* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
* 3.4:
[Form] fix tests on old phpunit versions
[FrameworkBundle] fix typo in CacheClearCommand
bumped Symfony version to 3.4.11
updated VERSION for 3.4.10
updated CHANGELOG for 3.4.10
fixed test
* 3.4:
do not mock the session in token storage tests
[DependencyInjection] resolve array env vars
Add Occitan plural rule
Fix security/* cross-dependencies
[Lock] Skip test if posix extension is not installed
[DI] Allow defining bindings on ChildDefinition
use strict compare in url validator
Disallow illegal characters like "." in session.name
[HttpKernel] do file_exists() check instead of silent notice
fix rounding from string
* 2.8:
do not mock the session in token storage tests
Add Occitan plural rule
Fix security/* cross-dependencies
Disallow illegal characters like "." in session.name
fix rounding from string
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] do file_exists() check instead of silent notice
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27234
| License | MIT
| Doc PR | -
Commits
-------
f8cde70ba1 [HttpKernel] do file_exists() check instead of silent notice
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Use strict type in URL validator
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Fixed tickets | -
| License | MIT
| Doc PR | -
Using `checkDNS` option with value `true` generate error `Warning: checkdnsrr(): Type '1' not supported`.
In SF 3.4 it was mark as depreciation and silently converted to `ANY` https://github.com/symfony/symfony/blob/v3.4.9/src/Symfony/Component/Validator/Constraints/UrlValidator.php#L79
~~Test are failing on `Symfony\Component\HttpKernel\Tests\ControllerMetadata\ArgumentMetadataFactoryTest::testSignature1` - I think its not related~~
Commits
-------
2400e71962 use strict compare in url validator
This PR was squashed before being merged into the 3.4 branch (closes#27267).
Discussion
----------
[DependencyInjection] resolve array env vars
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27239
| License | MIT
| Doc PR | n/a
## Why
This bugfix solves a problem where environment variables resolved as an array would cause an error while compiling the container if they aren't the last parameter in the ParameterBag: the next parameter to be resolved would fail at the `stripos()` check. More information about the bug is available at #27239
## Tests
- This PR modifies existing ContainerBuilder tests to make use of the EnvVarProcessor to resolve json strings into arrays, instead of relying upon a TestingEnvPlaceholderParameterBag class.
- I would liked to have kept EnvVarProcessor logic out of the ContainerBuilder tests, but it was the interaction between the ContainerBuilder and EnvVarProcessor that caused the bug
- This PR adds a new ContainerBuilder test to verify that an environment variable resolved into an array doesn't cause an error when the next variable attempts to be resolved
## Code
- ~This PR adds an `\is_string()` sanity check before the `stripos()` method call so that only a string are passed into `stripos()`~
- This PR also adds a `$completed` flag so that completely resolved environment variables (currently only determined by `$placeholder === $value`) can break out of the loop early (handled via `break 2;`
Commits
-------
4c3b950dc2 [DependencyInjection] resolve array env vars
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Skip test if posix extension is not installed
This isn't installed by default on Fedora
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
97cbea0 [Lock] Skip test if posix extension is not installed
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR |
Related issue https://github.com/symfony/symfony/issues/21026.
Previous PR https://github.com/symfony/symfony/pull/24036.
Similar fix for `transform()` method.
Commits
-------
f94b7aadd3 fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Allow defining bindings on ChildDefinition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted by @stof while trying to put https://github.com/symfony/monolog-bundle/pull/254 into practice.
Binding log channels doesn't work because we put this artificial restriction in place.
Let's allow ChildDefinition to have bindings (but only at the DI extension level, loaders still forbid defining them at their level because of the parent vs _defaults ambiguity.)
Commits
-------
1c3b1055df [DI] Allow defining bindings on ChildDefinition
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix dealing with self/parent in ArgumentMetadataFactory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Applies CS fixes that where merged on 4.0 to 3.4, embeds a fix in ArgumentMetadataFactory, which couldn't deal with self/parent type hints.
Commits
-------
ba5cb1a245 fixed CS
* 3.4:
fix merge
[Security] Fix logout
Cleanup 2 tests for the HttpException classes
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Config] Fix tests when path contains UTF chars
[DI] Shared services should not be inlined in non-shared ones
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Cache][Lock] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
[DI] Display previous error messages when throwing unused bindings
Suppress warnings when open_basedir is non-empty
* 2.8:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
* 2.7:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Suppress warnings when open_basedir is non-empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a3 made it more likely that a warning is triggered.
