This PR was squashed before being merged into the 2.7 branch (closes#20793).
Discussion
----------
[Validator] Fix caching of constraints derived from non-serializable parents
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12302
| License | MIT
| Doc PR | -
This change allows to still cache constraints even when an uncachable constraint (i.e. Callback)
is added to a parent class at runtime.
This is achived by caching only the constraints that are loaded for the class in question only
and merging parent and interface constraints after reading from cache.
Commits
-------
9dd6b0c [Validator] Fix caching of constraints derived from non-serializable parents
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] respect groups when merging constraints
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20853
| License | MIT
| Doc PR |
Commits
-------
9a60057f42 respect groups when merging constraints
This PR was merged into the 2.7 branch.
Discussion
----------
Fix Container and PhpDumper test inaccuracies
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Stumbled upon and fixed some minor inaccuracies in tests for DI container, they might have lead to undetected changes of `Container`'s behavior
Commits
-------
24b93cc Fix Container and PhpDumper test inaccuracies
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Dont share service when no id provided
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
814f633 [DI] Dont share service when no id provided
This PR was squashed before being merged into the 2.7 branch (closes#21155).
Discussion
----------
[Validator] Check cascasdedGroups for being countable
Prevents notice for PHP 7.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR |
Just repeated for this place https://github.com/symfony/symfony/pull/20859
Waiting travis to fill in the `Tests pass` field
`cascasdedGroups` can be null at this point (according to failures and phpdoc)
Commits
-------
8fa45a130b [Validator] Check cascasdedGroups for being countable
This PR was squashed before being merged into the 2.7 branch (closes#20972).
Discussion
----------
[HttpFoundation] Improved set cookie header tests
| Q | A
| ------------- | ---
| Branch? | 2.7 (already in master)
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Separated from #20569
Commits
-------
05bce71d7a [HttpFoundation] Improved set cookie header tests
This PR was squashed before being merged into the 2.7 branch (closes#21124).
Discussion
----------
[Console] increased code coverage of Output classes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR increases the coverage of Output classes of the Console component from 80.81% to 94.95%
Commits
-------
ab4ba23 [Console] increased code coverage of Output classes
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Validate/cast cookie expire time
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Commits
-------
8215dbdb31 [HttpFoundation] Validate/cast cookie expire time
By default, the `DateType` as well as the `DateTimeType` set the choices
being available for the year to a range starting five years in the past.
After some time, this will make tests fail when the year of the fixed
date being used as the initial data is before the first year being part
of the choices.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] OS X Can't call cli_set_process_title php without superuser
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
The console component test suite is failing on OS X (10.12.2) as the `cli_set_process_title` function seems not to be allowed to be called without superuser. It seems to be an OS X limitation.
At least, the test suite should pass and a warning should be shown when using the component with this feature on OS X.
---
refs:
- http://stackoverflow.com/questions/27803120/cannot-set-process-title-in-a-php-command-line-script-using-cli-set-process-titl
- https://github.com/liip/php-osx/issues/139
- https://github.com/zfcampus/zf-console/pull/22
Commits
-------
9928c0d [Console] OS X Can't call cli_set_process_title php without superuser
This PR was squashed before being merged into the 2.7 branch (closes#20900).
Discussion
----------
[Console] Descriptors should use Helper::strlen
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
8e9a5f8 [Console] Descriptors should use Helper::strlen
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Improve PHPdoc / IDE autocomplete
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
The missing pieces for fixing the autocomplete in IDE's (tested in `PhpStorm 2016.3.2`).
Each method seems to be found now for the framework bundle configuration 😱
Actually uses #20923 where needed, but i think we should go with it consistently.
Relates to https://github.com/symfony/symfony/pull/20290#issuecomment-257303145
Commits
-------
3f3c6e0 [Config] Improve PHPdoc / IDE autocomplete
This PR was squashed before being merged into the 2.7 branch (closes#21010).
Discussion
----------
[Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
When trying to call a method on an anonymous class (with or without methods) the `UndefinedMethodFatalErrorHandler` tries to iterate `null`.
For ref.: https://3v4l.org/l26u1
Commits
-------
ed713ae [Debug] UndefinedMethodFatalErrorHandler - Handle anonymous classes
This PR was merged into the 2.7 branch.
Discussion
----------
Fix @return statements to use $this or static when relevant
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20290
| License | MIT
| Doc PR | n/a
see #20290
Commits
-------
3c0693d fixed @return when returning this or static
This PR was merged into the 2.7 branch.
Discussion
----------
Avoid warning in PHP 7.2 because of non-countable data
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Recently, the "[Counting of non-countable objects][1]" RFC was merged in PHP 7.2-dev. This means `count()` now causes a warning when passing anything that's not countable (e.g. `null` or `''`).
As PHP does not lazily execute conditions, `FormUtil::isEmtpy($data) || 0 === count($data)` will cause *both* conditions to be executed. This means `count($data)` errors when `$data` is empty.
Splitting it up in 2 statements avoids the warning being triggered in PHP 7.2.
See https://travis-ci.org/symfony-cmf/content-bundle/jobs/181815895 for a failing test caused by this bug.
[1]: https://wiki.php.net/rfc/counting_non_countables
Commits
-------
94253e8 Only count on arrays or countables to avoid warnings in PHP 7.2
This PR was squashed before being merged into the 2.7 branch (closes#20817).
Discussion
----------
[Console] improved code coverage of Command class
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR increases the code coverage of the Command class from ``86.82%`` to ``96.90%``.
Commits
-------
d393113 [Console] improved code coverage of Command class
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix question formatting using SymfonyStyle::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20964
| License | MIT
| Doc PR | n/a
Given
```php
$io = new SymfonyStyle($input, $output);
$io->ask('Do you want to use Foo\\Bar <comment>or</comment> Foo\\Baz\\?', 'Foo\\Bar');
```
Before output
![before](http://image.prntscr.com/image/af3806f866654deda2dec79b50d1ffa2.png)
After output
![after](http://image.prntscr.com/image/59c031d9e02949cebeae7a4734c7043f.png)
Commits
-------
e189183 [Console] SymfonyStyle: Escape trailing backslashes in user texts
9d46712 [Console] Fix question formatting using SymfonyStyle::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] fix group sequence based validation
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20929
| License | MIT
| Doc PR |
Commits
-------
fb91f74 [Form] fix group sequence based validation
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Issue is easy to reproduce with test giving negative data set.
0 should not pass as supported attribute for any set of attributes but it does as in_array in the method does not use flag 'strict' set to true.
As this is abstract voter and is used by users with their code flag 'strict' should be set to true.
Since is there in 2.7 and 2.8 (LTS) IMHO it should be fixed.
