This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[Serializer] Allow to provide (de)normalization context in mapping
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#39039 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | TODO <!-- required for new features -->
As explained in the linked feature request, this brings the ability to configure context on a per-property basis, using Serializer mapping.
Considering:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' })
*/
public \DateTime $date;
public \DateTime $anotherDate;
}
```
`$date` will be formatted with a specific format, while `$anotherDate` will use the default configured one (or the one provided in the context while calling `->serialize()` / `->normalize()`).
It can also differentiate normalization and denormalization contexts:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Context(
* normalizationContext = { DateTimeNormalizer::FORMAT_KEY = 'Y-m-d' },
* denormalizationContext = { DateTimeNormalizer::FORMAT_KEY = \DateTime::COOKIE },
* )
*/
public \DateTime $date;
}
```
As well as act differently depending on groups:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
/**
* @Serializer\Groups({ "extended" })
* @Serializer\Context({ DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339 })
* @Serializer\Context(
* context = { DateTimeNormalizer::FORMAT_KEY = \DateTime::RFC3339_EXTENDED },
* groups = {"extended"},
* )
*/
public \DateTime $date;
}
```
The annotation can be repeated as much as you want to handle the different cases.
Context without groups is always applied first, then context for groups are merged in the provided order.
Context provided when calling `->serialize()` / `->normalize()` acts as the defaults for the properties without context provided in the metadata.
XML mapping (see tests) is a lot verbose due to the required structure to handle groups.
Such metadata contexts are also forwarded to name converters, max depth handlers, callbacks, ...
Of course, PHP 8 attributes are also supported:
```php
use Symfony\Component\Serializer\Annotation as Serializer;
use Symfony\Component\Serializer\Normalizer\DateTimeNormalizer;
class Foo
{
#[Serializer\Groups(["extended"])]
#[Serializer\Context([DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339])]
#[Serializer\Context(
context: [DateTimeNormalizer::FORMAT_KEY => \DateTime::RFC3339_EXTENDED],
groups: ["extended"],
)]
public \DateTime $date;
}
```
The PR should be ready for first batch of reviews / discussions.
- [x] Make Fabbot happy in 5.2
- [x] Missing `@Context` unit tests
- [x] rework xml & phpize values
- [x] Fix lowest build issue with annotations => bumped doctrine annotations to 1.7, as for other components
Commits
-------
7229fa1d8f [Serializer] Allow to provide (de)normalization context in mapping
* 5.2:
[Workflow] Re-add InvalidTokenConfigurationException for BC
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
[HttpFoundation] Fix typo in exception message
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
[Worflow] Fixed GuardListener when using the new Security system
keep valid submitted choices when additional choices are submitted
* 4.4:
Fix PHP 8.1 null values
[Console] Fix PHP 8.1 null error for preg_match flag
Fix: Article
Definition::removeMethodCall should remove all matching calls
mark the LazyIterator class as internal
fix extracting mixed type-hinted property types
keep valid submitted choices when additional choices are submitted
This PR was merged into the 5.2 branch.
Discussion
----------
[Workflow] Re-add InvalidTokenConfigurationException for BC
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Reverts the BC breaking part of #39671
Commits
-------
b596568db9 [Workflow] Re-add InvalidTokenConfigurationException for BC
This PR was merged into the 5.2 branch.
Discussion
----------
[Worflow] Fixed GuardListener when using the new Security system
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#39505
| License | MIT
| Doc PR |
Commits
-------
bd26a79461 [Worflow] Fixed GuardListener when using the new Security system
This PR was merged into the 4.4 branch.
Discussion
----------
Fix: Article
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] fixes usages of the indefinite article `a` where `an` should be used instead
Commits
-------
34b320ba97 Fix: Article
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fix PHP 8.1 null error for preg_match flag
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Since PHP 8.1, `null` is no longer accepted as `$flags` in `preg_match`, default integer `0` value should be used instead.
Commits
-------
52f02e529a [Console] Fix PHP 8.1 null error for preg_match flag
This PR was merged into the 5.3-dev branch.
Discussion
----------
Fix package name
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Fix Package name as the Bridge is named `SpotHit` and not `Spothit`.
Commits
-------
5f8c736303 Fix package name
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PasswordHasher] Fix: Use algorithm instead of algo
| Q | A
| ------------- | ---
| Branch? | 5.5
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] renames fields, variables, and parameters using `algos` or `algo` (which appear to be entirely made-up words) to `algorithms` and `algorithm` respectively
Commits
-------
a4dd14b478 Fix: Use algorithm instead of algo
This PR was merged into the 5.3-dev branch.
Discussion
----------
[PasswordHasher] Fix: Run 'php-cs-fixer fix'
| Q | A
| ------------- | ---
| Branch? | 5.5
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This pull request
* [x] runs `php-cs-fixer fix` in `src/Symfony/Component/PasswordHasher`
💁♂️ I do not know who or what enforces coding standard issues in this repository, but after opening a few pull requests in this repository, I noticed that `fabbot.io` repeatedly reports coding standard violations that are unrelated to the proposed changes. As an experiment I ran
```
$ php-cs-fixer fix
```
on the entire repository and found a lot of issues. Not sure, would you not prefer to have these fixed?
Since the `PasswordHasher` component was only recently extracted, I assume it is safe to propose to run `php-cs-fixer fix` at least on this newly introduced component.
Commits
-------
2102170e43 Fix: Run 'php-cs-fixer fix'
This PR was submitted for the 5.x branch but it was merged into the 4.4 branch instead.
