This PR was merged into the 2.3 branch.
Discussion
----------
[Bundle][FrameworkBundle] be smarter when guessing the document root
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12524
| License | MIT
| Doc PR |
Commits
-------
e28f5b8 be smarter when guessing the document root
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12296).
Discussion
----------
[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | when relying on this configuration behaviour
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12261
| License | MIT
| Doc PR | —
See symfony/symfony#12261.
I configured a different firewall entry point for one firewall. However, when authentication had to be performed, it still called BasicAuthenticationEntryPoint::start() instead of my service's start(). My service was instantiated, yet never used.
The issue appears to be that the entry point is registered with the firewall's exception listener, but not with the BasicAuthenticationListener. This means that when the BasicAuthenticationListener determines the user has provided wrong credentials, BasicAuthenticationEntryPoint is still used. Only in case of an exception would my entry point service be used.
In my opinion, this is not correct behaviour. Can someone confirm this? Are there currently tests that pertain to the `entry_point` configuration on which I can base a test?
---
Test setup:
```yaml
# security.yml
security:
firewalls:
api:
pattern: ^/api/
http_basic: ~
entry_point: my.service
default:
anonymous: ~
```
Commits
-------
92c8dfb [SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners
This PR was submitted for the 2.7 branch but it was merged into the 2.3 branch instead (closes#12502).
Discussion
----------
Azerbaijani locale
[Form] [Validator] [Security] Azerbaijani translation added
| Q | A
| ------------- | ---
| Fixed tickets | none
| License | MIT
Commits
-------
7f7b700 Azerbaijani locale
This PR was submitted for the 2.7 branch but it was merged into the 2.3 branch instead (closes#12510).
Discussion
----------
Fixed grammar error in docblock
Commits
-------
ba8d937 Fixed grammar error in docblock
This PR was merged into the 2.3 branch.
Discussion
----------
compare version using PHP_VERSION_ID
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
To let opcode caches optimize cached code, the `PHP_VERSION_ID`
constant is used to detect the current PHP version instead of calling
`version_compare()` with `PHP_VERSION`.
Commits
-------
367ed3c compare version using PHP_VERSION_ID
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12433).
Discussion
----------
[Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
Commits
-------
0bd19aa [Bridge/Propel1] Changed deps to accepts all upcoming propel1 versions
To let opcode caches optimize cached code, the `PHP_VERSION_ID`
constant is used to detect the current PHP version instead of calling
`version_compare()` with `PHP_VERSION`.
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12468).
Discussion
----------
Update filesystem readme.md to include exists method
Read the contributing docs, I don't think I missed anything but to be fair I went through it pretty fast :-/
Commits
-------
16c1b66 Update filesystem readme.md to include exists method
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12299).
Discussion
----------
Add machine readable events
As discussed in [#11878] it would be great to have some simple machine readable way to find events
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #11878
| License | MIT
Commits
-------
ace9a22 Add machine readable events
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12449).
Discussion
----------
fixed typo
Commits
-------
a7c2a9a fixed typo
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12450).
Discussion
----------
[Translations] Added missing Hebrew language trans-unit sources
[Form] [Validator] [Translations] added missing files
[Security][Translations] added missing files
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Commits
-------
918b16b [Translations] Added missing Hebrew language trans-unit sources
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12393).
Discussion
----------
[DependencyInjection] inlined factory not referenced
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
While working with the DI I encountered a `You have requested a non-existent service "xxxxx"` exception.
Research it seems that a private reference was inlined but the private factory that was also referencing to the service was ignored.
A example of the problem:
```XML
<service id="manager"
class="\stdClass"
factory-method="getX"
factory-service="factory"
public="false">
<argument>X</argument>
</service>
<service id="repository"
class="\stdClass"
factory-method="getRepository"
factory-service="manager"
public="false">
<argument>X</argument>
</service>
<service id="storage" class="\stdClass" public="false">
<argument type="service" id="manager"/>
<argument type="service" id="repository"/>
</service>
```
What happens before the patch:
1. repository get's inlined
2. manager get's inlined for the first argument
3. manager get's removed since there was no reference.
After the first commit the following will happen:
1. repository get's inlined
2. manager get's inlined for the first argument
3. manager will not be removed since the inlined repository still references manager
This introduced a smell since InlineServiceDefinitionsPass was still inlining the manager for the first argument.
To fix this I have chosen that not inline factories if they are used more then once by the same definition.
So after the second commit the following will happen:
1. repository get's inlined
Personally I feel that the InlineServiceDefinitionsPass patch isn't the best possible one but that a different fix would probably mean breaking BC so it's probably a good idea to look at this for Symfony 3.0.
Commits
-------
7816a98 [DependencyInjection] inlined factory not referenced
This PR was merged into the 2.3 branch.
Discussion
----------
[Filesystem] Fixed case for empty folder
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The mirror function should work with an empty folder as source. It should create an empty folder on target path.
Commits
-------
5321741 Fixed case for empty folder
This PR was merged into the 2.3 branch.
