This PR was merged into the 4.1-dev branch.
Discussion
----------
[Workflow] Add PlantUML dumper to workflow:dump command
| Q | A
| ------------- | ---
| Branch | 4.1
| Bug fix | no
| New feature | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | Will do depending on the comments about that PR
Hello,
`workflow:dump` exports workflows in `dot` format. To me, this format is not the easiest and not the simplest to use. Styles and logic are mixed together which makes it hard to read.
[PlantUML](http://plantuml.com/) is a tool based on Graphviz like Dot but that
generates nicer diagrams, more readable and most of all easier to adapt to your
documentation. Just copy and paste the PUML on the website you will see the rendering live.
Also, there is a [PHPStorm Plugin](https://plugins.jetbrains.com/plugin/7017-plantuml-integration) and [plenty of integration](http://plantuml.com/running) of this format.
This PR adds 2 options
* a `--dump-format=puml` option to the `workflow:dump` command to generate the workflows in PlantUML.
* a `--puml-transition-format=square|arrow` option to the `workflow:dump` command to generate the workflows in PlantUML using a square shape or arrow for the transition. (see below)
The conversion requires the PlantUML JAR, and can be used like that:
```bash
php bin/console workflow:dump pull_request --dump-format=puml | java -jar plantuml.jar -p > workflow.png
```
> don't forget the `-p` to enable the "piping"
Here is an example with `pull_request` workflow of the documentation (with no style and no marking):
```
@startuml
title pull_request
state start <<initial>>
state coding
state travis
state review
state merged
state closed
start --> travis: submit
coding --> travis: update
travis --> travis: update
review --> travis: update
travis --> review: wait_for_review
review --> coding: request_change
review --> merged: accept
review --> closed: reject
closed --> review: reopen
@enduml
```
As PlantUML let us define styles, I have provided some by default that the user can override.
Adding some marking:
```bash
php bin/console workflow:dump pull_request travis review --dump-format=puml
```
will give us:
```
@startuml
sprite $sf_logo [81x20/16z] {
hPNRaYiX24K1xwBo_tyx6-qaCtDEJ-KXLYMTLbp0HWcHZr3KRDJ8z94HG3jZn4_mijbQ2ryJoFePtXLWA_qxyGy19DpdY_10z11ZAbGjFHRwcEbcKx5-wqsV
yIMo8StMCHKh8ZUxnEwrZiwRAUOvy1lLcPQF4lEFAjhzMd5WOAqvKflS0Enx8PbihiSYXM8ClGVAseIWTAjCgVSAcnYbQG79xKFsZ0VnDCNc7AVBoPSMcTsX
UnrujbYjjz0NnsObkTgnmolqJD4QgGUYTQiNe8eIjtx4b6Vv8nPGpncn3NJ8Geo9W9VW2wGACm_JzgIO8A8KXr2jUBCVGEAAJSZ6JUlsNnmOzmIYti9G7bjL
8InaHM9G40NkwTG7OxrggvNIejA8AZuqyWjOzTIKi-wwYvjeHYesSWuPiTGDN5THzkYLU4MD5r2_0PDhG7LIUG33z5HtM6CP3icyWEVOS61sD_2ZsBfJdbVA
qM53XHDUwhY0TAwPug3OG9NonRFhO8ynF3I4unuAMDHmSrXH57V1RGvl9jafuZF9ZhqjWOEh98y0tUYGsUxkBSllIyBdT2oM5Fn2-ut-fzsq_cQNuL6Uvwqr
knh4RrvOKzxZfLV3s0rs_R_1SdYt3VxeQ1_y2_W2
}
title pull_request
skinparam titleBorderRoundCorner 15
skinparam titleBorderThickness 2
skinparam state {
BackgroundColor<<initial>> #87b741
BackgroundColor<<marked>> #3887C6
BorderColor #3887C6
BorderColor<<marked>> Black
FontColor<<marked>> White
}
state start <<initial>>
state coding
state travis <<marked>>
state review <<marked>>
state merged
state closed
start --> travis: submit
coding --> travis: update
travis --> travis: update
review --> travis: update
travis --> review: wait_for_review
review --> coding: request_change
review --> merged: accept
review --> closed: reject
closed --> review: reopen
footer \nGenerated by <$sf_logo> **Workflow Component** and **PlantUML**
@enduml
```
Which gives you that:
![workflow](https://user-images.githubusercontent.com/313532/32086584-253e39c0-ba8b-11e7-82c7-fa24309dbcd6.png)
With `square` as transition, it gives you that:
![workflow](https://user-images.githubusercontent.com/313532/32533123-a8ea4530-c403-11e7-8f88-4f18d5e23a28.png)
Hope you will find that interesting!
