This PR was merged into the 4.4 branch.
Discussion
----------
[Ldap] Add users extraFields in ldap component
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #28873, #19329 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | todo when validated, before merge <!-- required for new features -->
As I'm using ldap too in some personal project, It seems that this feature is a really good nice to have IMHO.
Adding the wanted field in the `user_metadata` array transform them as field -> value in the `metadata` field of the user.
Commits
-------
bcfff04797 [Ldap] Add users extra_fields in ldap component
* 4.3:
fix translation domain
tag the FileType service as a form type
don't validate IP addresses from env var placeholders
[Validator] Fix GroupSequenceProvider annotation
[Messenger] fix delay exchange recreation after disconnect
Update ajax security cheat sheet link
Fix AuthenticationException::getToken typehint
* 4.2:
Catch empty deprecation.log silently (fixes#31050)
minor: the meaning of the data breach was not correct
Optimize SVGs
property normalizer should also pass format and context to isAllowedAttribute
* 4.2:
fixed bad merge
Show more accurate message in profiler when missing stopwatch
CS Fixes: Not double split with one array argument
[Serializer] Add default object class resolver
Remove redundant animation prefixes
Remove redundant `box-sizing` prefixes
[VarExporter] support PHP7.4 __serialize & __unserialize
Rework firewall access denied rule
MetadataAwareNameConverter: Do not assume that property names are strings
[VarExporter] fix exporting classes with private constructors
fixed CS
Fix missing $extraDirs when open_basedir returns
* 3.4:
Show more accurate message in profiler when missing stopwatch
CS Fixes: Not double split with one array argument
Remove redundant animation prefixes
Remove redundant `box-sizing` prefixes
Rework firewall access denied rule
fixed CS
Fix missing $extraDirs when open_basedir returns
Keep to use the same CS in all the Symfony code base.
Use:
```php
$resolver->setDefaults([
'compound' => false
]);
```
Instead of:
```php
$resolver->setDefaults(
[
'compound' => false,
]
);
```
Keep the double split when the method has two or more arguments.
I miss a PSR with this rule.
Instead of deprecating the interface it is sufficient to deprecate its
getReachableRoles() method and add a new getReachableRoleNames() method
in Symfony 5.
* 4.2:
[Phpunit] fixed support for PHP 5.3
Response prepare method update
[Workflow] Added missing license header
Fix case when multiple loaders are providing paths for the same namespace
Check if Client exists when test.client does not exist, to provide clearer exception message
throw TypeErrors to prepare for type hints in 5.0
[Form] Preventing validation of children if parent with Valid constraint has no validation groups
[Form] Added ResetInterface to CachingFactoryDecorator
Remove deprecated usage
[Tests] fixed compatbility of assertEquals(): void
Fixed usage of TranslatorInterface in form extension (fixes#30591)
[Intl][4.2] Fix test
[Intl] Fix test
[Validator] Add the missing translations for the Arabic (ar) locale
[Intl] Add compile binary
Fix DebugCommand when chain loader is involved
[Form] Fixed some phpdocs
This PR was merged into the 4.3-dev branch.
Discussion
----------
[EventDispatcher] swap arguments of dispatch() to allow registering events by FQCN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
PR green and ready. From UPGRADE files:
EventDispatcher
---------------
* The signature of the `EventDispatcherInterface::dispatch()` method should be updated to `dispatch($event, string $eventName = null)`, not doing so is deprecated
HttpKernel
----------
* Renamed `FilterControllerArgumentsEvent` to `ControllerArgumentsEvent`
* Renamed `FilterControllerEvent` to `ControllerEvent`
* Renamed `FilterResponseEvent` to `ResponseEvent`
* Renamed `GetResponseEvent` to `RequestEvent`
* Renamed `GetResponseForControllerResultEvent` to `ViewEvent`
* Renamed `GetResponseForExceptionEvent` to `ExceptionEvent`
* Renamed `PostResponseEvent` to `TerminateEvent`
Security
---------
* The `ListenerInterface` is deprecated, turn your listeners into callables instead.
* The `Firewall::handleRequest()` method is deprecated, use `Firewall::callListeners()` instead.
