This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#11232).
Discussion
----------
[Routing] Fixes fatal errors with object resources in AnnotationDirectoryLoader::supports
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes fatal errors that occur in the supports method with objects that aren't string convertible / don't implement ArrayAccess. This is mostly a problem because some locators try to access a specific character in the resource name.
Since the resource is checked if it's a string either way, it's the most simple solution to just move that check a bit ahead.
Commits
-------
5e80585 Update AnnotationDirectoryLoader.php
This PR was submitted for the 2.7 branch but it was merged into the 2.3 branch instead (closes#17526).
Discussion
----------
Escape the delimiter in Glob::toRegex
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13531
| License | MIT
| Doc PR | -
Commits
-------
2c45f46 Escape the delimiter in Glob::toRegex
* 2.7:
fixed undefined variable
Fixed the phpDoc of UserInterface
fixed APCu dep version
make apc class loader testable against apcu without apc bc layer
Added support for the `0.0.0.0/0` trusted proxy
[DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
added missing constant
Added 451 status code
Remove unnecessary code
Allow absolute URLs to be displayed in the debug toolbar
[ClassLoader] Use symfony/polyfill-apcu
[HttpKernel] Lookup the response even if the lock was released after 2 seconds
* 2.3:
fixed undefined variable
Fixed the phpDoc of UserInterface
fixed APCu dep version
Added support for the `0.0.0.0/0` trusted proxy
[DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
[HttpKernel] Lookup the response even if the lock was released after 2 seconds
This PR was merged into the 2.3 branch.
Discussion
----------
Fixed the phpDoc of UserInterface
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13037
| License | MIT
| Doc PR | -
#13037 is the original issue ... which was tried to be fixed in #13146 ... which was closed without merging it.
Commits
-------
8e2a33e Fixed the phpDoc of UserInterface
This PR was merged into the 2.3 branch.
Discussion
----------
fixed APCu dep version
Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17428
| License | MIT
Commits
-------
3b7f4c7 fixed APCu dep version
This PR was merged into the 2.7 branch.
Discussion
----------
make apc class loader testable against apcu without apc bc layer
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
24160b3 make apc class loader testable against apcu without apc bc layer
This PR was merged into the 2.8 branch.
Discussion
----------
[Form][Security] update upgrade files with CSRF related option info
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6152
Commits
-------
1ecbb32 update upgrade files with CSRF related option info
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes#15706).
Discussion
----------
[framework-bundle] Added support for the `0.0.0.0/0` trusted proxy
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
It is relevant to my other PR: https://github.com/symfony/symfony/pull/14690
The original intention was to start accepting `0.0.0.0/0` as a trusted proxy (which is a valid CIDR notation).
The prupose is to allow all requests to be treated as trusted and to eliminate using dirty `['0.0.0.0/1', '128.0.0.0/1']` workaround.
Commits
-------
3188e1b Added support for the `0.0.0.0/0` trusted proxy
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Lookup the response even if the lock was released after two second wait
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While looking into #15813 I noticed that we [wait for the lock to be released for five seconds, but then only do a lookup if the lock was released in two seconds](fa604d3c6f/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php (L540-L562)), no more.
I think it's worth to make both values the same (so either two or five seconds). I see no reason why we should wait for the lock for five seconds, but then only do a lookup if we waited for two. One way the wait either takes too long, the other way we loose the opportunity to actually return a response.
Commits
-------
9963170 [HttpKernel] Lookup the response even if the lock was released after 2 seconds
This PR was squashed before being merged into the 2.3 branch (closes#17355).
Discussion
----------
[DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
No verification on doctrine-orm version has been provided since the `composer.json` requires `"doctrine/orm": "~2.4,>=2.4.5"` and performing a query with an object as array argument has been added in 2.2.0-BETA1 (see https://github.com/doctrine/doctrine2/blob/2.2.0-BETA1/lib/Doctrine/ORM/Persisters/BasicEntityPersister.php#L1511)
Commits
-------
5c2d534 [DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument
This PR was squashed before being merged into the 2.8 branch (closes#17330).
Discussion
----------
Limit the max height/width of icons in the profiler menu
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17329
| License | MIT
| Doc PR | -
Commits
-------
1f5f81c Limit the max height/width of icons in the profiler menu
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#17095).
Discussion
----------
[HttpFoundation] Added 451 status code
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
https://datatracker.ietf.org/doc/draft-ietf-httpbis-legally-restricted-status/?include_text=1
The HTTP 451 status code was approved by the ISG a few days ago on the 18th December '15.