Commits
-------
34f136e01b Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix populating error_get_last() for handled silent errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
d7e612d2ac [Debug] Fix populating error_get_last() for handled silent errors
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][Lock] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
7904784a94 [Cache][Lock] Fix usages of error_get_last()
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #27232 for 2.7.
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
9d015c7c50 [Filesystem] Fix usages of error_get_last()
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle][Cache] Fix misses calculation when calling getItems
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Hello,
This PR fixes a bug in the misses calculation in the cache data collector when calling the `getItems` method.
Found this while trying to understand why I had an inconsistency in the profiler:
![misses](https://user-images.githubusercontent.com/4130750/39875423-e6212f60-5470-11e8-87be-c075ee76aeaa.png)
Commits
-------
3d1ab6df13 Fix misses calculation when calling getItems
* 3.4:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Cache] fix logic for fetching tag versions on TagAwareAdapter
[FrameworkBundle] Use the correct service id for CachePoolPruneCommand in its compiler pass
Hide short exception trace by default
[Doctrine Bridge] fix priority for doctrine event listeners
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
[Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
* 2.8:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.7:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a37cb7ed6199548dc70dc33168e6cb2d made it more likely that a warning is triggered.
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
d2c5813239 [Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
30970c7a9b [Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 3.4:
Remove symfony/polyfill-ctype where not needed
Use symfony/polyfill-ctype
[Form] fixes instance variable phpdoc in FormRegistry class
bumped Symfony version to 3.4.10
updated VERSION for 3.4.9
updated CHANGELOG for 3.4.9
Add CODE_OF_CONDUCT.md
Added .github/CODEOWNERS
bumped Symfony version to 2.8.40
updated VERSION for 2.8.39
updated CHANGELOG for 2.8.39
* 3.4:
PhpDoc: There is no attempt to create the directory
Avoiding an error when an unused service has a missing base class
Add an implementation just for php 7.0
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
* 2.8:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
* 2.7:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock][PhpDoc] There is no attempt to create the directory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When the lock component [was](https://github.com/symfony/symfony/pull/21093) [created](https://github.com/symfony/symfony/pull/22597), the `FlockStore` implementation was copied from the filesystem component. But the dependency to its origin was dropped, and as part of that, the attempt to create the parent directory for the locks. The PhpDoc wasn’t updated to reflect this change.
Commits
-------
93a9bd3 PhpDoc: There is no attempt to create the directory
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Catch HttpExceptions when templating is not installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #25844
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
- [x] Test manually
- [x] Check for BC breaks
- [x] Needs tests
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
4e527aa bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed that we have a race condition window when invalidating tags.
This PR fixes it by making `invalidateTags()` commit deferred items before actually invalidating tags on the back end. Deferred items are stored with the future version of the invalidated tags so that they can be fetched by concurrent processes and considered valid before and after the invalidation is committed.
Commits
-------
212c469 [Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
* 3.4: (22 commits)
[appveyor] use PHP 7.1 to run composer
[HttpKernel] Don't clean legacy containers that are still loaded
[VarDumper] Fix HtmlDumper classes match
Make the simple auth provider the same as in Symfony 2.7.
[PhpUnitBridge] silence wget
fix merge
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[PhpUnitBridge] Fix#26994
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[DI] Add check of internal type to ContainerBuilder::getReflectionClass
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
Add type hints
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
[HttpFoundation] Add functional tests for Response::sendHeaders()
...
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Don't clean legacy containers that are still loaded
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27053
| License | MIT
| Doc PR | -
Commits
-------
be8dbc3 [HttpKernel] Don't clean legacy containers that are still loaded
* 2.8:
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
Fixed being logged out on failed attempt in guard
* 2.7:
[VarDumper] Remove decoration from actual output in tests
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
This PR was merged into the 2.8 branch.
Discussion
----------
[Security][Guard] GuardAuthenticationProvider::authenticate cannot return null
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26942
| License | MIT
Authenticate method in GuardAuthenticationProvider returned null when the token does not originate from any of the guard authenticators. This check was not done in the supports method. According to the interface authenticate cannot return null. This patch copies theguard authenticator checks to the supports method.
Commits
-------
9dff22c [Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Remove decoration from actual output in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes green again
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
AppVeyor has color support since #26910, that breaks the build.
Fixes it by removing decoration from tested DumpDataCollector CLI outputs, same as what's already done for HTML dumps
Commits
-------
c4daef9 [VarDumper] Remove decoration from actual output in tests
This PR was squashed before being merged into the 2.8 branch (closes#27003).
