* 2.0:
updated VERSION for 2.0.17
updated CHANGELOG for 2.0.17
updated vendors for 2.0.17
fixed XML decoding attack vector through external entities
prevents injection of malicious doc types
disabled network access when loading XML documents
refined previous commit
prevents injection of malicious doc types
standardized the way we handle XML errors
Redirects are now absolute
Conflicts:
CHANGELOG-2.0.md
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/HttpKernel/Kernel.php
tests/Symfony/Tests/Component/DependencyInjection/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Routing/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Serializer/Encoder/XmlEncoderTest.php
tests/Symfony/Tests/Component/Translation/Loader/XliffFileLoaderTest.php
tests/Symfony/Tests/Component/Validator/Mapping/Loader/XmlFileLoaderTest.php
vendors.php
This replaces existing use of core SPL exceptions with the equivalent classes defined within the component. Although method documentation has been changed, this change should be BC since the component-specific SPL exceptions extend their core counterpart.
This commit purposely omits any changes to the PhpDumper, which throws several core SPL exceptions.
* 2.0:
[Validator] Sync polish translation
[FrameworkBundle] sanitize target arg in asset:install command
few optimisations for XliffFileLoader and XmlFileLoader
[FrameworkBundle] Sync the Russian translations
[FrameworkBundle] Added Dutch validator translation for trans-unit 41
[FrameworkBundle] Updated German validator translation
[FrameworkBundle] Fixed a typo in the translation file per @PeymanHR
This improves, for example, the exception one would receive if they tried to import a resource from a bundle that doesn't exist.
Previously, the deep "bundle is not activated" exception would be thrown. That has value, however there is no indication of where
the exception is actually occurring.
In this new implementation, we throw an exception that explains exactly which resource, and from which source resource, cannot be
loaded. The deeper exception is still thrown as a nested exception.
Two caveats:
* The `HttpKernel::varToString` method was replicated
* This introduces a new `Exception` class, which allows us to prevent lot's of exceptions from nesting into each other in the case
that some deeply imported resource cannot be imported (each upstream import that fails doesn't add its own exception).
This reverts commit f53080860a.
Revert "[Router] config fixes"
This reverts commit 51beecc6f2.
Revert "moved duplicated files to a new Config component"
This reverts commit a8ec9b27f0.