This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Security] Automatically register custom authenticator as entry_point (if supported)
| Q | A
| ------------- | ---
| Branch? | 5.2 (hopefully?)
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#37068
| License | MIT
| Doc PR | -
@weaverryan came up with exactly the same issue as proposed by a contributor before (see referenced ticket). Back then, it was decided impossible to fix: see https://github.com/symfony/symfony/pull/37075. However, after some thinking we came up with a way to fix the issue and improve the DX for custom authenticators.
The new authenticators are no longer required to implement `AuthenticationEntryPointInterface` (required for internal authenticators like the `RememberMeAuthenticator` and pre authenticated ones). This PR uses a compiler pass to check if a custom authenticator is supported:
```yaml
security:
firewalls:
main:
# in any case, if an entry_point is already configured it'll not be overriden
# (http_basic remains the entry point here)
http_basic: ~
custom_authenticator: App\Security\CustomAuthenticator
entry_point: http_basic
# if only one custom authenticator implements AuthenticationEntryPointInterface,
# it's automatically configured as the entry point
custom_authenticator: App\Security\CustomAuthenticator
custom_authenticators: [App\Security\CustomAuthenticator, App\Security\NoEntryPointAuthenticator]
# if no custom authenticator implements AuthenticationEntryPointInterface,
# an error is thrown
custom_authenticator: App\Security\NoEntryPointAuthenticator
# if more than one authenticator implements AuthenticationEntryPointInterface,
# the entry point must be configured explicitly (or an error is thrown)
custom_authenticators: [App\Security\CustomAuthenticator, App\Security\AnotherCustomAuthenticator]
entry_point: App\Security\CustomAuthenticator
```
---
I know this is very late for Symfony 5.2. It would be good to decide whether this can be included in the release, in order to smooth out the biggest struggle for people using custom authenticators for the first time.
Commits
-------
cab0672248 [Security] Automatically register custom authenticator as entry_point (if supported)
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Add Romanian missing translations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | kinda
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38758
| License | MIT
| Doc PR | n/a
Commits
-------
6aa31a13c7 Add Romanian missing translations
This PR was merged into the 5.3-dev branch.
Discussion
----------
[DomCrawler] Cache discovered namespaces
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Address #39067
| License | MIT
Discovering namespaces is by far the most expensive task when filtering for nodes and the xpath contains prefixes.
When `Crawler::filterRelativeXPath` is called multiple times with (identical) prefixes the slowdown is huge.
This fix brings the runtime of the linked ticket down from 27 seconds to 9 seconds in my test. Compared to a pure PHP version which takes < 0.5 seconds the design of the crawler API is the limiting factor. There are still many repeated namespace queries caused by new Crawler instances. Ideas to solve this are discussed in the ticket.
Commits
-------
a8e85ecbbd Make some CS changes
4c74dead48 Cache discovered namespaces in DomCrawler
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][Translator] Silent deprecation triggered by libxml_disable_entity_loader
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39040
| License | MIT
| Doc PR | -
The XML entity loader is disabled by default since libxml 2.9
But, since PHP 8.0, calling the method `libxml_disable_entity_loader` triggers a deprecation which has been solved in symfony by calling `libxml_disable_entity_loader` only for libxml < 2.9
The issue is, some dependencies, enable the entity loader and does not restore the initial state afterward, leading to exceptions triggered by Symfony iteself.
In previous versions symfony was resilient by disabling the flag before working, which is not the case anymore to avoid the deprecation.
This PR restore the resiliency of Symfony for PHP < 8.0, which is not yet deprecated.
But we have no way to check the status of the entity loader without triggering a deprecation with Symfony 8.
Commits
-------
114b7a543a [DependencyInjection][Translator] Silent deprecation triggered by libxml_disable_entity_loader
This PR was merged into the 4.4 branch.
Discussion
----------
[Form] ignore the pattern attribute for textareas
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39066
| License | MIT
| Doc PR |
Commits
-------
e7698e7434 ignore the pattern attribute for textareas
This PR was merged into the 5.2 branch.
Discussion
----------
[DoctrineBridge] Require doctrine/persistence 2
| Q | A
| ------------- | ---
| Branch | 5.x
| Bug fix | no
| New feature | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This allows us to remove autoload calls that are necessary for the
persistence 1 backwards-compatibility layer to work.
This is a follow up of #35728
Commits
-------
574a184b9a Require doctrine/persistence 2
This PR was merged into the 5.2 branch.
Discussion
----------
[HttpFoundation] Deprecate BinaryFileResponse::create()
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Follows #34771. We've deprecated the static `::create()` methods on all response classes but `BinaryFileResponse`. This PR proposes to fix this inconsistency.
Commits
-------
9ce2e86207 [HttpFoundation] Deprecate BinaryFileResponse::create().
