This PR was merged into the 2.7 branch.
Discussion
----------
[ci] Testing with UTC hides bugs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As shown by #20550, we're having bugs because we don't in proper TZ conditions.
Let's do Europe on Travis, and America on Windows.
Commits
-------
e0f9bda [ci] Testing with UTC hides bugs
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] Fix error when trying to resolve a DefinitionDecorator
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Instead of the currently obscure `ReflectionException: Class does not exist` message, let's throw a useful error message.
Commits
-------
8e0da2f [DI] Fix error when trying to resolve a DefinitionDecorator
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] improve and added more Indonesian translation.
| Q | A
| ------------- | ---
| Branch? | "2.7"
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
- Improve some translation's grammar.
- Added translation unit no. 73 - 80.
Commits
-------
af9016f [Validator] improve and added more Indonesian translation.
This PR was merged into the 2.7 branch.
Discussion
----------
bumped min version of Twig to 1.28
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | see twigphp/Twig#2236
| License | MIT
| Doc PR | n/a
Commits
-------
b8f7614 bumped min version of Twig to 1.28
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Remove GLOBALS from exception context to avoid endless recursion
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This fixes a endless recursion as seen in https://github.com/felixfbecker/php-language-server/pull/137 - it only happens if you trigger an error in the global context so it's kinda hard to write a test for, but hopefully the fix can be accepted.
Commits
-------
1bb95ac [Debug] Remove GLOBALS from exception context to avoid endless recursion
This PR was merged into the 2.7 branch.
Discussion
----------
Tag the FormFieldRegistry as being internal
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
The phpdoc already describes it as being internal (since it was introduced). This adds the proper tag to mark it as internal in our standard way.
Commits
-------
0801f97 Tag the FormFieldRegistry as being internal
This PR was squashed before being merged into the 2.7 branch (closes#20307).
Discussion
----------
[Form] Fix Date\TimeType marked as invalid on request with single_text and zero seconds
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | 20304 |
| License | MIT |
| Doc PR | |
Fix: When using a form with an Time type with option 'widget' => 'single_text', and 0 is selected in the seconds, we obtain an TransformationFailedException "Unable to reverse value for property path "[time]": Data missing". Check ticket #20304
Commits
-------
bcb03e0 [Form] Fix Date\TimeType marked as invalid on request with single_text and zero seconds
This PR was merged into the 2.7 branch.
Discussion
----------
[YAML] PHPDoc fixes for inline parser/dumper
| Q | A
| ------------- | ---
| Branch? | "master"
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
dd47295 fixed phpdoc
This PR was merged into the 2.7 branch.
Discussion
----------
Revert "bug #20184 [FrameworkBundle] Convert null prefix to an empty string in translation:update (chalasr)"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/20184#discussion_r85265689
| License | MIT
| Doc PR | n/a
This reverts commit 3f650f8 because the fix is not valid.
It is actually not possible to have an option with value optional given empty to be `empty` if this one has a default value. The default value will always be the one returned, see https://github.com/symfony/symfony/pull/20184#discussion_r85265689 for details.
Commits
-------
b2fa7c4 Revert "bug #20184 [FrameworkBundle] Convert null prefix to an empty string in translation:update (chalasr)"
This PR was squashed before being merged into the 2.7 branch (closes#20275).
Discussion
----------
[HttpFoundation] Avoid implicit null to array conversion in request matcher
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
`null` is allowed _and_ passed as default value from the constructor. Lets be explicit.
Commits
-------
a2c0a78 [HttpFoundation] Avoid implicit null to array conversion in request matcher
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed show float values as choice value in ChoiceType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13817
| License | MIT
| Doc PR | -
There is a closed [issue][1] related to this before Symfony 2.7 (when choice value still was the key from the `array`). This issue already happened in 2.7+ but now inside Symfony core.
Information
-----------
[This method][3] checks whether the given choices can be cast to strings without generating duplicates (3ab8189080 in #16705):
```php
private function castableToString(array $choices, array &$cache = array())
{
foreach ($choices as $choice) {
if (is_array($choice)) {
if (!$this->castableToString($choice, $cache)) {
return false;
}
continue;
} elseif (!is_scalar($choice)) {
return false;
} elseif (isset($cache[$choice])) { // <---- red breakpoint
return false;
}
$cache[$choice] = true; // <---- red breakpoint
}
return true;
}
```
So it should to keep [scalar values (integer, float, string or boolean)][2] as choice values always (unless have duplicates values).
