This PR was merged into the 4.4 branch.
Discussion
----------
[Serializer] do not transform empty \Traversable to Array
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | na
| License | MIT
| Doc PR | na
Today, using `PRESERVE_EMPTY_OBJECTS` ([introduced in 4.0](f28e826627)), the JSON serialization of:
```php
<?php
$object = [];
$object['foo'] = new \ArrayObject();
$object['bar'] = new \ArrayObject(['notempty']);
$object['baz'] = new \ArrayObject(['nested' => new \ArrayObject()]);
```
Outputs:
```json
{"foo":[],"bar":["notempty"],"baz":{"nested":[]}}
```
Instead of the expected:
```json
{"foo":{},"bar":["notempty"],"baz":{"nested":{}}}
```
This issue comes from the Serializer that transforms `Traversable` to an Array [here](11a707200d/src/Symfony/Component/Serializer/Serializer.php (L159)). Also, the `AbstractObjectNormalizer` [doesn't support Traversable](11a707200d/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L134)), but he allows to preserve empty objects.
I propose this patch where the fix doesn't transform a `Traversable` to an Array. I see another way to patch this in which we could allow empty Traversable in the `AbstractObjectNormalizer` (not sure it's better though). See attached [other-fix.patch](https://github.com/symfony/symfony/files/4539865/other-fix.log) to see the alternative patch.
Commits
-------
e5c20293fa Fix serializer do not transform empty \Traversable to Array
This PR was merged into the 5.1-dev branch.
Discussion
----------
Add missing port SQS Host Header request
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | /
| License | MIT
| Doc PR | /
When user provides a custom endpoint, the port is missing from the `Host` headers, leading to wrong URL when calling `getQueueUrl`
Commits
-------
41165beb48 Add missing port SQS Host Header request
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Fixed not supported Redis eviction policies
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | no
**Steps to reproduce:**
1. Define the following redis service on SymfonyCloud:
```
rediscache:
type: redis:5.0
size: S
configuration:
maxmemory_policy: allkeys-lru
```
2. Deploy the change
**Expected result:**
No redis cache will be populated
**Actual result:**
Following exception is thrown:
```
[2020-04-28T05:35:58.440403-04:00] php.CRITICAL: Uncaught Error: Return value of Symfony\Component\Cache\Adapter\RedisTagAwareAdapter::doSave() must be of the type array, bool returned {"exception":"[object] (TypeError(code: 0): Return value of Symfony\\Component\\Cache\\Adapter\\RedisTagAwareAdapter::doSave() must be of the type array, bool returned at /app/vendor/symfony/cache/Adapter/RedisTagAwareAdapter.php:100)"} []
```
Commits
-------
3d6e942da5 [Cache] Fixed not supported Redis eviction policies
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][CacheWarmupCommand] Append files to preload
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Files returned by the warmUp() method must be added to the preload file.
I also added checks to avoid empty preload calls in the preload file like this:
```
$classes = [];
Preloader::preload($classes);
```
Commits
-------
a82c7ab4c0 [FrameworkBundle][CacheWarmupCommand] Append files to preload
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation][HttpKernel] Add more preload always-needed symbols
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Part of https://github.com/orgs/symfony/projects/1#card-37082675
| License | MIT
| Doc PR | -
`ConfigCache` is in the hot path because it is used for every request in the kernel boot (initializeContainer() method). I guess we can consider that every kernel is going to be booted so it should always be used.
`InputBag` should be added too - it is used in the Request initialization so it will likely be hit on every request as well - but maybe it wasn't added in the first place for a reason since other bags are already there?
Commits
-------
636a8bdf12 [HttpFoundation][HttpKernel] Add more preload always-needed symbols
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] Require entry_point to be configured with multiple authenticators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | tbd
See @weaverryan's comment at https://github.com/symfony/symfony/pull/33558#discussion_r403740402:
> I have it on my list to look at the entrypoint stuff more closely. But my gut reaction is this: let's fix them (or try to... or maybe in a PR after this) :). What I mean is this:
>
> - It's always been confusing that your firewall may have multiple auth mechanisms that have their own "entry point"... and one is chosen seemingly at random :). I know it's not random, but why does the entrypoint from `form_login` "win" over `http_basic` if I have both defined under my firewall?
>
> - Since we're moving to a new system, why not throw an exception the _moment_ that a firewall has multiple entrypoints available to it. Then we _force_ the user to choose the _one_ entrypoint that should be used.
---
**Before** (one authenticator)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
form_login: ...
# form login is your entry point
```
**After**
Same as before
---
**Before** (multiple authenticators)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
# for some reason, FormLogin is now your entry point! (config order doesn't matter)
```
**After**
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: form_login
```
---
**Before** (custom entry point service)
```yaml
security:
enable_authenticator_manager: true
firewalls:
main:
http_basic: ...
form_login: ...
entry_point: App\Security\CustomEntryPoint
```
**After**
Same as before
Commits
-------
7e861698e7 [Security] Require entry_point to be configured with multiple authenticators
* 5.0:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
remove getContainer overwrites in tests
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
Fix profiler nullable string type
* 4.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
Allow invalidateTags calls to be traced by data collector
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Mailer] Add a comment to avoid more wrong PRs on this piece of code
[Form] apply automatically step=1 for datetime-local input
Fixing a bug where class_alias would cause incorrect items in debug:autowiring
[DependencyInjection][ServiceSubscriber] Support late aliases
* 3.4:
updated VERSION for 3.4.40
update CONTRIBUTORS for 3.4.40
updated CHANGELOG for 3.4.40
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
add tests for the ConstraintViolationBuilder class
Improve dirname usage
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
[YAML] escape DEL(\x7f)
fix compatibility with phpunit 9
[Cache] skip APCu in chains when the backend is disabled
[Form] apply automatically step=1 for datetime-local input
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Allow invalidateTags calls to be traced by data collector
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #34810
| License | MIT
| Doc PR |
`TraceableTagAwareAdapter` is not used in the fullstack framework since tag aware pools don't have the `cache.pool` tag (it's the decorated adapter that has it). This PR aims to use `TraceableTagAwareAdapter` when a pool is configured with `tags: true`
Commits
-------
28fdb3a879 Allow invalidateTags calls to be traced by data collector
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36533
| License | MIT
| Doc PR | none
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
This PR changes the label of the peak memory usage from `MB` into `MiB` in the time and memory panels of the web profiler, as discussed in #36533.
The changed file `Resources/views/Collector/time.html.twig` is completely updated by commit c9433b0090 for v4.3. So for correctly displaying the label in 4.4 (& 5.0), the file `Resources/views/Collector/time.js` needs to be updated.
Commits
-------
89fb0799cd [WebProfilerBundle] changed label of peak memory usage in the time & memory panels (MB into MiB)
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Use COMPOSER_BINARY env var if available
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36401
| License | MIT
| Doc PR | -
Commits
-------
6dce90d47b [PhpUnitBridge] Use COMPOSER_BINARY env var if available
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] add syntax to stack decorators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#30599
| License | MIT
| Doc PR | -
Declare this:
```yaml
services:
my_stack_of_decorators:
stack:
- class: App\ExternalDecorator
- class: App\InternalDecorator
- class: App\DecoratoredClass
```
And get this:
![image](https://user-images.githubusercontent.com/243674/78615803-b8c8e580-7872-11ea-95c2-22cb78f88ca8.png)
The PR is now ready with support for Yaml, XML and the PHP-DSL. It needs #36388, #36392 and #36389 to pass, and relates to #36390 to be DX-friendly.
The new syntax now supports composable stacks - i.e stack you can reuse in the middle of another stack.
RIP middleware, simple decorators FTW :)
From the test cases:
```yaml
services:
reusable_stack:
stack:
- class: stdClass
properties:
label: A
inner: '@.inner'
- class: stdClass
properties:
label: B
inner: '@.inner'
concrete_stack:
stack:
- parent: reusable_stack
- class: stdClass
properties:
label: C
```
This will create a service similar to:
```php
(object) [
'label' => 'A',
'inner' => (object) [
'label' => 'B',
'inner' => (object) [
'label' => 'C',
]
],
];
```
When used together with autowiring, this is enough to declare a stack of decorators:
```yaml
services:
my_processing_stack:
stack:
- App\ExternalDecorator: ~
- App\InternalDecorator: ~
- App\TheDecoratedClass: ~
```
See fixtures for the other configuration formats.
See also https://twitter.com/nicolasgrekas/status/1248198573998604288
Todo:
- [x] rebase on top of #36388, #36392 and #36389 once they are merged
- [x] test declaring deeper nested stacks
Commits
-------
98eeeae3d1 [DI] add syntax to stack decorators
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] fix definition and usage of AbstractArgument
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Reading https://symfony.com/blog/new-in-symfony-5-1-abstract-service-arguments and the comments there made me realize that the current implementation is not generic enough. Abstract arguments can be found anywhere, not only as service arguments. Also, `AbstractArgument` instances should not convey the key/id since that makes them harder to use in the PHP-DSL.
Commits
-------
abb463c749 [DI] fix definition and usage of AbstractArgument
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Serializer] Add an @Ignore annotation
| Q | A
| ------------- | ---
| Branch? | master
Bug fix? | no
| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #24071
| License | MIT
| Doc PR | n/a
Add an `@Ignore` annotation to configure [ignored attributes](https://symfony.com/doc/current/components/serializer.html#ignoring-attributes) in a convenient way, as well as the related XML and YAML loaders.
TODO:
* [x] Add tests
Commits
-------
8526d7c050 [Serializer] Add an @Ignore annotation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Add locale-sensitive map for slugging symbols
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36383
| License | MIT
By default chars '@' and '&' are respectively replaced by 'at' and 'and' (so limited by enlgish language).
I had an $options arguments to 'slug' method to replace chars with your own logic.
Commits
-------
1331584fa1 [String] Add locale-sensitive map for slugging symbols
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] skip APCu in chains when the backend is disabled
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34962
| License | MIT
| Doc PR | -
I think this should do it.
Commits
-------
5a7208481d [Cache] skip APCu in chains when the backend is disabled
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] skip preloading dependencies of non-preloaded services
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Suggested by @stof on Slack: this improves preloading by propagating the `container.no_preload` tag to services that are referenced only by not-preloaded services.
The benefit is double:
1. this fixes potential over-preloading
2. this requires less work from the community: no need to add the tag anymore most of the time
As a corollary, listeners of console events are tagged with `container.no_preload` automatically now.
Commits
-------
add867020a [DI] skip preloading dependencies of non-preloaded services
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] debug:autowiring: Fix wrong display when using class_alias
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR | not needed
Imagine that `FooInterface` is an alias, but it is deprecated and so has a `class_alias` to `BarInterface`. Currently, `debug:autowiring` will actually print that's the autowiring alias is `BarInterface`, despite there being no such id in the container.
@nicolas-grekas originally (on purpose) made the 2nd argument to `Descriptor::getClassDescription()` be passed by reference *for* this exact feature - 56aab09b01 - but I can't figure out why. This change (which effectively removes the by-reference modifying) made no existing tests fail.
Discovered this because the whole deprecated`Doctrine\Common\Persistence\ManagerRegistry` vs newer `Doctrine\Persistence\ManagerRegistry` causes the issue.
Thanks!
Commits
-------
d34b437ce0 Fixing a bug where class_alias would cause incorrect items in debug:autowiring
This PR was squashed before being merged into the 5.1-dev branch (closes#36525).
Discussion
----------
Improve SQS interoperability
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | NA
| License | MIT
| Doc PR | NA
The Symfony Messenger component provides a SerializerInterface to encode/decode the `Envelope`, this can be used to improve the Interoperability (see [article from jolicode](https://jolicode.com/blog/symfony-messenger-et-linteroperabilite) (french))
Sadly, the current implementation of SQS adapter json_encode the elements of the `Envelope` (`string body` + `string[] headers`) and store everything in the SQS message `Body`. That partially defect the interoperability: 3rd party have to also wrap (unwrap) message form json_encoded Body.
This PR leverage the AWS SQS `Body` and `MessageAttribute` properties to store message information:
```yaml
# before
SQS Message:
Body: {"body": "hello world", "headers": {"foo": "bar"}}
MessageAttributes: {}
# after
SQS Message:
Body: hello world
MessageAttributes:
foor: bar
```
Commits
-------
00d84c125e Improve SQS interoperability
This PR was merged into the 4.4 branch.
Discussion
----------
[DependencyInjection][ServiceSubscriber] Support late aliases
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A service subscriber that references a service that is aliased after optimization passes (after ResolveReferencesToAliasesPass technically) end up being dumped with the real service and not the alias.
I would consider it a bug but @nicolas-grekas told me it's a feature for him, this is why I'm submitting this on master.