Commits
-------
1497d36cab Add option to the workflow:dump command to allow PlantUML format dump
This PR was squashed before being merged into the 3.4 branch (closes#25756).
Discussion
----------
[TwigBundle] Register TwigBridge extensions first
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25610
| License | MIT
| Doc PR | -
The only extension that is really needed to display the current exception page is the `CodeExtension` so we could only prepend this one. However, prepending all of them seems safer to me in the long term.
Also I deeply looked into why this problem only appeared in 3.4 and found the reason. Before 3.4 it actually never reaches the `ExceptionController` for this kind of error because it cannot be resolved because it needs a twig instance in its constructor. This instance is directly taken from the container. Before 3.4 when an exception is thrown when you try to get a service from the container, the instance stored in the `$services` array is unset which is not the case in further versions. So in 3.4+, the `ExceptionController` can be resolved because the instance of twig is still in the container even after the initial exception.
It also means these kind of exceptions are displayed with bugs on all versions before 3.4 I guess. Actually it shows the message 2 times : one for the initial exception and the other one when it tries to resolve the `ExceptionController`.
Maybe another solution might be to use a dedicated twig instance with the right settings just for the exception page ?
Commits
-------
c8465ed97f [TwigBundle] Register TwigBridge extensions first
This PR was squashed before being merged into the 3.4 branch (closes#25947).
Discussion
----------
PhpDocExtractor::getTypes() throws fatal error when type omitted
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When omitting a type in a `DocBlock` `Tag`, it will throw a fatal error due to the type being null with a call to `$tag->getType()`.
Commits
-------
54253ecfff PhpDocExtractor::getTypes() throws fatal error when type omitted
This PR was merged into the 4.1-dev branch.
Discussion
----------
[Serializer] Fix security issue on CsvEncoder about CSV injection
| Q | A
| ------------- | ---
| Branch? | master (4.1)
| Bug fix? | no
| New feature? | yes
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I read [this article](http://georgemauer.net/2017/10/07/csv-injection.html) about CSV injection and I thought it best to update the `CsvEncoder` so that it does not generate potentially malicious CSV files by default.
Commits
-------
a1b0bdbbac Fix security issue on CsvEncoder
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] keep the context when validating forms
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25542
| License | MIT
| Doc PR |
Commits
-------
317da3bdf8 keep the context when validating forms
This PR was merged into the 4.1-dev branch.
Discussion
----------
[Security] The AuthenticationException should implements Security's ExceptionInterface
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25770
| License | MIT
| Doc PR | ø
Dunno why this is the case right now but this probably should not. Was reported by @paq85.
Commits
-------
0ee4cf1019 The Security Component's exceptions should implements Security's ExceptionInterface
This PR was merged into the 4.1-dev branch.
Discussion
----------
[WebProfilerBundle] Improve controller linking
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I propose to remove the `Controller class` entry from the request toolbar panel, IMHO it's confusing/useless compared to the linked `Controller` entry above. They represent the same.