Commits
-------
75369dabb8 [EventDispatcher] swap arguments of dispatch() to allow registering events by FQCN
This PR was squashed before being merged into the 4.3-dev branch (closes#30385).
Discussion
----------
[SecurityBundle] Validate the IPs configured in access_control
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30299
| License | MIT
| Doc PR | -
Commits
-------
857ac9519e [SecurityBundle] Validate the IPs configured in access_control
* 4.2:
Removed non-existing parameters for LogoutUrlGenerator calls
[WebProfilerBundle] toolbar: invisible route name in Firefox
Drop spurious execution bit
[HttpKernel] Correctly merging cache directives in HttpCache/ResponseCacheStrategy
[Validator] Add the missing translations for the Latvian ("lv") locale
Fixed the DebugClassLoader compatibility with eval()'d code on Darwin
[Validator] Update Serbian translation file
* 3.4:
Removed non-existing parameters for LogoutUrlGenerator calls
[HttpKernel] Correctly merging cache directives in HttpCache/ResponseCacheStrategy
[Validator] Add the missing translations for the Latvian ("lv") locale
Fixed the DebugClassLoader compatibility with eval()'d code on Darwin
[Validator] Update Serbian translation file
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] deprecate the Role and SwitchUserRole classes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #20824
| License | MIT
| Doc PR | symfony/symfony-docs#11047
In #20801, we deprecated the `RoleInterface`. The next logical step would be to also deprecate the `Role` class. However, we currently have the `SwitchUserRole` class (a sub-class of `Role`) that acts as an indicator to check whether or not the authenticated user switched to another user.
This PR proposes an alternative solution to the usage of the special `SwitchUserRole` class by storing the original token inside the `UsernamePasswordToken`. This PR is not complete, but rather acts as a proof of concept of how we could get rid of the `Role` and the `SwitchUserRole` classes.
Please share your opinions whether you think this is a valid approach and I will be happy to finalise the PR.
Commits
-------
d7aaa615b9 deprecate the Role and SwitchUserRole classes
* 4.2: (26 commits)
Apply php-cs-fixer rule for array_key_exists()
[Cache] fix warming up cache.system and apcu
[Security] Change FormAuthenticator if condition
handles multi-byte characters in autocomplete
speed up tests running them without debug flag
[Translations] added missing Croatian validators
Fix getItems() performance issue with RedisCluster (php-redis)
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
IntegerType: reject submitted non-integer numbers
be keen to newcomers
[HttpKernel] Fix possible infinite loop of exceptions
fixed CS
[Validator] Added missing translations for Afrikaans
do not validate non-submitted form fields in PATCH requests
Update usage example in ArrayInput doc block.
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
[Validator] Fixed duplicate UUID
fixed CS
[EventDispatcher] Fix unknown priority
Avoid mutating the Finder when building the iterator
...
* 3.4: (24 commits)
Apply php-cs-fixer rule for array_key_exists()
[Security] Change FormAuthenticator if condition
handles multi-byte characters in autocomplete
speed up tests running them without debug flag
[Translations] added missing Croatian validators
Fix getItems() performance issue with RedisCluster (php-redis)
[VarDumper] Keep a ref to objects to ensure their handle cannot be reused while cloning
IntegerType: reject submitted non-integer numbers
be keen to newcomers
[HttpKernel] Fix possible infinite loop of exceptions
fixed CS
[Validator] Added missing translations for Afrikaans
do not validate non-submitted form fields in PATCH requests
Update usage example in ArrayInput doc block.
[Console] Prevent ArgvInput::getFirstArgument() from returning an option value
[Validator] Fixed duplicate UUID
fixed CS
[EventDispatcher] Fix unknown priority
Avoid mutating the Finder when building the iterator
[Validator] Add the missing translations for the Greek (el) locale
...
* 3.4:
fixed CS
fixed short array CS in comments
fixed CS in ExpressionLanguage fixtures
fixed CS in generated files
fixed CS on generated container files
fixed CS on Form PHP templates
fixed CS on YAML fixtures
fixed fixtures
switched array() to []
* 4.2:
update years in license files
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
access the container getting it from the kernel
Replace slave and master by replica and primary
Fix erasing cookies issue
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[VarExporter] fix exporting array indexes
[SecurityBundle] Fix traceable voters
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
Fixed minor typos in an error message
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 4.1:
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
access the container getting it from the kernel
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 3.4:
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 4.1:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
* 3.4:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
Some attributes being used in the phpunit configuration files, namely
failOnRisky and failOnWarning were introduced in phpunit 5.2.0. The
Composer configuration shows that tests should run with old versions of
phpunit, but phpunit only validates the configuration against the XSD
since phpunit 7.2.0.