@nicolas-grekas, feel free to close this one and open with your solution since you definitely know the subject better.
Commits
-------
24150370c3 [DependencyInjection][ServiceSubscriber] Support late aliases
This PR was merged into the 5.1-dev branch.
Discussion
----------
[OptionsResolver] remove not needed BC layer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
1452619a52 remove not needed BC layer
This PR was merged into the 5.0 branch.
Discussion
----------
[Profiler] Fix profiler nullable string type
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | -
This PR fixes nullable string types in setter for the Profile class.
The detected issue comes from [the Profiler class](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpKernel/Profiler/Profiler.php#L149) :
```php
$profile->setIp($request->getClientIp()); // string or null
```
The corresponding return types for the Profile getters are allready good:
```php
/**
* Returns the IP.
*
* @return string|null The IP
*/
public function getIp()
{
return $this->ip;
}
```
Commits
-------
b5d406117d Fix profiler nullable string type
* 5.0:
[FrameworkBundle] Fix session.attribute_bag service definition
[Routing] Remove unused properties from the Route annotation
[Routing] Add missing _locale requirements
Update LdapBindAuthenticationProvider.php
Add reproducer to for hit after update expire cacheItem
[Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
* 4.4:
[FrameworkBundle] Fix session.attribute_bag service definition
[Routing] Remove unused properties from the Route annotation
[Routing] Add missing _locale requirements
Update LdapBindAuthenticationProvider.php
Add reproducer to for hit after update expire cacheItem
[Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
This PR was merged into the 3.4 branch.
Discussion
----------
[Security/Core] fix escape for username in LdapBindAuthenticationProvider.php
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
I think that when we call `ldap_search()` as definitely it will do the `$this->ldap->query()` call, the proper filter applied should be `LdapInterface::ESCAPE_FILTER` as documented in
https://www.php.net/manual/en/function.ldap-escape.php while `LdapInterface::ESCAPE_DN` should be used for `dn` only
This simple change should fix, I'm sorry if I'm wrong.
Commits
-------
4bda68a9a2 Update LdapBindAuthenticationProvider.php
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier] Throw an exception when the Slack DSN is not valid
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes-ish
| New feature? | yes-ish <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
Improved errors in case of a DSN issue.
+ proper error for the Slack DSN when path is empty (will help catch when people haven't updated their Slack DSN for 5.1).
Commits
-------
6b1a64a642 [Notifier] Throw an exception when the Slack DSN is not valid
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] AuthenticatorManager to make "authenticators" first-class security
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | tbd
The tl;dr
---
The old authentication listener + authentication provider system was replaced by a new "authenticator" system (similar to Guard authentication). All existing "auth systems" (e.g. `form_login` are now written as an "authenticator" in core).
Instead of each "authentication system" registering its own listener in the `Firewall`, there is now only one listener: `AuthenticatorManagerListener`
* `Firewall` -> executes `AuthenticatorManagerListener`
* `AuthenticatorManagerListener` -> calls `AuthenticatorManager`
* `AuthenticatorManager` -> calls each authenticator
This PR contains *no deprecations* and the "new system" is *marked as experimental*. This allows to continue to develop the new Security system during the 5.x release cycle without disturbing Symfony users. In 5.4, we can deprecate "old" Security and remove it completely in 6.0.
Important Decisions
---
* A) **The new authentication manager - `AuthenticatorManager` - now dispatches 3 important "hook" events**:
* `VerifyAuthenticatorCredentialsEvent`: occurs at the point when a "password" needs to be checked. Allows us to centralize password checking, CSRF validation, password upgrading and the "user checker" logic.
* `LoginSuccessEvent`: Dispatched after a successful authentication. E.g. used by remember me listener.
* `LoginFailedEvent`: Dispatched after an unsuccessful authentication. Also used by remember me (and in theory could be used for login throttling).
* B) **`getCredentials()`, `getUser()` and `checkCredentials()` methods from old Guard are gone: their logic is centralized**.
Authenticators now have an `authenticate(Request $request): PassportInterface` method. A passport contains the user object, the credentials and any other add-in Security badges (e.g. CSRF):
```php
public function authenticate(Request $request): PassportInterface
{
return new Passport(
$user,
new PasswordCredentials($request->get('_password')),
[
new CsrfBadge($request->get('_token'))
]
);
}
```
All badges (including the credentials) need to be resolved by listeners to `VerifyAuthenticatorCredentialsEvent`. There is build-in core support for the following badges/credentials:
* `PasswordCredentials`: validated using the password encoder factory
* `CustomCredentials`: allows a closure to do credentials checking
* `CsrfTokenBadge`: automatic CSRF token verification
* `PasswordUpgradeBadge`: enables password migration
* `RememberMeBadge`: enables remember-me support for this authenticator
* C) **`AuthenticatorManager` contains all logic to authenticate**
As authenticators always relate to HTTP, the `AuthenticatorManager` contains all logic to authenticate. It has three methods, the most important two are:
* `authenticateRequest(Request $request): TokenInterface`: Doing what is previously done by a listener and an authentication provider;
* `authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = [])` for manual login in e.g. a controller.
* D) **One AuthenticatorManager per firewall**
In the old system, there was 1 authentication manager containing all providers and each firewall had a specific firewall listener. In the new system, each firewall has a specific authentication manager.
* E) **Pre-authentication tokens are dropped.**
As everything is now handled inside `AuthenticatorManager` and everything is stored in the Security `Passport`, there was no need for a token anymore (removing lots of confusion about what information is inside the token).
This change deprecates 2 authentication calls: one in `AuthorizationChecker#isGranted()` and one in `AccessListener`. These seem now to be mis-used to reload users (e.g. re-authenticate the user after you change their roles). This (some "way" to change a user's roles *without* logging them out) needs to be "fixed"/added in another PR.
* F) **The remember me service now uses *all* user providers**
Previously, only user providers of authentication providers listening on that firewall were used. This change is due to practical reasons and we don't think it is common to have 2 user providers supporting the same user instance. In any case, you can always explicitly configure the user provider under `remember_me`.
* G) **Auth Providers No Longer Clear the Token on Auth Failure**
Previously, authentication providers did `$this->tokenStorage->setToken(null)` upon authentication failure. This is not yet implemented: our reasoning is that if you've authenticated successfully using e.g. the login form, why should you be logged out if you visit the same login form and enter wrong credentials?
The pre-authenticated authenticators are an exception here, they do reset the token upon authentication failure, just like the old system.
* H) **CSRF Generator Service ID No Longer Configurable**
The old Form login authentication provider allowed you to configure the CSRF generator service ID. This is no longer possible with the automated CSRF listener. This feature was introduced in the first CSRF commit and didn't get any updates ever since, so we don't think this feature is required. This could also be accomplished by checking CSRF manually in your authenticator, instead of using the automated check.
Future Considerations
---
* Remove Security sub-components: Move CSRF to `Symfony\Component\Csrf` (just like mime); Deprecated Guard; Put HTTP + Core as `symfony/security`. This means moving the new classes to `Symfony\Component\Security`
* Convert LDAP to the new system
* This is fixed (and merged) by #36243 <s>There is a need for some listeners to listen for events on one firewall, but not another (e.g. `RememberMeListener`). This is now fixed by checking the `$providerKey`. We thought it might be nice to introduce a feature to the event dispatcher:</s>
* <s>Create one event dispatcher per firewall;</s>
* <s>Extend the `kernel.event_subscriber` tag, so that you can optionally specify the dispatcher service ID (to allow listening on events for a specific dispatcher);</s>
* <s>Add a listener that always also triggers the events on the main event dispatcher, in case you want a listener that is listening on all firewalls.</s>
* Drop the `AnonymousToken` and `AnonymousAuthenticator`: Anonymous authentication has never made much sense and complicates things (e.g. the user can be a string). For access control, an anonymous user has the same meaning as an un-authenticated one (`null`). This require changes in the `AccessListener` and `AuthorizationChecker` and probably also a new Security attribute (to replace `IS_AUTHENTICATED_ANONYMOUSLY`). Related issues: #34909, #30609
> **How to test**
> 1. Install the Symfony demo application (or any Symfony application)
> 2. Clone my Symfony fork (`git clone git@github.com:wouterj/symfony`) and checkout my branch (`git checkout security/deprecate-providers-listeners`)
> 3. Use the link utility to link my fork to the Symfony application: `/path/to/symfony-fork/link /path/to/project`
> 4. Enable the new system by setting `security.enable_authenticator_manager` to `true`
Commits
-------
b1e040f311 Rename providerKey to firewallName for more consistent naming
50224aa285 Introduce Passport & Badges to extend authenticators
9ea32c4ed3 Also use authentication failure/success handlers in FormLoginAuthenticator
0fe5083a3e Added JSON login authenticator
7ef6a7ab03 Use the firewall event dispatcher
95edc806a1 Added pre-authenticated authenticators (X.509 & REMOTE_USER)
f5e11e5f32 Reverted changes to the Guard component
ba3754a80f Differentiate between interactive and non-interactive authenticators
6b9d78d5e0 Added tests
59f49b20ca Rename AuthenticatingListener
60d396f2d1 Added automatically CSRF protected authenticators
bf1a452e94 Merge AuthenticatorManager and AuthenticatorHandler
44cc76fec2 Use one AuthenticatorManager per firewall
09bed16d3d Only load old manager if new system is disabled
ddf430fc1e Added remember me functionality
1c810d5d2a Added support for lazy firewalls
7859977324 Removed all mentions of 'guard' in the new system
999ec2795f Refactor to an event based authentication approach
b14a5e8c52 Moved new authenticator to the HTTP namespace
b923e4c4f6 Enabled remember me for the GuardManagerListener
873b949cf9 Mark new core authenticators as experimental
4c06236933 Fixes after testing in Demo application
fa4b3ec213 Implemented password migration for the new authenticators
5efa892395 Create a new core AuthenticatorInterface
50132587a1 Add provider key in PreAuthenticationGuardToken
526f75608b Added GuardManagerListener
a172bacaa6 Added FormLogin and Anonymous authenticators
9b7fddd10c Integrated GuardAuthenticationManager in the SecurityBundle
a6890dbcf0 Created HttpBasicAuthenticator and some Guard traits
c321f4d73a Created GuardAuthenticationManager to make Guard first-class Security
The AuthenticatorManager now performs the whole authentication process. This
allows for manual authentication without duplicating or publicly exposing parts
of the process.
This to remove confusion between the new system and Guard. When using the new
system, guard should not be installed. Guard did however influence the idea
behind the new system. Thus keeping the mentions of "guard" makes it confusing
to use the new system.
This allows more flexibility for the authentication manager (to e.g. implement
login throttling, easier remember me, etc). It is also a known design pattern
in Symfony HttpKernel.
This removes the introduced dependency on Guard from core. It also allows an
easier migration path, as the complete Guard subcomponent can now be deprecated
later in the 5.x life.
This is an iteration on the AuthenticatorInterface of the Guard, to allow more
flexibility so it can be used as a real replaced of the authentication
providers and listeners.
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] CacheItem with tag is never a hit after expired
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes/no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36458
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
It seems like a tag cacheItem is never a hit again. Not sure how fix this but the cache component is really hard to debug 🙈 .
It need to be somewhere generally as all TagAware caches are effected:
```
1) Symfony\Component\Cache\Tests\Adapter\FilesystemTagAwareAdapterTest::testRefreshAfterExpires
Failed asserting that false is true.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:194
2) Symfony\Component\Cache\Tests\Adapter\PredisTagAwareClusterAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
3) Symfony\Component\Cache\Tests\Adapter\RedisTagAwareAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
4) Symfony\Component\Cache\Tests\Adapter\RedisTagAwareClusterAdapterTest::testRefreshAfterExpires
Failed asserting that true is false.
/home/travis/build/symfony/symfony/src/Symfony/Component/Cache/Tests/Traits/TagAwareTestTrait.php:183
```
Commits
-------
d082eca7dd Add reproducer to for hit after update expire cacheItem
f815b011c3 [Cache] fix FilesystemTagAwareAdapter failing when a tag link preexists
* 4.4:
[HttpFoundation] workaround PHP bug in the session module
[SecurityBundle] fix accepting env vars in remember-me configurations
[Form] Fixed handling groups sequence validation
[Cache] Avoid memory leak in TraceableAdapter::reset()
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] fix accepting env vars in remember-me configurations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36271
| License | MIT
| Doc PR | -
As @wouterj explained we cannot use env variables after #35910 merged.
> Hmm, so I'm guessing this is what happens:
>
> * `lifetime` is now an `integerNode()`
> * For the Config component (which IIRC doesn't know anything about env variables), you're passing a string: `"%env(int:REMEMBER_ME_COOKIE_LIFETIME)%"`
> * This throws an error, although if it wouldn't, the DI component would sucessfully process the string into a integer before it's used by any PHP class.