Discussion
----------
[PropertyInfo] Minor cleanup and perf improvement
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
4a8306e [PropertyInfo] Minor cleanup and perf improvement
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Fixed being logged out on failed attempt in guard
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25992
| License | MIT
| Doc PR | ~
This fixes the issue described in the ticket. After this fix, guard will no longer "forget" your authentication when your next attempt fails.
Commits
-------
4fc0ecbf90 Fixed being logged out on failed attempt in guard
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Send cookies using header() to fix "SameSite" ones
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25344
| License | MIT
| Doc PR | -
Commits
-------
73fec237da [HttpFoundation] Add functional tests for Response::sendHeaders()
e350ea000f [HttpFoundation] Send cookies using header() to fix "SameSite" ones
This PR was squashed before being merged into the 2.7 branch (closes#26910).
Discussion
----------
Use new PHP7.2 functions in hasColorSupport
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes bc break in #26609
Reference: https://github.com/composer/xdebug-handler/blob/master/src/Process.php#L111
Commits
-------
b0c92254a0 Use new PHP7.2 functions in hasColorSupport
* 3.4:
Fix tests
PropertyInfo\DoctrineExtractor - There is bug when indexBy is meta key
Fix PercentType error rendering.
[minor] SCA
[Cache] Inline some hot function calls
This PR was squashed before being merged into the 2.7 branch (closes#26938).
Discussion
----------
[minor] SCA
| Q | A
| ------------- | ---
| Branch? | 2.7
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- Control flow tweaks
Commits
-------
877e678 [minor] SCA
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] Inline some hot function calls
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The Cache component is typically found in critical code paths, let's inline some calls.
I didn't change all calls but only those in potential hot paths.
Submitted against 3.4 to reduce future merge conflicts.
The PR also embeds edge-case behavior fixes for `ChainAdapter`.
Commits
-------
52b4bfc [Cache] Inline some hot function calls
* 3.4:
fixed deprecations in tests
fixed Twig URL
[Cache] Add missing `@internal` tag on ProxyTrait
fix formatting arguments in plaintext format
Fix PSR exception context key
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
fix rendering exception stack traces
[Routing] Fix loading multiple class annotations for invokable classes
* 2.8:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
* 2.7:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
This PR was merged into the 2.7 branch.
Discussion
----------
Don't assume that file binary exists on *nix OS
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Certain lightweight distributions such as Alpine Linux (popular for smaller Docker images) do not include it by default.
Commits
-------
e2c1f24fbd Don't assume that file binary exists on *nix OS
This PR was merged into the 3.4 branch.
Discussion
----------
[Routing] Fix loading multiple class annotations for invokable classes
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | -
The support for full route definition for invokable controllers as class annotation was introduced by
https://github.com/symfony/symfony/pull/2172, but that works with one route only, which is inconsistent with how `@Route` works at other places. This PR adds support for multiple class annotations for invokable controllers and fixes the inconsistency.
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
2a9c668ad7 [Routing] Fix loading multiple class annotations for invokable classes
This PR was squashed before being merged into the 2.7 branch (closes#26643).
Discussion
----------
Fix that ESI/SSI processing can turn a "private" response "public"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Under the condition that
* we are merging in at least one *embedded* response,
* all *embedded* responses are `public`,
* the *main* response is `private` and
* all responses use expiration-based caching (note: no `s-maxage` on the *main* response)
... the resulting response will turn to `Cache-Control: public`.
The real issue is that when all responses use expiration-based caching, a combined max age is computed. This is set on the *main* response using `Response::setSharedMaxAge()`, which implicitly sets `Cache-Control: public`.
The fix provided in this PR solves the problem by applying the same logic to the *main* response that is applied for *embedded* responses, namely that responses with `!Response::isCacheable()` will make the resulting response have `Cache-Control: private, no-cache, must-revalidate` and have `(s)max-age` removed.
This makes the change easy to understand, but makes responses uncacheable too often. This is because the `Response::isCacheable()` method was written to determine whether it is safe for a shared cache to keep the response, which is not the case as soon as a `private` response is involved. This might be improved upon in another PR.