To preserve its value it's now used as title attribute instead, favored over controller file currently being used here. We can read that from the statusbar anyway :-)
Before: (hovering ontroller link)
![image](https://user-images.githubusercontent.com/1047696/35796142-ce6cdff4-0a5b-11e8-9fa3-91897516c9fc.png)
After: (hovering ontroller link)
![image](https://user-images.githubusercontent.com/1047696/35796237-2855e556-0a5c-11e8-8dca-853c3eabd2e9.png)
Commits
-------
f6c0dc64e6 [WebProfilerBundle] Improve controller linking
This PR was squashed before being merged into the 4.1-dev branch (closes#26036).
Discussion
----------
Added support for getting default values in Accept headers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25877
| License | MIT
| Doc PR | -
Commits
-------
7e31fd94df Added support for getting default values in Accept headers
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor: use a strict comparison in setDecoratedService
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
f167b50 [DI] minor: use a strict comparision in setDecoratedService
* 4.0:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
* 3.4:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness
This PR was merged into the 4.1-dev branch.
Discussion
----------
[HttpFoundation] we should not pass size on FileBag removing the contruct parameter
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25466 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | none
We may have forgotten this one, thanks to @craue for seeing it !
Commits
-------
0db65b5 fix tests
820186f [HttpFoundation] we should not pass size on FileBag
This PR was squashed before being merged into the 2.7 branch (closes#25373).
Discussion
----------
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
`UrlMatcher::match($pathinfo)` applies `rawurldecode()` to the `$pathinfo` before trying to match it against the routes.
If the URL contains a percent-encoded trailing newline (like in `/foo%0a`), the default PHP PCRE will still consider `#^/foo$#` a match, as the `$` metacharacter will also match *immediately before* the final character *if it is a newline*. This behavior can be changed by applying the [`PCRE_DOLLAR_ENDONLY` modifier](http://php.net/manual/en/reference.pcre.pattern.modifiers.php).
Without this change, URLs with trailing `%0a` lead to weird notices further down the road, for example when the `RedirectableUrlMatcher` or its equivalent in `PhpMatcherDumper` kick in, look at the last character (this time actually the newline), append a `/` and try to redirect to the resulting URL. Ultimately, PHP will complain with `Warning: Header may not contain more than a single header, new line detected` when sending the `Location` header.
Commits
-------
f713a3e Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
I recently let Europe's leading accessibility experts (Funkanu.se) review a site of mine, they gave me (among other) the feedback that errors should be a part of the label.
They said that it makes no sense for blind users to read label, read input and then read errors.
I know the implementation might look strange. But I wish something like this would be merged. That would be great for accessibility for all apps using Symfony.
We *could* also make sure it prints something like:
```
<label for=”name”>Name: <span class=”hidden”>Error message</span></label>
<input id=”name” type=”text”>
<span aria-hidden=”true”>Error message</span>
```
Commits
-------
a0b40f5 [Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
This PR was merged into the 4.1-dev branch.
Discussion
----------
Unwrap errors in FlattenException
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | maybe
| Deprecations? | no
| Tests pass? | no (but probably unrelated?)
| Fixed tickets | #26025
| License | MIT
| Doc PR | N/A
This is probably the most straightforward way to solve #26025. `FlattenException` is now unwrapping `FatalThrowableError` instances and logs the wrapped error instead. The consequence of this change is that the real error class is displayend on TwigBundle's exception page and the profiler.
Regarding BC: If we assume that `FlattenException` is used for rendering and logging, everything should be fine. But this PR changes `FlattenException`'s internal behavior. If a piece of code relied on errors appearing `FatalThrowableError` inside a `FlattenException`, that code would break.
<img width="402" alt="bildschirmfoto 2018-02-02 um 20 08 42" src="https://user-images.githubusercontent.com/1506493/35760077-0b202940-087e-11e8-9b98-8e4ba269780c.png">
Commits
-------
f14d7d6 Unwrap errors in FlattenException.
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Only using filemtime to check file freshness
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25999
| License | MIT
Commits
-------
52c9cb4 [Config] Only using filemtime to check file freshness
This PR was merged into the 4.1-dev branch.