>
> So we either make Config aware of environment variables (that's probably a huge feature) or we revert the `integerNode()` changes (as you suggested).
>
> @HeahDude am I mislooking something, or would reverting these 2 lines not result in much harm? (only a little less strict config processor)
Commits
-------
46c278316c [SecurityBundle] fix accepting env vars in remember-me configurations
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fixed handling groups sequence validation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | FIx https://github.com/symfony/symfony/issues/9939#issuecomment-607459505, Fix#35556
| License | MIT
| Doc PR | ~
This is not the same as the original issue fixed by #36245, that was reported in https://github.com/symfony/symfony/issues/9939#issuecomment-607459505.
The form also fails to cascade sequence validation properly because each nested field is validated against the sequence, and one can fail at a step independently from another which could failed in another step. I've added a lot of tests to ensure this is working properly and tested in a website skeleton too.
This PR aims to close#35556 which tries to fix the same issue but afterwards in its implementation as said in https://github.com/symfony/symfony/pull/35556#discussion_r379289230.
Commits
-------
dfb61c204c [Form] Fixed handling groups sequence validation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[RedisMessengerBridge] Add a delete_after_ack option
This allows Messenger to clean up processed messages from memory, avoiding a mem "leak" in redis
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/33715
| License | MIT
| Doc PR | symfony/symfony-docs#... TODO - will pile it on to https://github.com/symfony/symfony-docs/pull/11869 as it kinda binds together and a bigger refactor of the docs here is much needed to avoid all these gotchas
Right now by default a redis transport for messenger will leak memory as all messages stay in redis forever. You can configure `stream_max_entries` to automatically trim to a max of X entries, but that means if you have big peaks in messages you might start losing messages which have not been processed.
This PR provides an alternative to that, by deleting message as they are processed. This is ideal as it avoids having to find the right number for `stream_max_entries` (do you want to risk losing data or use more memory than needed on average?). The only catch is that if you have multiple groups consuming the same stream, the first one processing a message will delete it, so other groups will not see it. For that reason `setup()` attempts to detect this and fails hard if it is misconfigured to prevent data loss.
Commits
-------
7c416a7173 [RedisMessengerBridge] Add a delete_after_ack option to automatically clean up processed messages from memory
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add FIFO support to the SQS transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | --
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html
Commits
-------
37601753f1 [Messenger] Add FIFO support to the SQS transport
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Cache] Added context to log messages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | n/a
In my application logs, I've got many entries like:
> Failed to save key "foobar" of type string.
I know it is related to the cache, But I dont know from what adapter. I use a chain of Array, Apcu and Redis. This PR adds some context to that log entry so I know which one of my cache adapter that fails.
Commits
-------
a4d9e0fc94 [Cache] Added context to log messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
Use ExpectDeprecationTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
08febef500 Use ExpectDeprecationTrait
This PR was merged into the 3.4 branch.
Discussion
----------
[Cache] Avoid memory leak in TraceableAdapter::reset()
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
When we call `ServicesResetter::reset()`, we want to reset the
application to its initial states. We don't want a memory leak :p
Commits
-------
15a8610c0c [Cache] Avoid memory leak in TraceableAdapter::reset()
* 5.0:
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
[Messenger] Make sure redis transports are initialized correctly
Remove return type for Twig function workflow_metadata()
[DI] fix typo
* 4.4:
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
[Messenger] Make sure redis transports are initialized correctly
Remove return type for Twig function workflow_metadata()
[DI] fix typo
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | na
| License | MIT
| Doc PR | na
expectExceptionMessageRegExp is deprecated coming phpunit 8.5.3 see https://github.com/sebastianbergmann/phpunit/issues/4133
Not sure if I need to add something else lmk.
Commits
-------
cfd5a29eaf [PhpUnitBridge] add PolyfillTestCaseTrait::expectExceptionMessageMatches to provide FC with recent phpunit versions
This PR was merged into the 4.4 branch.
Discussion
----------
Remove return type for Twig function workflow_metadata()
Technically it is allowed to have metadata other than string, even data that does not cast to string, like an array.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36391
| License | MIT
| Doc PR | n/a
The workflow metadata store can contain not only strings, but setting nested metadata results in an error when workflow_metadata() is used in Twig.
Also see #36391
Commits
-------
55664c5a17 Remove return type for Twig function workflow_metadata()
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Add InputBag
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| License | MIT
When ppl read a request attribute, they never check if an array is returned
This means many apps just fail with a 500 when adding `[]` in the query string.
This PR turns them to 400 basically (with a deprecation for now)
Commits
-------
0a2ef70c04 [HttpFoundation] add InputBag
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mailer][Messenger] add return statement for MessageHandler
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
By returning the result of the transporter in `MessageHandler` we can get hold of `SentMessage` from `HandledStamp::getResult()`.
![image](https://user-images.githubusercontent.com/4582866/79046122-3bed9100-7c0f-11ea-878f-65a6eb610758.png)
Commits
-------
7854cb488e [Mailer][Messenger] add return statement for MessageHandler
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] RepeatedType should always have inner types mapped
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Doc PR| https://github.com/symfony/symfony-docs/pull/13519 |
| Tickets | Fix#36410
| License | MIT
Always set mapped=true to override inner type mapped setting.
Throw an exception if inner types of RepeatedType has mapped=false
Commits
-------
728cd66a13 RepeatedType should always have inner types mapped
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Deprecated unused old `ServerParams` util
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | ~
| License | MIT
| Doc PR | ~
A left over after https://github.com/symfony/symfony/pull/11924#issuecomment-56511557, this class is unused since Symfony 2.3 ^^'. I've noticed it before but never took the time to submit a PR because this is very minor IMHO. But since this deprecation should not impact anyone, let's keep the codebase clean and remove it in 6.0.
Commits
-------
e05e924c5a [Form] Deprecated unused old `ServerParams` util
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Console] cursor tweaks
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Refs #27444
| License | MIT
| Doc PR | n/a
While playing with the new cursor class, I realized that I would like to make some changes. Mainly having a fluent interface: `$cursor->moveUp(10)->clearOutput()` for instance.
I have also separater the `clearLine()` method in two method to avoid the bool arg.
/cc @pierredup
Commits
-------
5a7b3146f5 Make the Cursor class final
b0e7eb66e0 Make Cursor fluent
55fef914cc Split a method
d00b5b5e08 Remove default value
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier][Slack] Send messages using Incoming Webhooks
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
> Legacy tokens are a deprecated method of generating tokens for testing and development.
As tokens will became deprecated on May 5th, 2020 we should use Incoming Webhooks app for using this bundle.
**Usage:**
_`slack://hooks.slack.com/services/xxx/xxx/xxx`_
Commits
-------
4b0807bd1a [Notifier] Tweak Slack support
e242cc35e9 Git rebase form master
* 5.0:
[travis] fix CI (ter)
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
Force ping after transport Exception
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
* 4.4:
[travis] fix CI (ter)
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
Force ping after transport Exception
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
* 3.4:
Revert "[travis][appveyor] don't cache .phpunit"
silence E_NOTICE triggered since PHP 7.4
[Form] Removed legacy check in `ValidationListener`
do not merge constraints within interfaces
[Validator] Fixed default group for nested composite constraints
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Fixed default group for nested composite constraints
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33986
| License | MIT
| Doc PR | ~
Take a breath: when composite constraints are nested in a parent composite constraint without having non composite nested constraints (i.e empty), then the default group is not added, making the validator failing to validate in any group (including default), because there is no group at all, which should never happen.
Commits
-------
117ee34698 [Validator] Fixed default group for nested composite constraints
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36419
| License | MIT
| Doc PR | -
Commits
-------
a5b884cd94 [HttpClient] fix HTTP/2 support on non-SSL connections - CurlHttpClient only
This PR was merged into the 4.4 branch.
Discussion
----------
Force ping after transport exception
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36301
| License | MIT
| Doc PR |
SMTP transport fails for long running processes after tranport exception, if stream is closed all messages will throw a transport exception until $lastMessageTime exceds $pingThreshold.
With this PR, after transport expception the transport will ping the server to check if the connection is still alive.
Commits
-------
7ccbef62f6 Force ping after transport Exception
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] do not merge constraints within interfaces
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#22538
| License | MIT
| Doc PR |
This fix disables merge constraints within interfaces.
There is no reason to merge constraints from one interface to another because each class merges the constraints of all its interfaces. Only one check is needed is to eliminate all interfaces that comes from parent class to avoid duplication.
Commits
-------
67f336b808 do not merge constraints within interfaces
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Removed legacy check in `ValidationListener`
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
A left over of #13198, should have been removed in 3.0. The tests don't use `null` anymore, no update needed here, this is just about removing dead code.
Commits
-------
e479e51f7c [Form] Removed legacy check in `ValidationListener`
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Serializer] UnwrappingDenormalizer
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
UnwrappingDenormalizer, registered with very high priority. Unwrapping the data if UNWRAP_PATH is provided.
Very often some APIs give nested responses in which we need only the child object. With UnwrappingDenormalizer we can get the needed object without creating unnecessary Model class that we don't really need.
Regarding to https://github.com/symfony/symfony/pull/28887 and https://github.com/symfony/symfony/pull/30894
Usage:
`$serialiser->deserialize('{"baz": {"foo": "bar", "inner": {"title": "value", "numbers": [5,3]}}}', Object::class, ['UnwrappingDenormalizer::UNWRAP_PATH' => '[baz][inner]'])`
Commits
-------
00d103d5f7 UnwrappingDenormalizer
This PR was merged into the 5.1-dev branch.
Discussion
----------
[ErrorHandler] Remove trigger_deprecation frame from trace
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This accounts for the new `trigger_deprecation` function from [symfony/deprecation-contracts](https://github.com/symfony/deprecation-contracts).
Replaces #36329
Commits
-------
d4eb4a4bd7 [ErrorHandler] Remove trigger_deprecation frame from trace (add tests)
c293aee9ab [ErrorHandler] Remove trigger_deprecation frame from trace
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] deprecate the `inline()` function from the PHP-DSL in favor of `service()`
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
In the PHP-DSL, the `inline()` function helps declaring ... inline services.
I'm proposing to rename it to `service()`, for consistency with yaml tags. All other helpers but this one have the same name as the yaml tag.
Let's do this while "nobody" uses this format yet :)
Commits
-------
647d971ae4 [DI] deprecate the `inline()` function from the PHP-DSL in favor of `service()`
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] allow decorators to reference their decorated service using the special `.inner` id
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, when one wants to decorate a service, one needs to reference the decorated service using `foo.inner`, where `foo` is the id of the decorating service.
There are two issues with this IMHO:
- it's weird to have to repeat the name of declaring service inside of it;
- it doesn't play well with child definitions.
In this PR, I propose to use `.inner` to fix both issues.
Before:
```yaml
services:
decorating_service:
arguments: [@decorating_service.inner]
decorates: decorated_service
```
After:
```yaml
services:
decorating_service:
arguments: [@.inner]
decorates: decorated_service
```
Commits
-------
7b6f767fbe [DI] allow decorators to reference their decorated service using the special `.inner` id
* 5.0:
[appveyor] bump cache
[Twig][Mime] Removed extra quotes in missing package exception message
[DI] µfix
Allowing empty secrets to be set
[DI] add missing property declarations in InlineServiceConfigurator
[DI] fix detecting short service syntax in yaml
Supress error from fread when reading a unix pipe
[HttpClient] Fix scoped client without query option configuration
[Workflow] Use a strict comparison when retrieving raw marking in MarkingStore
[Workflow] Use a strict comparison when retrieving raw markin in MarkingStore
* 4.4:
[appveyor] bump cache
[Twig][Mime] Removed extra quotes in missing package exception message
[DI] µfix
Allowing empty secrets to be set
[DI] add missing property declarations in InlineServiceConfigurator
[DI] fix detecting short service syntax in yaml
Supress error from fread when reading a unix pipe
[HttpClient] Fix scoped client without query option configuration
[Workflow] Use a strict comparison when retrieving raw marking in MarkingStore
[Workflow] Use a strict comparison when retrieving raw markin in MarkingStore
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Fix scoped client without query option configuration
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
The `query` key default value is an [empty array](https://github.com/symfony/symfony/blob/v4.4.7/src/Symfony/Component/Config/Definition/PrototypedArrayNode.php#L30) and because of that it is always set. Processing a configuration for a scoped HTTP client (which has a `scope` and does not have a `base_uri`) results in the configuration being invalid. The error message says that query parameters cannot be aplied to the base URI since it is not defined (which doesn't make sense since the query parameters don't exist because they are empty).
Commits
-------
a07578dba3 [HttpClient] Fix scoped client without query option configuration
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] fix detecting short service syntax in yaml
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
We do allow interfaces/classes as keys in arguments, yet the short syntax fails to know about those.