Commits
-------
8306530 [Security] AbstractVoter method supportsAttribute gives false positive if attribute is zero (0)
When a key attribute is mapped and the key is removed from the value array, if
only 'value' element is left in the array, it should replace its wrapper
array.
Assume the original value array is as follows (key attribute is 'id').
```php
array(
'things' => array(
array('id' => 'option1', 'value' => 'value1'),
array('id' => 'option2', 'value' => 'value2')
)
)
```
After normalized, the above shall be converted to the following array.
```php
array(
'things' => array(
'option1' => 'value1',
'option2' => 'value2'
)
)
```
It's also possible to mix 'value-only' and 'none-value-only' elements in
the array:
```php
array(
'things' => array(
array('id' => 'option1', 'value' => 'value1'),
array('id' => 'option2', 'value' => 'value2', 'foo' => 'foo2')
)
)
```
The above shall be converted to the following array.
```php
array(
'things' => array(
'option1' => 'value1',
'option2' => array('value' => 'value2','foo' => 'foo2')
)
)
```
The 'value' element can also be array:
```php
array(
'things' => array(
array(
'id' => 'option1',
'value' => array('foo'=>'foo1', 'bar' => 'bar1')
)
)
)
```
The above shall be converted to the following array.
```php
array(
'things' => array(
'option1' => array('foo' => 'foo1', 'bar' => 'bar1')
)
)
```
When using VariableNode for value element, it's also possible to mix
different types of value elements:
```php
array(
'things' => array(
array('id' => 'option1', 'value' => array('foo'=>'foo1', 'bar' => 'bar1')),
array('id' => 'option2', 'value' => 'value2')
)
)
```
The above shall be converted to the following array.
```php
array(
'things' => array(
'option1' => array('foo'=>'foo1', 'bar' => 'bar1'),
'option2' => 'value2'
)
)
```
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15270
| License | MIT
| Doc PR | n/a
This PR was squashed before being merged into the 2.7 branch (closes#20813).
Discussion
----------
[Console] Review Application docblocks
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
~I know there must be a lot of other places in the core where there is some repeated or useless informations in docblocks, but everytime I dig into the `Application` class, I see this, and I don't want to repeat things for consistency when adding new methods 😅 (for instance in #20808, the `setCatchThrowables / areThrowablesCaught ` methods do not need a docblock description IMHO).~
~This PR adapts docblocks where:~
- ~A docblock description is not required, as everything can be expressed in the `@return / @param` argument (the case mentioned above)~
- ~Information is redundant between description and tags, and the context does not have to be reminded again:~
```diff
/**
* Adds an array of command objects.
*
* If a Command is not enabled it will not be added.
*
- * @param Command[] $commands An array of commands
+ * @param Command[] $commands
*/
public function addCommands(array $commands)
{
foreach ($commands as $command) {
$this->add($command);
}
}
```
Commits
-------
d8c18cc [Console] Review Application docblocks
This PR was merged into the 2.7 branch.
Discussion
----------
[Finder] Refine phpdoc about argument for NumberComparator
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The most important being the addition of "string" to `Finder::depth()`.
Commits
-------
9b9d339 [Finder] Refine phpdoc about argument for NumberComparator
This PR was merged into the 2.7 branch.
Discussion
----------
Skip test when iconv extension is missing
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ae7377d Skip test when iconv extension is missing
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Do not skip YamlReferenceDumperTest entirely
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
The test is now completed in 3.2, but for older branch, any changes in the `YamlReferenceDumper` is not tested on travis and requires to test it manually or comment the `markTestIncomplete` line.
`assertEquals` should still be used on 3.2.
Commits
-------
1ed9335 [Config] Do not skip YamlReferenceDumperTest entirely
This PR was merged into the 2.7 branch.
Discussion
----------
Cast result to int before adding to it
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This fixes the occasional warning about non-numeric values when using PHP 7.1.
Commits
-------
70c42f2 Cast result to int before adding to it
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] fix the docblock in regard to the role argument
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Makes the docblocks consistent with the `UserInterface` since #17525.
Commits
-------
4e563ae fix the docblock in regard to the role argument
This PR was squashed before being merged into the 2.7 branch (closes#20736).
Discussion
----------
[Console] fixed PHP7 Errors when not using Dispatcher
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17257, #20110, #20111
| License | MIT
| Doc PR | n/a
Original fix, #19813, works only when there is event dispatcher available.
This PR fix the issue also for scenario without event dispatcher.
Closes#20110 issue and #20111 PR connected to it.
Closing #17257 , as everywhere the error is converted to exception and it should be handled
Commits
-------
899fa79 [Console] fixed PHP7 Errors when not using Dispatcher
This PR was squashed before being merged into the 2.7 branch (closes#20418).
Discussion
----------
[Form][DX] FileType "multiple" fixes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/12547
| License | MIT
| Doc PR | -
# (1st) Derive "data_class" option from passed "multiple" option
Information
-------------
Following this tutorial ["How to Upload Files"][1] but storing many `brochures` instead of one, i.e.:
```php
// src/AppBundle/Entity/Product.php
class Product
{
/**
* @var string[]
*
* @ORM\Column(type="array")
*/
private $brochures;
//...
}
```
```php
//src/AppBundle/Form/ProductType.php
$builder->add('brochures', FileType::class, array(
'label' => 'Brochures (PDF files)',
'multiple' => true,
));
```
The Problem
--------------
I found a pain point here when the form is loaded again after save some brochures (Exception):
> The form's view data is expected to be an instance of class Symfony\Component\HttpFoundation\File\File, but is a(n) array. You can avoid this error by setting the "data_class" option to null or by adding a view transformer that transforms a(n) array to an instance of Symfony\Component\HttpFoundation\File\File.
The message is very clear, but counter-intuitive in this case, because the form field (`FileType`) was configured with `multiple = true`, so IMHO it shouldn't expect a `File` instance but an array of them at all events.
The PR's effect
---------------
**Before:**
```php
$form = $this->createFormBuilder($product)
->add('brochures', FileType::class, [
'multiple' => true,
'data_class' => null, // <---- mandatory
])
->getForm();
```
**After:**
```php
$form = $this->createFormBuilder($product)
->add('brochures', FileType::class, [
'multiple' => true,
])
->getForm();
```
# (2nd) Return empty `array()` at submit no file
Information
-------------
Based on the same information before, but adding some constraints:
```php
// src/AppBundle/Entity/Product.php
use Symfony\Component\Validator\Constraints as Assert;
class Product
{
/**
* @var string[]
*
* @ORM\Column(type="array")
*
* @Assert\Count(min="1") // or @Assert\NotBlank()
* @Assert\All({
* @Assert\File(mimeTypes = {"application/pdf", "application/x-pdf"})
* })
*
*/
private $brochures;
}
```
This should require at least one file to be stored.
