This PR was merged into the 2.8 branch.
Discussion
----------
[Serializer] Updates DocBlock to a mixed param type
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | Yes
| New feature? | No
| BC breaks? | No
| Deprecations? | Non added.
| Tests pass? | Yes , no new tests added.
| Fixed tickets | #27457
| License | MIT
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
The JSON serializers make use of the JsonSerializable interface and return arrays to the NormalizerInterface. This PR updates the DocBlock to reflect that.
Moving towards PHP 7.2 and the use of object type-hints would require changes to the [JsonSerializableNormalizer@L41](92c37b9711/src/Symfony/Component/Serializer/Normalizer/JsonSerializableNormalizer.php (L41)) at a minimum.
Truly not much of a PR I'm afraid!
Commits
-------
dca9ff529a [Serializer] Updates DocBlock to a mixed param type
This PR was squashed before being merged into the 3.4 branch (closes#27668).
Discussion
----------
[Lock] use 'r+' for fopen (fixes issue on Solaris)
| Q | A
| ------------- | ---
| Branch? | 3.4 (also applicable to _LockHandler_ in 2.8 and 3.3)
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes [1]
| Fixed tickets | -
| License | MIT
| Doc PR | -
We discovered a curious case on a specific hosting environment: the `FlockStorage` (or `LockHandler` in previous Symfony versions) could never get a file lock on **existing files**. So if you run a script for the first time and the lock file did not exist yet, the `FlockStorage` could get a lock on that file just fine. However on the second and subsequent runs, `FlockStorage` could _never_ get a file lock anymore. You can follow the discussion [here](https://github.com/contao/core-bundle/issues/1551) (if you speak German).
We have been using this little script to confirm the issue on the hosting environment:
```php
$fileName = __DIR__ . '/file.lock';
if (!$handle = @fopen($fileName, 'r')) {
$handle = fopen($fileName, 'x');
}
if (!$handle) {
echo "Could not open $fileName\n";
exit;
}
if (flock($handle, LOCK_EX | LOCK_NB)) {
echo "Got a lock on $fileName\n";
flock($handle, LOCK_UN | LOCK_NB);
} else {
echo "Could not get a lock on $fileName\n";
}
```
Whenever `file.lock` already existed prior to running the script, a lock could not be made.
After contacting the hosting provider's support on this they confirmed the issue and told us they are using **Solaris** instead of a Linux environment. And this is supposedly why it does not work. Instead you have to use `'r+'` instead of `'r'` for `fopen`.
I was able to confirm that changing from `'r'` to `'r+'` fixes the issue. However I am wondering who's actually at fault here. Is it Solaris? PHP? The compiled PHP version under Solaris? The hosting provider's operating system configuration?
### System information
```
uname -a
SunOS vlek 5.11 11.3 i86pc i386 i86pc Solaris
```
```
phpinfo:
SunOS localhost 5.10 Generic_150401-49 i86pc
```
```
php -v
PHP 7.2.5 (cli) (built: May 4 2018 12:57:43) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
```
### Footnotes
[1] Previously one failed test on the first run and two failing tests on the second run with the proposed changes:
```
1) Symfony\Component\Lock\Tests\Store\FlockStoreTest::testSaveSanitizeName
Symfony\Component\Lock\Exception\LockStorageException: fopen(C:\Users\[…]\AppData\Local\Temp/sf.-php-echo-hello-word-.Sz2dDSf.lock)
: failed to open stream: Permission denied
```
```
2) Symfony\Component\Lock\Tests\Store\FlockStoreTest::testSaveWithDifferentKeysOnSameResources
Symfony\Component\Lock\Exception\LockStorageException: fopen(C:\Users\[…]\AppData\Local\Temp/sf.Symfony-Component-Lock-Tests-Store-
AbstractStoreTest-testSaveWithDifferentKeysOnSameResources5b2b5f00872538.64807920.2u9bH+a.lock): failed to open stream: Permission denied
```
The latter failed both on the first run and on the second run.
After the [proposed changes](https://github.com/symfony/symfony/pull/27668#discussion_r197054198) from @nicolas-grekas everything works fine 👍
Commits
-------
9c9ae7d9c9 [Lock] use 'r+' for fopen (fixes issue on Solaris)
* 2.8:
[HttpKernel] fix test compat with PHP 5.3
fix file lock on SunOS
change `evaluate()` docblock return type from string to mixed
Set serialize_precision explicitly to avoid fancy float rounding
This PR was merged into the 2.8 branch.