These changes can be tested as follows:
wget http://schema.phpunit.de/5.2/phpunit.xsd
xargs xmllint --schema phpunit.xsd 1>/dev/null
find src -name phpunit.xml.dist| xargs xmllint --schema phpunit.xsd 1>/dev/null
See 7e06a82806
See 46e3745a03/composer.json (L98)
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpKernel] Deprecate the Kernel name
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | yes <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #26904
| License | MIT
| Doc PR | n/a
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
98ff750ee1 [HttpKernel] deprecated the Kernel name
* 4.1: (27 commits)
Added the Code of Conduct file
do not override custom access decision configs
[Security] Do not deauthenticate user when the first refreshed user has changed
fix a return type hint
invalidate stale commits for PRs too
add missing cache prefix seed attribute to XSD
fix command description
Fix class documentation
[Validator] Add a missing translation
[FrameworkBundle] Fix 3.4 tests
[DI] fix dumping inline services again
Rename consumer to receiver
Register messenger before the profiler
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
[FWBundle] Automatically enable PropertyInfo when using Flex
[Process] fix locking of pipe files on Windows
Correct PHPDoc type for float ttl
...
* 3.4: (21 commits)
Added the Code of Conduct file
do not override custom access decision configs
[Security] Do not deauthenticate user when the first refreshed user has changed
invalidate stale commits for PRs too
add missing cache prefix seed attribute to XSD
fix command description
Fix class documentation
[Validator] Add a missing translation
[FrameworkBundle] Fix 3.4 tests
[DI] fix dumping inline services again
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
[FWBundle] Automatically enable PropertyInfo when using Flex
[Process] fix locking of pipe files on Windows
Correct PHPDoc type for float ttl
bumped Symfony version to 3.4.18
updated VERSION for 3.4.17
updated CHANGELOG for 3.4.17
...
* 4.1: (21 commits)
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 4.1.6
updated VERSION for 4.1.5
updated CHANGELOG for 4.1.5
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
...
* 3.4:
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
* 2.8:
[php_cs] disable fopen_flags
[CS] Remove unused variables passed to closures
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
This PR was merged into the 4.2-dev branch.
Discussion
----------
[SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28338
| License | MIT
| Doc PR | -
Let's make it easier to have a good default security level, now for the remember-me cookie.
Commits
-------
6ec223bf6f [SecurityBundle] make remember-me cookies auto-secure + inherit their default config from framework.session.cookie_*
* 4.1:
Fix CS
Allow reuse of Session between requests
[MonologBridge] Re-add option option to ignore empty context and extra data
[Lock] remove useless code
[PhpUnitBridge] fix disabling DeprecationErrorHandler using phpunit.xml file
Provide debug_backtrace with proper args
[DI] fix infinite loop involving self-references in decorated services
forward false label option to nested types
[DI] fix dumping lazy services
forward the invalid_message option in date types
* 3.4:
Fix CS
Allow reuse of Session between requests
[MonologBridge] Re-add option option to ignore empty context and extra data
[Lock] remove useless code
[PhpUnitBridge] fix disabling DeprecationErrorHandler using phpunit.xml file
Provide debug_backtrace with proper args
[DI] fix infinite loop involving self-references in decorated services
forward false label option to nested types
forward the invalid_message option in date types
* 2.8:
Fix CS
Allow reuse of Session between requests
Provide debug_backtrace with proper args
forward false label option to nested types
forward the invalid_message option in date types
* 4.1:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 3.4:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 4.1:
fix merge
[travis][appveyor] use symfony/flex to accelerate builds
Add missing stderr redirection
clean up unused code
Remove the HTML5 validation from the profiler URL search form
[Filesystem] Add test to prevent regression when using array|resource with dumpFile
Add help texts for checkboxes in horizontal bootstrap 4 forms
[Security] Call AccessListener after LogoutListener
* 3.4:
[travis][appveyor] use symfony/flex to accelerate builds
Add missing stderr redirection
clean up unused code
[Filesystem] Add test to prevent regression when using array|resource with dumpFile
[Security] Call AccessListener after LogoutListener
* 4.1:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.0:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 3.4:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 2.8:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
This PR was merged into the 4.2-dev branch.