The Problem
--------------
But, when no file is uploaded at submit the form, it's valid completely. The submitted data for this field was `array(null)` so the constraints pass without any problem:
* `@Assert\Count(min="1")` pass! because contains at least one element (No matter what)
* `@Assert\NotBlank()` it could pass! because no `false` and no `empty()`
* `@Assert\File()` pass! because the element is `null`
Apart from that really we expecting an empty array instead.
The PR's effect
----------------
**Before:**
```php
// src/AppBundle/Entity/Product.php
use Symfony\Component\Validator\Constraints as Assert;
class Product
{
/**
* @var string[]
*
* @ORM\Column(type="array")
*
* @Assert\All({
* @Assert\NotBlank,
* @Assert\File(mimeTypes = {"application/pdf", "application/x-pdf"})
* })
*
*/
private $brochures;
}
```
**After:**
```php
// src/AppBundle/Entity/Product.php
use Symfony\Component\Validator\Constraints as Assert;
class Product
{
/**
* @var string[]
*
* @ORM\Column(type="array")
*
* @Assert\Count(min="1") // or @Assert\NotBlank
* @Assert\All({
* @Assert\File(mimeTypes = {"application/pdf", "application/x-pdf"})
* })
*
*/
private $brochures;
}
```
[1]: http://symfony.com/doc/current/controller/upload_file.html
Commits
-------
36b7ba6 [Form][DX] FileType "multiple" fixes
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] fixed "empty_value" option deprecation
| Q | A
| ------------- | ---
| Branch? | 2.x only
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/15945#r86547326
| License | MIT
| Doc PR | ~
I didn't make any profiling but a resolver instance is passed to `configureOptions()` creating locale variables including those exceptions for each field using one of the patched form types, so I guess the memory usage can grow really fast.
Commits
-------
7e84907 [Form] fixed "empty_value" option deprecation
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] ConfigCache::isFresh() should return false when unserialize() fails
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20654
| License | MIT
| Doc PR | -
Removes some `Warning: Class __PHP_Incomplete_Class has no unserializer` failures when clearing the cache.
Commits
-------
609245e [Config] ConfigCache::isFresh() should return false on __PHP_Incomplete_Class
This PR was squashed before being merged into the 2.7 branch (closes#20474).
Discussion
----------
[Routing] Fail properly when a route parameter name cannot be used as a PCRE subpattern name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/7139
This is a follow up PR to https://github.com/symfony/symfony/pull/20327.
I also decided to improve the current `is_numeric()` check that is done by a truer one. The current limitation is that a PCRE subpattern name must not start with a digit which is different.
Commits
-------
73fbd08 [Routing] Fail properly when a route parameter name cannot be used as a PCRE subpattern name
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add links to RFC-7231
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
ping @xabbuh
Commits
-------
c17a85b [HttpFoundation] Add links to RFC-7231
This PR was merged into the 2.7 branch.
Discussion
----------
Tag missing internals
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
97e94b4 Tag missing internals
This PR was squashed before being merged into the 2.7 branch (closes#20566).
Discussion
----------
[DI] Initialize properties before method calls
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes-ish
| New feature? | no
| BC breaks? | not sure
| Deprecations? | no
| Tests pass? | not yet (only dumps seem to fail)
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Given
```yml
services:
handler:
class: AppBundle\Handler
properties:
debug: '%kernel.debug%'
calls:
- [handle]
```
I totally expected `Handler::$debug` to be set before `Handler::handle` is called. It was not.. and it's really annoying :)
Commits
-------
0af433b [DI] Initialize properties before method calls
This PR was squashed before being merged into the 2.7 branch (closes#20609).
Discussion
----------
[DI] Fixed custom services definition BC break introduced in ec7e70fb…
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no, fixes previous BC
| Deprecations? | no
| Tests pass? | yes (verified on Win only)
| Fixed tickets | #20608
| License | MIT
| Doc PR | -
Commits
-------
7a5e11e [DI] Fixed custom services definition BC break introduced in ec7e70fb…
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (reverting a previous BC break)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20562
| License | MIT
| Doc PR | -
As spotted in #20562, we should not have broken a minor version. Instead, we should have deprecated the bad behavior. This is done in #20603.
Commits
-------
0c3b7d7 [HttpKernel] Revert BC breaking change of Request::isMethodSafe()
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Do feat test before enabling TTY mode
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20565
| License | MIT
| Doc PR | -
Commits
-------
69bfbbf [Process] Do feat test before enabling TTY mode
This PR was merged into the 2.7 branch.
Discussion
----------
[ci] Testing with UTC hides bugs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As shown by #20550, we're having bugs because we don't in proper TZ conditions.
Let's do Europe on Travis, and America on Windows.
Commits
-------
e0f9bda [ci] Testing with UTC hides bugs
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Fix error when trying to resolve a DefinitionDecorator
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Instead of the currently obscure `ReflectionException: Class does not exist` message, let's throw a useful error message.
Commits
-------
8e0da2f [DI] Fix error when trying to resolve a DefinitionDecorator
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Remove GLOBALS from exception context to avoid endless recursion
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This fixes a endless recursion as seen in https://github.com/felixfbecker/php-language-server/pull/137 - it only happens if you trigger an error in the global context so it's kinda hard to write a test for, but hopefully the fix can be accepted.
Commits
-------
1bb95ac [Debug] Remove GLOBALS from exception context to avoid endless recursion
This PR was merged into the 2.7 branch.
Discussion
----------
Tag the FormFieldRegistry as being internal
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The phpdoc already describes it as being internal (since it was introduced). This adds the proper tag to mark it as internal in our standard way.
Commits
-------
0801f97 Tag the FormFieldRegistry as being internal
This PR was squashed before being merged into the 2.7 branch (closes#20307).
Discussion
----------
[Form] Fix Date\TimeType marked as invalid on request with single_text and zero seconds
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | 20304 |
| License | MIT |
| Doc PR | |
Fix: When using a form with an Time type with option 'widget' => 'single_text', and 0 is selected in the seconds, we obtain an TransformationFailedException "Unable to reverse value for property path "[time]": Data missing". Check ticket #20304
Commits
-------
bcb03e0 [Form] Fix Date\TimeType marked as invalid on request with single_text and zero seconds
This PR was merged into the 2.7 branch.
Discussion
----------
[YAML] PHPDoc fixes for inline parser/dumper
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
dd47295 fixed phpdoc
This PR was squashed before being merged into the 2.7 branch (closes#20275).