Discussion
----------
Set serialize_precision explicitly to avoid fancy float rounding
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | -
This is fixing some of the test failures I was seeing locally due to increased `serialize_precision` INI setting:
```
2) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testConstructorWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
/www/symfony/symfony/src/Symfony/Component/HttpFoundation/Tests/JsonResponseTest.php:46
3) Symfony\Component\HttpFoundation\Tests\JsonResponseTest::testStaticCreateWithSimpleTypes
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'0.1'
+'0.10000000000000001'
```
The test assertions should not depend on externally configured PHP configuration.
Also default value for this option was changed multiple times: http://php.net/manual/en/ini.core.php#ini.serialize-precision
For compatibility reasons (with PHP <7.x) `-1` can't be used.
https://3v4l.org/HBNsT
HHVM doesn't seem to support this though, how to handle this?
Commits
-------
b5ee7c3ccd Set serialize_precision explicitly to avoid fancy float rounding
This PR was merged into the 3.4 branch.
Discussion
----------
[Config] Fixing GlobResource when inside phar archive
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes if old broken behavior counts as stable
| Deprecations? | no
| Tests pass? | no tests yet
| Fixed tickets |
| License | MIT
| Doc PR | N/A
When packaging an Sf4 application as a PHAR archive using globs at various locations (`Kernel`, `services.yaml`) most glob files are not found because the `glob()` PHP method [does not support PHAR streams](https://stackoverflow.com/questions/8203188/unexpected-problems-with-php-phar).
Using the regex fallback instead when operating inside PHAR archives fixes the behavior for me.
## Examples:
`src/Kernel.php::configureContainer()`:
```php
$loader->load($confDir.'/{services}'.self::CONFIG_EXTS, 'glob');
```
Expected behavior: `config/services.yaml` inside PHAR archive is found and parsed
Actual behavior: the file will not be loaded
`config/services.yaml` (hard-coded in Kernel without using glob pattern)
```yaml
App\:
resource: '../src/*'
exclude: '../src/{Entity,Migrations,Tests,Kernel.php}'
```
Expected behavior: service classes in `src/` will be found and auto-wired
Actual behavior: services are not auto-wired because the class files are not found
Commits
-------
e336ebeecf Fixing GlobResource when inside phar archive
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] fix Memcached tests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Clearing a memcached pool works only when versioning is enabled. Dunno why this has not be caught before, but it's making tests fail now.
Commits
-------
09ec9e7cce [Cache] fix Memcached tests
* 2.8:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[Validator] Remove BOM in some xlf files
When packaging an Sf4 application as a PHAR archive using globs at various locations (`Kernel`, `services.yaml`) most glob files are not found because the `glob()` PHP method [does not support PHAR streams](https://stackoverflow.com/questions/8203188/unexpected-problems-with-php-phar).
Using the regex fallback instead when operating inside PHAR archives fixes the behavior for me.
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fix error when rendering a DateIntervalType form with exactly 0 weeks
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27378
| License | MIT
Fixes the issue described in #27378
Commits
-------
dae704ad2fFix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] fix session tracking in surrogate master requests
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted while looking at ESI fragments resolved by`HttpCache`: right now when the master request starts the session, fragments are not cacheable anymore, even when they do not use the session.
Commits
-------
146e01cb44 [HttpKernel] fix session tracking in surrogate master requests
This PR was submitted for the master branch but it was squashed and merged into the 2.8 branch instead (closes#27508).
Discussion
----------
[Finder] Update RealIteratorTestCase
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27480
| License | MIT
| Doc PR | n/a
Makes the entire test directory empty instead of trying to delete particular files and directories. The old method failed when trying to remove a directory which was not empty.
Commits
-------
7d0ebd41ab [Finder] Update RealIteratorTestCase
This PR was merged into the 2.8 branch.
Discussion
----------
[VarDumper] Fix dumping ArrayObject and ArrayIterator instances
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Properties added on child classes of `ArrayObject` and `ArrayIterator`, or dynamic properties added on instances of them were now properly dumped. This fixes it.
Commits
-------
3ecabfc36e [VarDumper] Fix dumping ArrayObject and ArrayIterator instances
This PR was squashed before being merged into the 3.4 branch (closes#27556).
Discussion
----------
Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is the sister PR to #27452, which covered all the other authentication listeners.