This fixes it, allowing one to use:
```
services:
App\Foo:
App\BarInterface: '@App\BarClass'
```
As a reminder, by-name is also allowed:
```
services:
App\Foo: {
$bar: '@App\BarClass'
}
```
Commits
-------
bf17165fb1 [DI] fix detecting short service syntax in yaml
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] add missing property declarations in InlineServiceConfigurator
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
These are accessed by the traits used by the class.
Commits
-------
a6a4442cd9 [DI] add missing property declarations in InlineServiceConfigurator
This PR was merged into the 4.4 branch.
Discussion
----------
Allowing empty secrets to be set
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | None
| License | MIT
| Doc PR | Not needed
Setting secrets to an empty string is a valid value - you can already do this by consuming from an empty file or `stdin` with no input. But it's *not* currently possible to use the interactive prompt to set a secret to an empty string. This fixes that.
Commits
-------
c9bf0c8683 Allowing empty secrets to be set
This PR was merged into the 4.4 branch.
Discussion
----------
[Process] Fixed input/output error on PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34945
| License | MIT
| Doc PR |
This PR aims to fix the error from #34945, but i'm unsure if this is the best solution. The issue is that on PHP 7.4 the input/output error may come up.
php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.fread-fwrite
> fread() and fwrite() will now return FALSE if the operation failed. Previously an empty string or 0 was returned. EAGAIN/EWOULDBLOCK are not considered failures. These functions now also raise a notice on failure, such as when trying to write to a read only file resource.
Commits
-------
b98abde65a Supress error from fread when reading a unix pipe
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
Update Connection.php
Get `region` from `host` to prevent error "Credential should be scoped to a valid region, not '...'" and make it easier to setup DSN
| Q | A
| ------------- | ---
| Branch? | master for features / 3.4, 4.4 or 5.0 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
af6804828b Update Connection.php
This PR was merged into the 5.1-dev branch.
Discussion
----------
[OptionsResolver] Improve the deprecation feature by handling package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? |no
| New feature? | yes
| Deprecations? | yes
| Tickets |
| License | MIT
| Doc PR | TODO
Commits
-------
c3f5e2c1c8 [OptionsResolver] Improve the deprecation feature by handling package + version
* 5.0:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[HttpKernel][FrameworkBundle] fix compat with Debug component
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
Track session usage when setting the token
[4.4][MonologBridge] Fix $level type
[5.0][MonologBridge] Fix $level type
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
[Security][Http][SwitchUserListener] Ignore all non existent username protection errors
Add installation and minimal example to README
* 4.4:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[HttpKernel][FrameworkBundle] fix compat with Debug component
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
Track session usage when setting the token
[4.4][MonologBridge] Fix $level type
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
[Security][Http][SwitchUserListener] Ignore all non existent username protection errors
Add installation and minimal example to README
* 3.4:
[PropertyAccess] fix tests
[WebProfilerBundle] fix test
remove assertions that can never be reached
[PropertyAccess] Improve message of unitialized property in php 7.4
[HttpFoundation] Fixed session migration with custom cookie lifetime
[Serializer] Remove unused variable
Allow URL-encoded special characters in basic auth part of URLs
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
[Validator] Add missing Ukrainian and Russian translations
No need to reconnect the bags to the session
Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36079
| License | MIT
| Doc PR | -
Check the related tickets that have a very descriptive example.
If the property is singular, we should prioritize non array mutator prefixes and do the opposite for plural property. It relies on some guessing but it actually fixes real world scenarios.
Commits
-------
b4df2b9dff [PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[PropertyAccess] Improve message of unitialized property in php 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36277
| License | MIT
Improve message of unitialized property in php 7.4 ;
Before
You should either initialize it or make it nullable using "?string" instead.
After
You should either initialize it or make it nullable using "?string $var = null" instead.
Commits
-------
3c8bf2d29d [PropertyAccess] Improve message of unitialized property in php 7.4
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Add support for all core response http control directives
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35720
| License | MIT
| Doc PR | N/A
Add support for all core cache-control directives
see : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
Commits
-------
011cd38974 [HttpFoundation] Add support for all core http control directives
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Fixed session migration with custom cookie lifetime
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28577
| License | MIT
| Doc PR |
This PR adds the fix proposed in https://github.com/symfony/symfony/issues/28577#issuecomment-578052397
Commits
-------
3e824de385 [HttpFoundation] Fixed session migration with custom cookie lifetime
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] allow cache warmers to add to the list of preloaded classes and files
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
This PR makes cache warmers responsible for returning a list of classes or files to preload. It does so by adding the following to `WarmableInterface::warmUp()`:
`@return string[] A list of classes or files to preload on PHP 7.4+`
Of course, this return value is properly implemented so that we can see what this provides in practice. Here are the benchmarks on a simple Hello World rendered with Twig:
- without preloading: 360 req/s
- with preloading in master: 560 req/s (+55%)
- with preloading and this PR: 630 req/s (+75%)
Commits
-------
8ab75d99d4 [HttpKernel] allow cache warmers to add to the list of preloaded classes and files
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mime] strengthen is_resource() checks
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Improves seekable checks by using
`stream_get_meta_data($h)['seekable'] && 0 === fseek($h, 0, SEEK_CUR)`
instead of just
`stream_get_meta_data($h)['seekable']`
which is better when using userland stream wrappers.
Commits
-------
be9c675710 [Mime] strengthen is_resource() checks
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Security] Refactor logout listener to dispatch an event instead
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes (sort of...)
| New feature? | yes
| Deprecations? | yes
| Tickets | Fix#25212, Fix#22473
| License | MIT
| Doc PR | tbd
The current `LogoutListener` has some extension points, but they are not really DX-friendly (ref #25212). It requires hacking a `addMethodCall('addHandler')` in the container builder to register a custom logout handler.
Also, it is impossible to overwrite the default logout functionality from a bundle (ref #22473).
This PR introduces a `LogoutEvent` that replaces both the `LogoutSuccessHandlerInterface` and `LogoutHandlerInterface`. This provides a DX-friendly extension point and also cleans up the authentication factories (no more `addMethodCall()`'s).
In order to allow different logout handlers for different firewalls, I created a specific event dispatcher for each firewall (as also shortly discussed in #33558). The `dispatcher` tag attribute allows you to specify which dispatcher it should be registered to (defaulting to the global dispatcher). The `EventBubblingLogoutListener` also dispatches logout events on the global dispatcher, to be used for listeners that should run on all firewalls.
_@weaverryan and I discussed this feature while working on #33558, but figured it was unrelated and could be done while preservering BC. So that's why a separate PR is created._
Commits
-------
a9f096eb1f [Security] Refactor logout listener to dispatch an event instead
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Add installation and minimal example to README
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#13431
Similair to what I did in #35552, this PR updates the README of the Routing component to include a minimal example and installation command.
Commits
-------
be6612060c Add installation and minimal example to README
This PR was merged into the 3.4 branch.
Discussion
----------
[WebProfilerBundle] Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
If a `style-src-elem` or `script-src-elem` Content Security Policy exist, the WebProfiler Styles or Scripts will be rejected as the nonce is missing.
Commits
-------
7f33f1fa3a Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add a \Throwable argument in RetryStrategyInterface methods
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#36182
| License | MIT
This allows to define new retry strategies based on the exceptions thrown during the last handling.
Commits
-------
5fa9d68e8b [Messenger] Add a \Throwable argument in RetryStrategyInterface methods
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] No need to reconnect the bags to the session after session_regenerate_id
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Bug https://bugs.php.net/70013 was fixed before the release of PHP v7.0
https://3v4l.org/A8YmY
Related to https://github.com/symfony/symfony/pull/15243
Commits
-------
923c24f438 No need to reconnect the bags to the session
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Track session usage whenever a new token is set
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36208
| License | MIT
| Doc PR | -
When using `anonymous: lazy`, the programatic login using the guard handler is broken. As the `setToken()` does not track usage, the index remains equal.
I tried fixing this more properly in e.g. the `SessionStrategy::onAuthentication` class, but I couldn't get it working (as `$request->hasPreviousSession()` returns false, the session strategy isn't called). `setToken()` can also not be made usage tracking afaics, because it would directly break (`setToken(null)` is called in `ContextListener`).
The current fix does however look really ugly, but I can't find anything better with my minor knowledge of this session usage tracking feature. I'm open for all ideas :)
Commits
-------
8d96dbd08b Track session usage when setting the token
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/35574https://github.com/doctrine/orm/issues/8030
| License | MIT
| Doc PR | N/A
This bug only happens on the following conditions:
- A Doctrine entity (`Book`) having a relation with another entity (`Author`) is used;
- The `Author` entity uses typed properties (PHP 7.4) not initialized;
- The `Serializer` is used with the `Book` in the `OBJECT_TO_POPULATE` key in the context.
For instance:
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Book
{
/**
* @ORM\ManyToOne(targetEntity="Author")
*/
public Author $author;
public ?string $isbn;
}
```
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Author
{
public ?string $name;
}
```
Or even:
```php
<?php
declare(strict_types=1);
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
/** @ORM\Entity */
class Author
{
private string $name;
public function __construct()
{
$this->name = 'Leo';
}
}
```
If the following is done (it's the case for instance in API Platform when a `PUT` is made):
```php
$serializer->deserialize('{"isbn":"2038717141"}', Book::class, 'json', ['object_to_populate' => $book]);
```
Then there will be the following error:
> Fatal error: Typed property Proxies\__CG__\App\Entity\Author::$ must not be accessed before initialization (in __sleep)
It's because of these lines in the `getCacheKey` method of the `AbstractObjectNormalizer`:
5da141b8d0/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L405-L409)
Since the lazy proxyfied relation has a `__sleep` with unitialized properties, the `serialize` method will throw (since https://bugs.php.net/bug.php?id=79002: 846b647953).
I propose to fix this issue by unsetting the `OBJECT_TO_POPULATE` key in the context because I don't think it's useful for determining the attributes of the object.
For the next versions of Symfony, the fix should probably be elsewhere, in the default context.
For instance in Symfony 4.4, instead of:
15edfd39d4/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php (L118)
It should be:
```php
$this->defaultContext[self::EXCLUDE_FROM_CACHE_KEY] = [self::CIRCULAR_REFERENCE_LIMIT_COUNTERS, self::OBJECT_TO_POPULATE];
```
But I'm not sure how it should be merged (another PR maybe?).
Commits
-------
1fafff7c10 [Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing Ukrainian and Russian translations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
Commits
-------
d43ef4ec92 [Validator] Add missing Ukrainian and Russian translations
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Config] Improve the deprecation features by handling package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | https://github.com/orgs/symfony/projects/1#card-32681032
| License | MIT
| Doc PR | TODO
Commits
-------
f4de76dba0 [Config] Improve the deprecation features by handling package and version
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DependencyInjection] Fix alias deprecations with package and version
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Firstly, this PR fixes the alias dump by the XmlDumper to be consistent with stof comment in the inital PR (the message is the node content) - it is the case for deprecated services. Otherwise, we need to add the "message" attribute in the XSD.
Secondly, it fixes the arguments when the deprecation is actually triggered as well as two related tests.
Commits
-------
5ee5654171 [DependencyInjection] Fix alias deprecations with package and version
* 5.0:
Fix wrong namespaces
Fix wrong namespaces
Fix the reporting of deprecations in twig:lint
forward multiple attributes voting flag
bumped Symfony version to 5.0.8
updated VERSION for 5.0.7
updated CHANGELOG for 5.0.7
bumped Symfony version to 4.4.8
updated VERSION for 4.4.7
updated CHANGELOG for 4.4.7
[Validator] Fixed calling getters before resolving groups
[HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing
* 4.4:
Fix wrong namespaces
Fix wrong namespaces
Fix the reporting of deprecations in twig:lint
forward multiple attributes voting flag
bumped Symfony version to 4.4.8
updated VERSION for 4.4.7
updated CHANGELOG for 4.4.7
[Validator] Fixed calling getters before resolving groups
[HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation][HttpKernel][Security] Improve UnexpectedSessionUsageException backtrace
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
Improve `UnexceptedSessionUsageException` backtrace so that it leads to the place in the userland where it was told to use session.
Commits
-------
1e1d332c7c Improve UnexcpectedSessionUsageException backtrace
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Dump kernel extension configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | #34756
| License | MIT
If the kernel is a container extension and defines a configuration, the `config:dump-reference` will now be able to dump it.
Commits
-------
2ccafb1eb3 [FrameworkBundle] Dump kernel extension configuration
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] dump factory files as classes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR is a performance improvement when using `bin/console` on the command line.
