This PR was squashed before being merged into the 5.2-dev branch.
Discussion
----------
[RateLimiter] Moved classes implementing LimiterInterface to a new namespace
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | no?
| Tickets |
| License | MIT
| Doc PR |
Before we release the RateLimit component.
I think it would be a good idea to put the 7 classes that belongs to a specific strategy in their own "Policy" namespace. It is very likely that it will be more strategies in the future and the `Symfony\Component\RateLimiter` namespace is crowed as it is.
I decided not to put the `CompoundLimiter` in this namespace as it is not a strategy.
Commits
-------
1e6cea56e4 [RateLimiter] Moved classes implementing LimiterInterface to a new namespace
* 5.1:
fix merge
fix merge
Remove branch-version (keep them for contracts only)
[HttpClient] relax auth bearer format requirements
[PHPUnitBridge] Silence errors from mkdir()
[DependencyInjection] Preload classes with union types correctly.
[Serializer] fix decoding float XML attributes starting with 0
add missing dutch translations
[TwigBridge] Remove "transchoice" from the code base
Support PHPUnit 8 and PHPUnit 9 in constraint compatibility trait
Add expectDeprecation, expectNotice, expectWarning, and expectError to TestCase polyfill
[String] fix before/after[Last]() returning the empty string instead of the original one on non-match
Add missing exporter function for PHPUnit 7
[Validator] Add missing romanian translations
[String] fix slicing in UnicodeString
[Cache] Use correct expiry in ChainAdapter
do not translate null placeholders or titles
This PR was squashed before being merged into the 5.x branch.
Discussion
----------
[RateLimiter] Rename RateLimiter to RateLimiterFactory
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? | No, not released yet
| Tickets |
| License | MIT
| Doc PR | should be added
Sorry for making a few BC breaks.
@wouterj [said](https://github.com/symfony/symfony/pull/38562#issue-503193238) that this class was suggested to be named `LimiterFactory` before. But that was rejected.
Just my looking at the names of the classes we currently have:
- Rate
- RateLimit
- RateLimiter
I find it hard to know what these are doing and the difference between them. Note that none of them are used as a rate limiter (ie implements `LimiterInterface`)
I would like to be clear that a `RateLimiterFactory` is used to create an object implementing `LimiterInterface`.
Commits
-------
8be261b300 [RateLimiter] Rename RateLimiter to RateLimiterFactory
This PR was merged into the 5.x branch.
Discussion
----------
[RateLimiter] Fix delete method of the cache storage
| Q | A
| ------------- | ---
| Branch? | 5.2
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
This PR fixes a small issue with RateLimiter's cache storage and the delete method: all getItems are called with a sha1 of the id, but not the one for delete, which makes it miss the deletion.
Commits
-------
b61d9d1ea3 minor
88c1e2439e Added a test
fb540bba73 Fix delete method on RateLimiter's cache storage
This PR was merged into the 5.x branch.
Discussion
----------
[RateLimiter] Be more type safe when fetching from cache
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This is a super minor thing. A `$cacheItem` can be a hit, but it does not contain a `LimiterStateInterface`.
Also, PSR-6 specifies that if the `$cacheItem` is not a hit, it must return null.
Commits
-------
4795756cc7 [RateLimiter] Be more type safe when fetching form cache
This PR was squashed before being merged into the 5.x branch.
Discussion
----------
[RateLimiter] Allow configuration value "no_limit"
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | maybe?
| New feature? | not sure
| Deprecations? |
| Tickets |
| License | MIT
| Doc PR |
I dont see any reason why we should allow people to configure "no_limit". I assume this was just forgotten.
Commits
-------
2b9058d6b6 [RateLimiter] Allow configuration value "no_limit"
This PR was merged into the 5.x branch.
Discussion
----------
[RateLimiter] Remove Window::sleep()
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | no
| Deprecations? |
| Tickets |
| License | MIT
| Doc PR |
This function is not needed since #38562
Commits
-------
ccbf7d5a06 [RateLimiter] Remove Window::sleep()
This PR was squashed before being merged into the 5.x branch.
Discussion
----------
[RateLimiter] Adding SlidingWindow algorithm
| Q | A
| ------------- | ---
| Branch? | 5.x
| Bug fix? | no
| New feature? | yes
| Deprecations? |
| Tickets |
| License | MIT
| Doc PR | Should be added
This is a draft PR to make sure we like the idea. I'll keep working on adding tests.
Commits
-------
c6d3b70315 [RateLimiter] Adding SlidingWindow algorithm
* 5.1:
[Contracts] add branch-aliases for dev-main
[Cache] Make Redis initializers static
[Messenger] Fixed typos in Connection
[CI] Fixed build on AppVeyor
Fix tests typo
[Lock] Reset Key lifetime time before we acquire it
[CI] Silence errors when remove file/dir on test tearDown()
Fix tests
Remove content-type check on toArray methods
This allows limiting on different elements of a request. This is usefull to
e.g. prevent breadth-first attacks, by allowing to enforce a limit on both IP
and IP+username.