This PR was merged into the master branch.
Commits
-------
51223c0 added upgrade instructions
50e6259 adjusted tests
98f3ca8 [Routing] removed tree structure from RouteCollection
Discussion
----------
[Routing] removed tree structure from RouteCollection
BC break: yes (see below)
Deprecations: RouteCollection::getParent(); RouteCollection::getRoot()
tests pass: yes
The reason for this is so quite simple. The RouteCollection has been designed as a tree structure, but it cannot at all be used as one. There is no getter for a sub-collection at all. So you cannot access a sub-collection after you added it to the tree with `addCollection(new RouteCollection())`. In contrast to the form component, e.g. `$form->get('child')->get('grandchild')`.
So you can see the RouteCollection cannot be used as a tree and it should not, as the same can be achieved with a flat array!
Using a flat array removes all the need for recursive traversal and makes the code much faster, much lighter, less memory (big problem in CMS with many routes) and less error-prone.
BC break: there is only a BC break if somebody used the PHP API for defining RouteCollection and also added a Route to a collection after it has been added to another collection.
So
```
$rootCollection = new RouteCollection();
$subCollection = new RouteCollection();
$rootCollection->addCollection($subCollection);
$subCollection->add('foo', new Route('/foo'));
```
must be updated to the following (otherwise the 'foo' Route is not imported to the rootCollection)
```
$rootCollection = new RouteCollection();
$subCollection = new RouteCollection();
$subCollection->add('foo', new Route('/foo'));
$rootCollection->addCollection($subCollection);
```
Also one must call addCollection from the bottom to the top. So the correct sequence is the following (and not the reverse)
```
$childCollection->->addCollection($grandchildCollection);
$rootCollection->addCollection($childCollection);
```
Remeber, this is only needed when using PHP for defining routes and calling methods in a special order. There is no change required when using XML or YAML for definitions. Also, I'm pretty sure that neither the CMF, nor Drupal routing, nor Silex is relying on the tree stuff. So they should also still work.
cc @fabpot @crell @dbu
One more thing: RouteCollection wasn't an appropriate name for a tree anyway as a collection of routes (that it now is) is definitely not a tree.
Yet another point: The XML declaration of routes uses the `<import>` element, which is excatly what the new implementation of addCollection without the need of a tree does. So this is now also more analogous.
---------------------------------------------------------------------------
by Koc at 2012-11-26T17:34:15Z
What benefit of this?
---------------------------------------------------------------------------
by Tobion at 2012-11-26T17:56:53Z
@Koc Why did you not simply wait for the description? ^^
---------------------------------------------------------------------------
by dbu at 2012-11-26T18:33:09Z
i love PR that remove more code than they add whithout removing functionality.
---------------------------------------------------------------------------
by Crell at 2012-11-26T18:49:52Z
There's an issue somewhere in Drupal where we're trying to use addCollection() as a shorthand for iterating over one collection and calling add() on the other for each item. We can't do that, however, because the subcollections are not flattened properly when reading back and our current dumper can't cope with that. So this change would not harm Drupal at all, and would mean I don't have fix a bug in our dumper. :-) I cannot speak for any other projects, of course.
---------------------------------------------------------------------------
by Tobion at 2012-11-27T19:06:34Z
Ok, this is ready.
* 2.0:
[TwigBundle] Moved the registration of the app global to the environment
needs to use simpleContent in xsd to allow empty elements
bumped Symfony version to 2.0.19-DEV
removed wrong routing xsd statement `mixed="true"`
removed unused attribute from routing.xsd
updated VERSION for 2.0.19
update CONTRIBUTORS for 2.0.19
updated CHANGELOG for 2.0.19
Conflicts:
CONTRIBUTORS.md
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
src/Symfony/Bundle/TwigBundle/TwigEngine.php
src/Symfony/Component/HttpKernel/Kernel.php
This makes the app global variable available also when accessing the Twig
environment directly instead of using the TwigEngine.
Conflicts:
src/Symfony/Bridge/Twig/CHANGELOG.md
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
src/Symfony/Bundle/TwigBundle/TwigEngine.php
* 2.1: (29 commits)
[DependencyInjection] fixed composer.json
[Validator] Fix typos in validators.ru.xlf
Edited some minor grammar and style errors in russian validation file
Updated Bulgarian translation
[Form] improve error message with a "hasser" hint for PropertyAccessDeniedException
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
[Form] simplified a test from previous merge
Update src/Symfony/Component/Form/Extension/Core/Type/FileType.php
fixed CS
Xliff with other node than source or target are ignored
small fix of #5984 when the container param is not set
Filesystem Component mirror symlinked directory fix
[Process][Tests] fixed chainedCommandsOutput tests
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
info about session namespace
fix upgrade info about locale
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
...
* 2.0:
[DependencyInjection] fixed composer.json
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
fixed CS
small fix of #5984 when the container param is not set
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
[Security] remove escape charters from username provided by Digest DigestAuthenticationListener
[Security] added test extra for digest authentication
fixed CS
[Security] Fixed digest authentication
[Security] Fixed digest authentication
[SecurityBundle] Convert Http method to uppercase in the config
Use Norm Data instead of Data
Conflicts:
src/Symfony/Bridge/Doctrine/Form/EventListener/MergeCollectionListener.php
src/Symfony/Bundle/FrameworkBundle/Controller/RedirectController.php
src/Symfony/Component/DependencyInjection/composer.json
This PR was merged into the master branch.
Commits
-------
c8e65a2 [FrameworkBundle][Routing] Resolve placeholders in hostnamePattern rules
Discussion
----------
[FrameworkBundle][Routing] Resolve placeholders in hostnamePattern rules
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #6135
License of the code: MIT
Currently the placeholders in the `hostname_pattern` rule are not resolved, so that's why this PR is it for.
---------------------------------------------------------------------------
by nomack84 at 2012-11-28T14:18:02Z
@fabpot Could you please merge this? I really need this fix to be solve.
Thanks!
In the previous form of twig's service definitions, it was impossible to
use a chain loader correctly because the TwigBundle was registering paths
on the twig.loader service. This patch fixes that by creating a
twig.loader.filesystem definition and an alias twig.loader that points
to twig.loader.filesystem by default.
this can happen when the config for the router is unset, but this method
does not need to depend on routing. reading an unset config would raise an exception.
This PR was merged into the 2.0 branch.
Commits
-------
64b54dc Use better default ports in urlRedirectAction
64216f2 Add tests for urlRedirectAction
Discussion
----------
Default to current port in urlRedirectAction
I was a bit surprised when I used urlRedirectAction from a non-standard port (8000) it redirected me to port 80. I would argue that the default should be to use the current port instead. This is a simple patch to change that. This should only break in the case someone is relying on the current default to redirect from a non-standard port to the standard port, which should be a really rare case...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:29:54Z
The idea is right but the implementation not. Seems this patch is not as "simple" as you said.
When you're on HTTPS and want to redirect to $scheme = HTTP, then it still uses the current HTTPS port which is wrong.
---------------------------------------------------------------------------
by flojon at 2012-11-11T20:36:47Z
Ah, I see the problem. So I guess the correct behavior would be to use the current port if staying with the same scheme or go to standard port if switching scheme. Unless the user has specified a port which will always override...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:42:18Z
That would be the best solution that is currently possible but not the best solution that should be possible.
Because if you switch scheme but the other scheme does not use the standard port, it still doesn't work.
Ideally the Request class had an option that allows to define the ports symfony should use for HTTP and HTTPS.
This logic is in RequestContext, but it's not used here.
---------------------------------------------------------------------------
by flojon at 2012-11-11T21:32:55Z
Bummer, I forgot to check if the current port is a standard port...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T21:35:13Z
add some tests
---------------------------------------------------------------------------
by flojon at 2012-11-11T23:28:18Z
Added tests and fixed my previous error
---------------------------------------------------------------------------
by flojon at 2012-11-15T18:25:12Z
@Tobion is there anything else I needed for this?
---------------------------------------------------------------------------
by fabpot at 2012-11-19T12:56:04Z
To be consistent with how we manage HTTP ports elsewhere, I'd rather use the values of the `request_listener.http_port` and `request_listener.https_port`:
```php
if (null === $httpPort) {
$httpPort = $this->container->getParameter('request_listener.http_port');
}
if (null === $httpsPort) {
$httpsPort = $this->container->getParameter('request_listener.https_port');
}
```
This is done in the `security.authentication.retry_entry_point` service and for the `router_listener` listener.
