* 5.2:
Fix rate limiter documentation
Fix merge.
fix lexing mapping values with trailing whitespaces
[String] Fix Notice when argument is empty string
[Inflector] Fix Notice when argument is empty string
[Security] fix#39262, more defensive PasswordMigratingListener
[Workflow] Fixed case when the marking store is not defined
[Security] fix#39249, default entry_point compiler pass was returning too early
Fix small typos
* 5.1:
Fix merge.
fix lexing mapping values with trailing whitespaces
[String] Fix Notice when argument is empty string
[Inflector] Fix Notice when argument is empty string
Fix small typos
This PR was merged into the 5.1 branch.
Discussion
----------
[String] Fix Notice when argument is empty string
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
PHP Notice is generated when we pass empty string to `singularize` or `pluralize` method.
```
$inflector = new \Symfony\Component\String\Inflector\EnglishInflector();
$inflector->singularize('');
```
```
Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
PHP Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
```
```
$inflector = new \Symfony\Component\String\Inflector\EnglishInflector();
$inflector->pluralize('');
```
```
Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 424
PHP Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 424
```
**Background**:
When `\Symfony\Component\PropertyAccess\PropertyAccessorInterface::setValue` is used with `_` property, then it calls \Symfony\Component\String\Inflector\EnglishInflector::singularize with empty string.
```
class Check
{
public $_;
}
$check = new Check();
$pr = PropertyAccess::createPropertyAccessorBuilder()
->getPropertyAccessor();
if($pr->isWritable($check, '_')){
$pr->setValue($check, '_', 'test');
}
var_dump($check);
```
```
Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
PHP Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
...
Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
PHP Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
Notice: Uninitialized string offset: 0 in vendor/symfony/string/Inflector/EnglishInflector.php on line 344
object(Check)#6 (1) {
["_"]=>
string(4) "test"
}
```
P.S.
Another solution is to include empty string in \Symfony\Component\String\Inflector\EnglishInflector::$uninflected
```
private static $uninflected = [
'',
'atad',
'reed',
'kcabdeef',
'hsif',
'ofni',
'esoom',
'seires',
'peehs',
'seiceps',
];
```
If this PR is not relevant please close and sorry for inconvenience.
Commits
-------
88c2b9be62 [String] Fix Notice when argument is empty string
This PR was merged into the 4.4 branch.
Discussion
----------
[Inflector] Fix Notice when argument is empty string
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Fixing issue when we call `Inflector` with empty string:
```
\Symfony\Component\Inflector\Inflector::singularize('');
```
```
Notice: Uninitialized string offset: 0 in src/Symfony/Component/Inflector/Inflector.php on line 363
PHP Notice: Uninitialized string offset: 0 in src/Symfony/Component/Inflector/Inflector.php on line 363
...
Notice: Uninitialized string offset: 0 in src/Symfony/Component/Inflector/Inflector.php on line 363
PHP Notice: Uninitialized string offset: 0 in src/Symfony/Component/Inflector/Inflector.php on line 363
```
Fix for 5.1 https://github.com/symfony/symfony/pull/39244
Commits
-------
2dfe342452 [Inflector] Fix Notice when argument is empty string
* 5.2:
Added additional file existence check on temporary file cleanup for dumpFile method
fix lexing inline sequences/mappings with trailing whitespaces
Added test for issue 39229
Bump Symfony version to 5.2.1
Update VERSION for 5.2.0
Update CHANGELOG for 5.2.0
[Security] [DX] Automatically add PasswordUpgradeBadge + default support() impl in AbstractFormLoginAuthenticator
[Console] Enable hyperlinks in Konsole/Yakuake
* 5.1:
Added additional file existence check on temporary file cleanup for dumpFile method
fix lexing inline sequences/mappings with trailing whitespaces
Added test for issue 39229
[Console] Enable hyperlinks in Konsole/Yakuake
* 4.4:
Added additional file existence check on temporary file cleanup for dumpFile method
fix lexing inline sequences/mappings with trailing whitespaces
Added test for issue 39229
[Console] Enable hyperlinks in Konsole/Yakuake
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Re-enable hyperlinks in Konsole/Yakuake
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#31809 <!-- prefix each issue number with "Fix #", no need to create an issue if none exist, explain below instead -->
| License | MIT
Hyperlinks feature was broken in KDE's Konsole/Yakuake (#31809) and thus disabled by #31849.
But the feature has been recently [implemented](https://invent.kde.org/utilities/konsole/-/merge_requests/138), and is about to be released in KDE 20.12 on December 10th 2020, see [release notes](https://community.kde.org/Releases/20.12_Release_Notes#Konsole).
Tested in RC version and seems to be working fine. The feature is disabled by default (as per security concerns), but even when disabled, it just gracefully don't show the links.
Commits
-------
728edf36bf [Console] Enable hyperlinks in Konsole/Yakuake
This PR was squashed before being merged into the 5.2 branch.
Discussion
----------
[Security] [DX] Automatically add PasswordUpgradeBadge + default support() impl in AbstractFormLoginAuthenticator
| Q | A
| ------------- | ---
| Branch? | 5.2 (hopefully? sorry to keep pushing the barrier here)
| Bug fix? | no
| New feature? | yes (sort of)
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
These are 2 suggestions we found while implementing `make:auth` for the new system (https://github.com/symfony/maker-bundle/pull/736):
Impact on a custom login form authenticator ([as generated by the new maker](https://github.com/symfony/maker-bundle/pull/736/files#diff-528164b6c24778d5e81fa3819b0552f0e68a9fea33c7d3446a012f3da7d0af60)):
* **Automatically add `PasswordUpgradeBadge`** if there is a user password with valid password credentials.
```diff
// ...
return new Passport(
new UserBadge($userIdentifier),
new PasswordCredentials($password),
[
- new PasswordUpgradeBadge($password),
new CsrfTokenBadge('authenticate', $csrf),
]
)
```
Note that this does not automatically migrate all passwords: it still relies on `PasswordUpgraderInterface` to be implemented on the user loader/provider.
* **Add default implementation of `AbstractFormLoginAuthenticator::support()`**
```diff
- public function supports(Request $request): ?bool
- {
- return self::LOGIN_ROUTE === $request->attributes->get('_route')
- && $request->isMethod('POST');
- }
```
cc @weaverryan @jrushlow
Commits
-------
27450c0bb4 [Security] [DX] Automatically add PasswordUpgradeBadge + default support() impl in AbstractFormLoginAuthenticator
Add logic for locking row for update when the doctrine dbal connection is sqlsrv. This is a quick and dirty solution, but it prevents the need to rewrite the logic due to doctrine dbal limitations.
See issue https://github.com/symfony/symfony/issues/39117