Discussion
----------
[DI] Add ServiceLocatorArgument to generate array-based locators optimized for OPcache shared memory
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | -
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Right now, to generate service locators, we use collections of closures described using `ServiceClosureArgument`. This works well, but it doesn't scale well when the number of services grows, because we have to load as many closures as there are services, even if we never call them.
This PR introduces `ServiceLocatorArgument`, which describes the same thing, but allows dumping optimized locators: instead of a collection of closures, this generates a static array that OPcache can put in shared memory (see fixtures for example.)
Once this PR is merged, we'll be able to update `ServiceLocatorPass::register()` to leverage it and generate these optimized locators everywhere. One particular I have in mind in the locator used by `ServiceArgumentResolver`, which can grow fast (it has as many entries as there are actions.)
Commits
-------
6c8e9576a3 [DI] Add ServiceLocatorArgument to generate array-based locators optimized for OPcache shared memory
This PR was squashed before being merged into the 4.2-dev branch (closes#27650).
Discussion
----------
[SecurityBundle] Add json login ldap
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Add a simple from_login_ldap on firewall types to let authenticate with ldap with json API
Commits
-------
2b2dfd2 [SecurityBundle] Add json login ldap
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Dont throw if "security.http_utils" is not found
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27445
| License | MIT
| Doc PR | -
The comment + test were misleading, the actual important thing is wiring `AddSessionDomainConstraintPass` before removing passes, which is already the case already.
Commits
-------
db88330448 [SecurityBundle] Dont throw if "security.http_utils" is not found
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Config] deprecate tree builders without root nodes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While reviewing #27472 I wondered if we really need support config trees without a root node. If we did not support it, users wouldn't create pseudo configuration classes when they were actually not needed.
Commits
-------
c2ce15301c deprecate tree builders without root nodes
* 4.1:
[TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled
Add note about changed form processing when using PUT requests
[TwigBundle] bump lowest deps to fix issue with "double-colon" controller service refs
[SecurityBundle] Dont throw if "security.http_utils" is not found
[Di] Fix undefined variable found by Php Inspections (EA Ultimate)
[DI] Cleanup unused service_subscriber.locator tag
[DI] Resolve env placeholder in logs
The debug class loader is always loaded by Debug::enable().
[Intl] Update ICU data to 62.1
* 4.0:
[TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled
Add note about changed form processing when using PUT requests
[SecurityBundle] Dont throw if "security.http_utils" is not found
[Di] Fix undefined variable found by Php Inspections (EA Ultimate)
[DI] Cleanup unused service_subscriber.locator tag
[DI] Resolve env placeholder in logs
The debug class loader is always loaded by Debug::enable().
[Intl] Update ICU data to 62.1
* 3.4:
[TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled
Add note about changed form processing when using PUT requests
[SecurityBundle] Dont throw if "security.http_utils" is not found
[Di] Fix undefined variable found by Php Inspections (EA Ultimate)
[DI] Cleanup unused service_subscriber.locator tag
[DI] Resolve env placeholder in logs
The debug class loader is always loaded by Debug::enable().
[Intl] Update ICU data to 62.1
* 4.1:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Ensure updateTimestamp returns a boolean
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 4.0:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 3.4:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
This PR was squashed before being merged into the 3.4 branch (closes#27623).
Discussion
----------
[minor] SCA
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
New findings: language level, greedy regex, array_column usages
Commits
-------
5922507dc5 [minor] SCA
* 4.1:
remove HHVM code
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
[ProxyManagerBridge] Fixed support of private services
[Cache] Fix typo in comment.
[FrameworkBundle] give access to non-shared services when using test.service_container
Fix bad method call with guard authentication + session migration
Avoid calling eval when there is no script embedded in the toolbar
* 3.4:
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
[ProxyManagerBridge] Fixed support of private services
[Cache] Fix typo in comment.
