[3.4] Small update in our internal terminology
[Cache] fix compat with DBAL v3
[VarDumper] Fix CliDumper coloration
[DI] tighten detection of local dirs to prevent false positives
[FrameworkBundle] preserve dots in query-string when redirecting
bumped Symfony version to 3.4.43
updated VERSION for 3.4.42
update CONTRIBUTORS for 3.4.42
updated CHANGELOG for 3.4.42
This PR was squashed before being merged into the 5.1 branch.
Discussion
----------
[Lock] Fixed reading locks from replica set secondary nodes
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#37139
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/13775
Force lock existence query to use `readPreference=primary` in case the given mongo connection is using any of the following `readPreference`s:
* primaryPreferred
* secondary
* secondaryPreferred
* nearest
Any of the above would fail if a secondary node is queried during a lock release.
Commits
-------
ebf7eaf503 [Lock] Fixed reading locks from replica set secondary nodes