Discussion
----------
[HttpFoundation] Avoid implicit null to array conversion in request matcher
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
`null` is allowed _and_ passed as default value from the constructor. Lets be explicit.
Commits
-------
a2c0a78 [HttpFoundation] Avoid implicit null to array conversion in request matcher
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed show float values as choice value in ChoiceType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13817
| License | MIT
| Doc PR | -
There is a closed [issue][1] related to this before Symfony 2.7 (when choice value still was the key from the `array`). This issue already happened in 2.7+ but now inside Symfony core.
Information
-----------
[This method][3] checks whether the given choices can be cast to strings without generating duplicates (3ab8189080 in #16705):
```php
private function castableToString(array $choices, array &$cache = array())
{
foreach ($choices as $choice) {
if (is_array($choice)) {
if (!$this->castableToString($choice, $cache)) {
return false;
}
continue;
} elseif (!is_scalar($choice)) {
return false;
} elseif (isset($cache[$choice])) { // <---- red breakpoint
return false;
}
$cache[$choice] = true; // <---- red breakpoint
}
return true;
}
```
So it should to keep [scalar values (integer, float, string or boolean)][2] as choice values always (unless have duplicates values).
The Problem
-----------
But in this situation it doesn't happen:
```php
$form = $this->createFormBuilder()
->add('foo', ChoiceType::class, [
'choices' => [
'Min' => 0.5,
'Mid' => 1.0,
'Max' => 1.5,
]
])
->getForm();
```
**Output:**
```html
<select id="form_foo" name="form[foo]">
<option value="0">Min</option>
<option value="1">Mid</option>
<option value="2">Max</option>
</select>
```
[**Why?**][5]
If the key of the array is a float number, it's interpreted as integer automatically:
```php
// ...
$cache[$choice] = true;
// when $choice = 0.5: $cache = [0 => true]
// when $choice = 1.0: $cache = [0 => true, 1 => true]
```
Then, when `$choice = 1.5` [this sentence][4] `isset($cache[1.5])` returns `true` because really checks `isset($cache[1])` and this key already exists, so `castableToString()` returns `false` (detected as duplicate) and the choices values are generated incrementing integers as values.
The PR's Effect
-------------
**Before:**
```html
<select id="form_foo" name="form[foo]">
<option value="0">Min</option>
<option value="1">Mid</option>
<option value="2">Max</option>
</select>
```
**After:**
```html
<select id="form_foo" name="form[foo]">
<option value="0.5">Min</option>
<option value="1">Mid</option>
<option value="1.5">Max</option>
</select>
```
[1]: https://github.com/symfony/symfony/issues/13817
[2]: http://php.net/manual/en/function.is-scalar.php
[3]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L228
[4]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L239
[5]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L243
Commits
-------
3564228 [Form] Fix show float values as choices values in ChoiceType
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][Session] Fix memcache session handler
| Q | A
| ------------- | ---
| Branch? | 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 3.0, 3.1, master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commit 0216e05605 removed the opening of connection to memcached server on call to `open()`, because it's assumed that connection is already opened. However, `close()` still closes the connection. As a result no more read/write calls can be made if session got closed, as the connection does not get reestablished.
Basically MemcacheSessionHandler should follow same logic as Memcache**d**SessionHandler, which is exactly what this MR acomplishes.
Commits
-------
0423d894 [HttpFoundation][Session] memcached connection should not be closed
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle][HttpKernel] move test to the HttpKernel component
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/19443#discussion_r83414612
| License | MIT
| Doc PR |
The moved test case does not test the `AddConsoleCommandPass` class, but ensures certain behavior in the `registerCommands()` method of the `Bundle` class from the HttpKernel component.
Commits
-------
c9ca322 move test to the HttpKernel component
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] Allow pipe (|) character in link tags when using Xpath expressions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20229
| License | MIT
| Doc PR | -
@klausi could you please validate this patch? Is it an improvement over yours? (sorry I don't have the proper use case to test.)
Commits
-------
17757d8 [DomCrawler] Optimize DomCrawler::relativize()
5b26e33 [DomCrawler] Allow pipe (|) character in link tags when using Xpath expressions
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] no 304 response if method is not cacheable
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #19321 OPTIONS and TRACE are considered safe methods. But both methods should not lead to "304 Not modified" responses.
Commits
-------
3d6b450 no 304 response if method is not cacheable
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] move tags from decorated to decorating service
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20150
| License | MIT
| Doc PR |
Commits
-------
7def83c move tags from decorated to decorating service
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] $attributes can be anything, but RoleVoter assumes strings
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18042
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
ad3ac95 bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Escape question text and default value in SymfonyStyle::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19493
| License | MIT
| Doc PR | n/a
Commits
-------
eed3cc5 [Console] Escape default value and question in SymfonyStyle::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix validation of empty values using SymfonyQuestionHelper::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using `QuestionHelper::ask()` it's allowed to return an empty value as answer, e.g:
```php
$helper = new QuestionHelper();
$question = new Question('foo', false);
$question->setValidator(function ($v) { return $v; });
$answer = $helper->ask($input, $output, $question);
```
Just typing `enter` for answering this question works, the value of `$answer` would be `false`.
But doing the same with `SymfonyQuestionHelper::ask()`:
```php
$helper = new SymfonyQuestionHelper();
$question = new Question('foo', false);
$question->setValidator(function ($v) { return $v; });
$answer = $helper->ask($input, $output, $question);
```
> [ERROR] A value is required.
Same for `''` or `null`.
Here I kept the same check but used as default validator, if a validator is set and allows an empty value to be returned then it's ok.
Also I am not sure about if this default validator should be kept, imho we should be consistent with the default question helper, using the `SymfonyQuestionHelper` should only impact the output.
Diff best viewed [like this](https://github.com/symfony/symfony/pull/20141/files?w=1)
ping @kbond
Commits
-------
a8b910b [Console] Fix validation of null values using SymfonyStyle::ask()
This PR was squashed before being merged into the 2.7 branch (closes#20102).
Discussion
----------
[Validator] Url validator not validating hosts ending in a number
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (Should validate slightly more urls)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | None that I could find
| License | MIT
| Doc PR |
We ran into an issue where the URL validator wasn't validating URL that we got from a legitimate (intranet) URL. Afaict from skimming RFCs the URL `http://myhost123/` is valid, however the current regular expression doesn't accept the last part of a hostname (in this case the entire hostname is the last part as there are no periods in the host).
I've fixed this by adding the numbers unicode character property to the regular expression, I'm not sure but symbol characters (`\pS`) might need to be added to the group as well.