Commits
-------
c06f3229de Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener
This PR was squashed before being merged into the 2.8 branch (closes#27452).
Discussion
----------
Avoid migration on stateless firewalls
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | Related to #27395
| License | MIT
| Doc PR | symfony/symfony-docs#9860
This is a proof-of-concept. Once we agree / are happy, I need to add this to all of the other authentication mechanisms that recently got the session migration code & add tests.
Basically, this avoids migrating the session if the firewall is stateless. There were 2 options to do this:
A) Make the `SessionAuthenticationStrategy` aware of all stateless firewalls. **This is the current approach**
or
B) Make each individual authentication listener aware whether or not *its* firewall is stateless.
Commits
-------
cca73bb564 Avoid migration on stateless firewalls
This PR was squashed before being merged into the 3.4 branch (closes#27326).
Discussion
----------
[Serializer] deserialize from xml: Fix a collection that contains the only one element
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27279
| License | MIT
| Doc PR |
In xml when parent node (`restaurants`) contains several children nodes with the same tag (`restaurant`) it is clear that the children form a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
0 = {array} [2]
name = "Some restaurant name"
type = "Chinese"
1 = {array} [2]
name = "Another restaurant name"
type = "Italian"
```
Afterwards the object denormalizer has no problem to create a collection of restaurants.
But when there is only one child (`restaurant`) the decoded normalized array will not contain a collection:
```
restaurants = {array} [1]
restaurant = {array} [2]
name = "Some restaurant name"
type = "Chinese"
```
In this situation the object denormalizer threw unexpected exception. This PR modifies `AbstractObjectNormalizer` that is it will fill a collection containing the sole element properly.
Commits
-------
1f346f446d [Serializer] deserialize from xml: Fix a collection that contains the only one element
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Remove released semaphore
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27356
| License | MIT
| Doc PR | NA
This PR remove the semaphore with `sem_remove`. By removing without releasing the semaphore, all pending blocking acquiring will fail that's why the acquire method has also been update to handle such case
Commits
-------
77b9f90a32 Remove released semaphore
This PR was merged into the 3.4 branch.
Discussion
----------
TagAwareAdapter over non-binary memcached connections corrupts memcache
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #27405
| License | MIT
| Doc PR |
TagAwareAdapter uses non-ascii symbols in key names. It breaks memcached connections in non-binary mode.
Commits
-------
67d4e6dd29 bug #27405 [Cache] TagAwareAdapter should not corrupt memcached connection in ascii mode
Corrected return type which causes following error with (psalm)[https://getpsalm.org/]
```
ERROR: PossiblyInvalidArgument - src/Command/Utils/CheckVendorDependencies.php:170:62 - Argument 1 of iterator_to_array expects Traversable, possibly different type array<mixed, Symfony\Component\Finder\SplFileInfo>|Iterator provided $directories = array_map($closure, iterator_to_array($finder->getIterator()));
```
This PR was merged into the 2.8 branch.
Discussion
----------
[Debug] Pass previous exception to FatalErrorException
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27483
| License | MIT
Add a previous parameter to FatalErrorException.
Call \ErrorException with this parameter.
Update parent::__constructor for inherited classes with default parameters and the new one
Commits
-------
7f9780b5df Pass previous exception to FatalErrorException
This PR was merged into the 3.4 branch.
Discussion
----------
Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27212
| License | MIT
| Doc PR | -
This reverts commit b213c5a758, reversing
changes made to 61af0e3a25.
This breaks BC and is more like a new feature, let's move this on master.
Commits
-------
c6acad719d Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)"
* 2.8:
removed unneeded comments in tests
Change PHPDoc in ResponseHeaderBag::getCookies() to help IDEs
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
[Process] Consider \"executable\" suffixes first on Windows
Triggering RememberMe's loginFail() when token cannot be created
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27259
| License | MIT
| Doc PR | no
Hello!
There is fix for #27259 issue. It changes priority of `AddConsoleCommandPass` to `TYPE_BEFORE_REMOVING` as @chalasr advised. I'm not sure about side effects by that.
Commits
-------
e36099503f [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING
This PR was squashed before being merged into the 2.8 branch (closes#26973).
