This PR was squashed before being merged into the 2.7 branch (closes#21688).
Discussion
----------
Further refactorings to PHPUnit namespaces
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Continued work to make Symfony PHPUnit 6 compatible
Commits
-------
de8106f Further refactorings to PHPUnit namespaces
This PR was squashed before being merged into the 2.7 branch (closes#21564).
Discussion
----------
Update to PHPUnit namespaces
| Q | A
| ------------- | ---
| Branch? | 2.7+
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21534
| License | MIT
| Doc PR | -
Replaces #21540
@nicolas-grekas Is the update of the cache-id like this sufficient? Do we maybe have to specifiy 4.8.35 in simple-phpunit?
Commits
-------
ddd2dff9b2 Update to PHPUnit namespaces
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] remove translation data collector when not usable
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #17957
| License | MIT
| Doc PR |
Commits
-------
303bb73971 remove translation data collector when not usable
The test suite does not pass locally because I use a custom
file_link_format. I do it because it works everywhere.
Then, Symfony tries to read this value before the default one.
We could use ini_set before the test but unfortunatelly there are no way
to define the "cfg_var". For recall, get_cfg_var allows to return the
configuration value even if the extension is not loaded. And again it's
my case: I don't enable xdebug to have better performance.
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] fix IPv6 address handling in server commands
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/21039#discussion_r93915788
| License | MIT
| Doc PR |
This fixes https://github.com/symfony/symfony/pull/21039#discussion_r93915788 as reported by @sstok for the existing commands by backporting @fabpot's patch from #21039.
Commits
-------
2bb4713 fix IPv6 address handling in server commands
By default, the `DateType` as well as the `DateTimeType` set the choices
being available for the year to a range starting five years in the past.
After some time, this will make tests fail when the year of the fixed
date being used as the initial data is before the first year being part
of the choices.
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Fix PHP form templates on translatable attributes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/20365#issuecomment-267333293
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Separated from #20365
Commits
-------
10806e0 [FrameworkBundle] Fix PHP form templates on translatable attributes
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Fix unresolved parameters from default configs in debug:config
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using the `debug:config` command, if the dumped configuration is explicitly defined by the user, then parameters are properly resolved in the output. If it is not, and values come from the bundle default configuration directly, they are not.
Steps to reproduce:
- Checkout the symfony demo
- Run `debug:config twig`
- Look at the `debug` key, it is the `kernel.debug` parameter properly resolved: `true`
- Look at the `cache` key, it is not resolved: `'%kernel.cache_dir%/twig'`
This fixes it by resolving the configs once again after processing the configuration.
ping @weaverryan
Commits
-------
26f588a Fix unresolved parameters from default bundle configs in debug:config
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Bundle commands are not available via find()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The `Symfony\Bundle\FrameworkBundle\Console\Application::find()` method does not retrieve the bundle commands and only checks the ones that were added manually.
Commits
-------
dd69b88 Fix bundle commands are not available via find()
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Improve performance of ControllerNameParser
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Today I was searching for bottlenecks in my application using Blackfire. And among other things I found one in Symfony. Blackfire showed that `Symfony\Bundle\FrameworkBundle\Controller\ControllerNameParser::findAlternative()` was called almost 300 times which took 28 miliseconds.
It turns out that `Symfony\Bundle\FrameworkBundle\Routing\DelegatingLoader::load()` is calling `ControllerNameParser::parse()` without actually needing to do so because `$controller` is in the class::method notation already. `ControllerNameParser` threw an exception, DelegatingLoader caught and ignored it - that's ok. The problem is that generating the exception message took a lot of time because findAlternative is slow. In my case it called the levenshtein function over 5000 times which was completely useless because the exception is ignored anyway.
Commits
-------
cf333f3 [FrameworkBundle] Improve performance of ControllerNameParser
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Convert null prefix to an empty string in translation:update
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20044
| License | MIT
| Doc PR | n/a
This command needs the ability to use an empty string as prefix, which is not possible using `bin/console translation:update --prefix=""` because `$argv` doesn't parse empty strings thus the value is converted to `null` by `ArgvInput` (only since #19946, before the option was not considered to be set, giving the default `'__'` thus this should be fine from a BC pov).