Once upon a time, we advised setting `container.dumper.inline_factories` to `false` so that the container could be chunked into many files. More recently, we turned this setting back to `true` in order to optimize for preloading. But this made `bin/console` back to slow: since the CLI cannot have opcache, PHP has to parse this potentially big file all the time. Previous data already showed this can grow big.
This PR fixes the issue by generating many files again. But instead of generating the inline code within each file, we now wrap this code inside a class. Then we list this class for preloading.
This way, we have the best of both worlds: a `bin/console` that scales no matter the size of the app and top perf when using preloading (I benched a small hello world before/after the patch with preloading enabled, there is no measurable difference.)
This should also fix a memory leak that happens when factory files contain closures.
Commits
-------
cedb5cd429 [DI] dump factory files as classes
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/36159
| License | MIT
| Doc PR | -
`$sanitizedLogs` is used with numeric and "associative" keys. To prevent collisions when the message is a number, we can simply prepend all messages with a random letter (so we avoid a behavior refactor). It doesn't matter since they key is only used for the processing, it is dropped at the end.
Commits
-------
79fe888072 [HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing
This PR was merged into the 4.4 branch.
Discussion
----------
Fix the reporting of deprecations in twig:lint
| Q | A
| ------------- | ---
| Branch? | 4.4 (the `--show-deprecations` option does not exist in 3.4)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
- ensure that the message is rendered when the line detection fails and we end up with 0 as line number (the implementation also deals with -1 which is sometimes used by Twig for errors when it does not know the line, even though this should not happen for compile-time errors).
- fix the detection of the line number when the number is at the end of the sentence, which happens for the deprecation of filters for instance.
Commits
-------
c329ca7e01 Fix the reporting of deprecations in twig:lint
- ensure that the message is rendered when the line detection fails and
we end up with 0 as line number (the implementation also deals with -1
which is sometimes used by Twig for errors when it does not know the
line, even though this should not happen for compile-time errors).
- fix the detection of the line number when the number is at the end of
the sentence, which happens for the deprecation of filters for
instance.
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Uid] Improve the code
Improve the reuse of code, programing for extension and not for modification, create a Trait with similar behavior for getTime method in uuid types. Eliminate duplicate code in Uuid
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #...
| License | MIT
| Doc PR | symfony/symfony-docs#...
Keep the same functionality, just improve a little the code, eliminating duplications and reusing some lines.
Commits
-------
106c733bce [Uid] Improve the code
* 5.0:
[HttpFoundation] Do not set the default Content-Type based on the Accept header
[Security] Fix access_control behavior with unanimous decision strategy
* 4.4:
[HttpFoundation] Do not set the default Content-Type based on the Accept header
[Security] Fix access_control behavior with unanimous decision strategy
* 5.0: (27 commits)
Fix versions
[Security/Http] Allow setting cookie security settings for delete_cookies
[DI] fix generating TypedReference from PriorityTaggedServiceTrait
[FrameworkBundle] revert to legacy wiring of the session when circular refs are detected
bumped Symfony version to 3.4.40
updated VERSION for 3.4.39
update CONTRIBUTORS for 3.4.39
updated CHANGELOG for 3.4.39
[DomCrawler] Fix BC break in assertions breaking Panther
[BrowserKit] fixed missing post request parameters in file uploads
update Italian translation
[Validator] Add missing Hungarian translations
[Validator] Add the missing translations for the Arabic (ar) locale
[Validator] Add missing vietnamese translations
[Console] Fix OutputStream for PHP 7.4
add missing gitattributes for phpunit-bridge
add German translations
Bump Symfony version to 5.0.7
Update VERSION for 5.0.6
Update CHANGELOG for 5.0.6
...
* 4.4:
Fix versions
[Security/Http] Allow setting cookie security settings for delete_cookies
[DI] fix generating TypedReference from PriorityTaggedServiceTrait
[FrameworkBundle] revert to legacy wiring of the session when circular refs are detected
bumped Symfony version to 3.4.40
updated VERSION for 3.4.39
update CONTRIBUTORS for 3.4.39
updated CHANGELOG for 3.4.39
[DomCrawler] Fix BC break in assertions breaking Panther
[BrowserKit] fixed missing post request parameters in file uploads
update Italian translation
[Validator] Add missing Hungarian translations
[Validator] Add the missing translations for the Arabic (ar) locale
[Validator] Add missing vietnamese translations
[Console] Fix OutputStream for PHP 7.4
add German translations
bug #36157 [Validator] Assert Valid with many groups
[Validator] Add missing Lithuanian translations
Fixed some typos
Add french "at least" constraint translations
* 3.4:
Fix versions
[Security/Http] Allow setting cookie security settings for delete_cookies
[FrameworkBundle] revert to legacy wiring of the session when circular refs are detected
bumped Symfony version to 3.4.40
updated VERSION for 3.4.39
update CONTRIBUTORS for 3.4.39
updated CHANGELOG for 3.4.39
update Italian translation
[Validator] Add missing Hungarian translations
[Validator] Add the missing translations for the Arabic (ar) locale
[Validator] Add missing vietnamese translations
[Console] Fix OutputStream for PHP 7.4
add German translations
bug #36157 [Validator] Assert Valid with many groups
[Validator] Add missing Lithuanian translations
Fixed some typos
Add french "at least" constraint translations
This PR was merged into the 3.4 branch.
Discussion
----------
[Security/Http] Allow setting cookie security settings for delete_cookies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/pull/36243#discussion_r399646893
| License | MIT
| Doc PR | tbd
Similar to #36173 and #36175. This is needed for Chrome 80 compatibility.
My only question is whether we should introduce these specific settings, or somehow fetch them from `framework.session`?
Commits
-------
a696d1f3af [Security/Http] Allow setting cookie security settings for delete_cookies
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Assert Valid with many groups
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/issues/36157
| License | MIT
Make a reference object get validated by each group when using the Valid constraint with many groups
Commits
-------
c9aa3a849a bug #36157 [Validator] Assert Valid with many groups
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Add missing vietnamese translations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
25fdc8e580 [Validator] Add missing vietnamese translations
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Console] Fix OutputStream for PHP 7.4
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36166
| License | MIT
From PHP 7.4, `fwrite` function now returns false for any failure: https://www.php.net/manual/en/migration74.incompatible.php#migration74.incompatible.core.fread-fwrite
Actually, the note in the PHP documentation is not exact: for PHP 7.3 and lower, `fwrite` function did return false when arguments passed in to the function were invalid, and 0 for other failures. From PHP 7.4, it returns false for any failure.
We can see it in the source code: for PHP 7.3: a1a8d14485/ext/standard/file.c (L1140)
Compare to PHP 7.4: https://github.com/php/php-src/blob/master/ext/standard/file.c#L1136
I update `OutputStream::doWrite()` to keep the same behavior as before.
Commits
-------
b375f93ed7 [Console] Fix OutputStream for PHP 7.4
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
add missing gitattributes for phpunit-bridge
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
Seems like the phpunit bridge has been forgotten in https://github.com/symfony/symfony/pull/33579
Commits
-------
d4c052a2fa add missing gitattributes for phpunit-bridge
When using allow_extra_fields feature (and set to false) with an extra_fields_message, this message may now support pluralization regarding count of extra fields (extra data). e.g. "extra field found|extra fields found"
* 5.0:
[Http Foundation] Fix clear cookie samesite
[Security] Check if firewall is stateless before checking for session/previous session
[Form] Support customized intl php.ini settings
[Security] Remember me: allow to set the samesite cookie flag
[Debug] fix for PHP 7.3.16+/7.4.4+
[Validator] Backport translations
[Mailer] Use %d instead of %s for error code in error messages
[HttpKernel] fix locking for PHP 7.4+
[Security] Fixed hardcoded value of SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
Prevent warning in proc_open()
[FrameworkBundle] Fix Router Cache
Fix deprecation messages
* 4.4:
[Http Foundation] Fix clear cookie samesite
[Security] Check if firewall is stateless before checking for session/previous session
[Form] Support customized intl php.ini settings
[Security] Remember me: allow to set the samesite cookie flag
[Debug] fix for PHP 7.3.16+/7.4.4+
[Validator] Backport translations
[Mailer] Use %d instead of %s for error code in error messages
[HttpKernel] fix locking for PHP 7.4+
[Security] Fixed hardcoded value of SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
Prevent warning in proc_open()
[FrameworkBundle] Fix Router Cache
Fix deprecation messages
* 3.4:
[Http Foundation] Fix clear cookie samesite
[Security] Check if firewall is stateless before checking for session/previous session
[Form] Support customized intl php.ini settings
[Security] Remember me: allow to set the samesite cookie flag
[Debug] fix for PHP 7.3.16+/7.4.4+
[Validator] Backport translations
Prevent warning in proc_open()
This PR was merged into the 3.4 branch.
Discussion
----------
[Security/Http] Remember me: allow to set the samesite cookie flag
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Similar to #35605, since Chrome 80 is going to require the `samesite` attribute.
This is a cherry-pick of #27976
Commits
-------
f0ceb73397 [Security] Remember me: allow to set the samesite cookie flag
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Http Foundation] Fix clear cookie samesite
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36107
| License | MIT
With Chrome Update 80, Cookies are required to be `secure` and `samesite=none` for cross site requests. However they are defaulted to `samesite=lax` if the samesite attribute is not set. In other words: developer has to explicitely opt-in for `samesite=none` in the case of a cross site request.
More details: https://chromestatus.com/feature/5088147346030592
We add the `samesite` argument to `clearCookie` method to allow developer to explicitely set this value.
Commits
-------
4bdea1f2e7 [Http Foundation] Fix clear cookie samesite
`IntlDateParser->parse()` behaves differently when `intl.error_level` and/or `intl.use_exceptions` are not 0.
This change makes sure `\IntlException` is caught when `intl.use_exceptions` is 1 and warnings thrown when `intl.error_level` is not 0 are ignored.
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] Issue notice when NativeHttpClient is used
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Simple PR to issue a notice to notify the user that `ext-curl` or `amphp/http-client` should be installed to use an HTTP/2 capable HTTP client. Not sure on the notice wording.
Commits
-------
874c1e6ab0 [HttpClient] Issue notice when NativeHttpClient is used
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier][Slack] Add fields on Slack Section block
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Added `fields` field on section block.
> An array of text objects. Any text objects included with fields will be rendered in a compact format that allows for 2 columns of side-by-side text. Maximum number of items is 10. Maximum length for the text in each item is 2000 characters.
Example of use:
```
$slackOptions = (new SlackOptions())
->block((new SlackSectionBlock())->text('My message'))
->block(new SlackDividerBlock())
->block(
(new SlackSectionBlock())
->field('*Max Rating*')
->field('5.0')
->field('*Min Rating*')
->field('1.0')
);
```
Expected output:
<img width="677" alt="Screen Shot 2020-03-21 at 09 57 36" src="https://user-images.githubusercontent.com/65848/77222314-b8360c80-6b5a-11ea-874c-2cfb1829f839.png">
Commits
-------
faad197e85 Added fields on Slack Section block
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Mailer][Mailgun] Support more headers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | Fix#35776
| License | MIT
| Doc PR |
Im not sure if this should be classified as a bug since "setting headers are broken". Ie, you cannot use some Mailgun API features.
Or, this may be a feature because now you may specify any supported custom header you want.
Commits
-------
537c8b8aa6 [Mailer][Mailgun] Support more headers
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][Routing] Add link to source to router:match
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | https://github.com/orgs/symfony/projects/1#card-30505860
| License | MIT
| Doc PR |
Add link to source on `debug:router`/`router:match` when `framework.ide` is configured
Commits
-------
a96690cce5 [FrameworkBundle][Routing] Add link to source to router:match
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form][CheckboxType] Remove _false_is_empty flag
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Cleanup of https://github.com/symfony/symfony/pull/35938.
Commits
-------
6fac6d4086 [Form][CheckboxType] Remove _false_is_empty flag
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Fix deprecation message for booting a kernel twice
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
a0a6243a21 Fix deprecation messages
* 5.0:
[DI] Fix CheckTypeDeclarationPass
[Security/Http] don't require the session to be started when tracking its id
[DI] fix preloading script generation
* 4.4:
[DI] Fix CheckTypeDeclarationPass
[Security/Http] don't require the session to be started when tracking its id
[DI] fix preloading script generation
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] fix preloading script generation
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
(fabbot failure is a false positive)
On master, we should work on being able to preload more classes (esp. all cache-warmup artifacts).
But for 4.4, this is good enough. Submitted as a bug fix because 1. the current code that deals with preloading kinda-works, but only on "dev" mode... and 2. fixing it provides a nice boost!
Small bench on a hello world:
- before: 380 req/s
- after: 580 req/s
That's +50%!
