This PR was merged into the 4.2-dev branch.
Discussion
----------
[Cache] Prevent stampede at warmup using flock()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Replaces #27028
This PR protects against cache stampede by wrapping the computation of items in a pool of locks.
For each apps, there can be at most 20 concurrent processes that compute items at the same time and only one per cache-key.
Commits
-------
0ac2777ad1 [Cache] Prevent stampede at warmup using flock()
This PR was squashed before being merged into the 3.4 branch (closes#27596).
Discussion
----------
[Framework][Workflow] Added support for interfaces
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I consider this to be a bugfix in config, because `ClassInstanceSupportStrategy` (`InstanceOfSupportStrategy`) actually works with interfaces. Therefore propose to 3.4.
Commits
-------
6104c28c08 [Framework][Workflow] Added support for interfaces
* 4.1:
remove HHVM code
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
[ProxyManagerBridge] Fixed support of private services
[Cache] Fix typo in comment.
[FrameworkBundle] give access to non-shared services when using test.service_container
Fix bad method call with guard authentication + session migration
Avoid calling eval when there is no script embedded in the toolbar
* 3.4:
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
[ProxyManagerBridge] Fixed support of private services
[Cache] Fix typo in comment.
Fix bad method call with guard authentication + session migration
This PR was merged into the 3.4 branch.
Discussion
----------
[ProxyManagerBridge] Fixed support of private services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #...
| License | MIT
| Doc PR |
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Fixed lazy loading of private services, that was broken since Symfony 4.0 release because of renaming
addObjectResource
fa022f05be/src/Symfony/Component/DependencyInjection/CHANGELOG.md (L114)
Commits
-------
198bee0916 [ProxyManagerBridge] Fixed support of private services
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Properties added on child classes of `ArrayObject` and `ArrayIterator`, or dynamic properties added on instances of them were now properly dumped. This fixes it.
![image](https://user-images.githubusercontent.com/243674/41349429-2660cbc6-6f10-11e8-8015-a3d6ad8b0c9c.png)
Commits
-------
3ecabfc36e [VarDumper] Fix dumping ArrayObject and ArrayIterator instances
This PR was merged into the 4.1 branch.
Discussion
----------
[FrameworkBundle] give access to non-shared services when using test.service_container
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27488
| License | MIT
| Doc PR | -
Commits
-------
516ff5a985 [FrameworkBundle] give access to non-shared services when using test.service_container
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#27598).
Discussion
----------
[Cache] Fix typo in comment.
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
It's just a typo fix.
Commits
-------
39dd9b2f97 [Cache] Fix typo in comment.
This PR was merged into the 4.1 branch.
Discussion
----------
Avoid calling eval when there is no script embedded in the toolbar
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27583
| License | MIT
| Doc PR | n/a
#27189 changed the way embedded scripts were eval'd for the toolbar. But it also refactored the code in a way triggering `eval` all the time, even when there is no embedded script, which was reported several times as an issue with CSP.
While the debug panel (showing dumps) still requires having `unsafe-eval` in the CSP header (due to embedding scripts that we eval), this PR reverts back to the behavior of Symfony 4.0 and older, where only toolbars actually embedding scripts have this CSP compat issue.
Commits
-------
a0f78a5e0b Avoid calling eval when there is no script embedded in the toolbar
This PR was squashed before being merged into the 2.8 branch (closes#27581).
Discussion
----------
Fix bad method call with guard authentication + session migration
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no (but there needs to be on master)
| Tests pass? | yes
| Fixed tickets | #27577
| License | MIT
| Doc PR | n/a
I messed up #27452 :/. Guard is the one class where the session migration is not on the listener, it's on the handler. The tricky part is that there is only ONE handler (unlike listeners where there is 1 listener per firewall). That means that implementing a session migration strategy that avoids stateless firewalls was a bit more tricky: I could only think to inject a map into `GuardAuthenticationHandler`. On the bright side, this also fixes session migration (not happening) when people call the `authenticateUserAndHandleSuccess()` method directly.
On master, we'll need to add a deprecation to make the 3rd argument of `authenticateWithToken()` required - it's optional now for BC. We may also need to re-order the constructor args.
I DID test this in a real 2.8 project, to make sure that things were properly wired up. Apologies for not doing that for the other PR.
Cheers!
Commits
-------
2c0ac93 Fix bad method call with guard authentication + session migration