The parameter name is probably not the best one, but that could be changed then in master.
---------------------------------------------------------------------------
by flojon at 2012-11-19T13:49:18Z
@fabpot But then you would need to set that parameter manually right? It wouldn't automatically redirect you to the same port, which was what I wanted to achieve...
Could this be the right order of preference:
If a value was specified in the route use that.
Otherwise use the current port
unless switching scheme then use the parameter value
---------------------------------------------------------------------------
by fabpot at 2012-11-19T13:52:17Z
Your order of preference looks good to me.
---------------------------------------------------------------------------
by flojon at 2012-11-19T19:13:19Z
Man this was more involved than I thought... :)
Changed the logic to use the parameters when not using the current port. Also tried clean up the tests a little bit... Enjoy!
This PR was merged into the master branch.
Commits
-------
9f1cd84 moved most static assets directly into the templates
Discussion
----------
moved most static assets directly into the templates
This has been done for several reasons:
* for consistency with the way we already manage the WDT and the
profiler icons;
* it makes the Exception independent from the location of the assets
(and from the asset() function)
* this is the second step to make the WebProfiler useable outside the
full-stack framework
see dbcd171dd3
---------------------------------------------------------------------------
by stof at 2012-11-13T17:52:39Z
the images blue_picto_more and blue_picto_less are also used in DoctrineBundle (and probably in JMSDebuggingBundle but I haven't checked). Could you submit a PR inlining the images too before removing them ?
---------------------------------------------------------------------------
by fabpot at 2012-11-13T18:02:18Z
Any image useful for other bundles should not be deleted. So, if DoctrineBundle is using the blue_pico_* images, I'm going to revert their deletion.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-13T18:07:02Z
I'm using them in two bundles, JMSDebuggingBundle and JMSJobQueueBundle (same for the exception related templates).
---------------------------------------------------------------------------
by dlsniper at 2012-11-13T22:22:29Z
Wouldn't it be better to have the encoded icons in a separate CSS file as different classes/background images?
---------------------------------------------------------------------------
by fabpot at 2012-11-14T11:28:24Z
ok, I've reverted the removal of the images that might be useful in third-party bundles.
This has been done for several reasons:
* for consistency with the way we already manage the WDT and the
profiler icons;
* it makes the Exception independent from the location of the assets
(and from the asset() function)
* this is the second step to make the WebProfiler useable outside the
full-stack framework
see dbcd171dd3
* 2.1: (24 commits)
forced Travis to use source to workaround their not-up-to-date Composer on PHP 5.3.3
[Routing] removed irrelevant string cast in Route
Fixed typo
Make YamlFileLoader and XmlFileLoader file loading extensible
[HttpKernel] fix typo
Fixed singularization of "prices"
[Form] Removed an exception that prevented valid formats from being passed, e.g. "h" for the hour, "L" for the month etc.
[HttpKernel] fixed Client when using StreamedResponses (closes#5370)
fixed PDO session handler for Oracle (closes#5829)
[HttpFoundation] fixed PDO session handler for Oracle (closes#5829)
[Locale] removed a check that is done too early (and it is done twice anyways)
Update src/Symfony/Component/Validator/Resources/translations/validators.fa.xlf
Adding new localized strings for farsi validation.
[HttpFoundation] moved the HTTP protocol check from StreamedResponse to Response (closes#5937)
[Form] Fixed forms not to be marked invalid if their children are already marked invalid
[Form] Excluded some tests in NumberToLocalizedStringTransformerTest which fail on ICU 4.4, but work on ICU 4.8
added missing tests from previous merge
[Form] Fixed NumberToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
Fix export-ignore on Windows
Show correct class name InputArgument in error message
...
Conflicts:
.travis.yml
src/Symfony/Component/Form/Extension/Core/DataTransformer/NumberToLocalizedStringTransformer.php
The goal is to make things more decoupled and more reusable across
different bundles.
There will be a PR for the distribution bundle too to simplify the code
based on this PR.
This PR was merged into the master branch.
Commits
-------
56fe8d1 duplicated the code helper code to the Twig bundle
Discussion
----------
moved code helper code to the Twig bundle
These helpers are very specific and are only used in TwigBundle for the
profiler and the exception templates.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T09:12:56Z
Is there a reason for this BC break other than a cosmetical tweak?
If not strictly necessary, I'd like to see these kind of changes being scheduled for 3.0.
---------------------------------------------------------------------------
by fabpot at 2012-11-12T09:29:35Z
Of course, I don't want to make this change without a reason and indeed, I forgot to mention the why of this change. Let me explain.
I've been working on the integration of the Symfony web profiler into other OSS that use HttpKernel like Silex and Drupal for quite some time now. That's why I developed the new namespace feature in Twig, that's why I've refactored the web profiler to only use Twig and not the templating component. One of the last step is this PR, which reduces the number of dependencies to be able to use the WebProfiler bundle.
So, this change is not cosmetic, but one more step towards the goal of making the web profiler more reusable.
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T13:22:28Z
I see, makes sense. How about duplicating the code for now?
After looking through the history, it doesn't seem like it changes often
(the last real code change was a year ago). So, it should not be much more
maintenance effort, and we could keep BC here.
On Mon, Nov 12, 2012 at 10:29 AM, Fabien Potencier <notifications@github.com
> wrote:
> Of course, I don't want to make this change without a reason and indeed, I
> forgot to mention the why of this change. Let me explain.
>
> I've been working on the integration of the Symfony web profiler into
> other OSS that use HttpKernel like Silex and Drupal for quite some time
> now. That's why I developed the new namespace feature in Twig, that's why
> I've refactored the web profiler to only use Twig and not the templating
> component. One of the last step is this PR, which reduces the number of
> dependencies to be able to use the WebProfiler bundle.
>
> So, this change is not cosmetic, but one more step towards the goal of
> making the web profiler more reusable.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/5986#issuecomment-10281201>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-11-12T13:32:33Z
Of course, that's a possibility. But what for? I doubt that people are using this code. Are you using this code somewhere?
---------------------------------------------------------------------------
by schmittjoh at 2012-11-12T13:37:24Z
Yes, I believe that I'm using it both in JMSDebuggingBundle, and
JMSJobQueueBundle as both are rendering exception stack traces at some
point.
On Mon, Nov 12, 2012 at 2:32 PM, Fabien Potencier
<notifications@github.com>wrote:
> Of course, that's a possibility. But what for? I doubt that people are
> using this code. Are you using this code somewhere?
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/5986#issuecomment-10287353>.
>
>
---------------------------------------------------------------------------
by fabpot at 2012-11-12T14:11:50Z
ok, fair enough. The code is now in the framework bundle as well.
The code has been duplicated and not moved for BC reasons.
This code has been duplicated in the Twig bundle to be able to decouple
the web profiler and the exception templates.
* 2.1:
removed unused use statements
[Form] Adapted HTML5 format in DateTimeType as response to a closed ICU ticket
[2.1][HttpFoundation] Fixed Php doc in Request::get
bumped Symfony version to 2.1.4-DEV
updated VERSION for 2.1.3
update CONTRIBUTORS for 2.1.3
updated CHANGELOG for 2.1.3
merged branch jakzal/yamlDoubleQuotesDumperFix (PR #4320)
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the master branch.
Commits
-------
aecc9b1 fixed tests when OpenSsl is not enabled in PHP, renamed a missnamed test, added missing license doc blocks
ca567b5 fixed CS
5cdf696 added a SecureRandomInterface
234f725 rename String to StringUtils
5849855 moved the secure random dep for remember me as a constructor argument
248703f renamed Prng to SecureRandom
c0c8972 simplified the Prng code
e5dc7af moved the secure random class from JMSSecurityExtraBundle to Symfony (closes#3595)
Discussion
----------
[2.2][Security] Add a PRNG (closes#3595)
As per #3595, I have moved the secure random class from JMSSecurityExtraBundle to Symfony.
It has more impact than I expected ;)
As you will see, the implementation has been refactored a bit. The most notable change is that Doctrine support has been moved to the bridge with the addition of a proper Doctrine seed provider (Doctrine is not a special case anymore).