Commits
-------
934c434 [Validator] Url validator not validating hosts ending in a number
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Reset constraint options
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20106
| License | MIT
| Doc PR | reference to the documentation PR, if any
I think it's good to reset the internal pointer of the options array if we depend on `key($options)`. I've added tests to clarify we intentionally check for the first key.
The current behavior actually differs for hhvm/php7 - https://3v4l.org/e6r6E
Commits
-------
4c6ddd4 reset constraint options
This PR was merged into the 2.7 branch.
Discussion
----------
Fix#19943 Make sure to process each interface metadata only once
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19943
| License | MIT
| Doc PR | N/A
Here is the fix for #19943, If you have `InterfaceA <- InterfaceB <- Class` with a constraint on a method defined on `InterfaceA`, the constraint and its eventual violations are currently validated and reported twice.
Copy from https://github.com/symfony/symfony/issues/19943#issuecomment-250238529:
As far as I can see, the problem seems to arise in [`LazyLoadingMetadataFactory`](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Validator/Mapping/Factory/LazyLoadingMetadataFactory.php#L117-L123):
[`ReflectionClass::getInterfaces()`](http://php.net/manual/en/reflectionclass.getinterfaces.php) returns both interfaces implemented directly and through inheritance (either through another interface or through a parent class). In the end, the following process occurs:
1. `PriceInterface` is parsed and its `NotBlank` constraint on `value` is loaded
2. `VariablePriceInterface` is parsed and inherits `PriceInterface`'s constraints (which is OK).
3. `ProductPrice` is parsed and inherits both `PriceInterface` and `VariablePriceInterface`'s constraints, which leads to a duplicated `NotBlank` constraint, one from each Interface.
The Best Way ™️ would be to be able to extract the list of interfaces implemented by a class directly only. However, the process seems a bit intricate... I will start working on it and prepare a PR to that effect. However, if any of you has a better idea, I'm all hears...
TODO:
- [x] Regression tests to make sure the bug doesn't reappear
Commits
-------
2f9b65aFix#19943 Make sure to process each interface metadata only once
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] compound forms without children should be considered rendered implicitly
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | possibly
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17580
| License | MIT
| Doc PR | n/a
Commits
-------
8234f2a#17580 compound forms without children should be considered rendered implicitly
Using file operations on a symlink that points to a file outside the
directories being allowed by the open_basedir setting leads to PHP
warnings being raised.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Format JSON fixtures
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Should make merging upstream easier due better diffs.
```php
foreach (glob('src/Symfony/Component/Console/Tests/Fixtures/*.json') as $file) {
file_put_contents($file, str_replace(PHP_EOL, "\n", json_encode(json_decode(trim(file_get_contents($file))), JSON_PRETTY_PRINT))."\n");
}
```
Should be re-applied on 2.8, 3.1 and master.
Commits
-------
2ca7823 format json fixtures
This PR was merged into the 2.7 branch.
Discussion
----------
[Finder] Trim trailing directory slash in ExcludeDirectoryFilterIterator
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19599
| License | MIT
| Doc PR | reference to the documentation PR, if any
In this context `path` equals `path/`
Commits
-------
e0e5f0c apply rtrim
This PR was merged into the 2.7 branch.
Discussion
----------
Security and validators messages translation to Latvian
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
ff72f21 Security and validators messages translation to Latvian
This PR was merged into the 2.7 branch.
Discussion
----------
[DX] Fixed regression when exception message swallowed when logging it.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | maybe, wait for Travis
| Fixed tickets | fixed regression introduced in #13418
| License | MIT
| Doc PR | -
The problem is: after merging referenced PR we cann't understand what error occured and why authentication request failed (see attached screenshot). Previously it displays exception message, but now it only displays class of the exception.
![9003644109](https://cloud.githubusercontent.com/assets/191082/18717550/f0df61c4-8028-11e6-8dbb-684e4928e913.jpg)
Commits
-------
042cb6b Fixed regression when exception message swallowed when logging it.
This PR was merged into the 2.7 branch.
Discussion
----------
[bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
|Q |A |
|--- |--- |
|Branch |2.7 |
|Bug fix? |yes |
|New feature? |no |
|BC breaks? |yes |
|Deprecations?|no |
|Tests pass? |yes |
|Fixed tickets|#19899|
|License |MIT |
|Doc PR |n/a |
Closes#19899.
Commits
-------
4214311 [bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed the nullable support for php 7.1 and below (2.7, 2.8, 3.0)
| Q | A
| ------------- | ---
| Branch? | 2.7, 2.8, 3.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/19784#issuecomment-243852825
| License | MIT
| Doc PR | ~
Fixes the nullable support for 2.7, 2.8 and 3.0, can probably be partially merged into 3.1 but not 100% sure.
/ping @fabpot
Commits
-------
9c48756 Fixed the nullable support for php 7.1 and below
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Update IpValidatorTest data set with a valid reserved IP
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19885
| License | MIT
| Doc PR | -
The validator uses PHP filter which was recently fixed (see https://bugs.php.net/bug.php?id=72972).
Commits
-------
86a151c [Validator] Update IpValidatorTest data set with a valid reserved IP
This PR was squashed before being merged into the 2.7 branch (closes#19813).
Discussion
----------
[Console] fixed PHP7 Errors are now handled and converted to Exceptions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18484
| License | MIT
| Doc PR |
Commits
-------
d3c613b [Console] fixed PHP7 Errors are now handled and converted to Exceptions
This PR was squashed before being merged into the 2.7 branch (closes#19868).
Discussion
----------
[Security] Optimize RoleHierarchy's buildRoleMap method
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
I have an issue with a large role hierarchy(~150 roles). Optimized it a little bit
![image](https://cloud.githubusercontent.com/assets/858989/18271257/df6c4ba0-7439-11e6-8406-e13bdcefe9ca.png)
Commits
-------
c3b68b0 [Security] Optimize RoleHierarchy's buildRoleMap method
This PR was merged into the 2.7 branch.
Discussion
----------
Update misleading comment about RFC4627
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
RFC 4627 does not dictate escaping of HTML special characters
Commits
-------
72b6c9e Update misleading comment about RFC4627
This PR was submitted for the 3.0 branch but it was merged into the 2.7 branch instead (closes#19862).
Discussion
----------
Update GroupSequence.php
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Corrected the docblock example
Commits
-------
c8f3741 Update GroupSequence.php
This PR was squashed before being merged into the 2.7 branch (closes#19830).
Discussion
----------
Code enhancement and cleanup
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
325da3c Code enhancement and cleanup
On 32-bit systems the cookie expiration value was not being calculated
correctly as it was being fetched as an integer. When the timestamp exceeded
the PHP_INT_MAX size it would return an invalid value, breaking the cookie
construction.