The Problem
-----------
But in this situation it doesn't happen:
```php
$form = $this->createFormBuilder()
->add('foo', ChoiceType::class, [
'choices' => [
'Min' => 0.5,
'Mid' => 1.0,
'Max' => 1.5,
]
])
->getForm();
```
**Output:**
```html
<select id="form_foo" name="form[foo]">
<option value="0">Min</option>
<option value="1">Mid</option>
<option value="2">Max</option>
</select>
```
[**Why?**][5]
If the key of the array is a float number, it's interpreted as integer automatically:
```php
// ...
$cache[$choice] = true;
// when $choice = 0.5: $cache = [0 => true]
// when $choice = 1.0: $cache = [0 => true, 1 => true]
```
Then, when `$choice = 1.5` [this sentence][4] `isset($cache[1.5])` returns `true` because really checks `isset($cache[1])` and this key already exists, so `castableToString()` returns `false` (detected as duplicate) and the choices values are generated incrementing integers as values.
The PR's Effect
-------------
**Before:**
```html
<select id="form_foo" name="form[foo]">
<option value="0">Min</option>
<option value="1">Mid</option>
<option value="2">Max</option>
</select>
```
**After:**
```html
<select id="form_foo" name="form[foo]">
<option value="0.5">Min</option>
<option value="1">Mid</option>
<option value="1.5">Max</option>
</select>
```
[1]: https://github.com/symfony/symfony/issues/13817
[2]: http://php.net/manual/en/function.is-scalar.php
[3]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L228
[4]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L239
[5]: https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/ChoiceList/ArrayChoiceList.php#L243
Commits
-------
3564228 [Form] Fix show float values as choices values in ChoiceType
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][Session] Fix memcache session handler
| Q | A
| ------------- | ---
| Branch? | 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 3.0, 3.1, master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commit 0216e05605 removed the opening of connection to memcached server on call to `open()`, because it's assumed that connection is already opened. However, `close()` still closes the connection. As a result no more read/write calls can be made if session got closed, as the connection does not get reestablished.
Basically MemcacheSessionHandler should follow same logic as Memcache**d**SessionHandler, which is exactly what this MR acomplishes.
Commits
-------
0423d894 [HttpFoundation][Session] memcached connection should not be closed
This PR was merged into the 2.7 branch.
Discussion
----------
Enhance GAE compat by removing some realpath()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20241
| License | MIT
| Doc PR | -
The remaining ones are in test folders, or in things that don't run/have to run on GAE directly (e.g. commands).
Commits
-------
f2f232d Enhance GAE compat by removing some realpath()
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle][HttpKernel] move test to the HttpKernel component
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/19443#discussion_r83414612
| License | MIT
| Doc PR |
The moved test case does not test the `AddConsoleCommandPass` class, but ensures certain behavior in the `registerCommands()` method of the `Bundle` class from the HttpKernel component.
Commits
-------
c9ca322 move test to the HttpKernel component
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] Use non-deprecated Twig_Node::getTemplateLine()
| Q | A
| ------------- | ---
| Branch? |2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
bb791d0 [TwigBridge] Use non-deprecated Twig_Node::getTemplateLine()
This PR was merged into the 2.7 branch.
Discussion
----------
[DomCrawler] Allow pipe (|) character in link tags when using Xpath expressions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20229
| License | MIT
| Doc PR | -
@klausi could you please validate this patch? Is it an improvement over yours? (sorry I don't have the proper use case to test.)
Commits
-------
17757d8 [DomCrawler] Optimize DomCrawler::relativize()
5b26e33 [DomCrawler] Allow pipe (|) character in link tags when using Xpath expressions
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] no 304 response if method is not cacheable
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Since #19321 OPTIONS and TRACE are considered safe methods. But both methods should not lead to "304 Not modified" responses.
Commits
-------
3d6b450 no 304 response if method is not cacheable
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] move tags from decorated to decorating service
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20150
| License | MIT
| Doc PR |
Commits
-------
7def83c move tags from decorated to decorating service
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Convert null prefix to an empty string in translation:update
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20044
| License | MIT
| Doc PR | n/a
This command needs the ability to use an empty string as prefix, which is not possible using `bin/console translation:update --prefix=""` because `$argv` doesn't parse empty strings thus the value is converted to `null` by `ArgvInput` (only since #19946, before the option was not considered to be set, giving the default `'__'` thus this should be fine from a BC pov).
Here I propose to explicitly convert the `prefix` value to an empty string if set to `null`, as it is a very specific need and we can't guess that from `ArgvInput`.