The Doctrine configuration has been moved to the DoctrineBundle: doctrine/DoctrineBundle#91schmittjoh/JMSSecurityExtraBundle#65 removes the code that has been moved.
---------------------------------------------------------------------------
by Seldaek at 2012-07-05T13:26:01Z
I'm all for more security features, and both the String class & the Prng class for wrapping openssl make a lot of sense IMO, but I fail to see the use of the rest.
If we just want a seed to have a fallback in case openssl is missing, I'd rather have a secret in the config.yml than a million classes to store the same secret in the DB. Maybe I'm missing something though? /cc @schmittjoh
---------------------------------------------------------------------------
by schmittjoh at 2012-07-05T16:32:10Z
Having the configuration in different places (SecurityBundle & DoctrineBundle) feels a bit weird. I would prefer an approach similar to ACL, or the user provider/firewall section with factories. The latter being a bit more work to implement and the former potentially asking for complaints about too tight coupling to Doctrine.
Regarding testing, we probably need to move the disableOpenSsl method to the SecureRandom class in order to allow OpenSSL to be disabled for testing and we also need to change the byte generation algorithm to produce the same output for the same starting seed. I agree that it does not make sense to introduce an interface for SecureRandom as only the seed providers should be replaced.
As for the seed itself, it is constantly updated and does not stay the same as in the beginning. Thus, we need a provider that we can write to, and not only read from. I'm also not sure about using OpenSSL on Windows as I have read enough resources which claimed that the entropy on Windows is not always good (including OpenSSL docs). Always using the custom seed provider at least always ensured proper entropy even if OpenSSL's speed issues have been fixed in newer PHP versions.
---------------------------------------------------------------------------
by stof at 2012-07-05T16:44:24Z
@schmittjoh everything is in SecurityBundle now as it does not use a database anymore
---------------------------------------------------------------------------
by stof at 2012-07-05T16:44:59Z
and there is no seed provider anymore either
---------------------------------------------------------------------------
by schmittjoh at 2012-07-05T16:53:39Z
Not having a seed provider is not such a good idea, but having a file-based seed provider is.
---------------------------------------------------------------------------
by Seldaek at 2012-07-05T17:01:18Z
@schmittjoh why would you need to replace the seed provider? Don't you think that people serious about security to the point that they would want a stronger seed provider would enable openssl instead?
---------------------------------------------------------------------------
by stof at 2012-07-05T17:06:50Z
Well, what I meant is that there is no interchangeable provider anymore. The Prng class uses the file directly.
And btw, I think the Prng class should be mockable for tests, so it should either have an interface or not be final (I vote for adding an interface)
---------------------------------------------------------------------------
by jalliot at 2012-07-09T18:46:12Z
@fabpot @schmittjoh What about using more fallbacks for `openssl_random_pseudo_bytes` like in @Seldaek's post ["Unpredictable hashes for humans"](http://seld.be/notes/unpredictable-hashes-for-humans)?
Trying `mcrypt_create_iv` first might also be faster.
---------------------------------------------------------------------------
by Seldaek at 2012-07-10T08:52:46Z
@jalliot I think mcrypt should be after if you make it use /dev/urandom, not 100% sure but openssl is probably higher quality than urandom.
---------------------------------------------------------------------------
by schmittjoh at 2012-07-10T09:12:07Z
The fallback algorithm that I added should be enough (it passes the
statistical randomness tests).
On Tue, Jul 10, 2012 at 10:52 AM, Jordi Boggiano <
reply@reply.github.com
> wrote:
> @jalliot I think mcrypt should be after if you make it use /dev/urandom,
> not 100% sure but openssl is probably higher quality than urandom.
>
> ---
> Reply to this email directly or view it on GitHub:
> https://github.com/symfony/symfony/pull/4763#issuecomment-6870145
>
---------------------------------------------------------------------------
by stof at 2012-10-13T17:20:06Z
@fabpot please send a PR to the doc so that this can be merged 😃
---------------------------------------------------------------------------
by stof at 2012-10-13T17:22:08Z
hmm, actually, some comments have not been taken into account yet so it is not ready to be merged
---------------------------------------------------------------------------
by stof at 2012-10-27T07:14:43Z
you forgot the SecureRandom file
---------------------------------------------------------------------------
by fabpot at 2012-10-27T08:49:54Z
I think I've addressed all the comments. If everyone agree with the current implementation, I'm going to start updating the documentation.
---------------------------------------------------------------------------
by fabpot at 2012-10-27T10:51:15Z
I've fixed the remaining CS issues.
---------------------------------------------------------------------------
by fabpot at 2012-10-28T07:00:31Z
Documentation is here: symfony/symfony-docs#1858
This PR was merged into the 2.1 branch.
Commits
-------
3553276 [ConfigDumpReference] avoid notice for variable nodes
Discussion
----------
[ConfigDumpReference] avoid notice for variable nodes
When a variable node has an array as default value, a notice occurs later on because of an "array to string conversion", which is turned to an exception in debug mode (mandatory in order to run this command).
* 2.1: (28 commits)
Delete use of CreationExeption
[Form] Fixed error message in PropertyPath to not advice to use a non-existing feature
[Form] Fixed creation of multiple money fields with different currencies
[Form] Fixed setting the "data" option to an object in "choice" and "entity" type
Fixed Serbian plural translations.
Fixed IPv6 Check in RequestMatcher
Fix typo
change what I think is a typo
[Console] Fix error when mode is not in PATH
[WebProfilerBundle] fixed macro usage (to be forward compatible with Twig 2.x)
Change monolog require-dev to use the branch alias instead of dev-master
[FrameworkBundle] partially reverted previous merge
[2.1] Added missing error return codes in commands
Made the router lazy when setting the context
[WebProfilerBundle] fixed typos
Fix incorrect variable in FileProfilerStorage
UnitTest fix
UnitTest fix
added a unit test
fixed#5384
...
This PR was squashed before being merged into the 2.1 branch (closes#5586).
Commits
-------
6b66bc3 [2.1] Added missing error return codes in commands
Discussion
----------
[2.1] Added missing error return codes in commands
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
See: #5585
---------------------------------------------------------------------------
by fabpot at 2012-09-24T12:10:47Z
Exit code values are standardized and some values have some well-defined meaning. Have a look here for more info: https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Process/Process.php#L67
This PR was merged into the master branch.
Commits
-------
b31ae34 [WebProfilerBundle] Remove the now unneeded BC var and fixed a typo
d07ce03 [TwigBundle] Moved the registration of the app global to the environment
Discussion
----------
[TwigBundle] Moved the registration of the app global to the environment
This makes the app global variable available also when accessing the Twig
environment directly instead of using the TwigEngine.
The controllers are not relying on the DIC anymore and only Twig
is used for rendering (instead of the Templating component).
The Exception controller has not been updated yet as it relies on many
external dependencies (and other bundles).
This has been done for several reasons:
* for consistency with the way we already manage the WDT icons;
* it makes the WebProfiler independant from the location of the assets (and from the asset() function)
* this is the very first step to make the WebProfiler useable outside the full-stack framework (more commits soon)
There is still one asset() call though, which will be removed later on.
[Security] changed default iterations of Pbkdf2PasswordEncoder to 1000 instead of 5000
[Security] Improved description of PBKDF2 encoder
[SecurityBundle] added PBKDF2 PasswordEncoder
updated CHANGELOG.md
[Security] Use the build-in hash_pbkdf2() when available
[SecurityBundle] added information about hash_algorithm for configuration
[Security] always check algorithm and fixed CS
* 2.1:
fixed CS
added doc comments
added doc comments
[Validator] Updated swedish translation
Update src/Symfony/Component/Validator/Resources/translations/validators.de.xlf
[2.1] Exclude tests from zips via gitattributes
[HttpKernel][Translator] Fixed type-hints
Updated lithuanian validation translation
[DomCrawler] Allows using multiselect through Form::setValues().
[Translation] forced the catalogue to be regenerated when a resource is added (closes symfony/Translation#1)
Unit test for patched method OptionsResolver::validateOptionValues().
validateOptionValues throw a notice if an allowed value is set and the corresponding option isn't.