Discussion
----------
[HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
| Q | A
| ------------- | ---
| Branch? | 2.7 and up
| Bug fix? | improvement
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ---
| License | MIT
| Doc PR | ---
SubRequest used in `InlineFragmentRendered` explicitly sets `$server['REMOTE_ADDR']` to `127.0.0.1`. Therefore, it's required to configure `127.0.0.1` address in TRUSTED_PROXIES environment variable. Without that, `Request::isFromTrustedProxy()` will return false.
The current behavior might be a little bit problematic, for instance, in case where images are rendered through subrequests. These might end-up with an incorrect schema in URL (`http` instead of `https`).
Commits
-------
18f55feef8 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer.
This PR was squashed before being merged into the 2.8 branch (closes#27303).
Discussion
----------
[Process] Consider "executable" suffixes first on Windows
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | n/a
Executable finder should consider "executable" suffixes first on Windows because we basically ignore executability on Windows (on the lines below changed), which leads, for example, to finding usually-non-executable `phpunit` file first where both `phpunit` and `phpunit.bat` are present.
I may miss something here, so please tell me if this makes any sense.
Same change against master: #27301
Commits
-------
9372e7a813 [Process] Consider \"executable\" suffixes first on Windows
* 2.8:
Add code of Conduct links in our README
[DI] never inline lazy services
Default testsuite to latest PHPUnit 6.*
[Github] Update the pull-request template
bumped Symfony version to 2.8.42
updated VERSION for 2.8.41
updated CHANGELOG for 2.8.41
This PR was squashed before being merged into the 3.4 branch (closes#27344).
Discussion
----------
[HttpKernel] reset kernel start time on reboot
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27319
| License | MIT
| Doc PR | n/a
I created branch from 3.4, since the furthest thing I could find for the reboot feature was a4fc49294e and it originated during stabilization phase of 3.4.
ping @nicolas-grekas
Commits
-------
b7feef00ae [HttpKernel] reset kernel start time on reboot
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Update sl translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
This patch updates Slovenian sl_SI translation for the 3.4 branches and up to master.
Commits
-------
a7a1325eab [Validator] Update sl translation
This PR was merged into the 3.4 branch.
Discussion
----------
[Serializer] Check the value of enable_max_depth if defined
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Because it confuses some users that `['enable_max_depth' => false]` actually triggers the check.
Commits
-------
e88e0f30f1 [Serializer] Check the value of enable_max_depth if defined
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Fix bad exception on uninitialized references to non-shared services
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27360
| License | MIT
| Doc PR | -
This restriction is unneeded complexity that prevents legit use cases (see linked issue #27360).
Commits
-------
8bba68f811 [DI] Fix bad exception on uninitialized references to non-shared services
* 2.8:
Adding session authentication strategy to Guard to avoid session fixation
Adding session strategy to ALL listeners to avoid *any* possible fixation
[HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
* 2.8:
do not mock the session in token storage tests
Add Occitan plural rule
Fix security/* cross-dependencies
Disallow illegal characters like "." in session.name
fix rounding from string
* 2.7:
do not mock the session in token storage tests
Add Occitan plural rule
Disallow illegal characters like "." in session.name
fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] do file_exists() check instead of silent notice
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27234
| License | MIT
| Doc PR | -
Commits
-------
f8cde70ba1 [HttpKernel] do file_exists() check instead of silent notice
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Use strict type in URL validator
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
Fixed tickets | -
| License | MIT
| Doc PR | -
Using `checkDNS` option with value `true` generate error `Warning: checkdnsrr(): Type '1' not supported`.
In SF 3.4 it was mark as depreciation and silently converted to `ANY` https://github.com/symfony/symfony/blob/v3.4.9/src/Symfony/Component/Validator/Constraints/UrlValidator.php#L79
~~Test are failing on `Symfony\Component\HttpKernel\Tests\ControllerMetadata\ArgumentMetadataFactoryTest::testSignature1` - I think its not related~~
Commits
-------
2400e71962 use strict compare in url validator
This PR was squashed before being merged into the 3.4 branch (closes#27267).
Discussion
----------
[DependencyInjection] resolve array env vars
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27239
| License | MIT
| Doc PR | n/a
## Why
This bugfix solves a problem where environment variables resolved as an array would cause an error while compiling the container if they aren't the last parameter in the ParameterBag: the next parameter to be resolved would fail at the `stripos()` check. More information about the bug is available at #27239
## Tests
- This PR modifies existing ContainerBuilder tests to make use of the EnvVarProcessor to resolve json strings into arrays, instead of relying upon a TestingEnvPlaceholderParameterBag class.
