* 2.7:
fixed typo
Revert "fixed typo"
fixed typo
fixed CS
Avoid setting request attributes from signature arguments in AnnotationClassLoader
[DependencyInjection] Add some missing typehints in YamlFileLoader
[DependencyInjection] minor: Fix a DocBlock
[HttpKernel] Give higher priority to adding request formats
[FrameworkBundle] Fix third level headers for MarkdownDescriptor
[TwigBundle] do not lose already set method calls
#20411 fix Yaml parsing for very long quoted strings
CS: apply is_null
DX: remove invalid inheritdoc
bumped Symfony version to 2.7.24
updated VERSION for 2.7.23
update CONTRIBUTORS for 2.7.23
updated CHANGELOG for 2.7.23
[FrameworkBundle] Skip test if xdebug.file_link_format is defined.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix ArgumentValueResolver for arguments default null
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
If an argument has `null` as default value __and annotations are used for routing__, then it is not resolved by the ArgumentResolver e.g:
```php
public function showAction(Request $request) {
dump($request); // Request object
}
public function showAction(?Request $request) {
dump($request); // Request object
}
public function showAction(Request $request = null) {
dump($request); // null
}
```
To me, the last example should have been a Request object too.
Note that it is the same behavior when using `UserInterface` or whatever, I ran into this issue while trying to dump a user for a route accepting both anonymous and authenticated requests, the argument was always null while `$this->getUser()` returned the expected value. According to http://symfony.com/blog/new-in-symfony-3-2-user-value-resolver-for-controllers it should have worked through the argument.
I propose to make it works as a bugfix.
Any suggestion for improving the patch will be really welcomed. ping @iltar
Commits
-------
d3fa8a1859 Avoid setting request attributes from signature arguments in AnnotationClassLoader
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] Add some missing typehints in YamlFileLoader
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
34330e5136 [DependencyInjection] Add some missing typehints in YamlFileLoader
This PR was merged into the 2.7 branch.
Discussion
----------
[DependencyInjection] minor: Fix a param type
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c82aa84c26 [DependencyInjection] minor: Fix a DocBlock
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#20871).
Discussion
----------
[HttpKernel] Give higher priority to adding request formats
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | yes
| BC breaks? | yes (unlikely to break projects*)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | not documented
\* Only applies to the unlikely case where formats are used before this event is loaded key. Users must have specified custom formats, and actually using them should then break their application. I think that's an unlikely case.
## Problem
It's possible to extend the formats known by the `Request` using a piece of config:
```yaml
framework:
request:
formats:
json: 'application/merge-patch+json'
```
Using this in a `kernel.request` event is currently not possible, as it loads after any custom events.
## Offered solution
Increasing the priority of the AddRequestFormatsListener listener resolves this problem.
This change only impacts projects that use the `framework.request.formats` configuration key, as the listener is not loaded if it isn't defined.
Commits
-------
9edb457e44 [HttpKernel] Give higher priority to adding request formats
This PR was merged into the 2.8 branch.
Discussion
----------
[PropertyInfo] Don't try to access a property thru a static method
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
See also #21331.
Commits
-------
3b4858fe88 [PropertyInfo] Don't try to access a property thru a static method
This PR was merged into the 3.2 branch.
Discussion
----------
[Workflow] Fixed support of multiple transitions with the same name.
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
---
The previous behavior was underterministic because it took the first
transition during the `can` and the `apply` method. But the "first"
does not mean anything. Now the workflown apply all possible transitions
with the same name.
Commits
-------
edd5431e6e [Workflow] Fixed support of multiple transition with the same name.
This PR was submitted for the master branch but it was merged into the 3.2 branch instead (closes#21271).
Discussion
----------
[Workflow] Added new validator to make sure each place has unique translation names
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
A definition where a place that has transitions with the same name is an invalid definition.
```yaml
invalid1:
places: ['a', 'b', 'c']
transitions:
t1:
from: a
to: b
t1:
from: a
to: c
valid1:
places: ['a', 'b', 'c']
transitions:
t1:
from: a
to: b
t2:
from: a
to: c
valid2:
places: ['a', 'b', 'c']
transitions:
t1:
from: a
to: b
t1:
from: b
to: c
valid3:
places: ['a', 'b', 'c', 'd']
transitions:
t1:
from: ['a', 'b']
to: d
t2:
from: ['a', 'b']
to: c
```
FYI @lyrixx
Commits
-------
eece8adfdd [Workflow] Added new validator to make sure each place has unique translation names
This PR was submitted for the master branch but it was merged into the 3.2 branch instead (closes#21323).
Discussion
----------
[Cache] [PdoAdapter] Fix MySQL 1170 error (blob as primary key)
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using a Doctrine\DBAL\Connection to initialize the PdoAdapter, PdoAdapter::createTable tries to create a table using a blob field as primary key. [This is not an option for MySQL](https://techjourney.net/mysql-error-1170-42000-blobtext-column-used-in-key-specification-without-a-key-length/), resulting in an exeption: `Syntax error or access violation: 1170 BLOB/TEXT column 'item_id' used in key specification without a key length`. This commit supplies a way to act like the non-Connection way creates the table does.