[Form] Hardened code of ViolationMapper against errors
[HttpFoundation] Fixed#5611 - Request::splitHttpAcceptHeader incorrect result order.
[Form] Fixed negative index access in PropertyPathBuilder
Update src/Symfony/Component/Validator/Resources/translations/validators.ro.xlf
Conflicts:
src/Symfony/Component/DomCrawler/Form.php
src/Symfony/Component/Process/Process.php
This PR was merged into the master branch.
Commits
-------
4b86765 [FrameworkBundle] recursively resolve container parameter placeholders for arrays in router _defaults
Discussion
----------
[2.2] [FrameworkBundle] avoid trying to resolve container placeholders on arrays on router _defaults
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~
Permits to pass arrays in route `_defaults`.
---------------------------------------------------------------------------
by stof at 2012-07-20T13:07:36Z
This seems weird. An array could contain parameters in it.
---------------------------------------------------------------------------
by docteurklein at 2012-07-20T13:17:00Z
@stof An object too then, no ? Why accepting objects but not arrays ? Would you propose to recursively resolve array values ?
---------------------------------------------------------------------------
by stof at 2012-07-20T13:31:06Z
@docteurklein Resolving array values recursively would be consistent with the way the DIC parameters are resolved. I don't really see how you would resolve objects (and btw, it is pretty much an edge case as you cannot really put an object in your routes if you define them in your YAML or XML config files or with annotations)
---------------------------------------------------------------------------
by docteurklein at 2012-07-20T13:36:43Z
@stof I agree. I can manage recursive array resolving if needed.
---------------------------------------------------------------------------
by fabpot at 2012-07-23T13:58:07Z
Can you squash your commits before I merge? Thanks.
---------------------------------------------------------------------------
by docteurklein at 2012-07-23T14:39:17Z
@fabpot done.
In a template, you can now use native Twig template names, instead of
the Symfony ones:
Before (still works):
{% extends "AcmeDemoBundle::layout.html.twig" %}
{% include "AcmeDemoBundle:Foo:bar.html.twig" %}
After:
{% extends "@AcmeDemo/layout.html.twig" %}
{% include "@AcmeDemo/Foo/bar.html.twig" %}
Using native template names is also faster.
The only drawback is that the new notation looks similar to the way we
locate resources in Symfony, which would be
@AcmeDemoBundle/Resources/views/Foo/bar.html.twig. We could have used
the same notation, but it is rather verbose (and by the way, using this
notation did not work anyway in templates).
The ContainerAwareTraceableEventDispatcher class was tied to both the
Symfony container and the HttpKernel profiler. It made it non reusable
in another context.
The new TraceableEventDispatcher only keeps the HttpKernel profiler
integration and is able to wrap any other event dispatcher. It makes it
reusable in frameworks using the Symfony HttpKernel component like
Silex.
The only drawback is that we don't have access to the listener
priorities in the collected data anymore (but the listeners are still
ordered correctly). The change is still worth it I think.
This PR was squashed before being merged into the master branch (closes#5518).
Commits
-------
3303ca2 WPB and WDT improvements
be194cb Changed icons to be a bit more consistent
08241b8 Added minimize option to Web Profiler panels
Discussion
----------
[2.2][WebProfilerBundle] Added minimize option to Web Profiler panels
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~
I've added a minimize option to the profiler bundle so that you can have more space to work with on the panels.
You can view it in action here:http://sf2demo.rodb.ro/app_dev.php/
Feedback is welcomed!
Thanks!
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T13:36:51Z
I could add a remember option via a cookie if you think this would help, I know I'd want one, but I'm not sure about the general opinion about this. Let me know if I should do it.
---------------------------------------------------------------------------
by stof at 2012-09-15T17:05:58Z
The profiler is totally broken when minimizing the menu in your demo.
---------------------------------------------------------------------------
by lennerd at 2012-09-15T17:10:54Z
I would not make it disappear completely. So I think a combination of Cookie and a small visual for open it again would be great to have.
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T17:15:06Z
@stof I've only enabled a few panels to work in the demo, rest defaults to DB panel. If this is what you mean then it's not broken, it's designed to do so. I've tested the thing on Opera, FF and Chrome (on Linux) before uploading the demo/PR so I'm not sure what's broken. Can you please provide a screenshot?
@lennerd I could be doing something like only display it in the upper left corner and appear on mouse over as an overlay. Would that be better?
---------------------------------------------------------------------------
by stof at 2012-09-15T17:21:22Z
@dlsniper what I mean is that the text of the menu does not disappear. It simply goes over the panel itself as the menu becomes smaller. And this appears for all panels I tried.
---------------------------------------------------------------------------
by stof at 2012-09-15T17:22:32Z
hmm, sorry. It is a browser cache issue. It seems like your server was sending cache headers for the assets, and as I already looked at the demo previously (for your DoctrineBundle PR), it kept the old CSS
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T17:25:09Z
@stof no problem, the server is configured a bit more on caching side in order to speed it up and save bandwidth ;)
---------------------------------------------------------------------------
by lennerd at 2012-09-15T17:38:41Z
@dlsniper I would use the close button changing to maybe an arrow in the bottom right. So it's more intuitive and you can simply show and hide it if you only want to take a quick look at a small detail behind it.
---------------------------------------------------------------------------
by henrikbjorn at 2012-09-15T18:08:02Z
What about making this the default, the icons are self explanatory already. The title would then be the "link" text instead.
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T20:30:51Z
@henrikbjorn I wouldn't make this by default as new people might find it a bit confusing. Hence the suggestion to use the cookie to remember the preference.
---
Also I'm trying not to break the current format of the menu too much as hiding all that stuff by hand is pain but if I'm allowed to break the current way of displaying the left menu then this is going to be easy.
What I didn't understood so far is why is the toolbar displayed on the top as well since we have it on the left side already so I've remove it from my current changes (will be up soonish).
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T21:10:03Z
@lennerd what exactly do you mean by 'I would use the close button' there's no close button on the profiler page, only on the toolbar.
---------------------------------------------------------------------------
by lennerd at 2012-09-15T21:21:20Z
That was the button I was talking about. So that there is a little close button at the bottom right for toggling the toolbar.
---------------------------------------------------------------------------
by dlsniper at 2012-09-15T23:14:06Z
I've changed the way the menu minimizes now, it hides in the top left corner and it maintains its state on refresh. I'll do something similar for the toolbar tomorrow.
You can view it on the same URL.
Please do leave feedback. Thanks!
---------------------------------------------------------------------------
by lennerd at 2012-09-16T01:02:27Z
Sorry. I misunderstand your PR.
---------------------------------------------------------------------------
by stof at 2012-09-16T03:01:06Z
@dlsniper The toolbar is displayed at the top because it gives a quick overview without having to go in each panel. So removing it is a bad idea IMO.
And hiding everything is a bad idea IMO. It means navigating is impossible, making it usable when minimizing it (and btw, this would make the cookie a non-sense as it would hide the menu for subsequent pages)
---------------------------------------------------------------------------
by fabpot at 2012-09-16T06:38:08Z
-1 for removing the toolbar at the top
I prefer the first version where you only hide the menu text but leave the icons. Keeping the state in a cookie is also a must (that cookie might be used to store some other states in the profiler too).
---------------------------------------------------------------------------
by Partugal at 2012-09-16T08:14:11Z
i'm not see first version but show icons without text is more useful.
imho minimize trigger should be always placed on top as it showns in minized state
---------------------------------------------------------------------------
by Partugal at 2012-09-16T08:24:49Z
http://s14.postimage.org/qkdcr8d4h/image.png
---------------------------------------------------------------------------
by dlsniper at 2012-09-16T09:06:50Z
@fabpot I've just had a look on how the timeline stores the selected value and it's using the local storage capabilities. Should I drop the cookie and use the local storage as well to have some sort of uniformity?
Also is there any reason why no generic JS library is used? I'm thinking now about jQuery mostly but any other should do just fine I think. I'm not saying that we should use a library when displaying the WDT as it might bump into issues with the frontend but for the rest of the profiler I guess it wouldn't be a problem to use a library, no?
---------------------------------------------------------------------------
by fabpot at 2012-09-16T09:15:37Z
Let's use the local storage for better consistency. I don't want to embed a JS library as we only need basic JS scripts.