An other way to fix it could be to add a `--no-prefix` option to the command but I don't think it is worth it, and it couldn't be treated as a bug fix thus not fixed before `3.2`.
Commits
-------
f02b687 [FrameworkBundle] Convert null prefix to an empty string in translation:update command
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] $attributes can be anything, but RoleVoter assumes strings
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18042
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
ad3ac95 bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Escape question text and default value in SymfonyStyle::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19493
| License | MIT
| Doc PR | n/a
Commits
-------
eed3cc5 [Console] Escape default value and question in SymfonyStyle::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix validation of empty values using SymfonyQuestionHelper::ask()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? |no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using `QuestionHelper::ask()` it's allowed to return an empty value as answer, e.g:
```php
$helper = new QuestionHelper();
$question = new Question('foo', false);
$question->setValidator(function ($v) { return $v; });
$answer = $helper->ask($input, $output, $question);
```
Just typing `enter` for answering this question works, the value of `$answer` would be `false`.
But doing the same with `SymfonyQuestionHelper::ask()`:
```php
$helper = new SymfonyQuestionHelper();
$question = new Question('foo', false);
$question->setValidator(function ($v) { return $v; });
$answer = $helper->ask($input, $output, $question);
```
> [ERROR] A value is required.
Same for `''` or `null`.
Here I kept the same check but used as default validator, if a validator is set and allows an empty value to be returned then it's ok.
Also I am not sure about if this default validator should be kept, imho we should be consistent with the default question helper, using the `SymfonyQuestionHelper` should only impact the output.
Diff best viewed [like this](https://github.com/symfony/symfony/pull/20141/files?w=1)
ping @kbond
Commits
-------
a8b910b [Console] Fix validation of null values using SymfonyStyle::ask()
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Alter container class instead of kernel name in cache:clear command
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19912
| License | MIT
| Doc PR | -
The decision to alter kernel's name instead of the container's class dates from cc3a40ed78
But this is causing issues such as #19912. Looking more carefully, the real intent is to change the container class and there is no need to alter also the kernel's name at this stage.
Commits
-------
73c9693 [FrameworkBundle] Alter container class instead of kernel name in cache:clear command
This PR was squashed before being merged into the 2.7 branch (closes#20102).
Discussion
----------
[Validator] Url validator not validating hosts ending in a number
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (Should validate slightly more urls)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | None that I could find
| License | MIT
| Doc PR |
We ran into an issue where the URL validator wasn't validating URL that we got from a legitimate (intranet) URL. Afaict from skimming RFCs the URL `http://myhost123/` is valid, however the current regular expression doesn't accept the last part of a hostname (in this case the entire hostname is the last part as there are no periods in the host).
I've fixed this by adding the numbers unicode character property to the regular expression, I'm not sure but symbol characters (`\pS`) might need to be added to the group as well.
Commits
-------
934c434 [Validator] Url validator not validating hosts ending in a number
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Reset constraint options
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20106
| License | MIT
| Doc PR | reference to the documentation PR, if any
I think it's good to reset the internal pointer of the options array if we depend on `key($options)`. I've added tests to clarify we intentionally check for the first key.
The current behavior actually differs for hhvm/php7 - https://3v4l.org/e6r6E
Commits
-------
4c6ddd4 reset constraint options
This PR was merged into the 2.7 branch.
Discussion
----------
Fix#19943 Make sure to process each interface metadata only once
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19943
| License | MIT
| Doc PR | N/A
Here is the fix for #19943, If you have `InterfaceA <- InterfaceB <- Class` with a constraint on a method defined on `InterfaceA`, the constraint and its eventual violations are currently validated and reported twice.
Copy from https://github.com/symfony/symfony/issues/19943#issuecomment-250238529:
As far as I can see, the problem seems to arise in [`LazyLoadingMetadataFactory`](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Validator/Mapping/Factory/LazyLoadingMetadataFactory.php#L117-L123):
[`ReflectionClass::getInterfaces()`](http://php.net/manual/en/reflectionclass.getinterfaces.php) returns both interfaces implemented directly and through inheritance (either through another interface or through a parent class). In the end, the following process occurs:
1. `PriceInterface` is parsed and its `NotBlank` constraint on `value` is loaded
2. `VariablePriceInterface` is parsed and inherits `PriceInterface`'s constraints (which is OK).
3. `ProductPrice` is parsed and inherits both `PriceInterface` and `VariablePriceInterface`'s constraints, which leads to a duplicated `NotBlank` constraint, one from each Interface.
