This PR was merged into the 3.4 branch.
Discussion
----------
Bump default PHPUnit version from 6.3 to 6.5
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no, but unrelated
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This PR bumps the default PHPUnit version for php ≥ 7.2 from the outdated 6.3 to the currently maintained version 6.5.
Commits
-------
aeffc5f Bump default PHPUnit version from 6.3 to 6.5
This PR was merged into the 3.4 branch.
Discussion
----------
Deterministic time in cache items for reproducible builds
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Allows setting a deterministic time for cache entries. This can be used to seed builds with a deterministic timestamp for reproducibility.
Parent issue is symfony/symfony#25958
Commits
-------
b4259a6 Use 0 for unlimited expiry
This PR was merged into the 3.4 branch.
Discussion
----------
Make kernel build time optionally deterministic
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
As part of the effort to enable reproducible builds, this PR allows setting a deterministic build time for the dumped kernel. Parent issue is symfony/symfony#25958.
Commits
-------
48e8249 Make kernel build time optionally deterministic
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] don't try to wire Request argument with controller.service_arguments
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This does not make sense as Request is not a service and it's already handled by RequestValueResolver.
Also it produces alot of logging messages like the following whenever you only use the Request class in an action but no other service.
> Cannot autowire service "service_locator.IXu0y5S": it references class "Symfony\Component\HttpFoundation\Request" but no such service exists. It cannot be auto-registered because it is from a different root namespace.
> Removing service-argument resolver for controller "App\Controller\MyController:myAction": no corresponding services exist for the referenced types.
Commits
-------
09b9eb2 [HttpKernel] don't try to wire Request argument with controller.service_arguments
This PR was submitted for the master branch but it was squashed and merged into the 4.0 branch instead (closes#26117).
Discussion
----------
isCsrfTokenValid() replace string by ?string
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| License | MIT
| PHP version | 7.1.13
Hello,
In my controller :
```php
class PostController extends Controller
{
public function delete(Request $request, Post $post): Response
{
if (!$this->isCsrfTokenValid('delete', $request->request->get('token'))) {
return $this->render('administration/post/delete.html.twig', [
'post' => $post,
]);
}
... // flush is database
}
````
Generate this error :
> Type error: Argument 2 passed to Symfony\Bundle\FrameworkBundle\Controller\Controller::isCsrfTokenValid() must be of the type string, null given, called in ...
In `CsrfToken` class, you have :
````php
namespace Symfony\Component\Security\Csrf;
class CsrfToken
{
public function __construct(string $id, ?string $value)
````
And in ControllerTrait :
````php
trait ControllerTrait
{
protected function isCsrfTokenValid(string $id, string $token): bool
{
````
Sorry for my bad english, I'm French and this is my first bug report :)
Commits
-------
37fbbca isCsrfTokenValid() replace string by ?string
This PR was merged into the 2.7 branch.
Discussion
----------
do not mock the container builder in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
dab4222 do not mock the container builder in tests
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#26134).
Discussion
----------
Document explicitly that dotfiles and vcs files are ignored by default
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | None
| License | MIT
| Doc PR | N/A
This change makes it clear whether or not each of those two options are enabled by default.
Without this documentation one has to look into the code.
---
For documentation PRs should I target master or the same branch as bugs?
Commits
-------
e88e1ff Document explicitly that dotfiles and vcs files are ignored by default
* 3.4:
Env var maps to undefined constant.
[SecurityBundle] Backport test
[Security] fix merge of 2.7 into 2.8 + add test case
backport regression test from 3.4
do not mock the container builder or definitions
fixed CS
[TwigBundle] Register TwigBridge extensions first
[WebProfilerBundle] Fix sub request link
PhpDocExtractor::getTypes() throws fatal error when type omitted
Fix misspelling variable
use libsodium to run Argon2i related tests
[DI] minor: use a strict comparision in setDecoratedService
[HttpKernel] fix FC
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
* 2.8:
[SecurityBundle] Backport test
[Security] fix merge of 2.7 into 2.8 + add test case
backport regression test from 3.4
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
* 2.7:
[SecurityBundle] Backport test
Fix misspelling variable
[DI] minor: use a strict comparision in setDecoratedService
Follow-on to #25825: Fix edge case in getParameterOption.
keep the context when validating forms
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] backport regression test from 3.4
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
a9ab167 backport regression test from 3.4
This PR was submitted for the master branch but it was merged into the 3.4 branch instead (closes#26112).
Discussion
----------
Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
| Q | A
| ------------- | ---
| Branch? | master for features / 2.7 up to 4.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | yes/no
| Deprecations? | yes/no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
bdf9efc Env var maps to undefined constant.
When I try to use a constant as an environment variable, as described in the blog item,
I run into the following problem.
Env var "SOME_CONST" maps to undefined constant "App\\Util\\SomeClass::SOME_CONST".
The proposed solution works for me, however, I'm not sure if this is the best and conform Symfony standards.
Blog:
https://symfony.com/blog/new-in-symfony-3-4-advanced-environment-variables
This PR was merged into the 2.7 branch.