---------------------------------------------------------------------------
by lennerd at 2012-09-16T10:29:20Z
@dlsniper Do we need the up and down arrows any longer?
---------------------------------------------------------------------------
by dlsniper at 2012-09-16T14:24:27Z
I've added a minimize mode to the toolbar but the 'design' isn't the best all around, I'll try to improve it in the future.
It also remembers the state of the toolbar so that you don't need to hide it every time.
@lennerd we don't need the up/down arrows for now, I've removed on the last commit. Thank you for the new icons ;)
L.E.
I've made some sort of rounded corner/gradient background in for the minimized toolbar
---------------------------------------------------------------------------
by dlsniper at 2012-09-18T22:02:35Z
@pborreli thanks for the idea regarding to auto-minimize on window resize, I'll implement it soon, I don't really have time right now to add the event handling part to Sfjs.
L. E.
I'm not going to implement the auto-resize as it proved not to be that useful given the fixed width of the panel. If it proves to be a requested thing then I'll improve it if no one else does it before me :)
---------------------------------------------------------------------------
by dlsniper at 2012-09-19T20:52:43Z
If there's nothing else left to be changed/improved/added, I'll lift the WIP tag of this PR so that it can be merged if you consider it.
@fabpot, if this gets its way to the repository, should I rebase this before merging so that it catches the next Symfony 2.1 release as it doesn't break anything? I don't mean the very next release which I've read that it would be done when Doctrine will release their new version but the version after that.
---------------------------------------------------------------------------
by fabpot at 2012-09-19T20:56:45Z
This is a new feature, so it can only be included in the master branch.
---------------------------------------------------------------------------
by dlsniper at 2012-09-23T12:27:41Z
As soon as this feature goes in master I'll start working on adding AJAX requests to the toolbar to make it even more useful.
Let me know if this change is good to merge or needs more work.
Thanks @stof for all the input and @lennerd for the icons.
---------------------------------------------------------------------------
by stof at 2012-09-23T13:40:38Z
Adding which ajax requests to the toolbar ?
---------------------------------------------------------------------------
by dlsniper at 2012-09-23T13:49:43Z
'Userland' AJAX requests, so that one could access the information from an AJAX request more straight forward
* 2.1:
Added Base64 encoding, decoding to MongoDBProfilerStorage
Fix duplicated code and a field name
refactor src/Symfony/Component/Translation/Loader/MoFileLoader.php
fixed typo
Update src/Symfony/Component/Validator/Resources/translations/validators.pl.xlf
fixed issue #5596 (Broken DOM with the profiler's toolbar set in position top)
[Form] Fixed the testsuite for PHPUnit 3.6 as travis still uses it
added dirs generated by build-data.php in locale component to .gitignore
[Process] Fixed bug introduced by 7bafc69f38.
[Process][Tests] Prove process fail (Add more test case)
[Process][Tests] Prove process fail
[HttpFoundation] Fixed the tests
[DomCrawler] Added test for supported encodings by mbstring
[Config] Fixed preserving keys in associative arrays
[Console] Fixed return value for Command::run
[Locale] Fixed tests
[Console] Fix some input tests
[Filesystem] Fixed tests on Windows
[Config] Fixed tests on Windows
Commits
-------
22e9036 updated CHANGELOG
bafe890 [FrameworkBundle] changed Client::enableProfiler() behavior to fail silently when the profiler is not available (it makes it easier to write functional tests)
f41872b [FrameworkBundle] added a way to enable the profiler for the very next request in functional tests (closes#4307)
67b91e5 [HttpKernel] added a way to enable a disable Profiler
Discussion
----------
[2.2] added a way to enable the profiler for the very next request in a functional test
Bug fix: yes/no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #4307
Todo: -
License of the code: MIT
Documentation PR: should be done before merging
After merging this PR, we need to disable the profiler in the test environment in Symfony SE.
* 2.1:
Create CONTRIBUTING.md file for auto-linking in PR's
Added Bulgarian translation
[Profiler]Use the abstract method to get client IP
Typo fix
Fixing incorrect word in twig:lint command description
Rename $key parameter to $name for consistency
=Minor chnage: replaced function by method
Fixed the phpdoc in the DependencyInjection component
Commits
-------
3f8127c fixed '0' problem
7bec460 fixed phpdoc
4c5bfab [FrameworkBundle] non-permanent redirect should be status code 404 according to spec
Discussion
----------
[FrameworkBundle] non-permanent redirect to unknown location with 404
according to spec: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html see 410 Gone
bc break: tiny when omitting 2 parameter (I can avoid this with `func_num_args` but i think its not necessary and makes the code strange and inconsistent)
* 2.0:
updated VERSION for 2.0.17
updated CHANGELOG for 2.0.17
updated vendors for 2.0.17
fixed XML decoding attack vector through external entities
prevents injection of malicious doc types
disabled network access when loading XML documents
refined previous commit
prevents injection of malicious doc types
standardized the way we handle XML errors
Redirects are now absolute
Conflicts:
CHANGELOG-2.0.md
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/HttpKernel/Kernel.php
tests/Symfony/Tests/Component/DependencyInjection/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Routing/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Serializer/Encoder/XmlEncoderTest.php
tests/Symfony/Tests/Component/Translation/Loader/XliffFileLoaderTest.php
tests/Symfony/Tests/Component/Validator/Mapping/Loader/XmlFileLoaderTest.php
vendors.php
Commits
-------
85a53c1 [FrameworkBundle] fixed *FrameworkExtensionTest::testTranslator fail on Windows on master branch
Discussion
----------
[FrameworkBundle] fixed *FrameworkExtensionTest::testTranslator fail on Windows on master branch
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #5345
Todo: -
License of the code: MIT
Documentation PR:
fixed using some
str_replace('/', DIRECTORY_SEPARATOR, <value>)
so it works on Windows because it replaces the / in \ and shouldn't affect linux based OS, since it will replace / with /.
Not very nice, but it works, if anyone wants to do better, he/she is most welcome.
Commits
-------
933e821 Add minimum-stability (dev) in each component
Discussion
----------
Add minimum-stability (dev) in each component
This fixes the ability to run the test suite in each component if a `composer install` is needed.
---------------------------------------------------------------------------
by stof at 2012-08-22T13:57:14Z
If you really want to run the testsuite standalone, some dev requirements are missing (SecurityBundle needs the FrameworkBundle for its functional tests for instance). If you have some time to check the missing dev requirement, it would be great.
Anyway, 👍 for this
---------------------------------------------------------------------------
by willdurand at 2012-08-22T13:59:15Z
Yes I already did that once. I'll try to fix more components later.
On Wed, Aug 22, 2012 at 3:57 PM, Christophe Coevoet <
notifications@github.com> wrote:
> If you really want to run the testsuite standalone, some dev requirements
> are missing (SecurityBundle needs the FrameworkBundle for its functional
> tests for instance). If you have some time to check the missing dev
> requirement, it would be great.
> Anyway, [image: 👍] for this
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/symfony/symfony/pull/5318#issuecomment-7934886>.
>
>
---------------------------------------------------------------------------
by stof at 2012-08-22T14:02:23Z
Well, I think most components should be good now (as some work has been done on them). But the bridges and bundles may need some work (bundles were not having any dev requirements until yesterday when @guilhermeblanco added some on FrameworkBundle)
---------------------------------------------------------------------------
by pborreli at 2012-08-22T14:14:00Z
what about having for each READ-ONLY repo his own .travis.yml and travisci hook activated ?
---------------------------------------------------------------------------
by fabpot at 2012-08-22T14:30:13Z
please, don't add more travis files. The main already tests everything, and that's all we need.
---------------------------------------------------------------------------
by stof at 2012-08-22T14:33:46Z
@pborreli tests should not be different for subtree split repos as the code is the same and the tests are the same (except that more tests could be skipped because of missing deps).
Note that for the bundles, it is likely to be different currently as I think some skip tests are missing (just like dev requirements are). But fixing this does not require enablign travis.