- I would liked to have kept EnvVarProcessor logic out of the ContainerBuilder tests, but it was the interaction between the ContainerBuilder and EnvVarProcessor that caused the bug
- This PR adds a new ContainerBuilder test to verify that an environment variable resolved into an array doesn't cause an error when the next variable attempts to be resolved
## Code
- ~This PR adds an `\is_string()` sanity check before the `stripos()` method call so that only a string are passed into `stripos()`~
- This PR also adds a `$completed` flag so that completely resolved environment variables (currently only determined by `$placeholder === $value`) can break out of the loop early (handled via `break 2;`
Commits
-------
4c3b950dc2 [DependencyInjection] resolve array env vars
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock] Skip test if posix extension is not installed
This isn't installed by default on Fedora
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
97cbea0 [Lock] Skip test if posix extension is not installed
This PR was merged into the 2.7 branch.
Discussion
----------
[Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR |
Related issue https://github.com/symfony/symfony/issues/21026.
Previous PR https://github.com/symfony/symfony/pull/24036.
Similar fix for `transform()` method.
Commits
-------
f94b7aadd3 fix rounding from string
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Allow defining bindings on ChildDefinition
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Spotted by @stof while trying to put https://github.com/symfony/monolog-bundle/pull/254 into practice.
Binding log channels doesn't work because we put this artificial restriction in place.
Let's allow ChildDefinition to have bindings (but only at the DI extension level, loaders still forbid defining them at their level because of the parent vs _defaults ambiguity.)
Commits
-------
1c3b1055df [DI] Allow defining bindings on ChildDefinition
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Fix dealing with self/parent in ArgumentMetadataFactory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Applies CS fixes that where merged on 4.0 to 3.4, embeds a fix in ArgumentMetadataFactory, which couldn't deal with self/parent type hints.
Commits
-------
ba5cb1a245 fixed CS
* 2.8:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
* 2.7:
[Security] Fix logout
#27250 limiting GET_LOCK key up to 64 char due to changes in MySQL 5.7.5 and later
[Profiler] Remove propel & event_listener_loading category identifiers
[Filesystem] Fix usages of error_get_last()
[Debug] Fix populating error_get_last() for handled silent errors
Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Process] Suppress warnings when open_basedir is non-empty
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a3 made it more likely that a warning is triggered.
Commits
-------
34f136e01b Suppress warnings when open_basedir is non-empty
This PR was merged into the 2.7 branch.
Discussion
----------
[Debug] Fix populating error_get_last() for handled silent errors
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
d7e612d2ac [Debug] Fix populating error_get_last() for handled silent errors
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache][Lock] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
7904784a94 [Cache][Lock] Fix usages of error_get_last()
This PR was merged into the 2.7 branch.
Discussion
----------
[Filesystem] Fix usages of error_get_last()
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Same as #27232 for 2.7.
When a userland error handler doesn't return `false`, `error_get_last()` is not updated, so we cannot see the real last error, but the previous one.
See https://3v4l.org/Smmt7
Commits
-------
9d015c7c50 [Filesystem] Fix usages of error_get_last()
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle][Cache] Fix misses calculation when calling getItems
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Hello,
This PR fixes a bug in the misses calculation in the cache data collector when calling the `getItems` method.
Found this while trying to understand why I had an inconsistency in the profiler:
Commits
-------
3d1ab6df13 Fix misses calculation when calling getItems
* 2.8:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.7:
use brace-style regex delimiters
Fixed typo RecursiveIterator -> RecursiveIteratorIterator
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
If PHP is configured *with a non-empty open_basedir* value that does not permit access to the target location, these calls to is_executable() throw warnings.
While Symfony may not raise exceptions for warnings in production environments, other frameworks (such as Laravel) do, in which case any of these checks causes a show-stopping 500 error.
We fixed a similar issue in the ExecutableFinder class via symfony/symfony#16182 .
This has always been an issue, but 709e15e7a37cb7ed6199548dc70dc33168e6cb2d made it more likely that a warning is triggered.
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
d2c5813239 [Validator] fixes phpdoc reference to an interface that was removed in Symfony 3.0
This PR was merged into the 2.7 branch.
