This PR was merged into the 4.3-dev branch.
Discussion
----------
[Security] Add Argon2idPasswordEncoder
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #28093
| License | MIT
| Doc PR | TODO
Currently we have a `Argon2iPasswordEncoder` that may hash passwords using `argon2id` instead of `argon2i` (platform-dependent) which is not good.
This deprecates producing/validating `argon2id` hashed passwords using the `Argon2iPasswordEncoder`, and adds a `Argon2idPasswordEncoder` able to produce/validate `argon2id` hashed passwords only.
#EUFOSSA
Commits
-------
0c82173b24 [Security] Add Argon2idPasswordEncoder
This PR was merged into the 4.3-dev branch.
Discussion
----------
Prepare for the new serialization mechanism
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
#eufossa
Should I maybe split this component by component ?
https://wiki.php.net/rfc/custom_object_serialization has been accepted.
Best viewed in "split" mode.
This work is kind of required for https://github.com/symfony/symfony/issues/30304 so we don't trigger 30 deprecations from our own code base.
Commits
-------
d412e77a9c Prepare for the new serialization mechanism
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Mailer] allow user/pass on dsn while using failover/roundrobin
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
this PR provides two things:
1. It is possible now to user `username` and `password` in a failover or round robin transport when using smtp
2. Fixed a type problem with `username` and `password` for the smtp transport as `getUsername()` cannot return `null` because of its signature but if no `username` is provided then the property would have been `null`. Fixed with setting an empty string as default. Same for `password`. (This was discovered by adding a test - yeah!)
Commits
-------
4518ac56a1 allow user/pass on dns while using failover/roundrobin and type fix for username/password
This PR was merged into the 3.4 branch.
Discussion
----------
Make tests independent from each other
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | n/a
Environment variables set in a test need to be restored to their
previous values or unset if we want to be able to run tests
independently.
Credits to @ostrolucky for spotting this issue, I'm available for help when merging this in more recent branch (issues may appear then).
Created during the EU-FOSSA hackathon
Commits
-------
00883fc409 Make tests independent from each other
This PR was merged into the 4.3-dev branch.
Discussion
----------
Allow env processor to resolve `::`
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | N/A
The env processor resolve to null when no fallback are provided. ie. `env(default::NOT_EXISTS)`
Issue is that the regexp does not allow such pattern. thus made the feature unusable.
Commits
-------
6b6c24c618 Allow env processor to resolve `::`
* 4.2:
fix tests
fix PHPUnit 4.8 compatibility
[Debug] Fixed error handling when an error is already handled when another error is already handled (5)
sync validator translations
* 3.4:
fix PHPUnit 4.8 compatibility
[Debug] Fixed error handling when an error is already handled when another error is already handled (5)
sync validator translations
This PR was merged into the 3.4 branch.
Discussion
----------
[Debug] Fixed error handling when an error is already handled when another error is already handled (5)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
---
Please, don't ask how to reproduce it :)
Commits
-------
a36c7315f4 [Debug] Fixed error handling when an error is already handled when another error is already handled (5)
This PR was squashed before being merged into the 3.4 branch (closes#30979).
Discussion
----------
Fix the configurability of CoreExtension deps in standalone usage
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | not yet, but will allow fixing them
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using the Forms entrypoint to configure the component, there was no chance to configure dependencies of the CoreExtension, as the one registered without argument was first and would win.
The builder now delays the prepending of the CoreExtension to do it only if the CoreExtension is not registered explicitly.
We discovered that when trying to fix tests for the FileType, where we wanted to pass a Translator to it.
Commits
-------
934118b131 Fix the configurability of CoreExtension deps in standalone usage
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Serializer] Experimental for ObjectListExtractor
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30904
| License | MIT
| Doc PR | -
Related to #30818
I want to mark this class as `@expiremental` until we have the full refactoring done of the Serializer, also this would allow change needed if some behavior was not correctly taken into care in 4.3
Mark also `final` for the default implementation as we don't want that to be extendable and user should use composition over inheritance.
Commits
-------
b0cdf45464 Set object list extractor as expiremental, and use final for default implementation
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Routing][ObjectRouteLoader] Allow invokable route loader services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11333
#eufossa
Fall back by default on the `__invoke` method when it is not configured.
Using a regex is easier to check that the format is valid, at least for the time we have to supports the single column notation.
TODO :
- [x] Changelog entry
- [x] Doc PR
Commits
-------
5bf7ad44e1 [Routing][ObjectRouteLoader] Allow invokable route loader services
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fix using ProxyAdapter inside TagAwareAdapter
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30400
| License | MIT
| Doc PR | -
EUFOSSA
After some debugging this is my first attempt to fix this issue @nicolas-grekas 😊 Let's discuss it.
without the fix the test fails like this:
```
Testing Symfony\Component\Cache\Tests\Adapter\TagAwareAndProxyAdapterIntegrationTest
F 1 / 1 (100%)
Time: 28 ms, Memory: 4.00MB
There was 1 failure:
1) Symfony\Component\Cache\Tests\Adapter\TagAwareAndProxyAdapterIntegrationTest::testIntegration
Failed asserting that Array &0 (
'tag1' => 0
'tag2' => 0
) is identical to 'bar'.