---------------------------------------------------------------------------
by pborreli at 2012-08-22T14:42:30Z
ok, i was just thinking about a way to be sure each component is usable individually but yeah that would require to relaunch each tests and add a bunch of travis files + hook
---------------------------------------------------------------------------
by hason at 2012-08-24T13:12:04Z
@stof, @eriksencosta, @fabpot: Tests are different for Locale component, see #5235
---------------------------------------------------------------------------
by stof at 2012-08-24T13:35:07Z
@hason no. You also need to do it when running the tests of the Locale component as part of the full run.
Commits
-------
9c20634 fixes pre for var_dump with xdebug
Discussion
----------
Displaying var_dump with xdebug in exceptions
When debugging code I often use `var_dump` to quickly look into variables. Since 2.1 alle output generated by `var_dump` is displayed in one line. http://screencast.com/t/11LuIlIdHsvP
It seems to be no problem for small objects, but it becomes a real pain when displaying huge arrays or objects.
This is caused by the changed word-wrapping for the pre tag introduced in #3827
With fix: http://screencast.com/t/GdA3dkpWxU
---------------------------------------------------------------------------
by dlsniper at 2012-08-17T17:22:38Z
👍
Commits
-------
cdfbe72 handle inheritance in config:dump-reference when a bundle name is passed to the command
Discussion
----------
handle inheritance in config:dump-reference
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: ?
Fixes the following tickets: -
License of the code: MIT
Currently when passing in a bundle name that identifies a bundle that is a parent to another bundle, it will not return the reference for the requested bundle, but for the inheriting (even if that bundle has no configuration class).
F.e.
app/console config:dump-reference SymfonyCmfBlockBundle
will fail if there is a Bundle SandboxBlockBundle that has SymfonyCmfBlockBundle set as the parent.
* 2.0:
Fixes incorrect class used in src/Symfony/Bundle/FrameworkBundle/Console/Application.php
[FrameworkBundle] added test for fix broken command registration
corrected phpdoc
Issue must be related to commit 7a5f614240 (merged 2.0), specifically this file src/Symfony/Bundle/FrameworkBundle/Console/Application.php, lines 86-88.
Presumably to do "instanceof Bundle" correct class has to be imported at the top of the file:
instead of
use Symfony\Component\HttpKernel\Bundle;
this should be
use Symfony\Component\HttpKernel\Bundle\Bundle;
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Console/Application.php
Commits
-------
0b78fdf Only call registerCommand on bundles that is an instance of Bundle
Discussion
----------
Only call registerCommand on bundles that is an instance of Bundle
Fixes GH-5133
---------------------------------------------------------------------------
by travisbot at 2012-08-01T09:41:05Z
This pull request [fails](http://travis-ci.org/symfony/symfony/builds/2008252) (merged 0b78fdff into 1da896dc).
---------------------------------------------------------------------------
by henrikbjorn at 2012-08-01T10:05:00Z
Build failed because of HTTP request error.
---------------------------------------------------------------------------
by lsmith77 at 2012-08-01T11:31:08Z
wondering if it would be good if you could include the commit from #5133 in this PR .. then we get the test and the fix at once.
Commits
-------
b982883 [Form] Moved FormHelper back to FrameworkBundle
cb62d05 [Form] [Validator] Fixed issues mentioned in the PR
2185ca8 [Validator] Added entry point "Validation" for more convenient usage outside of Symfony2
ed87361 [Form] Moved FormHelper creation to TemplatingExtension
87ccb6a [Form] Added entry point "Forms" for more convenient usage outside of Symfony
Discussion
----------
[Form] [Validator] Added more convenient entry points for stand-alone usage
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
This PR greatly simplifies the usage of the Form and Validator component when used outside of Symfony2. Check out the below code to get an idea about the simplified usage:
```php
<?php
use Symfony\Component\Validator\Validation;
use Symfony\Component\Validator\Mapping\Cache\ApcCache;
use Symfony\Component\Form\Forms;
use Symfony\Component\Form\Extension\HttpFoundation\HttpFoundationExtension;
use Symfony\Component\Form\Extension\Csrf\CsrfExtension;
use Symfony\Component\Form\Extension\Csrf\CsrfProvider\SessionCsrfProvider;
use Symfony\Component\Form\Extension\Templating\TemplatingExtension;
use Symfony\Component\Form\Extension\Validator\ValidatorExtension;
use Symfony\Component\HttpFoundation\Session;
use Symfony\Component\Templating\PhpEngine;
$session = new Session();
$secret = 'V8a5Z97e...';
$csrfProvider = new SessionCsrfProvider($session, $secret);
$engine = new PhpEngine(/* ... snap ... */);
$validator = Validation::createValidator();
// or
$validator = Validation::createValidatorBuilder()
->addXmlMapping('path/to/mapping.xml')
->addYamlMapping('path/to/mapping.yml')
->addMethodMapping('loadValidatorMetadata')
->enableAnnotationMapping()
->setMetadataCache(new ApcCache())
->getValidator();
$formFactory = Forms::createFormFactory();
// or
$formFactory = Forms::createFormFactoryBuilder()
// custom types, if you're too lazy to create an extension :)
->addType(new PersonType())
->addType(new PhoneNumberType())
->addTypeExtension(new FormTypeHelpTextExtension())
// desired extensions (CoreExtension is loaded by default)
->addExtension(new HttpFoundationExtension())
->addExtension(new CsrfExtension($csrfProvider))
->addExtension(new TemplatingExtension($engine, $csrfProvider, array(
'FormBundle:Form'
))
->addExtension(new ValidatorExtension($validator))
->getFormFactory();
$form = $formFactory->createBuilder()
->add('firstName', 'text')
->add('lastName', 'text')
->add('age', 'integer')
->add('gender', 'choice', array(
'choices' => array('m' => 'Male', 'f' => 'Female'),
))
->getForm();
if (isset($_POST[$form->getName()])) {
$form->bind($_POST[$form->getName()]);
if ($form->isValid()) {
// do stuff
}
}
return $engine->render('AcmeHelloBundle:Hello:index.html.php', array(
'form' => $form->createView(),
));
```
---------------------------------------------------------------------------
by bschussek at 2012-07-30T10:08:42Z
I should maybe add a comment about the benefits of this change, in case they are not self-explanatory:
* class construction with default configuration is now a one-liner
* userland code is decoupled from core implementations → userland code doesn't break if we change constructor signatures
* easier to understand, since many core classes are now created internally
* easy to discover the possible settings → just look at (FormFactory|Validator)BuilderInterface
* usage of custom interface implementations is supported, just like before
---------------------------------------------------------------------------
by fabpot at 2012-07-31T08:18:53Z
The new syntax is great.
I have one comment though about this PR about support of PHP as a templating system (support for Twig is provided by the bridge and it was already easy to configure Twig as a templating system for forms -- see Silex for instance).
The `FormHelper` has been moved into the Form component. This helper is only useful when using the PHP templating system (which is not what we recommend people to use), but the default templates are still in the Framework bundle. So using the Form component as standalone with PHP as a templating system still requires to install the bundle to get access to the default templates. Am I missing something? Do we want to move the PHP templates to the Form component too?
---------------------------------------------------------------------------
by stof at 2012-07-31T08:28:28Z
@fabpot it is even worse than that: the FormHelper currently uses the theme by using ``$theme . ':' . $block . '.html.php`` IIRC. This is not compatible with the default template name parser of the component expecting a path. And the FrameworkBundle template name parser does not support accessing a template outside a bundle AFAIK.
So moving the templating to the component would require some refactoring in the FormHelper and the template name parser. However, I think it is worth it. Some people complained that using the form rendering (outside the full-stack framework) was requiring either setting up Twig with the bridge, or adding FrameworkBundle in the project (which means including most of the code of the full-stack framework). Having the Templating rendering in the standalone component could be a great idea
---------------------------------------------------------------------------
by fabpot at 2012-07-31T08:42:53Z
But then, I don't want to promote the Templating component or the PHP templating system. Twig is always a better alternative and this should be what people use most of the time, PHP being the rare exception.
Anyway, we are too close from the first 2.1 RC, so any big refactoring will have to wait for 2.2.
---------------------------------------------------------------------------
by stof at 2012-07-31T09:02:10Z
then maybe we should keep the FormHelper in FrameworkBundle for now as it is tied to the FrameworkBundle template name parser anyway currently.