Discussion
----------
[Validator] make phpdoc of ObjectInitializerInterface interface more accurate
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
30970c7a9b [Validator] make phpdoc of ObjectInitializerInterface interface more accurate
* 2.8:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
* 2.7:
bumped Symfony version to 2.7.47
Fix#27011: Session ini_set bug
updated VERSION for 2.7.46
update CONTRIBUTORS for 2.7.46
updated CHANGELOG for 2.7.46
This PR was merged into the 3.4 branch.
Discussion
----------
[Lock][PhpDoc] There is no attempt to create the directory
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
When the lock component [was](https://github.com/symfony/symfony/pull/21093) [created](https://github.com/symfony/symfony/pull/22597), the `FlockStore` implementation was copied from the filesystem component. But the dependency to its origin was dropped, and as part of that, the attempt to create the parent directory for the locks. The PhpDoc wasn’t updated to reflect this change.
Commits
-------
93a9bd3 PhpDoc: There is no attempt to create the directory
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Catch HttpExceptions when templating is not installed
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | ?
| Deprecations? | no
| Tests pass? | ?
| Fixed tickets | #25844
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
- [x] Test manually
- [x] Check for BC breaks
- [x] Needs tests
<!--
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Replace this comment by a description of what your PR is solving.
-->
Commits
-------
4e527aa bug #25844 [HttpKernel] Catch HttpExceptions when templating is not installed
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I noticed that we have a race condition window when invalidating tags.
This PR fixes it by making `invalidateTags()` commit deferred items before actually invalidating tags on the back end. Deferred items are stored with the future version of the invalidated tags so that they can be fetched by concurrent processes and considered valid before and after the invalidation is committed.
Commits
-------
212c469 [Cache] TagAwareAdapterInterface::invalidateTags() should commit deferred items
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel] Don't clean legacy containers that are still loaded
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? |
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27053
| License | MIT
| Doc PR | -
Commits
-------
be8dbc3 [HttpKernel] Don't clean legacy containers that are still loaded
* 2.8:
[Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
[VarDumper] Remove decoration from actual output in tests
[PropertyInfo] Minor cleanup and perf improvement
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
Fixed being logged out on failed attempt in guard
* 2.7:
[VarDumper] Remove decoration from actual output in tests
[Bridge/Doctrine] fix count() notice on PHP 7.2
[Security] Skip user checks if not implementing UserInterface
[HttpFoundation] Add HTTP_EARLY_HINTS const
[DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
fixed CS
Use new PHP7.2 functions in hasColorSupport
[VarDumper] Fix dumping of SplObjectStorage
This PR was merged into the 2.8 branch.
Discussion
----------
[Security][Guard] GuardAuthenticationProvider::authenticate cannot return null
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #26942
| License | MIT
Authenticate method in GuardAuthenticationProvider returned null when the token does not originate from any of the guard authenticators. This check was not done in the supports method. According to the interface authenticate cannot return null. This patch copies theguard authenticator checks to the supports method.
Commits
-------
9dff22c [Security] guardAuthenticationProvider::authenticate cannot return null according to interface specification
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Remove decoration from actual output in tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes green again
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
AppVeyor has color support since #26910, that breaks the build.
Fixes it by removing decoration from tested DumpDataCollector CLI outputs, same as what's already done for HTML dumps
Commits
-------
c4daef9 [VarDumper] Remove decoration from actual output in tests
This PR was squashed before being merged into the 2.8 branch (closes#27003).
Discussion
----------
[PropertyInfo] Minor cleanup and perf improvement
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | n/a
Commits
-------
4a8306e [PropertyInfo] Minor cleanup and perf improvement
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Fixed being logged out on failed attempt in guard
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25992
| License | MIT
| Doc PR | ~
This fixes the issue described in the ticket. After this fix, guard will no longer "forget" your authentication when your next attempt fails.
Commits
-------
4fc0ecbf90 Fixed being logged out on failed attempt in guard
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Send cookies using header() to fix "SameSite" ones
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25344
| License | MIT
| Doc PR | -
Commits
-------
73fec237da [HttpFoundation] Add functional tests for Response::sendHeaders()
e350ea000f [HttpFoundation] Send cookies using header() to fix "SameSite" ones
This PR was squashed before being merged into the 2.7 branch (closes#26910).
Discussion
----------
Use new PHP7.2 functions in hasColorSupport
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Fixes bc break in #26609
Reference: https://github.com/composer/xdebug-handler/blob/master/src/Process.php#L111
Commits
-------
b0c92254a0 Use new PHP7.2 functions in hasColorSupport