Pro-tip: adding a few `class_exists()` as done in this PR for the classes that are always used in the implementations (e.g. `new Foo()` in the constructor) will help the preload-script generator to work optimally. Without them, it will discover the symbols to preload only if they're found on methods.
Some of those `class_exists()` are mandatory, in relation to anonymous classes and https://bugs.php.net/79349
Commits
-------
a10fc4da5d [DI] fix preloading script generation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[PropertyAccess][DX] Added an `UninitializedPropertyException`
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | TODO
Feature version of #36073 for master. Again, better be reviewed without whitespace changes, thanks!
Commits
-------
2b2fd12b0d [PropertyAccess] Added an `UninitializedPropertyException`
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][PropertyAccess] Use injection for info extractors
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Follows #30704.
Commits
-------
693d4c0a2d [FrameworkBundle][PropertyAccess] Use injection for info extractors
This PR was merged into the 5.1-dev branch.
Discussion
----------
[PropertyAccess] Added missing new args in `PropertyAccessorBuilder`
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Following #30704.
Commits
-------
e1be8cd61b [PropertyAccess] Added missing new args in PropertyAccessorBuilder
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Http] don't require the session to be started when tracking its id
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`$session->getId()` returns the empty string when the session is not yet started.
When this happens, the session tracking logic wrongly detects that a new session was created and thus disables HTTP caching.
This fixes the issue by looking at the value of the session cookie instead.
(the case for `true` is when using `MockArraySessionStorage` as done in tests)
Commits
-------
c39188a7cc [Security/Http] don't require the session to be started when tracking its id
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DI] Fix CheckTypeDeclarationPass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35863 and #35972
| License | MIT
| Doc PR |
Bug 1: The lint container threw an error if a class buit with a factory was declared as callable while this factory method returne a callabe (#35863)
Bug 2: Sodium Exception was not caught in the CheckTypeDeclarationsPass. We have extended the exception caught to \Exception, instead of EnvNotFoundException and RuntimeException only.
Commits
-------
cbf4dfd10f [DI] Fix CheckTypeDeclarationPass
* 5.0:
fix merge
Fix more quotes in exception messages
Fix more quotes in exception messages
Fix more quotes in exception messages
[3.4] Minor fixes
[PropertyAccess] Improved errors when reading uninitialized properties
This PR was merged into the 5.1-dev branch.
Discussion
----------
Leverage PHP8's get_debug_type()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
See https://github.com/symfony/polyfill/pull/226 for background.
We might have to port part of the patch to 4.4 when we'll work on having it support PHP 8, but that's not needed for now.
Commits
-------
daf1c6605e Leverage PHP8's get_debug_type()
* 4.4:
Fix more quotes in exception messages
Fix more quotes in exception messages
[3.4] Minor fixes
[PropertyAccess] Improved errors when reading uninitialized properties
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Add AbstractString::containsAny()
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
We decided to not have a `contains()` method because we didn't know how to handle the case where several needles are passed. But https://wiki.php.net/rfc/str_contains made me reconsider this idea and I think `containsAny()` works great. WDYT?
Commits
-------
de79ae7f35 [String] Add AbstractString::containsAny()
This PR was merged into the 3.4 branch.
Discussion
----------
[PropertyAccess][DX] Improved errors when reading uninitialized properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | kinda
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36051
| License | MIT
| Doc PR | ~
An attempt to fix#36051 by providing better error messages when trying to read uninitialized properties either via calling a return-type-hinted method from PHP 7.0 or by accessing public-typed properties from PHP 7.4.
It would be nice to have a proper exception class in master.
Commits
-------
a71023ba65 [PropertyAccess] Improved errors when reading uninitialized properties
This PR was merged into the 5.0 branch.
Discussion
----------
[Notifier] Add unit tests
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
- [x] `AbstractChannel`
- [x] `ChannelPolicy`
- [x] `RecipientTest` (done in PR #35773)
- [x] `EmailRecipientTest` (done in PR #35773)
- [x] `SmsRecipientTest` (done in PR #35773)
- [x] `Transports` (see PR #35834)
Commits
-------
022c1707e2 [Notifier] Add tests for AbstractChannel and ChannelPolicy
* 5.0:
[FrameworkBundle] start session on flashbag injection
[Validator] Remove commas in translations
[Console] Fallback to default answers when unable to read input
* 4.4:
[FrameworkBundle] start session on flashbag injection
[Validator] Remove commas in translations
[Console] Fallback to default answers when unable to read input
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] start session on flashbag injection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix [#33084](https://github.com/symfony/symfony/issues/33084)
| License | MIT
This PR addresses an issue whereby if the FlashBag is injected into the application using the default service configuration, we cannot rely that the session has been started. This behaviour is in contradiction to [the docs](https://symfony.com/doc/current/session.html#avoid-starting-sessions-for-anonymous-users):
> Sessions are automatically started whenever you read, write or even check for the existence of data in the session.
This is because symfony ensures the session has been started on calls to getFlashBag() which is normally how the flashbag will be accessed but this is not called if you inject the FlashBag directly into the container.
I have addressed this issue by changing the way the Flashbag service is built so that it uses Session as a factory service and getFlashBag as a factory method. This means that anywhere in symfony where FlashBag is injected can now rely on the fact the session is started.
I have also added a new functional test to verify this behaviour.
Commits
-------
e8b4d35616 [FrameworkBundle] start session on flashbag injection
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Validator] Add AtLeastOne constraint and validator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | TODO
This constraint allows you to apply a collection of constraints to a value, and it will be considered valid, if it satisfies at least one of the constraints from the collection.
Some examples:
```php
/**
* @Assert\AtLeastOne({
* @Assert\Length(min=5),
* @Assert\EqualTo("bar")
* })
*/
public $name = 'foo';
/**
* @Assert\AtLeastOne({
* @Assert\All({@Assert\GreaterThanOrEqual(10)}),
* @Assert\Count(20)
* })
*/
public $numbers = ['3', '5'];
/**
* @Assert\All({
* @Assert\AtLeastOne({
* @Assert\GreaterThanOrEqual(5),
* @Assert\LessThanOrEqual(3)
* })
* })
*/
public $otherNumbers = ['4', '5'];
```
The respective default messages would be:
`name: This value should satisfy at least one of the following constraints: [1] This value is too short. It should have 5 characters or more. [2] This value should be equal to "bar".`
`numbers: This value should satisfy at least one of the following constraints: [1] Each element of this collection should satisfy its own set of constraints. [2] This collection should contain exactly 20 elements.`
`otherNumbers[0]: This value should satisfy at least one of the following constraints: [1] This value should be greater than or equal to 5. [2] This value should be less than or equal to 3.`
But of course you could also create a simple custom message like `None of the constraints are satisfied`.
Commits
-------
e6209a697c [Validator] Add AtLeastOne constraint and validator
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Form] Correctly round model with PercentType and add a rounding_mode option
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35296
| License | MIT
| Doc PR | symfony/symfony-docs#13138
Commits
-------
d97565dcee [Form] Correctly round model with PercentType and add a rounding_mode option
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Added a "choice_filter" option to ChoiceType
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | Fix#32657
| License | MIT
| Doc PR | symfony/symfony-docs#13223
Finally opening this PR for a very old branch, based on both #34550 (merged) and #30994 (merged).
~Until #30994 is merged, this PR should better be reviewed by commits. Thanks!~
Commits
-------
ed2c312609 [Form] Added a "choice_filter" option to ChoiceType
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[ErrorHandler][FrameworkBundle] better error messages in failing tests
| Q | A
| ------------- | ---
| Branch? | master for features
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#32752
| License | MIT
| Doc PR |
Purpose of this PR is to enhance tests by giving a way to report an exception that occured during the processing of the request.
The ErrorHandler will add an X-Debug-Exception, and the assertThat() method of WebTestCase will throw an exception if this header exists and status code is 5xx.
In practice, this adds the "Caused by" section in this example:
```
Time: 374 ms, Memory: 20.00 MB
There was 1 failure:
1) App\Tests\Controller\HomeControllerTest::testC
Failed asserting that the Response has header "Content-Type" with value "application/json".
/srv/symfony/src/Symfony/Bundle/FrameworkBundle/Test/BrowserKitAssertionsTrait.php:132
/srv/symfony/src/Symfony/Bundle/FrameworkBundle/Test/BrowserKitAssertionsTrait.php:66
/srv/blog/tests/Controller/HomeControllerTest.php:29
Caused by
Exception: This a test exception. in /the/file.php:139
Stack trace:
[...]
```
Commits
-------
0da9469ee2 [ErrorHandler][FrameworkBundle] better error messages in failing tests
This PR was merged into the 4.4 branch.
Discussion
----------
[Console] Fallback to default answers when unable to read input
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#36027, Fix#35988
| License | MIT
| Doc PR |
Alternative to https://github.com/symfony/symfony/pull/36027.
This fixes linked issues without having to revert fix for #30726. Successfully tested with composer script, `docker run` and `docker run -it`.
Commits
-------
8ddaa20b29 [Console] Fallback to default answers when unable to read input
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[PhpUnitBridge] Deprecate @expectedDeprecation annotation
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes<!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Addresses https://github.com/orgs/symfony/projects/1#card-32934769 as a follow-up to #35192.
Deprecating `@expectedDeprecation` annotation on tests in favour of the `expectDeprecation()` method similar to other PHPUnit deprecations of annotations in favour of methods.
Commits
-------
36a57cc7c2 [PhpUnitBridge] Deprecate @expectedDeprecation annotation
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] make `HttpClient::create()` return an `AmpHttpClient` when `amphp/http-client` is found but curl is not or too old
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follows #35115
Let's use `amphp/http-client` by default, after `curl` and before `fopen()`.
Commits
-------
7991685e04 [HttpClient] made `HttpClient::create()` return an `AmpHttpClient` when `amphp/http-client` is found but curl is not or too old
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[Validator] Remove commas in translations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
These translations were originally modified in #21335.
Commits
-------
5688f97bad [Validator] Remove commas in translations
* 5.0:
Add missing dots at the end of exception messages
Add missing dots at the end of exception messages
[DI][Form] Fixed test suite (TimeType changes & unresolved merge conflict)
Fix bad merge
Add missing dots at the end of exception messages
* 4.4:
Add missing dots at the end of exception messages
[DI][Form] Fixed test suite (TimeType changes & unresolved merge conflict)
Fix bad merge
Add missing dots at the end of exception messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Framework-Bundle] fixed kernel.secret not being overridden when loaded from extension using MicroKernelTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Previously, when extending `Kernel::class` and using the `MicroKernelTrait::class` setting the `secret` like
```
protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader)
{
$container->loadFromExtension('framework', [ 'secret' => 'foo',]);
```
would not replace the `kernel.secret` parameter set by `$container->setParameter('kernel.secret', '%env(APP_SECRET)%');` in the `MicroKernelTrait`.
Initiating a service with a secret argument without a `APP_ENV` value set in `.env` would throw:
`Symfony\Component\DependencyInjection\Exception\EnvNotFoundException : Environment variable not found: "APP_SECRET".`
This PR allows the `kernel.secret` set in the `MicroKernelTrait::registerContainerConfiguration()` to be overridden in a class extending `Kernel` while using the trait.
Thanks @nicolas-grekas for the help on this one.
Commits
-------
76d398851f fixed kernel.secret not being overridden when loaded from extension
This PR was merged into the 5.1-dev branch.
Discussion
----------
[SecurityBundle] Added XSD for the extension configuration
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#28141
| License | MIT
| Doc PR | TODO
Commits
-------
66ac3f7f5d [SecurityBundle] Added XSD for the extension configuration
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Uid] Add support for UUIDv6
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
See https://github.com/uuid6/uuid6-ietf-draft/blob/master/draft-peabody-dispatch-new-uuid-format-00.txt
A v6 UUID is a lexicographically-sortable-v1.
This makes it db-index friendly (same as ULIDs).
For reference:
- v1 has no benefits over v6 except being in the current official RFC
- v6 is order-friendly and leaks time data + stable entropy (potentially bound to a MAC address or equivalent)
- ULID is also order-friendly and leaks time data, with high entropy (crypto random source)
- v4 is pure crypto random source, aka no order and no leak of anything.
Commits
-------
b705ee1b4b [Uid] Add support for UUIDv6
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Mime] Fix boundary header
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35443 (fixes the second problem described in this ticket)
| License | MIT
The boundary value of Content-Type header was enclosed in quotes, cause of the "=" symbol.
Commits
-------
453078ff37 [Mime] Fix boundary header
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Uid] add support for Ulid
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
ULIDs are useful alternatives to UUIDs.