Commits
-------
3d27b5946d Fix that ESI/SSI processing can turn a \"private\" response \"public\"
* 3.4:
[HttpKernel] Make ServiceValueResolver work if controller namespace starts with a backslash in routing
Add d-block to bootstrap 4 alerts
[Console] Don't go past exact matches when autocompleting
[DI] Improve error message for non-autowirable scalar argument
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
[HttpKernel] Dont create mock cookie for new sessions in tests
* 2.8:
[Console] Don't go past exact matches when autocompleting
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
* 2.7:
[Console] Don't go past exact matches when autocompleting
Disable autoloader call on interface_exists check
[Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't an existing class
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Dont create mock cookie for new sessions in tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26493
| License | MIT
| Doc PR | -
@romainneutron can you please check if this fixes your issue?
Commits
-------
86b850e [HttpKernel] Dont create mock cookie for new sessions in tests
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Don't go past exact matches when autocompleting
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21789
| License | MIT
| Doc PR | -
Commits
-------
adba79a [Console] Don't go past exact matches when autocompleting
* 3.4:
[Translation] Use unix-style EOL for xliff-core-1.2-strict.xsd
bumped Symfony version to 3.4.9
updated VERSION for 3.4.8
updated CHANGELOG for 3.4.8
bumped Symfony version to 2.8.39
updated VERSION for 2.8.38
updated CHANGELOG for 2.8.38
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
* 2.8:
bumped Symfony version to 2.8.39
updated VERSION for 2.8.38
updated CHANGELOG for 2.8.38
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
* 2.7:
bumped Symfony version to 2.7.46
updated VERSION for 2.7.45
update CONTRIBUTORS for 2.7.45
updated CHANGELOG for 2.7.45
[Yaml] Throw parse error on unfinished inline map
* 3.4:
[Form] Fix typo in Upgrade 3.4/4.0
[EventDispatcher] Dispatcher in stopEventPropagation test now registers correct listener
Update da translations
Fix Typo in Guard Factory
This PR was merged into the 2.7 branch.
Discussion
----------
Update da translations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The Danish translations have several serious errors. This PR adjusts to official Danish orthography, and updates some texts for internal consistency and to better reflect the original English text.
Commits
-------
d0ea26bd15 Update da translations
* 3.4:
[Routing] Fix throwing NoConfigurationException instead of 405
[Security] Load the user before pre/post auth checks when needed
[SecurityBundle] Add test for simple authentication config
[WebProfilerBundle] fix version check
[SecurityBundle] Add missing argument to security.authentication.provider.simple
[Finder] fix tests
* 2.8:
[Security] Load the user before pre/post auth checks when needed
[SecurityBundle] Add test for simple authentication config
[SecurityBundle] Add missing argument to security.authentication.provider.simple
[Finder] fix tests
* 3.4:
fixed tests
[Finder] Remove duplicate slashes in filenames
[VarDumper] Skip some tests on custom xdebug.file_link_format
[WebProfilerBundle][HttpKernel] Make FileLinkFormatter URL format generation lazy
bumped Symfony version to 3.4.8
updated VERSION for 3.4.7
updated CHANGELOG for 3.4.7
This PR was merged into the 3.4 branch.
Discussion
----------
[VarDumper] Skip some tests on custom xdebug.file_link_format
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | N/A <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A <!-- required for new features -->
Those tests are failing locally if a custom `xdebug.file_link_format` value is set.
Let's skip them as for `FrameworkExtensionTest::testFileLinkFormat`.
This will prevent some WTF moments and any actual error on these tests will be reported by the CI (IMHO isn't worth the hassle of updating the tests to handle both cases).
Commits
-------
f9216ed [VarDumper] Skip some tests on custom xdebug.file_link_format
* 3.4:
[Yaml] Fix regression when trying to parse multiline
Add PHPDbg support to HTTP components
bumped Symfony version to 2.8.38
updated VERSION for 2.8.37
updated CHANGELOG for 2.8.37
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
* 2.8:
Add PHPDbg support to HTTP components
bumped Symfony version to 2.8.38
updated VERSION for 2.8.37
updated CHANGELOG for 2.8.37
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
* 2.7:
Add PHPDbg support to HTTP components
bumped Symfony version to 2.7.45
updated VERSION for 2.7.44
update CONTRIBUTORS for 2.7.44
updated CHANGELOG for 2.7.44
Fix check of color support on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix check of color support on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If the stream is redirected, `StreamOutput::hasColorSupport()` returns `false` on POSIX systems.
On Windows, this is not always true. Before PHP 7.2 we can't say if the stream is redirected, but since PHP 7.2 we have the `stream_isatty` function that works on Windows too: let's use it.
Sure, `sapi_windows_vt100_support` should return `false` if the stream is redirected, but it's in `or` with the other conditions, so the logic was flawed.
