* 2.7:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
Fix calls to HttpCache#getSurrogate triggering E_USER_DEPRECATED errors.
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.3:
[php7] Fix for substr() always returning a string
[Security] Do not save the target path in the session for a stateless firewall
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
This PR was squashed before being merged into the 2.3 branch (closes#15172).
Discussion
----------
[DependencyInjection] fixed FrozenParameterBag and improved Parameter…
The ParameterBagInterface was missing some @throws annotations, so the FrozenParameterBag class was a violation of Liskov subtitution principle. Also the ParameterBagInterface was missing the remove method.
(Optionally the ParameterBagInterface can be later split into two smaller interfaces, because the FrozenParameterBag shouldn't have the add, remove methods in the first place.)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
I have also fixed removing elements from FrozenParameterBag, as introduced by @satahippy
https://github.com/symfony/DependencyInjection/pull/8
Commits
-------
3ad0794 [DependencyInjection] fixed FrozenParameterBag and improved Parameter…
* 2.7:
[Yaml] throw a ParseException on invalid data type
[TwigBridge] type-dependent path discovery
Resources as string have the same problem
Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
#15331 add infos about deprecated classes to UPGRADE-3.0
[Asset] removed unused private property.
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
* 2.6:
[Yaml] throw a ParseException on invalid data type
#15331 add infos about deprecated classes to UPGRADE-3.0
[Security] removed useless else condition in SwitchUserListener class.
[travis] Tests deps=low with PHP 5.6
[Console] Fix console output with closed stdout
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] type-dependent path discovery
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15340
| License | MIT
| Doc PR |
With the introduction of the `AbstractFileExtractor` in Symfony 2.7, the
`extract()` method in the `TwigExtractor` class does not necessarily
deal with `SplFileInfo` instances from the Finder component, but also
receives `\SplFileInfo` objects initialized by the base extractor class.
Commits
-------
1e15761 [TwigBridge] type-dependent path discovery
2bf78e5 Resources as string have the same problem
aa7cbbd Introduce failing test case when a SplFileInfo object is passed to the extract() method in the TwigExtractor.
Without this check, PHP would trigger a warning when an array was passed
to `trim()`. The parser must throw a `ParseException` instance on a
malformed YAML string instead.
With the introduction of the `AbstractFileExtractor` in Symfony 2.7, the
`extract()` method in the `TwigExtractor` class does not necessarily
deal with `SplFileInfo` instances from the Finder component, but also
receives `\SplFileInfo` objects initialized by the base extractor class.
* 2.7:
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
[Serializer] Fix bugs reported in b5990be491 (commitcomment-12301266)
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Component/Security/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
This PR was merged into the 2.8 branch.
Discussion
----------
[Form] Fix not-BC test assertion
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The 2.6 branch is failing because of this case for `Validation::API_VERSION_2_4`, that can't work because `$this->context` is not a mock object, thus has no "expect" method.
See https://travis-ci.org/symfony/symfony/jobs/72100346#L2902
This got unnoticed because only 2.6 is testing the 2.4 validator api.
Commits
-------
5ef7ae9 [Form] Fix not-BC test assertion
This PR was squashed before being merged into the 2.6 branch (closes#15317).
Discussion
----------
[2.6] Static Code Analysis for Components
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Static Code Analysis with Php Inspections (EA Extended):
- fixed couple potential issues when code is running in a phar-file
Commits
-------
37a2353 [2.6] Static Code Analysis for Components
This PR was merged into the 2.8 branch.
Discussion
----------
Implement resettable containers
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | small one
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13448
| License | MIT
| Doc PR | n/a
This allows to release remove references to all services during shutdown, giving much more chances to destruct services and the container through refcounting rather than waiting GC, as it will break cycles between the container and container-aware services.
There is a small BC break for a very edge case: if someone keeps a reference to the container and then shutdowns the kernel, the container would now be cleared and so would not work as intended anymore. But I don't think it is a supported use case. If you shutdown the kernel, the container of this kernel is released by the kernel and should not be used anymore IMO.
Thus, shutting down the kernel generally does not happen except during tests on teardown.
I'm not sure a doc PR is needed here: users of the fullstack framework should never use this feature (the kernel is using it for them). What do you think @weaverryan ?
Commits
-------
4457745 Implement resettable containers
This PR was squashed before being merged into the 2.8 branch (closes#15131).
Discussion
----------
[Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
Description
---
The `SimpleFormAuthenticatorInterface` and `SimplePreAuthenticatorInterface` rely on `Request`, which means it's a Http land class. This means they don't belong in core.
Having a form login that doesn't depend on the request is an option as well (e.g. a console application might use the question helper to implement a "form" login). However, then there is a need for a new abstraction of the request. I don't think it's worth it.
Furthermore, the only classes typehinting/relying on this interfaces can be found in `Security\Http`.
Implementation
---
The new interfaces extend the old ones for better backwards compability. Symfony doesn't trigger deprecation errors for interfaces, see 6f57b7b552
PR Info Table
---
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
ebb2064 [Security] Moved Simple{Form,Pre}AuthenticatorInterfaces to Security\Http