Discussion
----------
[DI] Put non-shared service factories in closures
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
With this change, non-shared services are moved to dedicated files (unless they are on the hot path).
Previously, they were always dumped as methods.
The goal of this change is to dump factories as methods *if and only if* the services they build are on the hot-path. By doing so, it will become very easy to figure out which services are on the hot path, vs the rest. And then people will be able to optimize their configurations: if too many things are dumped as methods, it will trivially mean some laziness is missing in definitions.
I spotted this while reviewing the dumped container of Blackfire, where we sometimes have long chains of dependencies that are on the hot path for no real reason - mixed with big non-shared factories (Sonata admin blocks in our case.)
Commits
-------
22c5325 [DI] Put non-shared service factories in closures
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25906
| License | MIT
| Doc PR | -
@weaverryan that should fix an issue you reported.
Commits
-------
67e821b [Config] Handle Service/EventSubscriberInterface in ReflectionClassResource
This PR was merged into the 3.4 branch.
Discussion
----------
[DI][Routing] Fix tracking of globbed resources
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25904
| License | MIT
| Doc PR | -
The current `GlobFileLoader` in `Config` misses resource tracking, so we can't use it and have to use a per-component one instead.
(deps=high failures will be fixed after merging up to master.)
Commits
-------
945c753 Add tests for glob loaders
ad98c1fa [DI][Routing] Fix tracking of globbed resources
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Allow remember-me factory creation when multiple user providers are configured.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | none
When more than one user provider is configured, and `remember_me` is enabled on a firewall, this avoids the deprecation notice in 3.4 and thrown `InvalidConfigurationException` in 4.0 ("Not configuring explicitly the provider for the "remember_me" listener on "foo" firewall is ambiguous as there is more than one registered provider."). The `RememberMeFactory` ignores the `$userProvider` argument and uses the secret configured for the firewall. (If no secret is configured, it throws its own exception.)
The added test passes in 3.4 with a deprecation notice without the change, so would expect it to fail in 4.0 without the change.
Other tests in the `SecurityBundle` already included two errors and one failure, not related to this change.
Commits
-------
6ab8dd9 Allow remember-me factory creation when multiple user providers are configured.
* 4.0:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
* 3.4:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
* 2.8:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
* 2.7:
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
Removed unused parameter from flattenDataProvider().
Update MongoDB extension on travis to make the builds green again.
This PR was merged into the 2.7 branch.
Discussion
----------
[CssSelector] For AND operator, the left operand should have parentheses, not only right operand
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/css-selector/pull/3
Commits
-------
76b40dc [CssSelector] For AND operator, the left operand should have parentheses, not only right operand
* 4.0:
[Intl] Fixed the broken link
Fix typo
Fix typo
Fixed issue #25985
Don't show wanna-be-private services as public in debug:container
[Routing] Fix trailing slash redirection for non-safe verbs
[DI] Fix tracking of source class changes for lazy-proxies
Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
collect extension information as late as possible
* 3.4:
[Intl] Fixed the broken link
Fix typo
Fix typo
Fixed issue #25985
Don't show wanna-be-private services as public in debug:container
[Routing] Fix trailing slash redirection for non-safe verbs
[DI] Fix tracking of source class changes for lazy-proxies
Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
collect extension information as late as possible
* 2.8:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
* 2.7:
[Intl] Fixed the broken link
[Routing] Fix trailing slash redirection for non-safe verbs
[Debug] Fix bad registration of exception handler, leading to mem leak
[Form] Fixed empty data on expanded ChoiceType and FileType
This PR was merged into the 2.7 branch.
Discussion
----------
[Intl] Fixed the broken link
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
From https://github.com/symfony/intl/pull/6
Commits
-------
5733e02960 [Intl] Fixed the broken link
This PR was merged into the 3.4 branch.