The BrowserKit cookie has now been updated to get the timestamp as a string
which works around this platform limitation.
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] Remove legacy code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
It looks like these lines were forgotten during the transition to 2.0 as references are already [managed in `Inline`](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Yaml/Inline.php#L542-L559).
Commits
-------
a88dff3 [Yaml] Remove legacy code
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Various minor fixes & cleanups
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
Minor fixes & cleanups found while working on a few VarDumper enhancements.
I'm going to merge this one quickly to unlock the other PRs I'm preparing for master.
Commits
-------
a989491 [VarDumper] Various minor fixes & cleanups
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Add missing SsiFragmentRendererTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
One notable difference between ESI/SSI fragments renderers is that [passing options to the strategy doesn't impact the rendered ssi include tag](d666c64eb0 (diff-98eb5db767a1d6600cff43b74800ae46R37)).
Commits
-------
6c89199 [HttpKernel] Add missing SsiFragmentRendererTest
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] BasicAuthenticationListener: simpler getting value from Request
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Unless I'm mistaken, the default `null` should be OK. If it's not, I will create a new PR with a test proving that `false` or other "special" value must be used.
Commits
-------
d67f090 SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
As discussed right now on php-internals, this string is ignored and the docs only tells about null.
Commits
-------
0f95708 [ClassLoader] Fix tests
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Swap dumper services at bootstrap
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
Commits
-------
d80589c [Debug] Swap dumper services at bootstrap
This PR was merged into the 2.7 branch.
Discussion
----------
[DI][2.7] Include dynamic services in alternatives
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
428b5cc include dynamic services in list of alternatives
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes (aka "small-bc-breaks")
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
On PHP 7.2:
- `is_object()` is going to return `true` for `__PHP_Incomplete_Class` instances
- `gettype($closed_resource);` returns "resource (closed)"
ping @nikic FYI
see https://travis-ci.org/symfony/symfony/jobs/154114269 for fixed tests (except the one on ClassLoader which is a BC break on 7.1 that should be fixed there IMHO).
Commits
-------
feb2cd0 [Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes
This PR was squashed before being merged into the 2.7 branch (closes#19666).
Discussion
----------
Verify explicitly that the request IP is a valid IPv4 address
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Take the following base code (the array is based on [CloudFlare IP Ranges](https://www.cloudflare.com/ips/)):
```php
use Symfony\Component\HttpFoundation\IpUtils;
$ips = [
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"104.16.0.0/12",
"108.162.192.0/18",
"131.0.72.0/22",
"141.101.64.0/18",
"162.158.0.0/15",
"172.64.0.0/13",
"173.245.48.0/20",
"188.114.96.0/20",
"190.93.240.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"199.27.128.0/21",
"2400:cb00::/32",
"2405:8100::/32",
"2405:b500::/32",
"2606:4700::/32",
"2803:f800::/32",
"2c0f:f248::/32",
"2a06:98c0::/29",
];
```
Before this PR, the following code would have returned `true` instead of the expected `false` value:
```php
IpUtils::checkIp('blablabla', $ips);
```
This due to the `ip2long` function returning `false` for an invalid IP address, thus returning `"00000000000000000000000000000000"` with the following code:
```php
sprintf('%032b', ip2long('blablabla'));
```
To fix this I simply check if the `$requestIp` variable contains a valid IP address.
Commits
-------
17e418c Verify explicitly that the request IP is a valid IPv4 address
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix too strict test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
This test is too strict and prevents adding properties to Data objects for no reason.
Commits
-------
2e7301d [HttpKernel] Fix too strict test
This PR was merged into the 2.7 branch.
Discussion
----------
Exception details break the layout
Exception details break the layout
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| License | MIT
By adding `word-wrap: break-word;` the exception details will wrap inside the block.
Commits
-------
00b4ecb Exception details break the layout
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
This PR was squashed before being merged into the 2.7 branch (closes#19549).
Discussion
----------
[HttpFoundation] fixed Request::getContent() reusage bug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
After calling ```Request::getContent(true)```, subsequent calls to the
same instance method (withouth the ```$asResource``` flag) always returned
```false``` instead of the request body as a plain string.
A unit test already existed to guard against this behaviour (the 'Resource then fetch' case) but it
yielded a false positive because it was comparing ```''``` to ```false``` using
PHPUnit's ```assertEquals``` method instead of ```assertSame```.
For completeness sake I also added the missing usage permutations in
the data provider, which already worked OK.
Commits
-------
c42ac66 [HttpFoundation] fixed Request::getContent() reusage bug
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
This PR was merged into the 2.7 branch.
Discussion
----------
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19531
| License | MIT
| Doc PR |
Commits
-------
c951bb6Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
This PR was squashed before being merged into the 2.7 branch (closes#19468).
Discussion
----------
[Intl] Update ICU data to 57.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19315
| License | MIT
| Doc PR | -
I think the only thing that makes sense with ICU is to always be on the latest available version.
Commits
-------
a48c00b [Intl] Update ICU data to 57.1
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Improved test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
456d53a [Config] Improved test
This PR was merged into the 2.7 branch.
Discussion
----------
Added class existence check if is_subclass_of() fails in compiler passes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | no
Backport of #19342 to 2.7 branch
Commits
-------
77adea7 Added class existence check if is_subclass_of() fails in compiler passes
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Reorder assert parameters
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The expected value must be the first parameter.
Commits
-------
7f88796 [Routing] Reorder assert parameters
This PR was merged into the 2.7 branch.
Discussion
----------
Added missing czech validators translation of not expected charset
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Profiler was complaining about using a not translated message so I translated it.
Not sure if bug or feature. The bug label is probably not apropriate, sorry. But I guess it should be merged to all versions.
Commits
-------
7eacae8 Added missing czech validators translation of not expected charset
Added error-suppression to the `is_executable($path)` call, too, per the bug noted just above.
The cited issue manifests as such without it:
```
ErrorException in ExecutableFinder.php line 63:
is_executable(): open_basedir restriction in effect. File(/usr/share/php) is not within the allowed path(s): (/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/usr/local/zend/var/zray/extensions:/usr/local/zend/share:/usr/local/zend/var/plugins)
```
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix variable conflicting name
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Simply fix a conflicting name (`$bundle` is used for the foreach on line 466 and 476). It works for the moment only because there is nothing after the second foreach inside the first.
Commits
-------
9ac9f55 [HttpKernel] Fix variable conflicting name
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix double-fread() when reading unix pipes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While looking at the blackfire profile of a `composer install`, I was able to reduce the number of calls to `fread` from 90k to 60k using this patch (and from 60k to <1k with https://github.com/composer/composer/pull/5569 but that's another story).