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Console] Added Invalid constant into Command Class
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
Regarding into this [link](https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html#:~:text=A%20non%2Dzero%20exit%20status,N%20as%20the%20exit%20status), we have 3 exits status standard :
- 0 is for success
- 1 is for error
- 2 is for _indicate incorrect usage, generally invalid options or missing arguments_
I think if we use a constant into Command class, we need to implement invalid exit status too.
Commits
-------
449147bc17 Added Invalid constant into Command Class
This PR was merged into the 5.2 branch.
Discussion
----------
[Security] Support for SwitchUserToken instances serialized with 4.4/5.1
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39177
| License | MIT
| Doc PR | N/A
This PR enables `SwitchUserToken` to unserialize earlier versions of itself.
I've executed the following script on the 4.4 branch with php 7.2 to create the fixture included with this PR:
```php
$token = new SwitchUserToken(
new User('john', null, ['ROLE_USER']),
['foo' => 'bar'],
'main',
['ROLE_USER'],
new UsernamePasswordToken(new User('jane', null, ['ROLE_USER']), ['foo' => 'bar'], 'main', ['ROLE_USER'])
);
file_put_contents(__DIR__.'/switch-user-token-4.4.txt', serialize($token));
```
Commits
-------
01bea3c085 Support for SwitchUserToken instances serialized with 4.4/5.1.
This PR was merged into the 5.1 branch.
Discussion
----------
[Serializer] Fix denormalizing scalar with UnwrappingDenormalizer
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#38983
| License | MIT
| Doc PR | none
In order to work the `UnwrappingDenormlizer` needs to be called first to unwrap the data so that it can be handled by other denormalizers.
To not introduce any BC break this PR does not move the logic into it's own class, instead it checks if a denormalizer supports the data and only denormalize scalar values if there is none.
Commits
-------
98cf389fb9 fix denormalizing scalar with UnwrappingDenormalizer
* 5.2:
Fix test.
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
Improve return phpdoc for Normalizer
Use a partial buffer in SymfonyStyle
Fix console closing tag
Fix typo in comment
[VarDumper] fix casting resources turned into objects on PHP 8
Removing AnonymousPassport
* 5.1:
Fix test.
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
Improve return phpdoc for Normalizer
Use a partial buffer in SymfonyStyle
Fix console closing tag
Fix typo in comment
[VarDumper] fix casting resources turned into objects on PHP 8
* 4.4:
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
Improve return phpdoc for Normalizer
Use a partial buffer in SymfonyStyle
Fix console closing tag
Fix typo in comment
[VarDumper] fix casting resources turned into objects on PHP 8
This PR was merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36036
| License | MIT
| Doc PR | -
I tested it successfully against the two examples stof gave in the issue. However, I don't see how to write a working real test for this.
The solution I found is to add the missing checked file in the original files stack so when the type of the deprecation is computed instead of having "self" -> "self", we have "vendor" -> "self".
Commits
-------
dff539434e [PhpUnitBridge] Fix qualification of deprecations triggered by the debug class loader
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Use a partial buffer in SymfonyStyle
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39156
| License | MIT
| Doc PR | -
Symfony style needs to buffer output in order to get the last 2 chars in order to prepend Block.
By using a `BufferedOutput` symfony bufferize everything while it not needed.
This PR adds a new `TrimmedBufferOutput` that keep only the N last chars.
Commits
-------
18fca2984d Use a partial buffer in SymfonyStyle
This PR was merged into the 4.4 branch.
Discussion
----------
Improve return value for phpdoc of Normalizer
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | Phpdoc
| New feature? | no
| Deprecations? | no
| License | MIT
The inheritdoc return type is too large.
The return type type can be more precise for lot of Normalizer.
Commits
-------
f2713d6580 Improve return phpdoc for Normalizer
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix console closing tag
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
When using SymfonyStyle, in some cases, closing a tag, is called twice.
In the following code `<question>do you want <comment>something</>?</>` the first `</>` close both the `comment` and the `question` tags.
![Screenshot from 2020-11-25 01-21-06](https://user-images.githubusercontent.com/578547/100166475-191d9d80-2ebd-11eb-991a-6541210c479b.png)
The reason is, part of the content is sent in 2 Outputs (see #39160 for another issue), and both outputs share the same `$styleStack`.
This PR updates the `OutputFormatter::__clone` method to prevent sharing the same state.
Commits
-------
2834c279d7 Fix console closing tag
This PR was submitted for the 5.x branch but it was merged into the 4.4 branch instead.
Discussion
----------
Fix typo in comment
| Q | A
| ------------- | ---
| Branch? | 5.x <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
-->
fixed spelling below.
* possibe -> possible
Commits
-------
ca93ae5b1a Fix typo in comment