Discussion
----------
Don't show wanna-be-private services as public in debug:container
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25987
| License | MIT
| Doc PR | n/a
Commits
-------
31f43e5226 Don't show wanna-be-private services as public in debug:container
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] collect extension information as late as possible
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25660
| License | MIT
| Doc PR |
Commits
-------
58cdbd03e1 collect extension information as late as possible
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix tracking of source class changes for lazy-proxies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
4f18e4b0dc [DI] Fix tracking of source class changes for lazy-proxies
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix bad registration of exception handler, leading to mem leak
| Q | A
| ------------- | ---
| Branch? | 27
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25965
| License | MIT
| Doc PR | -
Commits
-------
926b1bee18 [Debug] Fix bad registration of exception handler, leading to mem leak
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Fix trailing slash redirection for non-safe verbs
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This test dumped matchers using the existing test cases for (Redirectable)UrlMatcher so that we are sure they behave the same. Fixes the differences found while doing so.
Commits
-------
ad593aef2f [Routing] Fix trailing slash redirection for non-safe verbs
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed empty data on expanded ChoiceType and FileType
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25896
| License | MIT
| Doc PR | ~
Alternative of https://github.com/symfony/symfony/pull/25924.
I don't think we have to do this by adding overhead in master and getting it properly fixed in 2 years.
This is bug I've introduced while fixing another bug #17822. Which then has been replicated in #20418 and #24993.
I propose instead to clean up the code for all LTS, since this is a wrong behaviour that has never been documented, and most of all unreliable.
The `empty_data` can by anything in the view format as long as the reverse view transformation supports it. Even an object derived from the data class could be invokable.
I think we should remain consistent with https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/Form/Form.php#L615.
Commits
-------
9722c063fb [Form] Fixed empty data on expanded ChoiceType and FileType
When using any mode but the weak mode, you want your build to fail on
some or all deprecations, but it is still nice to be able to see what
you could fix without having to change modes.
This PR was merged into the 4.1-dev branch.
Discussion
----------
Adding an array adapter
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | symfony/symfony-docs#9110
There's no simple way to *disable* caching (e.g. in the dev) environment. Setting up an array adapter is a very simple way to allow this :).
Commits
-------
f92e03d adding an array adapter
This PR was merged into the 3.4 branch.
Discussion
----------
Deterministic proxy names
Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random to better support reproducible builds. See #25958
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
b173b81f46 Proxy class names should be deterministic and independent of spl_object_hash() which is somewhat random
* 4.0:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 4.0.5
updated VERSION for 4.0.4
updated CHANGELOG for 4.0.4
bumped Symfony version to 3.4.5
updated VERSION for 3.4.4
updated CHANGELOG for 3.4.4
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Don't stop PSR-4 service discovery if a parent class is missing.
Allow trans filter to be safe
* 3.4:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 3.4.5
updated VERSION for 3.4.4
updated CHANGELOG for 3.4.4
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Don't stop PSR-4 service discovery if a parent class is missing.
Allow trans filter to be safe
* 2.8:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.8.35
updated VERSION for 2.8.34
updated CHANGELOG for 2.8.34
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
* 2.7:
update test for Twig performance optimizations
[WebProfilerBundle] Increase retry delays between toolbarAction ajax calls
support sapi_windows_vt100_support for php 7.2+
bumped Symfony version to 2.7.42
updated VERSION for 2.7.41
update CONTRIBUTORS for 2.7.41
updated CHANGELOG for 2.7.41
[HttpFoundation] Added "null" type on Request::create docblock
Allow trans filter to be safe
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] update test for Twig performance optimizations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | twigphp/Twig#2617
| License | MIT
| Doc PR |
Commits
-------
21bbad9 update test for Twig performance optimizations
This PR was merged into the 2.7 branch.
Discussion
----------
support sapi_windows_vt100_support for php 7.2+
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | See below
| License | MIT
| Doc PR | N/A
php 7.2 enabled color support on windows(>=10.0.10586) and introduced a new function called `sapi_windows_vt100_support` to get and set the state. this PR add the support for this new function, so users on windows can see the colorful world again with php 7.2+.