In fact, we should continue reading only if there might be something next, which won"t be the case if the buffer has not been filled.
Commits
-------
ac17617 [Process] Fix double-fread() when reading unix pipes
This PR was squashed before being merged into the 2.7 branch (closes#19446).
Discussion
----------
[Console] Overcomplete argument exception message tweak.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Updates the exception message when to many arguments are passed.
From;
```php
'Too many arguments.'
```
To:
```php
'No argument expected, got "foo".'
// or
'Too many arguments, expected arguments "foo".'
// or
'Too many arguments, expected arguments "foo, bar".'
// ... turtles all the way down
```
Commits
-------
7af59cd [Console] Overcomplete argument exception message tweak.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Use flock() for HttpCache's lock files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #16777, #15813 and #16312 are also related
| License | MIT
| Doc PR |
When a PHP process crashes or terminates (maybe the OOM killer kicks in or other bad things ™️ happen) while the `HttpCache` holds a `.lck` file, that lock file may not get `unlink()`ed.
The result is that other requests trying to access this cache entry will see a few seconds delay while waiting for the lock; they will eventually continue but send 503 status codes along with the response. The sudden buildup of PHP processes caused by the additional delay may cause further problems (sudden load increase).
As `LockHandler` is using `flock()`-based locking, locks should be released by the OS when the PHP process terminates.
I wrote this as bugfix against 2.7 because every once in a while I encounter situations (not always reproducible) where `.lock` files are left over and keep the cache locked.
Commits
-------
2668edd [HttpKernel] Use flock() for HttpCache's lock files
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix write access check for pipes on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19336, #19416
| License | MIT
| Doc PR | -
Commits
-------
66e694e [Process] Fix write access check for pipes on Windows
This PR was squashed before being merged into the 2.7 branch (closes#19389).
Discussion
----------
[Console] Application update PHPDoc of add and register methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
The [PHPDoc](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Console/Application.php#L354) states the method will always return a command, but it doesn't. Since [Application::register](https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Console/Application.php#L328) returns the result of `add` directly is also doesn't always return the command (as its PHPDoc states).
Commits
-------
6f0474f [Console] Application update PHPDoc of add and register methods
This PR was squashed before being merged into the 2.7 branch (closes#19399).
Discussion
----------
[Config] Extra tests for Config component
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
d0f4434 [Config] Extra tests for Config component
This PR was squashed before being merged into the 2.7 branch (closes#19392).
Discussion
----------
[BrowserKit] Added test for followRedirect method (POST method)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Test covers 'else' branches in these conditions:
```php
if (in_array($this->internalResponse->getStatus(), array(302, 303))) {
$method = 'get';
$files = array();
$content = null;
} else {
$method = $request->getMethod();
$files = $request->getFiles();
$content = $request->getContent();
}
if ('get' === strtolower($method)) {
// Don't forward parameters for GET request as it should reach the redirection URI
$parameters = array();
} else {
$parameters = $request->getParameters();
}
```
Commits
-------
2ace5d8 [BrowserKit] Added test for followRedirect method (POST method)
This PR was merged into the 2.7 branch.
Discussion
----------
[2.7] [HttpFoundation] HttpCache refresh stale responses containing an ETag
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no
| BC breaks? |no
| Deprecations? |no
| Tests pass? | yes
| Fixed tickets | #19390, #6746
| License | MIT
| Doc PR |
This PR is the replacement of #19391, which points at the wrong branch.
Commits
-------
96df6b9 [HttpFoundation] HttpCache refresh stale responses containing an ETag
This PR was squashed before being merged into the 2.7 branch (closes#19343).
Discussion
----------
PassConfig::getMergePass is not an array
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Just a minor glitch my IDE noticed :-)
Commits
-------
edbefac PassConfig::getMergePass is not an array
This PR was squashed before being merged into the 2.7 branch (closes#19321).
Discussion
----------
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
According to [RFC 7231](https://tools.ietf.org/html/rfc7231#section-8.1.3) `OPTIONS` and `TRACE` are safe methods.
Commits
-------
1404607 [HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
This PR was merged into the 2.7 branch.
Discussion
----------
[BrowserKit] Update Client::getAbsoluteUri() for query string only URIs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19303
| License | MIT
| Doc PR | -
This PR allows BrowserKit to treat a value containing only query string parameters the same way anchor/hash values are treated when passed as a URI argument to the getAbsoluteUri() method. Helps when encountering sites that force a redirect with a location header value containing only a query string.
Commits
-------
965408f Update getAbsoluteUri() for query string uris
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix declared classes being computed when not needed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
d513eae [ClassLoader] Fix declared classes being computed when not needed
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Added additional MasterCard range to the CardSchemeValidator
From October 2016 MasterCard will introduce a new card range, 222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
This implements the additional regex for validation to succeed, and some additional unit tests for this new range.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
4d68f56 [Validator] Added additional MasterCard range to the CardSchemeValidator
This PR was squashed before being merged into the 2.7 branch (closes#19290).
Discussion
----------
[HttpKernel] fixed internal subrequests having an if-modified-since-header
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As the InlineFragmentRenderer has no access to a cached copy of a subrequest's target and hence couldn't handle a response with a HTTP status code of 304 (not modified), it makes no sense to send an if-not-modified-since header.
Commits
-------
e90038c [HttpKernel] fixed internal subrequests having an if-modified-since-header
From October 2016 MasterCard will introduce a new card range,
222100 through 272099.
See: https://www.mctestcards.com/ (click the help in top right)
Implements unit tests and validation for this new card range.
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] [Security] Remove unrelevant comments in Security and Validator components
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
2cec4a6 Remove and change unrelevant comments in Validator and Security components.
This PR was squashed before being merged into the 2.7 branch (closes#19243).
Discussion
----------
Fixed typos in the expectedException annotations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
PHPUnit ignores any imports when resolving these. You must always reference the FQCN.
Commits
-------
b36de36 Fixed typos in the expectedException annotations
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
This PR was squashed before being merged into the 2.7 branch (closes#19173).
Discussion
----------
[Console] Decouple SymfonyStyle from TableCell
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Alternative approach, ie BC, for #19136 (i prefer that one though, as it also _fixes_ #19123 )
Commits
-------
51f59d6 [Console] Decouple SymfonyStyle from TableCell
This PR was merged into the 2.7 branch.
Discussion
----------
removed dots at the end of @param and @return
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
For phpdocs, we only add dots for sentences like description, but not for @param and @return for instance. This PR fixes this issue.
This should probably be added to PHP-CS-Fixer as well (/cc @phansys @keradus).
Commits
-------
554303e removed dots at the end of @param and @return
This PR was merged into the 2.7 branch.