---------------------------------------------------------------------------
by bschussek at 2012-07-31T14:22:35Z
> it it is even worse than that: the FormHelper currently uses the theme by using ``$theme . ':' . $block . '.html.php`` IIRC. This is not compatible with the default template name parser of the component expecting a path.
This is why the templates are still in FrameworkBundle. I think they should be moved too, but then we have to change
* the default theme to an absolute file path
* the FrameworkBundle name parser to accept absolute paths
I think this can wait until 2.2. Baby steps.
> I don't want to promote the Templating component or the PHP templating system.
We can both promote Twig while making Templating as easy to use as possible. If people want to use Templating, they probably have a reason. We don't have to make their lives more painful than necessary.
Btw: Templating is a *lot* faster for rendering forms than Twig. On Denis' form, Templating takes 1.15 seconds while Twig takes 2.
About moving the helpers, we have two choices:
* Move each helper to the respective component. This would not require new releases of the Templating component when we add more helpers in other component.
* Move all helpers to Templating. This does not make that much sense for Form, as then Form has support for Templating (TemplatingRendererEngine) and Templating has support for Form (FormHelper), which is a bit weird. I personally prefer a stacked architecture, where Templating is at the bottom and Form-agnostic, and Form (or any other component) builds upon that.
I'm fine with both approaches. I'll move FormHelper back to FrameworkBundle, and we can decide for a direction in 2.2.
---------------------------------------------------------------------------
by bschussek at 2012-07-31T14:36:30Z
Done.
Commits
-------
03bbaaf [Routing] Add an interface for configuring strict_parameters
Discussion
----------
[RFC][Routing] Add an interface for configuring strict_parameters
This is a proposal to fix#4697 (related to #4592).
The main point left to discuss was the name of the interface, which is now `LenientInterface`. We could change the name to anything else is someone has a better idea.
@stof @Tobion what do you think ?
---------------------------------------------------------------------------
by stof at 2012-07-30T16:34:20Z
@vicb I already said I had no idea to name it, and it has not changed. :)
So let's wait for other people to see if they have a better idea
---------------------------------------------------------------------------
by breerly at 2012-07-30T16:38:38Z
Maybe `PermissibleInterface` or `PermissiveInterface`.
---------------------------------------------------------------------------
by Partugal at 2012-07-30T17:00:09Z
`StrictUrlGeneratorInterface`, `StrictParametersInterface` or `StrictInterface`
---------------------------------------------------------------------------
by pborreli at 2012-07-30T17:04:46Z
👍 for `PermissiveInterface`
---------------------------------------------------------------------------
by stof at 2012-07-30T17:07:59Z
yes, because the Router currently can only use this interface to set it to ``not-strict``. It assumes that the url generator is already strict by default (which is probably a bad assumption btw as the base class for the generated generator can be changed)
---------------------------------------------------------------------------
by pborreli at 2012-07-30T17:09:33Z
@stof thx, got it
---------------------------------------------------------------------------
by Partugal at 2012-07-30T17:10:03Z
this interface realize setting Strict by setStrictParameters, and get by getStrictParameters, and imho named it by `Strictable` is more logic
---------------------------------------------------------------------------
by pborreli at 2012-07-30T17:11:07Z
@Partugal let's try to find an english term :)
---------------------------------------------------------------------------
by Partugal at 2012-07-30T17:11:31Z
)
---------------------------------------------------------------------------
by breerly at 2012-07-30T17:15:23Z
@Partugal I like using "able" in interface names because it describes a behavior instead of a noun. This type of naming makes following the Interface Segregation Principle easy to follow. Good work.
---------------------------------------------------------------------------
by vicb at 2012-07-30T18:24:26Z
As explained by @stof I did not consider `StrictInterface` because as of now the interface is used to disabled the strict bevahior (which is enabled by default).
I am not satisfied with `PermissiveInterface` / `LenientInterface` because implementing this interface does not mean that the generator will be permissive but only that the behavior is configurable - yes I did consider `Configurable` but the term is a too vague.
---------------------------------------------------------------------------
by breerly at 2012-07-30T18:35:45Z
I see. Perhaps ```StrictConfigurableInterface``` would do the trick.
---------------------------------------------------------------------------
by Tobion at 2012-07-30T21:02:21Z
I think renaming strict_parameters to `strict_requirements` is the way to go because it determines how requirements are handled when generating a URL. Also we should allow another option:
strict_requirements = true: throw exception for mismatching requirements
strict_requirements = null: return null as URL for mismatching requirements and log it.
strict_requirements = false: return the URL with the given parameters without checking the requirements and don't log it.
(Maybe use constants for these).
The Interface I would then call `ConfigurableRequirementsInterface` or `RequirementsHandlingInterface`.
---------------------------------------------------------------------------
by vicb at 2012-07-31T07:23:24Z
Thanks all for the feeback, this is what is now implemented:
- A `ConfigurableRequirementsInterface` that should be implemented by generators that can be configure not to throw an exception when the parameters do not match the requirements,
- The interface has two methods: `setStrictRequirements()` and `isStrictRequirements()`,
- `setStrictRequirements()` always gets called to configure the generator (whatever the option value is)
Note: The Router option name has not changed (i.e. `strict_parameters`)
Does that fit everyone ?
---------------------------------------------------------------------------
by vicb at 2012-07-31T07:39:22Z
So the option name is now consistent (`strict_requirements`) with the interface. We should sync the change [in the standard edition](https://github.com/symfony/symfony-standard/blob/master/app/config/config.yml#L11) if we agree to merge this.
---------------------------------------------------------------------------
by fabpot at 2012-07-31T07:51:47Z
@vicb you forgot to rename the property in `UrlGenerator` as @stof mentioned above.
---------------------------------------------------------------------------
by vicb at 2012-07-31T07:59:57Z
@fabpot fixed. If the code is ok, I'll squash the commits and open a PR on symfony-standard
Commits
-------
39157a8 [Security] fixes multiple overlapping definitions of DefaultFailureHandler and DefaultSuccessHandler in AbstractFactory
Discussion
----------
[Security] fixes multiple overlapping definitions of DefaultFailureHandler and DefaultSuccessHandler in AbstractFactory
If more than one listener extends AbstractFactory, you'll have multiple calls to createAuthenticationFailureHandler and createAuthenticationSuccessHandler with the same id.
Implicitly it's going to use the one generated by the last factory generating unexpected behavior.
This is related to commits 915704c071 and c6aa392df7
Commits
-------
1474aa5 [Form] Fixed consideration of Twig's template inheritance and added another performance-improving check
b4ec7f5 Fixed my rubbish English
d11f8b5 [Form] Fixed passing of variables in the FormRenderer
629093e [Form] Extracted common parts of FormHelper and FormExtension into separate classes
216c539 [Form] Implemented a more intelligent caching strategy in FormHelper (PHP +100ms, Twig +100ms)
Discussion
----------
[Form] Merged FormHelper and FormExtension and implemented a better caching strategy
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
This PR extracts common parts of `FormHelper` and `FormExtension` into implementations of the new interfaces `FormRendererInterface` and `FormRendererEngineInterface`. The implemented `AbstractRendererEngine` features a more intelligent caching strategy than the one used before. When this strategy was implemented directly in `FormHelper`, the performance of [this specific, heavy form](http://advancedform.gpserver.dk/app_dev.php/taxclasses/1) could be improved from **2.5** to **2.25 seconds** on my machine for PHP templates.
Due to the abstraction and delegation, the performance gain is not that big anymore, but we still have a performance gain of about **0.1 seconds** for both PHP and Twig in the above example. The second, big improvement of this PR is maintainability - the differences between PHP and Twig templates are now contained in relatively small classes - and extendability (it is very easy now to support different template engines).
---------------------------------------------------------------------------
by stof at 2012-07-14T13:47:19Z
should a similar refactoring be done for the [Twig rendering](https://github.com/symfony/symfony/blob/master/src/Symfony/Bridge/Twig/Extension/FormExtension.php) ?
---------------------------------------------------------------------------
by bschussek at 2012-07-14T13:49:25Z
Yes. I would like to merge the common parts of Twig's FormExtension and PHP's FormHelper into an abstract class. Before that I need to have a [working, heavy Twig Form](https://twitter.com/webmozart/status/224135287377371138) in order to measure whether I don't actually decrease the performance with Twig. Can you help me there?