Discussion
----------
[TwigBridge] TwigExtractor tests require the Finder component
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The tests for the `TwigExtractor`(as introduced in #12377) require the Finder component to be run properly.
Commits
-------
8fc3e03 TwigExtractor tests require the Finder component
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] CSRF warning docs on Request::enableHttpMethodParameterOverride()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12043
| License | MIT
| Doc PR | /
Since I wanted to understand this issue I did some research and altered the comment block. Is this a clear enough explanation or does it need more?
Commits
-------
deb70ab CSRF warning docs on Request::enableHttpMethodParameterOverride()
This PR was merged into the 2.3 branch.
Discussion
----------
[Yaml] improve error message for multiple documents
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
The YAML parser doesn't support multiple documents. This pull requests
improves the error message when the parser detects multiple YAML
documents.
see also #11840
Commits
-------
c77fdcb improve error message for multiple documents
This PR was merged into the 2.3 branch.
Discussion
----------
Translation debug improve error reporting
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12252
| License | MIT
| Doc PR |
Indicate which file was being parsed if an exception is thrown while running translation:debug
When running the translation:debug command, if a template contains invalid twig markup,
an exception is thrown. This patch rethrows a new exception that includes the filename
being parsed in the message to aid debugging.
Commits
-------
97a8f7e [TwigBundle] added a test
b1bffc0 Indicate which file was being parsed if an exception is thrown while running translation:debug
This PR was merged into the 2.3 branch.
Discussion
----------
[Form] fix form handling with OPTIONS request method
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8282
| License | MIT
| Doc PR | -
The OPTIONS request is just handled as any other request method. And accoring to the spec, an options request can also contain a request body like a POST. This only applied when using the deprecated form processing with `$form->submit($request)`. The change also makes the handling consistent with the `handleRequest` behavior via https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Extension/HttpFoundation/HttpFoundationRequestHandler.php
Commits
-------
28eabd8 [Form] fix form handling with unconventional request methods like OPTIONS
When running the translation:debug command, if a template contains invalid twig markup,
an exception is thrown. This patch rethrows a new exception that includes the filename
being parsed in the message to aid debuging.
This PR was merged into the 2.3 branch.
Discussion
----------
[Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5307
| License | MIT
| Doc PR | -
According to my own testing, this should fix the generation of HTML patterns when `Regex::$match` is set to false. Additionally, patterns containing pipes (or statements) are fixed. See the test cases for examples.
Commits
-------
bf006f5 [Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
This PR was merged into the 2.3 branch.
Discussion
----------
[Session] remove invalid hack in session regenerate
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The original issue #7380 was just caused because the developer missed to save the session before doing the redirect. That's all. Such mistakes won't happen anymore with #12341
This reverts #8270 and following. Also it makes absolutely no sense to do this only for the `files` save handler which creates huge inconsistencies. All save handlers are affected and it's more a documentation thing.
Commits
-------
703d906 [Session] remove invalid workaround in session regenerate
This PR was merged into the 2.3 branch.
Discussion
----------
[Kernel] ensure session is saved before sending response
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6417, #7885
| License | MIT
| Doc PR | n/a
Saves the session, in case it is still open, before sending the response.
This ensures several things in case the developer did not save the session explicitly:
- If a session save handler without locking is used, it ensures the data is available
on the next request, e.g. after a redirect. PHPs auto-save at script end via
session_register_shutdown is executed after fastcgi_finish_request. So in this case
the data could be missing the next request because it might not be saved the moment
the new request is processed.
- A locking save handler (e.g. the native 'files') circumvents concurrency problems like
the one above. By saving the session before long-running things in the terminate event,
we ensure the session is not blocked longer than needed.
- When regenerating the session ID no locking is involved in PHPs session design. See
https://bugs.php.net/bug.php?id=61470 for a discussion. So in this case, the session must
be saved anyway before sending the headers with the new session ID. Otherwise session
data could get lost again for concurrent requests with the new ID. One result could be
that you get logged out after just logging in.
This listener should be executed as one of the last listeners, so that previous listeners
can still operate on the open session. This prevents the overhead of restarting it.
Listeners after closing the session can still work with the session as usual because
Symfonys session implementation starts the session on demand. So writing to it after
it is saved will just restart it.
Commits
-------
b7bfef0 [Kernel] ensure session is saved before sending response
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12371).
Discussion
----------
[ClassLoader] Cast $useIncludePath property to boolean
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
32001a4 [ClassLoader] Cast $useIncludePath property to boolean
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#12374).
Discussion
----------
[HttpFoundation] Minor spelling fix in PHPDocs
| Q | A
| ------------- | ---
| Fixed tickets |
| License | MIT
Commits
-------
35791fd [HttpFoundation] Minor spelling fix in PHPDocs
This PR was merged into the 2.3 branch.
Discussion
----------
[Config] fix filelocator with empty name
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
fix filelocator with empty name + phpdoc in config component
Commits
-------
63b8c07 [DependencyInjection] use inheritdoc for loaders
ddd2fe2 [Config] fix filelocator with empty name
The original issue #7380 was just caused because the developer missed to save the session before doing the redirect. That's all. This reverts #8270 and following.