* 3.3:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.8:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.7:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 3.3:
[HttpKernel] DebugHandlersListener should always replace the existing exception handler
fix the Composer API being used
[Debug] Always decorate existing exception handlers to deal with fatal errors
Enableable ArrayNodeDefinition is disabled for empty configuration
Fixing a bug where the dump() function depended on bundle ordering
[Cache] Fix handling of apcu_fetch() edgy behavior
Add nn (Norwegian Nynorsk) translation files, and improve existing file
Problem in phar see mergerequest #25579
[Form] Disallow transform dates beyond the year 9999
Copied NO language files to the new NB locale.
[Serializer] DateTimeNormalizer handling of null and empty values (returning null or empty instead of new object)
[Console] Improve phpdoc on StyleInterface::ask()
* 3.3:
fix merge
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
Add missing @ in phpdoc return statement
Don't right trim the deprecation message
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.8:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
* 2.7:
fixed wrong description in a phpdoc
19 digits VISA card numbers are valid
[HttpKernel] Fixed test name
[Debug] prevent infinite loop with faulty exception handlers
Add the missing `enabled` session attribute
[HttpKernel] Turn bad hosts into 400 instead of 500
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix session handling: decouple "save" from setting response "private"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Fixes https://github.com/symfony/symfony/pull/25583#issuecomment-355717344 from @Tobion, and provides extra laziness for the "session" service, related to https://github.com/symfony/recipes/pull/333.
(deps=high failure will be fixed by merging to upper branches.)
Commits
-------
f8727b8827 [HttpKernel] Fix session handling: decouple "save" from setting response "private"
* 3.3:
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
fixed some deprecation messages
[2.7][DX] Use constant message contextualisation for deprecations
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/24988
| License | MIT
| Doc PR | -
As described in #24988 I think the current handling of the `Cache-Control` header set by the `NativeSessionStorage` causes inconsistent behaviour.
In #24988 @nicolas-grekas states that if you start a session a response should be considered to be private. I do agree with this but up until now, nobody takes care of this on `kernel.response`.
I think we must always suppress the `NativeSessionStorage` from generating any headers by default. Otherwise the `Cache-Control` header never makes it to the `Response` instance and is thus missed by `kernel.response` listeners and for example the Symfony HttpCache. So depending on whether you use Symfony's HttpCache or Varnish as a reverse proxy, caching would be handled differently. Varnish would consider the response to be private if you set the php.ini setting `session.cache_limiter` to `nocache` (which is default) because it will receive the header. HttpCache would not because the `Cache-Control` header is not present on the `Response`. That's inconsistent and may cause confusion or problems when switching proxies.
Commits
-------
dbc1c1c4b6 [HttpKernel] Call Response->setPrivate() instead of sending raw header() when session is started
* 2.7:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
This PR was merged into the 3.4 branch.
Discussion
----------
[Console][DI] Fail gracefully
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/flex/issues/212, #25280
| License | MIT
| Doc PR | -
I already experienced this issue a few times without spending time digging it:
sometimes, you call `cache:clear`, and the command quits without any output, and with 255 status code.
The reason is the `@include` in `Kernel`, which makes everything silent, especially fatal errors (thanks PHP...)
So if the to-be-removed container is broken for some fatal reason, the failure is really bad.
To fix that, here are two measures:
- use `include_once` instead of `require_once` in the dumped container: that's OK there to actually not immediately load the file, any hard failure will happen later anyway, and any soft failure will allow the `cache:clear` command to complete (like when you remove a package)
- register `Application::renderException()` as the main PHP exception handler, via `Debug::ErrorHandler` when it's available
End result when it fails:
instead of a blank output.
Commits
-------
4a5a3f52ab [Console][DI] Fail gracefully
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Add Session::isEmpty(), fix MockFileSessionStorage to behave like the native one
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
MockFileSessionStorage should not create any file when the session is empty. Like the native session storage, it should ignore the metadataBag to decide if the session is empty.
And to prevent AbstractTestSessionListener from registered a wrong cookie, it must have access to this empty state, which is now possible thanks to a new `Session::isEmpty()` method. Implementing is requires access to the internal storage of bags, which is possible via an internal proxy.
Commits
-------
56846ac [HttpFoundation] Add Session::isEmpty(), fix MockFileSessionStorage to behave like the native one
* 3.3:
[VarDumper] Dont use empty(), it chokes on eg GMP objects
[Dotenv] Changed preg_match flags from null to 0
remove upgrade instructions for kernel.root_dir
[HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
[HttpKernel] add a test for FilterControllerEvents
This PR was merged into the 3.3 branch.
Discussion
----------
[HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25191
| License | MIT
| Doc PR | none
Coding in the train to Paris !
Commits
-------
d84b47f [HttpKernel] Arrays with scalar values passed to ESI fragment renderer throw deprecation notice