Commits
-------
f7f81892a0 Fix check of color support on Windows
* 3.4: (24 commits)
moved Twig runtime to proper class
fixed deprecated messages in tests
add PHP errors options to XML schema definition
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
Import InvalidArgumentException in PdoAdapter
[DI] Do not suggest writing an implementation when multiple exist
[Intl] Update ICU data to 61.1
Use 3rd person verb form in command description
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
[DI] Fix hardcoded cache dir for warmups
[Routing] fix tests
[Routing] Fixed the importing of files using glob patterns that match multiple resources
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
[WebProfilerBundle] use the router to resolve file links
no type errors with invalid submitted data types
...
* 2.8:
fixed deprecated messages in tests
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 2.7:
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
| Q | A
| ------------- | ---
| Branch? | 2.7 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | 3db14045d4/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php (L208-L209) <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | N/A
This explains [the workaround I initially used](3db14045d4/src/Symfony/Component/HttpKernel/DataCollector/DumpDataCollector.php (L208-L209)) in the server dumper PR original code.
I might be wrong on the intent, but as soon as a dumper is provided (e.g by setting `debug.dump_destination: php://stderr`), I think there is no need to set the `DumpDataCollector::$isCollected` flag to `false` as we explicitly ask for the dump to be output directly somewhere. So ne need to output again on `__destruct`.
Spotted by running tests on the `symfony/demo` with the server dumper enabled: dumps were output twice. Once on the server, once at the end of the tests.
But this can be easily seen as well by using `debug.dump_destination: php://stderr` on `test` env:
```diff
diff --git a/src/Controller/BlogController.php b/src/Controller/BlogController.php
index e3e30aa..bf9744e 100644
--- a/src/Controller/BlogController.php
+++ b/src/Controller/BlogController.php
@@ -50,6 +50,7 @@ class BlogController extends AbstractController
*/
public function index(int $page, string $_format, PostRepository $posts): Response
{
+ dump(get_class($posts));
$latestPosts = $posts->findLatest($page);
// Every template name also has two extensions that specify the format and
```
### Before
```sh
vendor/bin/simple-phpunit --filter=BlogControllerTest::testIndex
PHPUnit 6.5.7 by Sebastian Bergmann and contributors.
Testing Project Test Suite
BlogController.php on line 53:
"App\Repository\PostRepository"
. 1 / 1 (100%)
Time: 3.34 seconds, Memory: 44.25MB
OK (1 test, 1 assertion)
BlogController.php on line 53:
"App\Repository\PostRepository"
```
### After
```sh
vendor/bin/simple-phpunit --filter=BlogControllerTest::testIndex
PHPUnit 6.5.7 by Sebastian Bergmann and contributors.
Testing Project Test Suite
BlogController.php on line 53:
"App\Repository\PostRepository"
. 1 / 1 (100%)
Time: 731 ms, Memory: 28.00MB
OK (1 test, 1 assertion)
```
Commits
-------
11a0392516 [HttpKernel] DumpDataCollector: do not flush when a dumper is provided
This PR was squashed before being merged into the 2.7 branch (closes#26663).
Discussion
----------
[TwigBridge] Fix rendering of currency by MoneyType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | todo
| Fixed tickets | #25135
| License | MIT
| Doc PR | -
Split from #25167 as suggested by @nicolas-grekas to see if this can be reasonably fixed on 2.7, the right way using this itsy-bitsy new feature.
#25167 still contains some valuable changes regarding tests. Ill continue either one PR depending on the target branch / proposed fix.
Commits
-------
a3a2ff0c74 [TwigBridge] Fix rendering of currency by MoneyType
* 2.8:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
* 2.7:
[Intl] Update ICU data to 61.1
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[Validator] sync validator translation id
no type errors with invalid submitted data types
[FrameworkBundle] Partially revert HttpCache is not longer abstract (4d075da)
[Finder] Fixed leading/trailing / in filename
allow html5 compatible rendering of forms with null names
Change datetime input to datetime-local
This PR was squashed before being merged into the 3.4 branch (closes#26600).
Discussion
----------
[Routing] Fixed the importing of files using glob patterns that match multiple resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #22160
| License | MIT
| Doc PR | n/a
This fixes the import of resources specified using glob patterns in `XmlFileLoader` and `YamlFileLoader`.
@nicolas-grekas This supersedes #25633 that's been in limbo since December despite your comments, so I decided to take care of it as I need this to work. I took care of the two loaders that are affected, and added tests.
Commits
-------
948b4cf [Routing] Fixed the importing of files using glob patterns that match multiple resources