The Best Way ™️ would be to be able to extract the list of interfaces implemented by a class directly only. However, the process seems a bit intricate... I will start working on it and prepare a PR to that effect. However, if any of you has a better idea, I'm all hears...
TODO:
- [x] Regression tests to make sure the bug doesn't reappear
Commits
-------
2f9b65aFix#19943 Make sure to process each interface metadata only once
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] compound forms without children should be considered rendered implicitly
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | possibly
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17580
| License | MIT
| Doc PR | n/a
Commits
-------
8234f2a#17580 compound forms without children should be considered rendered implicitly
Using file operations on a symlink that points to a file outside the
directories being allowed by the open_basedir setting leads to PHP
warnings being raised.
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Format JSON fixtures
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Should make merging upstream easier due better diffs.
```php
foreach (glob('src/Symfony/Component/Console/Tests/Fixtures/*.json') as $file) {
file_put_contents($file, str_replace(PHP_EOL, "\n", json_encode(json_decode(trim(file_get_contents($file))), JSON_PRETTY_PRINT))."\n");
}
```
Should be re-applied on 2.8, 3.1 and master.
Commits
-------
2ca7823 format json fixtures
This PR was merged into the 2.7 branch.
Discussion
----------
[Finder] Trim trailing directory slash in ExcludeDirectoryFilterIterator
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19599
| License | MIT
| Doc PR | reference to the documentation PR, if any
In this context `path` equals `path/`
Commits
-------
e0e5f0c apply rtrim
This PR was merged into the 2.7 branch.
Discussion
----------
Security and validators messages translation to Latvian
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
ff72f21 Security and validators messages translation to Latvian
This PR was merged into the 2.7 branch.
Discussion
----------
[DX] Fixed regression when exception message swallowed when logging it.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | maybe, wait for Travis
| Fixed tickets | fixed regression introduced in #13418
| License | MIT
| Doc PR | -
The problem is: after merging referenced PR we cann't understand what error occured and why authentication request failed (see attached screenshot). Previously it displays exception message, but now it only displays class of the exception.
Commits
-------
042cb6b Fixed regression when exception message swallowed when logging it.
This PR was merged into the 2.7 branch.
Discussion
----------
[bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
|Q |A |
|--- |--- |
|Branch |2.7 |
|Bug fix? |yes |
|New feature? |no |
|BC breaks? |yes |
|Deprecations?|no |
|Tests pass? |yes |
|Fixed tickets|#19899|
|License |MIT |
|Doc PR |n/a |
Closes#19899.
Commits
-------
4214311 [bugfix] [Console] Set `Input::$interactive` to `false` when command is executed with `--quiet` as verbosity level
This PR was merged into the 2.7 branch.
Discussion
----------
Fixed the nullable support for php 7.1 and below (2.7, 2.8, 3.0)
| Q | A
| ------------- | ---
| Branch? | 2.7, 2.8, 3.0
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/19784#issuecomment-243852825
| License | MIT
| Doc PR | ~
Fixes the nullable support for 2.7, 2.8 and 3.0, can probably be partially merged into 3.1 but not 100% sure.
/ping @fabpot
Commits
-------
9c48756 Fixed the nullable support for php 7.1 and below
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml][TwigBridge] Use JSON_UNESCAPED_SLASHES for lint commands output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Slashes are escaped when sing the `lint:twig` and `lint:yaml` commands with the `format` option set to `json`, giving such results:
```json
[
{
"file": "yaml\/wrong\/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
That's not convenient as file paths may be reused (e.g. copy-pasted).
Results stay fine as error messages are already escaped:
```json
[
{
"file": "yaml/wrong/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
Commits
-------
0427594 Use JSON_UNESCAPED_SLASHES for lint commands output
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] Update IpValidatorTest data set with a valid reserved IP
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19885
| License | MIT
| Doc PR | -
The validator uses PHP filter which was recently fixed (see https://bugs.php.net/bug.php?id=72972).
Commits
-------
86a151c [Validator] Update IpValidatorTest data set with a valid reserved IP
This PR was squashed before being merged into the 2.7 branch (closes#19813).
Discussion
----------
[Console] fixed PHP7 Errors are now handled and converted to Exceptions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18484
| License | MIT
| Doc PR |
Commits
-------
d3c613b [Console] fixed PHP7 Errors are now handled and converted to Exceptions
This PR was squashed before being merged into the 2.7 branch (closes#19868).