From https://github.com/ulid/spec:
UUID can be suboptimal for many use-cases because:
- It isn't the most character efficient way of encoding 128 bits of randomness
- UUID v1/v2 is impractical in many environments, as it requires access to a unique, stable MAC address
- UUID v3/v5 requires a unique seed and produces randomly distributed IDs, which can cause fragmentation in many data structures
- UUID v4 provides no other information than randomness which can cause fragmentation in many data structures
Instead, herein is proposed ULID:
- 128-bit compatibility with UUID
- 1.21e+24 unique ULIDs per millisecond
- Lexicographically sortable!
- Canonically encoded as a 26 character string, as opposed to the 36 character UUID
- Uses Crockford's base32 for better efficiency and readability (5 bits per character)
- Case insensitive
- No special characters (URL safe)
- Monotonic sort order (correctly detects and handles the same millisecond)
Commits
-------
59044f914b [Uid] add support for Ulid
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Uid] make `Uuid::equals` method accept any types of argument for more flexibility
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
I suggest to weaken the `Uuid:equals` method argument type to accept any types of value to compare against. This makes one able to compare the `Uuid` instance with any values.
Commits
-------
46721c19f9 [Uid] make `Uuid::equals()` accept any types of argument for more flexibility
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Uid] make Uuid::getTime() return subseconds info
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
A UUID timestamp contains 60bit of data, but a timestamp barely contains 31bit.
Let's return a float instead.
Commits
-------
5a170b80ed [Uid] make Uuid::getTime() return subseconds info
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] add --deprecations on debug:container command
| Q | A
| ------------- | ---
| Branch? | master (5.1)
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #30089 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | todo
_I apologize in advance, I am not fluent in English_
Continuity of @Simperfit work from his PR https://github.com/symfony/symfony/pull/32584
I added support for XML, JSON and markdown formats as well as unit tests for all formats.
## XML format
```xml
<?xml version="1.0" encoding="UTF-8"?>
<deprecations remainingCount="5">
<deprecation count="3">
<message>Some deprecation message.</message>
<file>/path/to/some/file.php</file>
<line>39</line>
</deprecation>
<deprecation count="2">
<message>An other deprecation message.</message>
<file>/path/to/an/other/file.php</file>
<line>25</line>
</deprecation>
</deprecations>
```
## JSON format
```json
{
"remainingCount": 5,
"deprecations": [
{
"message": "Some deprecation message.",
"file": "\/path\/to\/some\/file.php",
"line": 39,
"count": 3
},
{
"message": "An other deprecation message.",
"file": "\/path\/to\/an\/other\/file.php",
"line": 25,
"count": 2
}
]
}
```
## Markdown format
## Remaining deprecations (5)
- 3x: "Some deprecation message." in /path/to/some/file.php:39
- 2x: "An other deprecation message." in /path/to/an/other/file.php:25
I added a new commit on top of @Simperfit 's one, but I don't know how you would like to have the git history writed.
Commits
-------
ee6391eb29 [FrameworkBundle] add all formats support for debug:container --deprecations command
161f659146 [FrameworkBundle] add --deprecations on debug:container command
* 5.0:
[Config] fix test
[HttpClient] disable debug log with curl 7.64.0
[Intl][3.4] Bump ICU 66.1
fix import from config file using type: glob
[DoctrineBridge][DoctrineExtractor] Fix wrong guessed type for "json" type
* 4.4:
[Config] fix test
[HttpClient] disable debug log with curl 7.64.0
[Intl][3.4] Bump ICU 66.1
fix import from config file using type: glob
[DoctrineBridge][DoctrineExtractor] Fix wrong guessed type for "json" type
* 3.4:
[Config] fix test
[Intl][3.4] Bump ICU 66.1
fix import from config file using type: glob
[DoctrineBridge][DoctrineExtractor] Fix wrong guessed type for "json" type
This PR was merged into the 3.4 branch.
Discussion
----------
fix import from config file using type: glob
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
If you try to import configs with glob using
```
imports:
- { resource: '../dev/*.{php,xml,yaml,yml}', type: 'glob' }
```
it didn't work because the FileLoader resolves the glob pattern but forwards the glob type. This meant the resolver then choses the GlobFilerLoader again for each already resolved file which does not find the files. So in the end the glob was resolved but the files never imported.
The workaround is to remove the `type: glob` from the import above. But the real fix should be to not forward the glob type when it's already resolved.
Commits
-------
6b70511bc6 fix import from config file using type: glob
This PR was merged into the 3.4 branch.
Discussion
----------
[DoctrineBridge][DoctrineExtractor] Fix wrong guessed type for "json" type
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/35968
| License | MIT
| Doc PR | -
After checking the code, it appears that `json` have a different behavior than `json_array`.
> In json_array doctrine was converting null or empty value to array, but json type doesn't do that
@norkunas is right about this. Consequently, we cannot safely guess a built in type for the `json` Doctrine type.
Commits
-------
f9f5f8df3e [DoctrineBridge][DoctrineExtractor] Fix wrong guessed type for "json" type
This PR was merged into the 3.4 branch.
Discussion
----------
[Intl][3.4] Bump ICU 66.1
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
See https://github.com/unicode-org/icu/releases/tag/release-66-1 (no data changes for us)
Commits
-------
2275689cf8 [Intl][3.4] Bump ICU 66.1
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Form] Add label_html attribute
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
| Doc PR | symfony/symfony-docs#13316
I propose to add a new attribute to `BaseType` class so it is easy to include html tags in labels for, both, buttons and other elements that inherit from `FormType` class. This gives you an ability to add, e.g. a glyphicon to a button, or a link to a checkbox, simply inside the `FormBuilder`, which means you can just do
```twig
{{ form(form) }}
```
inside a template.
**Sidenotes**
1. I have started working on this two days ago and it the meantime @alexander-schranz made a similar proposition in #31358. If necessary, I can close my PR and @alexander-schranz can include my suggestions inside his PR.
1. I have just read in #29861 that @mpiot wanted to include this idea in his PR. With respect to @xabbuh's comments from that PR, I hope that my PR will be at least a good place to discuss, if the proposed feature is a good solution.
Commits
-------
239fe04ff9 [Form] Add label_html attribute
* 5.0: (36 commits)
Add test for tagged iterator with numeric index
Fix container lint command when a synthetic service is used in combination with the expression language
Fix Travis script
[Validator][Range] Fix typos
[SecurityBundle] Minor fix in LDAP config tree builder
[HttpClient] fix requests to hosts that idn_to_ascii() cannot handle
Revert "minor #35559 [FrameworkBundle] remove mention of the old Controller class (nicolas-grekas)"
[FrameworkBundle] remove redundant PHPDoc in console Descriptor and subclass
[Mime] remove phpdoc mentioning Utf8AddressEncoder
Add missing phpdoc
Remove int return type from FlattenException::getCode
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
[Form] Handle false as empty value on expanded choices
[Messenger] Add ext-redis min version req to tests
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Add new packages on the link script
...
* 4.4: (34 commits)
Add test for tagged iterator with numeric index
Fix container lint command when a synthetic service is used in combination with the expression language
[Validator][Range] Fix typos
[SecurityBundle] Minor fix in LDAP config tree builder
[HttpClient] fix requests to hosts that idn_to_ascii() cannot handle
[FrameworkBundle] remove redundant PHPDoc in console Descriptor and subclass
[Mime] remove phpdoc mentioning Utf8AddressEncoder
Add missing phpdoc
Remove int return type from FlattenException::getCode
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
[Form] Handle false as empty value on expanded choices
[Messenger] Add ext-redis min version req to tests
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Add new packages on the link script
[DI] fix dumping errored definitions
[DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
...
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Fix container lint command when a synthetic service is used in an expression
Fix container lint command when a synthetic service is used in combination with the expression language.
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35691
| License | MIT
| Doc PR | -
Commits
-------
e7fa73a32b Fix container lint command when a synthetic service is used in combination with the expression language
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Handle false as empty value on expanded choices
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/31572
| License | MIT
| Doc PR | -
This is the 3.4 version of https://github.com/symfony/symfony/pull/32747. The tests are the same. The added code has to be removed from master (if accepted).
Commits
-------
1a366bc378 [Form] Handle false as empty value on expanded choices
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] remove redundant PHPDoc in console Descriptor
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | None <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
The PHPDoc for some `describeXXX` methods in the abstract `Symfony\Bundle\FrameworkBundle\Console\Descriptor\Descriptor` was inaccurate or redundant.
I remove the PHPDoc in the superclass and the `{@inheritdoc}` in the child class as suggested by @chalasr in this PR comment https://github.com/symfony/symfony/pull/35995#discussion_r389846487
I keep the PHPDoc when it adds some explanation about the method or its params.
For exemple :
### inaccurate:
```php
/**
* Describes an InputArgument instance.
*/
abstract protected function describeRouteCollection(RouteCollection $routes, array $options = []);
/**
* Describes an InputOption instance.
*/
abstract protected function describeRoute(Route $route, array $options = []);
```
### redundant
```php
/**
* Describes container parameters.
*/
abstract protected function describeContainerParameters(ParameterBag $parameters, array $options = []);
/**
* Describes container tags.
*/
abstract protected function describeContainerTags(ContainerBuilder $builder, array $options = []);
```
### kept
```php
/**
* Describes event dispatcher listeners.
*
* Common options are:
* * name: name of listened event
*/
abstract protected function describeEventDispatcherListeners(EventDispatcherInterface $eventDispatcher, array $options = []);
/**
* Describes a callable.
*
* @param mixed $callable
*/
abstract protected function describeCallable($callable, array $options = []);
```
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
e535e7d2ff [FrameworkBundle] remove redundant PHPDoc in console Descriptor and subclass
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Minor fix in LDAP config tree builder
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Continuation of #35910 for 4.4.
Commits
-------
468a201d34 [SecurityBundle] Minor fix in LDAP config tree builder
* 3.4:
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Revert "bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form"
Add Spanish translation
Fix typo
[Validator] add Japanese translation
Fix typo
Add Polish translation
[SecurityBundle] Minor fixes in configuration tree builder
bumped Symfony version to 3.4.39
updated VERSION for 3.4.38
update CONTRIBUTORS for 3.4.38
updated CHANGELOG for 3.4.38
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DX][Testing] Added a loginUser() method to test protected resources
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#26839
| License | MIT
| Doc PR | tbd
This finishes https://github.com/symfony/symfony/pull/32850 original description:
> I know this won't work for 100% of our users ... but the goal is to make life easier to *most* of them. Thanks!
A custom `ConcreteToken` test-object is created as suggested by @linaori, to not bind this token to any specific implementation (as other implementations aren't fully compatible with eachother).
Commits
-------
2980a680d4 Added special test token and implemented 'real' functional tests
f516829d99 [DX][Testing] Added a loginUser() method to test protected resources
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Show message & handler(s) class description in debug:messenger
| Q | A
| ------------- | ---
| Branch? | master<!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
Similar to the `debug:autowiring` command, add the messages & handlers class description to the `debug:messenger` command.
Messenger is a central piece in CQRS applications. Exposing the messages & handlers descriptions in this command is a great way to have a global vision of the covered use-cases (especially if there is a newcomer to the project).
Commits
-------
079efdff08 [Messenger] Show message & handler(s) class description in debug:messenger
This PR was merged into the 5.1-dev branch.
Discussion
----------
[VarDumper] DumpServer: log whenever a payload is received
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A <!-- required for new features -->
Small improvement so you can get a feedback in the console when a dump was received by using `-vv`:
![Capture d’écran 2020-03-05 à 12 02 34](https://user-images.githubusercontent.com/2211145/75975709-4d899d80-5ed9-11ea-942f-e76a62d82218.png)
Commits
-------
7cfc3ced9d [VarDumper] DumpServer: log whenever a payload is received
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35916, Fix#35953
| License | MIT
| Doc PR | -
Commits
-------
09770aa930 [DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
improve PlaintextPasswordEncoder docBlock summary
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Updates class summary as suggested in tkt #35927 & pr #35929 to suggest the encoder is for test usage.
Commits
-------
622facfe94 Tweak message
a56d262639 improve PlaintextPasswordEncoder docBlock summary
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Fix some wrong localized routes tests
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
~~Since https://github.com/symfony/symfony/pull/35855, the `_locale` path param is directly substituted so those tests are not valid cases anymore. Instead, the path directly contain the right locale.~~ Actually, the compilation is done after, so instead we need to set the new requirement in all tests to reflect the "reality".
https://github.com/symfony/symfony/pull/35855 also causes a BC break on one case:
```php
$compiledUrlGenerator->generate('foo.fr', ['_locale' => 'en']))
```
Previously, the generated route would be the `/en/fourchette`. Now that the locale is hardcoded in the route path, it will always be `/fr/fourchette`. I changed `foo` to relevant words because it is easier to understand like that.
Commits
-------
99ae55ff1a [Routing] Fix some wrong localized routes tests
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Prevent localized routes _locale default & requirement from being overridden
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/35915
| License | MIT
| Doc PR | -
When we have configured a localized route, its default _locale and _locale requirement should not be modified to ensure it works as expected.