Here I propose to explicitly convert the `prefix` value to an empty string if set to `null`, as it is a very specific need and we can't guess that from `ArgvInput`.
An other way to fix it could be to add a `--no-prefix` option to the command but I don't think it is worth it, and it couldn't be treated as a bug fix thus not fixed before `3.2`.
Commits
-------
f02b687 [FrameworkBundle] Convert null prefix to an empty string in translation:update command
This PR was merged into the 2.7 branch.
Discussion
----------
[Yaml][TwigBridge] Use JSON_UNESCAPED_SLASHES for lint commands output
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Slashes are escaped when sing the `lint:twig` and `lint:yaml` commands with the `format` option set to `json`, giving such results:
```json
[
{
"file": "yaml\/wrong\/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
That's not convenient as file paths may be reused (e.g. copy-pasted).
Results stay fine as error messages are already escaped:
```json
[
{
"file": "yaml/wrong/1.yml",
"valid": false,
"message": "Unable to parse at line 1 (near \";:cc`\")."
}
]
```
Commits
-------
0427594 Use JSON_UNESCAPED_SLASHES for lint commands output
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Check for class existence before is_subclass_of
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Same as #19342
Commits
-------
8a9e0f5 [FrameworkBundle] Check for class existence before is_subclass_of
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
This PR was squashed before being merged into the 2.7 branch (closes#19405).
Discussion
----------
Fixed bugs in names of classes and methods.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
It's related to case sensitive.
I changed only calls of names of called methods but not definition of methods because BC.
Commits
-------
c41aa03 Fixed bugs in names of classes and methods.
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
* 2.3:
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
This PR was merged into the 2.7 branch.
Discussion
----------
[FrameworkBundle] Remove misleading comment
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is not true for service_container anymore.
Commits
-------
9f2f858 [FrameworkBundle] Remove misleading comment
* 2.3:
Detect CLI color support for Windows 10 build 10586
[EventDispatcher] Try first if the event is Stopped
[FrameworkBundle] fixes grammar in container:debug command manual.
Conflicts:
src/Symfony/Component/EventDispatcher/EventDispatcher.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
* 2.3:
[Validator] use correct term for a property in docblock (not "option")
[PropertyAccess] Remove most ref mismatches to improve perf
[Validator] EmailValidator cannot extract hostname if email contains multiple @ symbols
[NumberFormatter] Fix invalid numeric literal on PHP 7
Use XML_ELEMENT_NODE in nodeType check
[PropertyAccess] Reduce overhead of UnexpectedTypeException tracking
[PropertyAccess] Throw an UnexpectedTypeException when the type do not match
[FrameworkBundle] Add tests for the Controller class
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/Controller/ControllerTest.php
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/PropertyAccess/PropertyAccessor.php
src/Symfony/Component/PropertyAccess/PropertyAccessorInterface.php
src/Symfony/Component/PropertyAccess/PropertyPath.php
src/Symfony/Component/PropertyAccess/Tests/PropertyAccessorTest.php
src/Symfony/Component/Validator/Constraints/EmailValidator.php
* 2.3:
Improved the PHPdoc of FileSystem::copy()
[Validator] Test DNS Email constraints using checkdnsrr() mock
[travis] Run real php subprocesses on hhvm for Process component tests
bug #18161 [Translation] Add support for fuzzy tags in PoFileLoader
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big integers
[Form] Fix INT64 cast to float in IntegerType.
[SecurityBundle][PHPDoc] Added method doumentation for SecurityFactoryInterface
FrameworkBundle: Client: getContainer(): fixed phpdoc
[Validator] Updating inaccurate docblock comment
Conflicts:
.travis.yml
src/Symfony/Component/Validator/Tests/Constraints/EmailValidatorTest.php