Commits
-------
08c6a650b9 [Cache] [PdoAdapter] Fix MySQL 1170 error (blob as primary key)
This PR was merged into the 3.2 branch.
Discussion
----------
Don't add csp-headers if none are required
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | This PR is also the ticket
| License | MIT
In 3.2 a tool to adjust Content Security Policy headers in combination with the WebProfiler was added. We encountered a bug in its behavior.
We had CSP-headers that did not have a script-src/style-src nor a default-src (it was something like `form-action: https:`). In that scenario, the ContentSecurityPolicyHandler would add `script-src: 'unsafe-inline' 'nonce-....'`, but that would actually change the "everything is allowed scenario" into "only inline and nonce-... is allowed". The result was _only_ the javascript of WebProfiler was allowed, rather than everything.
This PR fixes the scenario where no default-src nor a script-src/style-src is provided. It simply continue's rather than treats it as an empty list of rules that need additional rules.
~A bug I did find, but not fix, is the fact that that `'unsafe-inline'` is ignored in at least Firefox and Chrome due to the fact there is also a nonce-element in the rule.~
Commits
-------
6fecc94103 Don't add csp-headers if none are required
This PR was submitted for the master branch but it was merged into the 3.1 branch instead (closes#21291).
Discussion
----------
[Ldap] Ldap username case fix
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20486
| License | MIT
| Doc PR |
Commits
-------
c91689ba2d [Ldap] Using Ldap stored username instead of form submitted one
6641b79d58 [Ldap] load users with the good username case
This PR was merged into the 3.2 branch.
Discussion
----------
[Debug] Fix fatal error when changing ErrorHandler loggers if an exception is buffered
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21304
| License | MIT
| Doc PR | -
Prevents a fatal error when setting a new logger if the bootstrapping logger buffered an exception that does not extend `ErrorException`.
@nicolas-grekas The faulty behaviour was added by 8f245493f4, so this PR is against 3.2 and not 2.8.
Commits
-------
a6527f8 [Debug] Fix fatal error when changing ErrorHandler loggers if an exception is buffered
This PR was merged into the 3.1 branch.
Discussion
----------
[Doctrine Bridge] fix UniqueEntityValidator for composite object primary keys
| Q | A
| ------------- | ---
| Branch? | master / 3.1
| Bug fix? | yes
| New feature? |no
| BC breaks? | no
| Deprecations? |no
| Tests pass? | yes (fail on php 7.1 unrelated?)
| Fixed tickets | https://github.com/symfony/symfony/issues/21274
| License | MIT
| Doc PR | -
This PR fixes an issue with the UniqueEntityValidator in case the entity being validated uses a composite primary key via relations to other entities whose classes do not have a `__toString` method.
Commits
-------
b3ced8608b [DoctrineBridge] Fixed invalid unique value as composite key
5aadce3989 [Doctrine Bridge] fix UniqueEntityValidator for composite object primary keys
This PR was merged into the 3.2 branch.
Discussion
----------
simple-phpunit requires the zip extension
without the zip extension enabled, i get `PHP Fatal error: Uncaught Error: Class 'ZipArchive' not found in .../vendor/bin/simple-phpunit:46`
| Q | A
| ------------- | ---
| Branch? | 3.2 (first version containing the script)
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21060
| License | MIT
| Doc PR | -
Commits
-------
6628e76e62 simple-phpunit requires the zip extension
This PR was merged into the 3.1 branch.
Discussion
----------
[DX][Cache] Set right cacheItem type hint on AdapterInterface getters
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes missing cache item type hint on pool getters so methods on Symfony CacheItem
is correctly suggested when using IDE's or api documentation.
As proposed here: https://github.com/symfony/symfony/issues/19728#issuecomment-269615921
_Note: Specifically sets array of CacheItems as return type of getItems as phpdoc and IDEs supports
this by now, and since this is specifically what is being returned. If Sami does not still support this we can adjust to what was originally suggested._
Commits
-------
5f7baa5 [DX][Cache] Set right type hint for cacheItem on AdapterInterface getters
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] do not lose already set method calls
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21281
| License | MIT
| Doc PR |
Commits
-------
cb1a4b7 [TwigBundle] do not lose already set method calls
The previous behavior was underterministic because it took the first
transition during the `can` and the `apply` method. But the "first"
does not mean anything. Now the workflow apply all possible
transitions with the same name.
This PR was merged into the 2.7 branch.
Discussion
----------
#20411 fix Yaml parsing for very long quoted strings
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20411
| License | MIT
| Doc PR | no
This fixes#20411, a YAML string with too many backslash escapes can trigger a `PREG_BACKTRACK_LIMIT_ERROR` error in the Yaml parser.
There should be no behavioural change other than the bug fix
I have included a test which fails before this fix and passes after this fix.
Commits
-------
51bca66#20411 fix Yaml parsing for very long quoted strings