Discussion
----------
[SecurityBundle] Backport test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
d195a6f [SecurityBundle] Backport test
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] fix merge of 2.7 into 2.8 + add test case
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/26109
| License | MIT
| Doc PR | -
This fixes the merge mistake done in 899bf99879
that caused this fail with the added test case:
```
There was 1 failure:
1) Symfony\Component\Security\Tests\Http\Firewall\UsernamePasswordFormAuthenticationListenerTest::testHandleNonStringUsername with data set #1 (false)
Failed asserting that exception of type "TypeError" matches expected exception "\Symfony\Component\HttpKernel\Exception\BadRequestHttpException". Message was: "Argument 1 passed to Symfony\Component\Security\Http\ParameterBagUtils::getParameterBagValue() must be an instance of Symfony\Component\HttpFoundation\ParameterBag, instance of Symfony\Component\HttpFoundation\Request given, called in /var/www/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php on line 100" at
/var/www/symfony/src/Symfony/Component/Security/Http/ParameterBagUtils.php:39
/var/www/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php:100
/var/www/symfony/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php:140
/var/www/symfony/src/Symfony/Component/Security/Http/Tests/Firewall/UsernamePasswordFormAuthenticationListenerTest.php:102
```
Original fix in 2.7: https://github.com/symfony/symfony/pull/25657/files#diff-e07c3e5653e210d017545d47c1bd7e76R111
Commits
-------
51d9008 [Security] fix merge of 2.7 into 2.8 + add test case
This PR was merged into the 3.4 branch.
Discussion
----------
[TwigBundle] do not mock the container builder or definitions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
8bba882512 do not mock the container builder or definitions
This PR was merged into the 2.7 branch.
Discussion
----------
[Console] Fix hasParameterOption / getParameterOption when used with multiple flags
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no (Fixes BC break in #24987)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25825
| License | MIT
| Doc PR | n/a
Proposed resolution to #25825:
- Back out #24987
- Fix getParameterOption for short options with values, e.g. `-edev`
Commits
-------
35f98e2089 Follow-on to #25825: Fix edge case in getParameterOption.
This PR was squashed before being merged into the 3.4 branch (closes#25756).
Discussion
----------
[TwigBundle] Register TwigBridge extensions first
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/25610
| License | MIT
| Doc PR | -
The only extension that is really needed to display the current exception page is the `CodeExtension` so we could only prepend this one. However, prepending all of them seems safer to me in the long term.
Also I deeply looked into why this problem only appeared in 3.4 and found the reason. Before 3.4 it actually never reaches the `ExceptionController` for this kind of error because it cannot be resolved because it needs a twig instance in its constructor. This instance is directly taken from the container. Before 3.4 when an exception is thrown when you try to get a service from the container, the instance stored in the `$services` array is unset which is not the case in further versions. So in 3.4+, the `ExceptionController` can be resolved because the instance of twig is still in the container even after the initial exception.
It also means these kind of exceptions are displayed with bugs on all versions before 3.4 I guess. Actually it shows the message 2 times : one for the initial exception and the other one when it tries to resolve the `ExceptionController`.
Maybe another solution might be to use a dedicated twig instance with the right settings just for the exception page ?
Commits
-------
c8465ed97f [TwigBundle] Register TwigBridge extensions first
This PR was submitted for the 3.3 branch but it was merged into the 3.4 branch instead (closes#26051).
Discussion
----------
[WebProfilerBundle] Fix sub request link
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Split from #25164
before:
```html
<a href="/_profiler/395a5c">
<a href="/_profiler/open?file=symfony/src/Controller/MainController.php&line=20#line20" title="symfony/src/Controller/MainController.php">MainController :: bar</a>
</a>
<small>(token = <a href="/_profiler/395a5c">395a5c</a>)</small>
```
after:
```html
<a href="/_profiler/open?file=symfony/src/Controller/MainController.php&line=20#line20" title="symfony/src/Controller/MainController.php">MainController :: bar</a>
<small>(token = <a href="/_profiler/395a5c">395a5c</a>)</small>
```
Commits
-------
8f0e47f636 [WebProfilerBundle] Fix sub request link
This PR was squashed before being merged into the 3.4 branch (closes#25947).
Discussion
----------
PhpDocExtractor::getTypes() throws fatal error when type omitted
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
When omitting a type in a `DocBlock` `Tag`, it will throw a fatal error due to the type being null with a call to `$tag->getType()`.
Commits
-------
54253ecfff PhpDocExtractor::getTypes() throws fatal error when type omitted
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] keep the context when validating forms
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25542
| License | MIT
| Doc PR |
Commits
-------
317da3bdf8 keep the context when validating forms
This PR was merged into the 2.7 branch.
Discussion
----------
[DI] minor: use a strict comparison in setDecoratedService
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md files -->
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
f167b50 [DI] minor: use a strict comparision in setDecoratedService
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] use libsodium to run Argon2i related tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26038
| License | MIT
| Doc PR |
Commits
-------
5f9471e use libsodium to run Argon2i related tests
* 3.4:
Use the PCRE_DOLLAR_ENDONLY modifier in route regexes
[Form] Make sure errors are a part of the label on bootstrap 4 - this is a requirement for WCAG2
[Config] Only using filemtime to check file freshness