Discussion
----------
[Security] Optimize RoleHierarchy's buildRoleMap method
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
I have an issue with a large role hierarchy(~150 roles). Optimized it a little bit
Commits
-------
c3b68b0 [Security] Optimize RoleHierarchy's buildRoleMap method
This PR was merged into the 2.7 branch.
Discussion
----------
Update misleading comment about RFC4627
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
RFC 4627 does not dictate escaping of HTML special characters
Commits
-------
72b6c9e Update misleading comment about RFC4627
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Check for class existence before is_subclass_of
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Same as #19342
Commits
-------
8a9e0f5 [FrameworkBundle] Check for class existence before is_subclass_of
This PR was submitted for the 3.0 branch but it was merged into the 2.7 branch instead (closes#19862).
Discussion
----------
Update GroupSequence.php
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Corrected the docblock example
Commits
-------
c8f3741 Update GroupSequence.php
This PR was squashed before being merged into the 2.7 branch (closes#19830).
Discussion
----------
Code enhancement and cleanup
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
325da3c Code enhancement and cleanup
On 32-bit systems the cookie expiration value was not being calculated
correctly as it was being fetched as an integer. When the timestamp exceeded
the PHP_INT_MAX size it would return an invalid value, breaking the cookie
construction.
The BrowserKit cookie has now been updated to get the timestamp as a string
which works around this platform limitation.
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml] Remove legacy code
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
It looks like these lines were forgotten during the transition to 2.0 as references are already [managed in `Inline`](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Yaml/Inline.php#L542-L559).
Commits
-------
a88dff3 [Yaml] Remove legacy code
This PR was merged into the 2.7 branch.
Discussion
----------
[VarDumper] Various minor fixes & cleanups
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
Minor fixes & cleanups found while working on a few VarDumper enhancements.
I'm going to merge this one quickly to unlock the other PRs I'm preparing for master.
Commits
-------
a989491 [VarDumper] Various minor fixes & cleanups
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Add missing SsiFragmentRendererTest
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
One notable difference between ESI/SSI fragments renderers is that [passing options to the strategy doesn't impact the rendered ssi include tag](d666c64eb0 (diff-98eb5db767a1d6600cff43b74800ae46R37)).
Commits
-------
6c89199 [HttpKernel] Add missing SsiFragmentRendererTest
This PR was merged into the 2.7 branch.
Discussion
----------
[DoctrineBridge] Enhance exception message in EntityUserProvider
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Lots of people use the `UserEntityProvider` without having a custom Repository for the user entity configured on the entity provider and in this case, if the `property` key of the provider isn't set, the exception thrown says:
> The Doctrine repository "Doctrine\ORM\EntityRepository" must implement Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface
"Doctrine\ORM\EntityRepository" doesn't feel relevant.
Plus, we can't guess that the exception is thrown first because there is no `property` configured on the corresponding provider, that is useful to have in the trace IMHO.
If accepted, `"Symfony\Component\Security\Core\User\UserProviderInterface"` will need to be replaced by `"Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface"` when merging in newer branches.
Commits
-------
acc0460 [DoctrineBridge] Enhance exception message in EntityUserProvider
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] BasicAuthenticationListener: simpler getting value from Request
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Unless I'm mistaken, the default `null` should be OK. If it's not, I will create a new PR with a test proving that `false` or other "special" value must be used.
Commits
-------
d67f090 SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
This PR was merged into the 2.7 branch.
Discussion
----------
[ClassLoader] Fix tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
As discussed right now on php-internals, this string is ignored and the docs only tells about null.
Commits
-------
0f95708 [ClassLoader] Fix tests
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Swap dumper services at bootstrap
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
Commits
-------
d80589c [Debug] Swap dumper services at bootstrap
This PR was merged into the 2.7 branch.
Discussion
----------
[DI][2.7] Include dynamic services in alternatives
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Commits
-------
428b5cc include dynamic services in list of alternatives
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes (aka "small-bc-breaks")
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| Tests pass? | yes
| License | MIT
On PHP 7.2:
- `is_object()` is going to return `true` for `__PHP_Incomplete_Class` instances
- `gettype($closed_resource);` returns "resource (closed)"
ping @nikic FYI
see https://travis-ci.org/symfony/symfony/jobs/154114269 for fixed tests (except the one on ClassLoader which is a BC break on 7.1 that should be fixed there IMHO).