Discussion
----------
[WIP] [2.7] [Form] fix `empty_data` option in expanded `ChoiceType`
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17791
| License | MIT
| Doc PR | -
It might happen because in `Form::submit()` the handling of `empty_data` [line 597](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L597) comes after each child of a compound field has been submitted [line 549](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L549).
So when `ChoiceType` is `expanded`, `compound` option is defaulted to `true` and it passes its empty submitted data to its children before handling its own `empty_data` option.
This PR uses the listener already added in `ChoiceType` only when `expanded` is true to handle `empty_data` at `PRE_SUBMIT` [line 539](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Form.php#L539).
- [ ] Fix FQCN in tests for 2.8
- [ ] Remove `choices_as_values` in tests for 3.0
Commits
-------
d479adf [Form] fix `empty_data` option in expanded `ChoiceType`
This PR was merged into the 2.7 branch.
Discussion
----------
Distinguish between first and subsequent progress bar displays
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19133
| License | MIT
| Doc PR | reference to the documentation PR, if any
Fixes https://github.com/symfony/symfony/issues/19133
When a progress bar is first displayed, if it is multi-line, previously output lines are erased, depending upon the number of lines in the progress bar.
This patch fixes that be distinguishing between the first display (no erasing of previous output) and subsequent displays of the progress bar.
Commits
-------
3871e1a Differentiate between the first time a progress bar is displayed and subsequent times
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] No more exception on field name with strange format
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18569, #18570
| License | MIT
| Doc PR | n/a
Commits
-------
e204913 finished previous commit
953a383 No more exception for malformed input name
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Consider a violation even if the form is not submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (only for the behavior)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11493
| License | MIT
| Doc PR |
Hey!
I'm currently implementing an API using the form component in order to validate the payload sent (in conjonction with the FOSRestBundle). Unfortunatelly, we dig into an issue about the PATCH request which don't map some of our validation rules to the form. Basically, the violations are lost in the middle of the process.
### Use case
We have an entity with the following fields "type", "image" & "video". The field "type"can be either "default", "image" or "video" and then accordingly we use the appropriate field (none for the "default" type, video for the "video" type and image for the "image" type. Then, in our form, we change the validation groups according to our entity type in order to make the "image" field mandatory if the type is "image" and the same for the video field if the type is "video".
### Current behavior
The current behavior (since 2.5) seems to not propages a violation to a form if this form is not submitted but in our use case, changing the field "type" via a PATCH request triggers some new validation which should be reported to end user (inform that a field (video or image) is missing in the PATCH request).
### Expected behavior
The current behavior was introduced in #10567 but IMO, this update is a bug as suggested by @webmozart in https://github.com/symfony/symfony/issues/11493#issuecomment-59549054 Instead, the form component should still map validation errors to the form even if the field was not submitted. If the initial data is not valid, then your initial data was buggy from the beginning but the form should not accept it and instead of silently ignoring the errors, end users should be informed and fix it.
WDYT?
Commits
-------
c483a0f [Form] Consider a violation even if the form is not submitted
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Fix pipes cleaning on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19089
| License | MIT
| Doc PR | -
Commits
-------
d54cd02 [Process] Fix pipes cleaning on Windows
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Dont close the reponse stream in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19078
| License | MIT
| Doc PR | -
Because it's `terminate`'s job to clean the state, not the `Response`'s,
and because the current behavior prevents getting any output on trailing errors on FPM especially.
Commits
-------
2fbc200 [HttpKernel] Dont close the output stream in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Session] fix PDO transaction aborted under PostgreSQL
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14641
| License | MIT
| Doc PR |
Fixes the transactional concurrency error handling for PostgreSQL which does not allow to execute further queries in a transaction with an error.
Because of the loop, look at the diff with whitespace ignored to see the difference: https://github.com/symfony/symfony/pull/19101/files?w=1
Commits
-------
f8eefa0 [Session] fix PDO transaction aborted under PostgreSQL
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] changed MERGE queries
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17284
| License | MIT
| Doc PR | N/A
Changed the MERGE queries for Oracle and SQL Server to use question mark parameter markers so they work with emulation disabled or enabled - fixes#17284
Commits
-------
ebf3a2f Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Use InputInterface inherited doc as possible
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
In classes implementing `InputInterface`, the methods doc blocks are duplicated from the interface.
Sometimes descriptions are different from the interface's ones and, sometimes, the class doc is clearer. So I tried to keep always the most adapted one.
Commits
-------
b604be7 [Console] Use InputInterface inherited doc as possible
This PR was merged into the 2.7 branch.
Discussion
----------
FormBuilderInterface: fix getForm() return type.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
FormBuilderInterface->getForm() should depend on abstractions and
not implementations as a return type.
Commits
-------
3fa081c FormBuilderInterface: fix getForm() return type.
This PR was merged into the 2.7 branch.
Discussion
----------
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
| Q | A
| ------------- | ---
| Branch | 2.7
| Bug fix | no
| New feature | no
| BC breaks | no
| Deprecations | no
| Tests pass | yes
| License | MIT
In additional to #16965 PhpStorm supports `IteratorAggregate::getIterator` now. see https://blog.jetbrains.com/phpstorm/2016/06/phpstorm-2016-2-eap-162-844/
example
```
$collection = new \Symfony\Component\Routing\RouteCollection();
foreach ($collection as $route) {
$route->getHost();
}
```
Commits
-------
ede3556 add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
This PR was squashed before being merged into the 2.7 branch (closes#18732).
Discussion
----------
[PropertyAccess][DX] Enhance exception that say that some methods are missing if they don't
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18694
| License | MIT
| Doc PR |
When you try do define a manyToMany association but you don't give an array or \Traversable, the raised exception say that some methods are missing while they don't. This PR check if the adder and setter methods exists and if so, give a exception that pointing on the real problem.
Commits
-------
c46519b [PropertyAccess][DX] Enhance exception that say that some methods are missing if they don't
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Use UPSERT for sessions stored in PgSql >= 9.5
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
9569c74 [HttpFoundation] Use UPSERT for sessions stored in PgSql >= 9.5
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] added explanation of messages usage in a progress bar
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19031
| License | MIT
| Doc PR | symfony/symfony-docs#6544
The intent of progress bar messages is currently wrongly documented. This PR updates the phpdoc to hopefully better describe the usage of such messages.
So, basically, messages are a way to add dynamic information in the progress bar; information that cannot be computed by the progress bar (like for all other placeholders).
Commits
-------
d92f3ea [Console] added explanation of messages usage in a progress bar
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] force enabling the external XML entity loaders
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18876, #18908
| License | MIT
| Doc PR |
Commits
-------
12b5509 force enabling the external XML entity loaders