This PR was merged into the 2.3 branch.
Discussion
----------
Fixing wrong variable name from #13519
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13519
| License | MIT
| Doc PR | n/a
Hi guys!
I'm currently seeing an undefined variable in the `PhpDumper` on all branches. I think it was added inadvertently in #13519, so unless I'm totally missing something, this should be an easy merge.
Thanks!
Commits
-------
3ae52ed Fixing wrong variable name from #13519
This PR was merged into the 2.3 branch.
Discussion
----------
[DependencyInjection] fixed service resolution for factories
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13455
| License | MIT
| Doc PR | n/a
In the service container, factories can be defined with a class/method pair or a service/method pair.
The class or service value can be a container parameter, but it was not supported everywhere, this PR fixes that.
Note that the method can never be a container parameter as this is supported nowhere in the current code, so this has not been changed.
Another PR will fix the 2.6 way of configuring a factory.
Commits
-------
f86ad95 [DependencyInjection] fixed service resolution for factories
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Do no tar in //
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Using tar in parallel break 2.6 tests randomly with messages like "tar: Acl: file changed as we read it"
Removing parallel has no perf impact in this case and fixes the issue.
Best review with `?w=1`
Commits
-------
4f93aa3 [travis] Do no tar in //
This PR was merged into the 2.3 branch.
Discussion
----------
[Bundle] Fix charset config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13715, #7617, #7532
| License | MIT
| Doc PR | -
This reverts #13715 and resurrects #7532, which was fine.
Commits
-------
ef41059 [WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
cbd0525 used HTML5 meta charset tag and removed hardcoded ones
6ca7fc9 Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
This PR was squashed before being merged into the 2.3 branch (closes#13911).
Discussion
----------
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
This PR is a follow-up to #12516 and replaces the old one.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | TODO
As discussed there: Sessions which are older than GC age should never be read.
This PR adds the expiry-datetime on session-write and changes session-read and session-gc accordingly.
We still need to update the documentation with some clarifications, as described here:
- https://github.com/symfony/symfony/pull/12516#issuecomment-65028144
- https://github.com/symfony/symfony/pull/12516#issuecomment-69087996
My experience with the Symfony Docs from a developer perspective is very limited, so help would be very appreciated.
Commits
-------
8289ec3 [HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Changed visibility of setUp() and tearDown to protected
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
1e64220 Changed visibility of setUp() and tearDown to protected
This PR was merged into the 2.3 branch.
Discussion
----------
Fix XSS in Debug exception handler
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This XSS issue has been reported to security@symfony.com but after discussing this issue, we decided to treat it as a regular bug as the debug mode **must** never be enabled on production servers (as it can leak many sensitive information coming from arguments displayed in the stack trace for instance -- even more information is leaked when used with the Symfony full-stack framework).
Commits
-------
1af6a9e fixed XSS in the exception handler
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Test with local components instead of waiting for the subtree-splitter when possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Should be ready - a first step that allows testing PR with the proposed patch. Works only when deps are resolved to the same branch. But this opens the way for further improvements.
Commits
-------
f885b9b Test with local components instead of waiting for the subtree-splitter when possible
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] Remove most refs uses
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13813
| License | MIT
| Doc PR | -
Removes some references usages. They are error prone, and trigger too many copies-on-writes.
Commits
-------
8862705 [2.3] Remove most refs uses
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] static code analysis across codebase
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with <a href="https://plugins.jetbrains.com/plugin/7622?pr=phpStorm">Php Inspections (EA Extended)</a>, no functional changes:
- Reduce couple count calls in a array dump function [Yaml]
- Modernize type casting, fix several strict comparisons on the way
- Unsets merged
- Elvis operator usage (couple more cases)
- Short syntax for applied operations
PS: I didn't try merging these changes into 2.6, expecting conflicts in the case.
Commits
-------
9682756 Php Inspections (EA Extended) - static code analysis includes:
Reduce couple count calls in [Yaml]
Modernize type casting, fix several strict comparisons
Unsets merged
Elvis operator usage
Short syntax for applied operations
This PR was submitted for the 2.7 branch but it was merged into the 2.3 branch instead (closes#13839).
Discussion
----------
[Validator] Added missing galician (gl) translations
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ec11915 [Validator] Added missing galician (gl) translations
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] Tests Security sub-components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Previous PR has been merged too fast :)
Commits
-------
16cdcf2 [travis] Tests Security sub-components
This PR was squashed before being merged into the 2.3 branch (closes#13727).
Discussion
----------
CS fixes
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
Commits
-------
7fd6ba0 CS fixes
This PR was merged into the 2.3 branch.
Discussion
----------
[travis] test with php nightly
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
213cabc [travis] test with php nightly
This PR was merged into the 2.3 branch.
Discussion
----------
minor #13377 [Console] Change greater by greater or equal for isFresh in FileResource
| Q | A
| ------------- | ---
| Fixed tickets | #13377
| License | MIT
FileResource and tests update
Commits
-------
87800ae minor #13377 [Console] Change greater by greater or equal for isFresh in FileResource
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3] [HttpFoundation] fixed param order for Nginx's x-accel-mapping
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | kinda
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13502
| License | MIT
| Doc PR | n/a
Inverted path and location directives for x-accel-mapping header (fixes#13502).
Before:
```proxy_set_header X-Accel-Mapping /internal/=/var/www/example.com/```
After:
```proxy_set_header X-Accel-Mapping /var/www/example.com/=/internal/```
It could be a BC break since the response will fail if someone sends this header
honoring the previous signature, thus I need some feedback in order to choose the right branch for this change.
Commits
-------
9f9f230 [2.3] [HttpFoundation] fixed param order for Nginx's x-accel-redirect
This PR was squashed before being merged into the 2.3 branch (closes#13769).
Discussion
----------
[Form] NativeRequestHandler file handling fix
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13746
| License | MIT
| Doc PR | n/a
`NativeRequestHandler` reused the local variable for the form name `$name` as a loop variable for processing the `$_FILES` array. A separate variable is now used.
Two new test cases are included:
- Handling a request with multiple files
- Handling a request with file upload and a nameless form
Both tests fail without the fix. The test cases could probably be better though.
Commits
-------
9b3421f [Form] NativeRequestHandler file handling fix