Discussion
----------
[DependencyInjection] Definition::removeMethodCall should remove all matching calls
It would only remove the first match, leaving the other method call(s) there to exist. This leads to unexpected situations.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR |
I found out that `Definition::removeMethodCall` only removes the first method call and stops. It should remove all method calls named `$method`.
Commits
-------
944ba23b58 Definition::removeMethodCall should remove all matching calls
This PR was merged into the 5.3-dev branch.
Discussion
----------
[FrameworkBundle] Deprecate session.storage service
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | TODO
Following the deprecation of `session` service, this PR deprecate other services that contains state: `session.storage`
- `session.storage`
- `session.storage.native`, `session.storage.php_bridge` and `session.storage.mock_file`
- `session.storage.metadata_bag`
Because people can inject / decorate override all these services, providing a migration path like I did with `session` would have been very hard. That's why, I added a new `opt-in` flag:
When people use `framework.session: true` or `framework.session.storage_id` the previous behavior is kept and deprecation are triggered when accessing the services.
But when people use the new `framework.session.storage_factory_id` configuration, the previous services (`session.storage.*`) are deleted (in case people would try to inject the legacy `session.storage*` services and would have expect to manipulate the same objects as the object injected in the session)
Commits
-------
37c591516a Deprecate session.storage
This PR was squashed before being merged into the 5.3-dev branch.
Discussion
----------
[DependencyInjection] Negated (not:) env var processor
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? |no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | symfony/symfony-docs#14976
This little PR suggests a `not:` env var processor (in a perfect world, I would name it `!:` but only words are accepted as prefixes 🙃)
Goal is to _negate_ a boolean env variable.
Example usage:
```bash
FOO=yes
BAR=off
```
```yaml
# config/services.yaml
parameters:
not_foo: '%env(not:FOO)%' # false
not_bar: '%env(not:BAR)%' # true
```
I'm thinking of this for this kind of usages:
- `some_prod_related_stuff: '%env(not:APP_DEBUG)%'`
- `enabled: '%env(not:bool:key:disabled:query_string:SOME_DSN)%'`
~~Processor raises an exception when preceding resolved value is not a boolean.~~
This processor allows any truthy/falsy values, like `bool:`.
Thank you,
Ben
Commits
-------
56545fd270 [DependencyInjection] Negated (not:) env var processor
This PR was merged into the 5.3-dev branch.
Discussion
----------
[Security] Extract password hashing from security-core - with proper wording
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#39698
| License | MIT
| Doc PR | todo
This PR renames password "encoders" to password _hashers_ (naming widely used, see e.g. django or laravel).
This also takes the opportunity to extract the logic related to password hashing from security-core, moving it to a new password-hasher component.
Nowadays, many modern web apps and APIs don't deal with passwords at all, that's why splitting makes sense as a step towards making security-core not tied to the password concept.
For upgrading, applications will have to use `passwords_hashers` instead of `encoders` in their security configuration, and type-hint against `PasswordHasherInterface` (and related) instead of `PasswordEncoderInterface`.
The proposed API is not much different from the encoder one regarding behavior and signatures, and it is slightly more close to the PHP built-in password hashing API:
```php
namespace Symfony\Component\PasswordHasher;
interface PasswordHasherInterface
{
public function hash(string $plainPassword): string;
public function verify(string $hashedPassword, string $plainPassword): bool;
public function needsRehash(string $hashedPassword): bool;
}
```
Commits
-------
c5c981c559 [Security] Extract password hashing from security-core - using the right naming
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] mark the LazyIterator class as internal
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/40040#discussion_r575127254
| License | MIT
| Doc PR |
Commits
-------
4a2c996b95 mark the LazyIterator class as internal
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[HttpFoundation] Fix typo in exception message
| Q | A
| ------------- | ---
| Branch? | 5.2 for bug fixes
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 5.x.
- Changelog entry should follow https://symfony.com/doc/current/contributing/code/conventions.html#writing-a-changelog-entry
-->
Commits
-------
2248af5857 [HttpFoundation] Fix typo in exception message
* 5.2:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used
* 4.4:
add missing return type declaration
Modernize func_get_args() calls to variadic parameters
Use a lazyintertor to close files descriptors when no longer used
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] add missing return type declaration
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
should make builds green again
Commits
-------
cfce9cbd59 add missing return type declaration
This PR was merged into the 4.4 branch.
Discussion
----------
[Finder] Use a lazyIterator to close files descriptors when no longer used
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | fix#35508
| License | MIT
| Doc PR | -
The `RecursiveDirectoryIterator` class open the file on `__construct`.
Because we Inject an instance of `RecursiveDirectoryIterator` inside the \AppendIterator` class, php opens a lot of file even before iterating on it.
This PR adds a new `LazyIterator` class that instantiate the decorated class only when something starts iterating on it.
When the iteration is over, it unset the variable to close let the decorated class clean things (ie. close the files)
Commits
-------
7117e1a798 Use a lazyintertor to close files descriptors when no longer used
This PR was merged into the 4.4 branch.
Discussion
----------
Modernize func_get_args() calls to variadic parameters
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
While reviewing #40143, I stumbled across the `Filesystem::box()` method and I felt like we could make the code look a little less PHP5-ish.
Commits
-------
5b536131f7 Modernize func_get_args() calls to variadic parameters
This PR was merged into the 5.3-dev branch.
Discussion
----------
[HttpFoundation] Fix consistency in sessions not found exceptions
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#40112
| License | MIT
| Doc PR | -
Make `Request::getSession` thrown a `SessionNotFoundException` and make `SessionNotFoundException` extends `\BadMethodCallException` for backward compatibility and
Commits
-------
7fcb76d367 Fix consistency in sessions not found exceptions