Fix bad method call with guard authentication + session migration
* 4.1:
fixed CS
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
fixed CS
Avoid migration on stateless firewalls
[Serializer] deserialize from xml: Fix a collection that contains the only one element
[HttpKernel] Log/Collect exceptions at prio 0
[PhpUnitBridge] Fix error on some Windows OS
[DI] Deduplicate generated proxy classes
[Routing] fix matching host patterns, utf8 prefixes and non-capturing groups
* 4.0:
fixed CS
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
fixed CS
Avoid migration on stateless firewalls
[Serializer] deserialize from xml: Fix a collection that contains the only one element
[PhpUnitBridge] Fix error on some Windows OS
[DI] Deduplicate generated proxy classes
* 3.4:
fixed CS
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
fixed CS
Avoid migration on stateless firewalls
[Serializer] deserialize from xml: Fix a collection that contains the only one element
[PhpUnitBridge] Fix error on some Windows OS
[DI] Deduplicate generated proxy classes
* 4.1:
[FrameworkBundle] Fix test-container on kernel reboot, revert to returning the real container from Client::getContainer()
Remove mentions of "beta" in composer.json files
[DI] Ignore missing tree root nodes on validate
[WebProfilerBundle] fixed getSession when no session has been set deprecation warnings
bug #27299 [Cache] memcache connect should not add duplicate entries on sequential calls
[Router] regression when matching a route
[FrameworkBundle][SecurityBundle] Remove no-longer necessary Bundle::registerCommands override
[Routing] Don't reorder past variable-length placeholders
[DebugBundle] DebugBundle::registerCommands should be noop
[BrowserKit] Fix a BC break in Client affecting Panthère
[DX] Improve exception message when AbstractController::getParameter fails
simple-phpunit: remove outdated appveryor workaround
This PR was merged into the 4.1 branch.
Discussion
----------
[FrameworkBundle] Fix test-container on kernel reboot, revert to returning the real container from Client::getContainer()
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | -
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27494
| License | MIT
| Doc PR | -
By making `Client::getContainer()` return the new test container, we broke BC, as spotted in linked issue.
Always use `static::$container` in your tests instead.
While reverting to returning the real container, I noticed we have a serious design issue in the way the test container currently works: because the kernel can be rebooted, we cannot inject the container directly, but have to go through the kernel all the time. Fixing this forces doing a BC break on the constructor of `TestContainer`. Since this is a new class and since it's mostly internal, I think we should do it now. I've marked the class as internal to further strengthen this.
Commits
-------
6764d4e012 [FrameworkBundle] Fix test-container on kernel reboot, revert to returning the real container from Client::getContainer()
This PR was squashed before being merged into the 4.2-dev branch (closes#26981).
Discussion
----------
No more support for custom anon/remember tokens based on FQCN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26940
| License | MIT
| Doc PR | ~
This PR deprecates the ability to configure a custom anonymous and remember me token class, via the AuthenticationTrustResolver. The only change required _if_ you have changed the token classes like this, is to extend the Anonymous/RememberMe token classes.
Commits
-------
860d4549c2 No more support for custom anon/remember tokens based on FQCN
* 4.1: (26 commits)
Revert "bug #27312 Supress deprecation notices thrown when getting private servies from container in tests (arderyp)"
[HttpKernel] reset kernel start time on reboot
Add code of Conduct links in our README
bumped Symfony version to 4.0.12
[FrameworkBundle] Fix using test.service_container when Client is rebooted
[DI] never inline lazy services
updated VERSION for 4.0.11
updated CHANGELOG for 4.0.11
bumped Symfony version to 3.4.12
updated VERSION for 3.4.11
updated CHANGELOG for 3.4.11
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
Tweak Argon2 test config
[HttpFoundation] Fix cookie test with xdebug
[FrameworkBundle] cleanup generated test container
[Serializer] Check the value of enable_max_depth if defined
...
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Security][SecurityBundle] FirewallMap/FirewallContext deprecations
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Next to #24805.
Commits
-------
a71ba78478 [Security][SecurityBundle] FirewallMap/FirewallContext deprecations
* 4.1:
[SecurityBundle] fix test
[DI] Fix bad exception on uninitialized references to non-shared services
[HttpFoundation] Fix perf issue during MimeTypeGuesser intialization