---------------------------------------------------------------------------
by vicb at 2012-07-16T21:48:24Z
Would it make sense to create a 'renderer' folder in the form component and move related classes there ?
---------------------------------------------------------------------------
by stof at 2012-07-16T22:06:58Z
@vicb It makes sense to keep the Twig renderer in the brisge. This is what the bridge is about. Moving the Twig class to the component would not be consistent. And the PHP renderer is already in the component (but it could make sense to move the helper from FrameworkBundle to the TemplatingExtension of the Form component though)
---------------------------------------------------------------------------
by vicb at 2012-07-16T22:16:50Z
@stof I was only referring to the classes located in the Component/Form folder.
---------------------------------------------------------------------------
by vicb at 2012-07-16T22:27:27Z
Overall I don't really know what to think of this PR. PHP and Twig use a different way to support blocks:
- PHP has one block per file,
- Twig could have many blocks per templates.
I am not sure if this PR is optimal for Twig and improves maintainability ?
---------------------------------------------------------------------------
by stof at 2012-07-16T22:46:11Z
@vicb it avoids duplicating the whole rendering logic for each engine (there is at least a third one in [SmartyBundle](https://github.com/noiselabs/SmartyBundle/blob/master/Extension/FormExtension.php) btw)
---------------------------------------------------------------------------
by bschussek at 2012-07-17T07:16:42Z
@vicb I don't think a renderer subfolder makes sense. The interfaces belong to the main namespace, and then the subfolder would only contain two classes.
Considering maintainability for Twig, I think that this PR in fact increases it. TwigExtension before always had to check the whole type hierarchy, while now the code in AbstractRendererEngine makes sure that this process is speeded up.
Before:
```
load _some_entity_field_label:
- check _some_entity_field_label
- check entity_label
- check choice_label
- check form_label
load _some_other_entity_field_label
- check _some_other_entity_field_label
- check entity_label
- check choice_label
- check form_label
a.s.o.
```
After:
```
load _some_entity_field_label:
- check _some_entity_field_label
- check entity_label (hits the cache if entity_label was checked before)
- check choice_label (hits the cache if choice_label was checked before)
- check form_label
load _some_other_entity_field_label
- check _some_other_entity_field_label
- check entity_label (now definitely hits the cache)
a.s.o.
```
Since many fields share the same ancestors in the inheritance tree, this definitely improves performance.
As can also be deducted here, custom block names such as `_some_entity_field_label` are now a major drawback. There is nothing we can cache for them, so they need to be checked for every individual block that we load. Removing this feature surprisingly gains no performance for Twig (I need to investigate why at some point), but it speeds up rendering for **250ms** using the PHP engine on [this example form](advancedform.gpserver.dk/app_dev.php/taxclasses/1), dropping the rendering time from 1.25 to 1 sec on my local machine. I'm not sure what we should do here.
---------------------------------------------------------------------------
by stof at 2012-07-17T07:21:31Z
@bschussek could it be possible to have an implementation checking the custom block and another one skipping it ? This way, the user could disable this feature when he does not need it.
---------------------------------------------------------------------------
by bschussek at 2012-07-17T07:38:34Z
@stof It would be possible to add a switch to `FormRenderer` that controls whether custom blocks are checked or not.
If this switch is disabled by default, we break BC. If this switch is enabled by default, it will be pretty useless. People will start designing away for custom blocks, and once they want to improve performance, they can't turn off the switch anymore because it would require too many changes.
---------------------------------------------------------------------------
by stof at 2012-07-17T08:08:38Z
@fabpot what do you think about it ?
---------------------------------------------------------------------------
by bschussek at 2012-07-17T08:41:43Z
Another option that just came to mind is to remove inheritance checks for anything but _widget and _row. I.e., if we render `entity_widget`, check
```
_id_widget
entity_widget
choice_widget
form_widget
```
But if we render `entity_label`, only check
```
_id_label
form_label
```
This improves PHP Templating for **170ms** and Twig for **20ms**. We gain another **150ms** for PHP Templating and **~15ms** for Twig if we also restrict custom fields (_id_widget) to the _widget and _row suffixes (it's really hard to tweak the renderer for Twig.. I think a lot of its performance bottlenecks lie in Twig itself).
Do you have any data on how often blocks other than _widget and _row are customized for specific types/IDs?
---------------------------------------------------------------------------
by stof at 2012-07-17T09:47:38Z
Well, I think most of the time other blocks are not even customized based on the type :)
---------------------------------------------------------------------------
by Tobion at 2012-07-17T14:32:39Z
From my experience rendering the form components individually is easier and more flexible than customizing by ID or type.
But there are still use cases for customizing like library-like bundles (e.g. Bootstrap).
Commits
-------
df2406f [Security] Add note to changelog about BC break
01b2e39 [Security] Extract default logout success handling logic
Discussion
----------
[Security] Extract default logout success handling logic
Bug fix: no
Feature addition: no
Backwards compatibility break: yes, small one for people using the component
Symfony2 tests pass: [![Build Status](https://secure.travis-ci.org/asm89/symfony.png?branch=default-logout-success-handler)](http://travis-ci.org/asm89/symfony)
License of the code: MIT
As discussed earlier with @fabpot and @schmittjoh. This PR extracts the default logout success handling logic to a separate class that users can extend.
Note: build status is red, but that is because of a failing performance test in the form component? ..
Commits
-------
23d8735 Added NativeFileSessionHandler to classes to compile .
12d6ae7 Removed FileSessionHandler from FrameworkExtension to stop compiling a file that does not exist.
Discussion
----------
[FrameworkBundle] Removed FileSessionHandler from FrameworkExtension to stop compiling a file that does not exist.
PR #4899 removed FileSessionHandler which caused a class not found error from FrameworkBundle after the cache was created. This PR will fix it.
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Todo: -
License of the code: MIT
---------------------------------------------------------------------------
by stof at 2012-07-13T19:12:51Z
you should add the NativeSessionHandler class in the list instead as it replaces it
---------------------------------------------------------------------------
by tystr at 2012-07-13T19:14:29Z
+1
---------------------------------------------------------------------------
by zachbadgett at 2012-07-13T19:15:55Z
Done
Commits
-------
cd7835d [Form] Cached the form type hierarchy in order to improve performance
2ca753b [Form] Fixed choice list hashing in DoctrineType
2bf4d6c [Form] Fixed FormFactory not to set "data" option if not explicitely given
7149d26 [Form] Removed invalid PHPDoc text
Discussion
----------
[Form] WIP Improved performance of form building
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: **Update the Silex extension**
This PR is work in progress and up for discussion. It increases the performance of FormFactory::createForm() on a specific, heavy-weight form from **0.848** to **0.580** seconds.
Before, the FormFactory had to traverse the hierarchy and calculate the default options of each FormType everytime a form was created of that type.
Now, FormTypes are wrapped within instances of a new class `ResolvedFormType`, which caches the parent type, the type's extensions and its default options.
The updated responsibilities: `FormFactory` is a registry and proxy for `ResolvedFormType` objects, `FormType` specifies how a form can be built on a specific layer of the type hierarchy (e.g. "form", or "date", etc.) and `ResolvedFormType` *does the actual building* across all layers of the hierarchy (by delegating to the parent type, which delegates to its parent type etc.).
---------------------------------------------------------------------------
by schmittjoh at 2012-07-12T18:25:40Z
Maybe ResolvedFormType
---------------------------------------------------------------------------
by jmather at 2012-07-13T02:56:38Z
I really like ResolvedFormType. That's the naming method I took for my tag parser that handes the same conceptual issue.
---------------------------------------------------------------------------
by axelarge at 2012-07-13T05:25:00Z
ResolvedFormType sounds very clear.
This change is great and I desperately hope to see more of this kind
---------------------------------------------------------------------------
by Baachi at 2012-07-13T06:41:26Z
Yes `ResolvedFormType` sounds good :) 👍
---------------------------------------------------------------------------
by fabpot at 2012-07-13T07:11:33Z
I like `ResolvedFormType` as well.
---------------------------------------------------------------------------
by henrikbjorn at 2012-07-13T07:46:48Z
👍 `ResolvedFormType` :shipit:
---------------------------------------------------------------------------
by stof at 2012-07-13T18:01:51Z
This looks good to me