/var/www/symfony/src/Symfony/Component/Cache/Tests/Adapter/TagAwareAndProxyAdapterIntegrationTest.php:26
FAILURES!
Tests: 1, Assertions: 1, Failures: 1.
Commits
-------
98b9be9b6a [Cache] fix using ProxyAdapter inside TagAwareAdapter
This PR was merged into the 4.3-dev branch.
Discussion
----------
[DIC] Add a `require` env var processor
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#11313
This adds a new `require` processor that will `require()` the PHP file given as input value and return the value `return`ed from that file. Leverages opcaching (yay!).
#EUFOSSA
Commits
-------
03da3a22b1 Add a `require` env var processor
This PR was squashed before being merged into the 4.3-dev branch (closes#30964).
Discussion
----------
[HttpKernel] Add a "short" trace header format, make header configurable
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#11340
This pull requests adds the first usage of `array_key_first` to the Symfony code base. Additionally, it makes it possible to configure the `HttpCache` to also add a "trace" header in production.
The `HttpCache` is a convenient, low-barrier yet performant way of accelerating the application. By having the "trace" information returned as a header in production as well, you can write it to server log files. For example, with Apache you can use `%{X-Symfony-Cache}o` in the `LogFormat` directive to log response headers.
With the information in the log files, you can easily process it from logfile processing/system metrics tools to find out about cache performance, efficiency and the URLs that might need extra cache tweaking.
<img width="1040" alt="Bildschirmfoto 2019-04-07 um 11 43 23" src="https://user-images.githubusercontent.com/1202333/55681763-6e90e980-592a-11e9-900f-e096350531c2.png">
The "short" format will only output information for the main request to avoid leaking internal URLs for ESI subrequests. I also chose a concise format like `stale/valid/store` because that's much easier to parse out of logfiles (no whitespace, no need for quotes etc.).
If you're not comfortable with having `Symfony` in the header name that way, the header name can be changed through a configuration setting as well.
#FOSSHackathon
Commits
-------
9a2fcc9392 [HttpKernel] Add a \"short\" trace header format, make header configurable
* 4.2:
fix translating file validation error message
[Validator] Add missing Hungarian translations
Improving deprecation message of the Twig templates directory src/Resources/views
[3.4] [Validator] Add missing french validation translations.
[Validator] Only traverse arrays that are cascaded into
Handle case where no translations were found
[Validator] Translate unique collection message to Hungarian
fix tests
Run test in separate process
Use a class name that does not actually exist
[Profiler] Fix dark theme elements color
fix horizontal spacing of inlined Bootstrap forms
[Translator] Warm up the translations cache in dev
turn failed file uploads into form errors
* 3.4:
fix translating file validation error message
[Validator] Add missing Hungarian translations
[3.4] [Validator] Add missing french validation translations.
[Validator] Only traverse arrays that are cascaded into
Handle case where no translations were found
[Validator] Translate unique collection message to Hungarian
fix tests
Run test in separate process
Use a class name that does not actually exist
fix horizontal spacing of inlined Bootstrap forms
[Translator] Warm up the translations cache in dev
turn failed file uploads into form errors
This PR was merged into the 4.3-dev branch.
Discussion
----------
Fix Lock test suite
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | na
| License | MIT
| Doc PR | na
Commits
-------
1f66e7b2be Fix Lock test suite
This PR was squashed before being merged into the 4.3-dev branch (closes#30862).
Discussion
----------
[Routing] UrlHelper to get absolute URL for a path
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | todo
I noticed that I need to generate absolute urls quite often. For example when normalizing uploads in API. I found Twig's `absolute_url()` really helpful, but obviously `Symfony\Bridge\Twig\Extension\HttpFoundationExtension` cannot be used as a normalizer's argument service.
In this PR I propose to extract `HttpFoundationExtension::generateAbsoluteUrl` and `HttpFoundationExtension::generateRelativePath` to separate interfaces which could be used on their own. Although this could be just a final class helper, I thought that we might leave a possibility for decoration here. That's why I created interfaces.
- [x] Split `HttpFoundationExtension` into two interfaces
- [x] Deprecate `HttpFoundationExtension::generateAbsoluteUrl` and `HttpFoundationExtension::generateRelativePath`
- [x] Add service definitions
- [x] Fix tests
- [ ] Add docs
Commits
-------
388d8f548c [Routing] UrlHelper to get absolute URL for a path
This PR was squashed before being merged into the 4.3-dev branch (closes#30607).
Discussion
----------
[Serializer] Add Support of recursive denormalization on object_to_populate
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | Pending
| Fixed tickets | #21669
| License | MIT
| Doc PR | Pending
Currently the deserialization re-create new sub-object with object_to_populate.
This option permit to make object_to_populate recursive.
Commits
-------
5b723865b1 [Serializer] Add Support of recursive denormalization on object_to_populate