Commits
-------
5bbb77b support sapi_windows_vt100_support for php 7.2+
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBridge] Allow label translation to be safe
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ~
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
After overriding `TranslationExtension`'s `trans` filter to make it safe I noticed form labels were still escaped because of `label` in
```twig
{{ translation_domain is same as(false) ? label : label|trans({}, translation_domain) }}
```
Replacing this ternary with `if`/`else` allows `trans` return to be safe.
WDYT?
Commits
-------
041c42db6a Allow trans filter to be safe
This PR was squashed before being merged into the 2.7 branch (closes#25878).
Discussion
----------
[HttpFoundation] Added "null" type on Request::create docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Continuation of #24902 and #25875
Commits
-------
b18f9e76a5 [HttpFoundation] Added "null" type on Request::create docblock
This PR was merged into the 3.4 branch.
Discussion
----------
Don't stop PSR-4 service discovery if a parent class is missing
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25929
| License | MIT
| Doc PR | N/A
Commits
-------
3d6c3ba836 Don't stop PSR-4 service discovery if a parent class is missing.
* 4.0:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
[Console] Provide a bugfix where an array could be passed
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
[DI] Fix initialization of legacy containers by delaying include_once
* 3.4:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
[Console] Provide a bugfix where an array could be passed
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
[DI] Fix initialization of legacy containers by delaying include_once
* 3.3:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Restore RoleInterface import
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
revert useless tests fixtures changes
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
* 2.8:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Removed assertDateTimeEquals() methods.
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Removed assertDateTimeEquals() methods
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
All PHPUnit versions that we use on Travis support comparing `DateTime` objects via `assertEquals()`. Yet, we have our own code in place to check for equality of `DateTime` objects. This PR removes that code.
Commits
-------
5b73d1c1e6 Removed assertDateTimeEquals() methods.
* 2.7:
[HttpFoundation] Use the correct syntax for session gc based on Pdo driver
Revert "bug #24987 [Console] Fix global console flag when used in chain (Simperfit)"
Revert "bug #25487 [Console] Fix a bug when passing a letter that could be an alias (Simperfit)"
Disable CSP header on exception pages only in debug
Fixed submitting disabled buttons
Fixed Button::setParent() when already submitted
Improve assertions
SCA: get rid of repetitive calls
allow null values for root nodes in YAML configs
[VarDumper] Fix docblock
Improve phpdoc to make it more explicit
This PR was merged into the 2.7 branch.
Discussion
----------
Improve assertions
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Following #25420 before start other branches.
Btw, the other branches are 2.8, 3.3, 3.4, 4.0 and master?
Commits
-------
3d90a2217d Improve assertions
This PR was merged into the 2.7 branch.
Discussion
----------
Disable CSP header on exception pages only in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24772
| License | MIT
| Doc PR |
Based on a feedback we received, there are situations on production when it's desired to have CSP header in place even if exception occurred.
This uses now same condition that is used by ExceptionController in TwigBridge to evaluate if styled exception template is going to be shown, minus `showException` request attribute which don't make sense in this context, because it's used by PreviewController only and in such case this listener isn't triggered.
Overriding CSP header via HTML meta tag unfortunately, but not surprisingly, doesn't work.
Commits
-------
b77538c2fe Disable CSP header on exception pages only in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fixed Button::setParent() when already submitted
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
The `Button` does not respect the [FormInterface](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/FormInterface.php#L28), by extension the `SubmitButton` neither.
Commits
-------
9f0c7bf549 Fixed Button::setParent() when already submitted
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Provide a DX where an array could be passed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | #25394
| License | MIT
| Doc PR | none
![img_2941](https://user-images.githubusercontent.com/3451634/33766610-977f77ce-dc1e-11e7-93c1-38dd0038d7f5.jpeg)
I think that this is not fixing the root causes that does not appears in 4.1, so maybe there is something better to do. I did not find the root cause So I think it can bo good to fix the problem too.
Commits
-------
de502f7 [Console] Provide a bugfix where an array could be passed