Commits
-------
df8952f Added 451 status code
This PR was merged into the 2.3 branch.
Discussion
----------
[ClassLoader] Use symfony/polyfill-apcu
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
#17358 updated ApcClassLoader to use polyfill-apcu, but not ApcUniversalClassLoader
2.7 / 2.8 tests are in LegacyApcUniversalClassLoaderTest
Commits
-------
a0dc399 [ClassLoader] Use symfony/polyfill-apcu
This PR was merged into the 2.7 branch.
Discussion
----------
Allow absolute URLs to be displayed in the debug toolbar
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12221
| License | MIT
| Doc PR | -
If you agree with the original issue, this should do the trick. If you don't agree, please explain the reasons and close#12221. Thanks!
Commits
-------
11b63ff Allow absolute URLs to be displayed in the debug toolbar
* 2.7:
fixed test
[Request] Ignore invalid IP addresses sent by proxies
Throw for missing container extensions
[TwigBridge] add missing unit tests (AppVariable)
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
add defaultNull to version
sort bundles in config:dump-reference command
Fixer findings.
[Translation][Writer] avoid calling setBackup if the dumper is not an instance of FileDumper.
[FrameworkBundle] Compute the kernel root hash only one time
* 2.3:
[Request] Ignore invalid IP addresses sent by proxies
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
sort bundles in config:dump-reference command
Fixer findings.
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes#16736).
Discussion
----------
[Request] Ignore invalid IP addresses sent by proxies
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15525
| License | MIT
| Doc PR | n/a
The [RFC 7239](https://tools.ietf.org/html/rfc7239#section-6.2) allows other values that IP addresses to be passed in `Forwarded`header and [Nginx can add `unknown` to the `X-Forwarded-For`header](http://www.squid-cache.org/Doc/config/forwarded_for/).
To prevent these invalid IP addresses from being returned as "Client IP", this PR ensure that they are excluded.
Commits
-------
6578806 [Request] Ignore invalid IP addresses sent by proxies
This PR was submitted for the master branch but it was merged into the 2.8 branch instead (closes#17459).
Discussion
----------
[EventDispatcher] TraceableEventDispatcher resets event listener priorities
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15550
| License | MIT
| Doc PR | -
Commits
-------
233e5b8 [EventDispatcher] TraceableEventDispatcher resets listener priorities
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#17486).
Discussion
----------
[FrameworkBundle] Throw for missing container extensions
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
This covers the case when an existing bundle does not have an extension, and its config is dumped. Before, calling `app/console config:dump` on such bundle lead to FatalErrorException with ```Call to a member function getAlias() on null```, now we process such cases and throw an exception with some explanatory text.
Commits
-------
884368e Throw for missing container extensions
This PR was merged into the 2.8 branch.
Discussion
----------
Overriding profiler position in CSS breaks JS positioning
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The positioning of a profiler info block (open to the left or right) is [calculated using Javascript](https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig#L35). Since Symfony 2.8, the config/version panel is right-aligned and opens to the left. If another panel is added to the right of it, the panel cannot open correctly.
Styles are unset in https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig#L46-L47 but that means it is set back to the stylesheet settings, which results in `right:0, left:0` on the element.
Manual testing is fairly easy: Just add a CSS class `sf-toolbar-block-right` on one or multiple panels (e.g. Doctrine) that result in the Config panel to have enough room to open to the right.
Here's a screenshot of the problem:
![bildschirmfoto 2015-12-11 um 10 27 55](https://cloud.githubusercontent.com/assets/1073273/11740305/e2c94cfc-9ff1-11e5-86ae-1fd94ec5a93e.png)
The other option would be to set the position in javascript to `right: auto` instead of unsetting, but I prefer to fix invalid CSS ;-)
Commits
-------
79474a6 Profiler CSS position conflicts with JS detection
This PR was submitted for the 2.8 branch but it was merged into the 2.7 branch instead (closes#16859).
Discussion
----------
[TwigBridge] add missing unit tests (AppVariable)
Just add few missing unit tests.
---
| Q | A
| ------------- | ---
| Bug fix? | [no]
| New feature? | [no]
| BC breaks? | [no]
| Deprecations? | [no]
| Tests pass? | [yes]
| Fixed tickets | [n/a]
| License | MIT
| Doc PR | [n/a]
Commits
-------
156cdb5 [TwigBridge] add missing unit tests (AppVariable)
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes#16873).
Discussion
----------
Able to load big xml files with DomCrawler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
3dae825 Able to load big xml files with DomCrawler