Commits
-------
feb2cd0 [Debug][HttpKernel][VarDumper] Prepare for committed 7.2 changes
This PR was squashed before being merged into the 2.7 branch (closes#19666).
Discussion
----------
Verify explicitly that the request IP is a valid IPv4 address
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Take the following base code (the array is based on [CloudFlare IP Ranges](https://www.cloudflare.com/ips/)):
```php
use Symfony\Component\HttpFoundation\IpUtils;
$ips = [
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"104.16.0.0/12",
"108.162.192.0/18",
"131.0.72.0/22",
"141.101.64.0/18",
"162.158.0.0/15",
"172.64.0.0/13",
"173.245.48.0/20",
"188.114.96.0/20",
"190.93.240.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"199.27.128.0/21",
"2400:cb00::/32",
"2405:8100::/32",
"2405:b500::/32",
"2606:4700::/32",
"2803:f800::/32",
"2c0f:f248::/32",
"2a06:98c0::/29",
];
```
Before this PR, the following code would have returned `true` instead of the expected `false` value:
```php
IpUtils::checkIp('blablabla', $ips);
```
This due to the `ip2long` function returning `false` for an invalid IP address, thus returning `"00000000000000000000000000000000"` with the following code:
```php
sprintf('%032b', ip2long('blablabla'));
```
To fix this I simply check if the `$requestIp` variable contains a valid IP address.
Commits
-------
17e418c Verify explicitly that the request IP is a valid IPv4 address
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix too strict test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
This test is too strict and prevents adding properties to Data objects for no reason.
Commits
-------
2e7301d [HttpKernel] Fix too strict test
This PR was merged into the 2.7 branch.
Discussion
----------
Exception details break the layout
Exception details break the layout
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| License | MIT
By adding `word-wrap: break-word;` the exception details will wrap inside the block.
Commits
-------
00b4ecb Exception details break the layout
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Remove unnecessary block calling for choices without "choice_attr" option. This check gain the performance on a large datasets.
Previous Pull to master #19527
Commits
-------
bf6748d Move space from the before 'if' to the after 'if'
d1cf4d1 [TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
This PR was squashed before being merged into the 2.7 branch (closes#19549).
Discussion
----------
[HttpFoundation] fixed Request::getContent() reusage bug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
After calling ```Request::getContent(true)```, subsequent calls to the
same instance method (withouth the ```$asResource``` flag) always returned
```false``` instead of the request body as a plain string.
A unit test already existed to guard against this behaviour (the 'Resource then fetch' case) but it
yielded a false positive because it was comparing ```''``` to ```false``` using
PHPUnit's ```assertEquals``` method instead of ```assertSame```.
For completeness sake I also added the missing usage permutations in
the data provider, which already worked OK.
Commits
-------
c42ac66 [HttpFoundation] fixed Request::getContent() reusage bug
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
This PR was merged into the 2.7 branch.
Discussion
----------
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19531
| License | MIT
| Doc PR |
Commits
-------
c951bb6Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
This PR was squashed before being merged into the 2.7 branch (closes#19468).
Discussion
----------
[Intl] Update ICU data to 57.1
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19315
| License | MIT
| Doc PR | -
I think the only thing that makes sense with ICU is to always be on the latest available version.
Commits
-------
a48c00b [Intl] Update ICU data to 57.1
This PR was merged into the 2.7 branch.
Discussion
----------
[Config] Improved test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
456d53a [Config] Improved test
This PR was merged into the 2.7 branch.
Discussion
----------
Added class existence check if is_subclass_of() fails in compiler passes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | no
Backport of #19342 to 2.7 branch
Commits
-------
77adea7 Added class existence check if is_subclass_of() fails in compiler passes
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Reorder assert parameters
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The expected value must be the first parameter.
Commits
-------
7f88796 [Routing] Reorder assert parameters
This PR was merged into the 2.7 branch.
Discussion
----------
Added missing czech validators translation of not expected charset
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Profiler was complaining about using a not translated message so I translated it.
Not sure if bug or feature. The bug label is probably not apropriate, sorry. But I guess it should be merged to all versions.
Commits
-------
7eacae8 Added missing czech validators translation of not expected charset
Added error-suppression to the `is_executable($path)` call, too, per the bug noted just above.
The cited issue manifests as such without it:
```
ErrorException in ExecutableFinder.php line 63:
is_executable(): open_basedir restriction in effect. File(/usr/share/php) is not within the allowed path(s): (/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/usr/local/zend/var/zray/extensions:/usr/local/zend/share:/usr/local/zend/var/plugins)
```