Commits
-------
096dc0aeef [Routing] Prevent localized routes _locale default & requirement from being overridden
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] Add portable HTTP/2 implementation based on Amp's HTTP client
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR provides an `AmpHttpClient`, which is an adapter between [`amphp/http-client`](https://github.com/amphp/http-client) and `symfony/http-client-contracts`.
~This is an early experiment for now, but it works already on the happy path:~ I have a local h2-intensive script, and while it's slower than CurlHttpClient, this performs quite well!
This could provide a portable implementation of HTTP/2 \o/
/cc @kelunik FYI
Todo:
- [x] async request/response
- [x] streaming and multiplexing
- [x] handle all ssl options
- [x] timers info
- [x] upload/download progress info
- [x] upload/download progress callback
- [x] HTTP proxy support
- [x] streamed upload
- [x] public-key pinning
- [x] peer certificate capturing
- [x] stream casting with `$response->toStream()`
- [x] ~https://github.com/amphp/http-client/pull/241~
- [x] extensive debug info
- [x] HTTP/2 PUSH support
- [x] https://github.com/amphp/http-client/issues/243
- [x] https://github.com/amphp/http-client/issues/242
- [x] https://github.com/amphp/http-client/pull/250
- [x] https://github.com/amphp/http-client/pull/239
- [x] ~https://github.com/kelunik/certificate/pull/2~
- [x] https://github.com/amphp/socket/pull/71
- [x] https://github.com/amphp/http-client/issues/252
Commits
-------
ef113feeb3 [HttpClient] Add portable HTTP/2 implementation based on Amp's HTTP client
* 5.0:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 5.0.6
updated VERSION for 5.0.5
updated CHANGELOG for 5.0.5
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
* 4.4:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] register only existing transport factories
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35866
| License | MIT
| Doc PR |
The parts from #35907 that also apply to the `4.4` branch.
Commits
-------
650c9f3f4b register only existing transport factories
This PR was merged into the 4.4 branch.
Discussion
----------
[DomCrawler] prevent deprecation being triggered from assertion
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35889
| License | MIT
| Doc PR |
Commits
-------
b01a10c760 prevent deprecation being triggered from assertion
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Minor fixes in configuration tree builder
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Commits
-------
1bd779d7c8 [SecurityBundle] Minor fixes in configuration tree builder
This PR was merged into the 3.4 branch.
Discussion
----------
Add Spanish translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
@javiereguiluz I know it's not very significant, but in order to make distinction between `must be` and `should be`, shouldn't translation no. 94 be changed to `Este valor debería estar entre...`?
Commits
-------
9e67b57baa Add Spanish translation
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] NumberToLocalizedStringTransformer return int if scale = 0
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35775
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
2993fc9fc5 Return int if scale = 0
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[DI] Clarified deprecation for TypedReference in 4.4
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#35752 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR |~ <!-- required for new features -->
Changes the deprecation message to indicate the argument has been removed and how to fix it.
Commits
-------
1c70048e9c [DI] Clarified deprecation for TypedReference in 4.4
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] add German translation
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
9d837ecb34 add German translation
This PR was merged into the 3.4 branch.
Discussion
----------
[DomCrawler][Form] Fix PHPDoc on get & offsetGet
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
`FormFieldRegistry::get()` returns mixed. For example, it can return an array when the field is a collection.
Commits
-------
f8735cc47b [DomCrawler][Form] Fix PHPDoc on get & offsetGet
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][HttpKernel] Add session usage reporting in stateless mode
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | TODO
https://github.com/orgs/symfony/projects/1#card-30506005
Provide a `@Stateless` annotation that forbid session usage for annotated controllers (or classes).
## Implementations
**v1**
- ~~New session proxy that allows session to be marked as disabled~~
- ~~New default route attribute: `_stateless` (automatically set by `@Stateless`)~~
- ~~On kernel controller event, if `_stateless` is `true`, session is marked as disabled~~
- ~~Session listener is able to check if the session is disabled and prevent its creation~~
**v2**
- New default route attribute: `_stateless` (automatically set by `@Stateless`)
- On kernel response, check the session usage and if session was used when `_stateless` attribute is set to `true`: Either throw an exception (debug enabled) or log a warning (debug disabled)
Commits
-------
bc48db2424 [FrameworkBundle][HttpFoundation] Add `_stateless`
* 5.0:
minor #35833 [FrameworkBundle] Add missing items in the unused tag pass whitelist (fabpot)
[HttpClient][DX] Add URL context to JsonException messages
[Routing] Improve localized routes performances
[4.4][DoctrineBridge] Use new Types::* constants and support new json type
[Validator] Add missing translations
[Notifier] Dispatch message event in null transport
[Messenger] Use Doctrine DBAL new Types::* constants
* 4.4:
minor #35833 [FrameworkBundle] Add missing items in the unused tag pass whitelist (fabpot)
[HttpClient][DX] Add URL context to JsonException messages
[Routing] Improve localized routes performances
[4.4][DoctrineBridge] Use new Types::* constants and support new json type
[Validator] Add missing translations
[Messenger] Use Doctrine DBAL new Types::* constants
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Add missing items in the unused tag pass whitelist
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
We have some missing tags in the whitelist. I've added a script that adds the missing ones, and added a test to avoid forgetting about updating the whitelist.
Commits
-------
d1bcc0fc5e [FrameworkBundle] Add a script that checks for missing items in the unused tag whitelist
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[HttpClient][DX] Add URL context to JsonException messages
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/35762#issuecomment-589770016
| License | MIT
| Doc PR | N/A
In order to help when debugging incorrect JSON responses, this PR adds the requested URL to the error message.
Before: `Syntax Error`
After: `JSON error: Syntax error, from "https://example.com/file.json".`
See the 2nd commit for full diff in new unit tests
Commits
-------
06539173e7 [HttpClient][DX] Add URL context to JsonException messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Validator] Allow Sequentially constraints on classes + target guards
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | todo in https://github.com/symfony/symfony-docs/pull/13206 if not merged yet
There is no reason to limit this constraint to properties, so let's add classes as targets.
Additionally, let's ensure embedded constraints matches allowed targets too.
Commits
-------
1e02a96286 [Validator] Allow Sequentially constraints on classes
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Add missing items in the unused tag pass whitelist
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
We have some missing tags in the whitelist. I've added a script that adds the missing ones, and added a test to avoid forgetting about updating the whitelist.
Commits
-------
d1bcc0fc5e [FrameworkBundle] Add a script that checks for missing items in the unused tag whitelist
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Use Doctrine DBAL new Types::* constants
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f1fb1597ff [Messenger] Use Doctrine DBAL new Types::* constants
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Added MarshallingSessionHandler
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | TODO
Added `MarshallingSessionHandler`, a decorator for session handlers which uses the cache marshaller in order to encrypt session data.
(This is an alternative solution to #35643)
To use it, we can simply decorate the session marshaller, after that all session data will be encrypted
```yaml
Symfony\Component\Cache\Marshaller\SodiumMarshaller:
decorates: 'session.marshaller'
arguments:
- ['%env(file:resolve:SODIUM_DECRYPTION_FILE)%']
- '@Symfony\Component\Cache\Marshaller\SodiumMarshaller.inner'
```
TODO:
- [x] unit tests
Commits
-------
155d980aea [HttpFoundation][Cache] Added MarshallingSessionHandler
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Deprecated ROLE_PREVIOUS_ADMIN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | n/a
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11487
`ROLE_PREVIOUS_ADMIN` is added to the token roles if the session is an impersonation. Since https://github.com/symfony/symfony/pull/31189 we have the `IS_IMPERSONATOR` attribute which can be used for the same reason. I propose to deprecate the `ROLE_PREVIOUS_ADMIN`:
* This is not what roles are for ([resulting in hacking this exception in `AbstractToken`](https://github.com/symfony/symfony/blob/5.0/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php#L275-L277))
* The role isn't very descriptive
* I don't like having 2 ways of doing exactly the same thing
* While every application with impersonation enabled probably needs to be updated, the update is as simple as replacing `ROLE_PREVIOUS_ADMIN` with `IS_IMPERSONATOR`: `find ./ -type f -exec sed -i 's/ROLE_PREVIOUS_ADMIN/IS_IMPERSONATOR/g' {} +`
---
I'm a bit unsure on how to deprecate this role, but I think having it in `RoleVoter` is probably the safest (`isGranted()` and variants + `AccessDecisionManager#decide()` all use this voter to check if the token has this role).
Commits
-------
dce55f352a Deprecated ROLE_PREVIOUS_ADMIN
This PR was merged into the 4.4 branch.
Discussion
----------
[Routing] Improve localized routes performances
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| License | MIT
Implementation of the following idea: https://github.com/symfony/symfony/pull/35735#pullrequestreview-360525593
Improve route matching performances by turning dynamic routes with fixed `_locale` to actual static routes.
Commits
-------
8e9eafe18b [Routing] Improve localized routes performances
This PR was squashed before being merged into the 5.0 branch.
Discussion
----------
[Notifier] Dispatch message event in null transport
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
I think we should be able to log notifications via the `NotificationLoggerListener` even if they were sent to a null transport. The mailer component does it the same way.
Commits
-------
a0d99ce398 [Notifier] Dispatch message event in null transport
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Validator] add alpha3 option to Language constraint
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix https://github.com/symfony/symfony/pull/35116#issuecomment-570038901
| License | MIT
| Doc PR |
Commits
-------
ce73b98e2c add alpha3 option to Language constraint
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Security] Add IS_IMPERSONATOR, IS_ANONYMOUS and IS_REMEMBERED
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/29848
| License | MIT
| Doc PR | symfony/symfony-docs#11487
This continues work of @HeahDude and finally finishes one of the code PRs I've been working on during the ⭐️ EUFOSSA Hackathon.
Changes
---
The PRs modifies some of the attributes used by the `AuthenticatedVoter`:
* New `IS_IMPERSONATOR`, `IS_ANONYMOUS` and `IS_REMEMBERED` attributes are introduced to indicate the user either impersonated, anonymous or rembered.
* <s>`IS_AUTHENTICATED_ANONYMOUSLY` actually meant "is authenticated, either anonymous or fully". As this is confusing, it is replaced by `IS_AUTHENTICATED`.</s>
* <s>All `is_*()` functions in expressions are deprecated in favor of `is_granted('IS_*')`. It's not worth duplicating the `AuthenticatedVoter` logic in two places now we have shorter `IS_*` attributes</s>
**Before**
```php
if ($authorizationChecker->isGranted('ROLE_PREVIOUS_ADMIN')) {
// ...
}
```
<s>
```yaml
security:
# ...
access_control:
- { path: ^/protected, roles: 'IS_AUTHENTICATED_ANONYMOUSLY' }
```
</s>
**After**
```php
if ($authorizationChecker->isGranted('IS_IMPERSONATOR')) {
// ...
}
```
<s>
```yaml
security:
# ...
access_control:
- { path: ^/protected, roles: 'IS_AUTHENTICATED' }
```
</s>
<s>Discussion
---
The only thing I'm wondering is how we combine this with the `is_authenticated()` expression function:
98929dc292/src/Symfony/Component/Security/Core/Authorization/ExpressionLanguageProvider.php (L33-L37)
As you can see, the `IS_AUTHENTICATED` attribute and `is_authenticated()` expression function do not have the same meaning. Should we somehow deprecate the current behavior of `is_authenticated()` or should we find another name for `IS_AUTHENTICATED` (that would be a shame imo).</s>
Commits
-------
6c522a7d98 Added IS_ANONYMOUS, IS_REMEMBERED, IS_IMPERSONATOR
* 5.0: (28 commits)
[DoctrineBridge] Use new Types::* constants and support new json type
Fix bad merge in README of Nexmo Notifier bridge
[Debug][ErrorHandler] improved deprecation notices for methods new args and return type
[BrowserKit] Nested file array prevents uploading file
[ExpressionLanguage] Fixed collisions of character operators with object properties
remove usage of already deleted Symfony\Component\EventDispatcher\Event
[Notifier] Add correct tags for NullTransportFactory
[Validator] Remove specific check for Valid targets
[PhpUnitBridge] Use trait instead of extending deprecated class
Fix versioned namespace clears
fix remember me
Use strict assertion in asset tests
[DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
Do not rely on the current locale when dumping a Graphviz object
fix typo
[Ldap] force default network timeout
[Config] don't throw on missing excluded paths
Docs: Typo, grammar
[Validator] Add the missing translations for the Polish ("pl") locale
[PhpUnitBridge] Add compatibility to PHPUnit 9 #35662
...
* 4.4: (25 commits)
[DoctrineBridge] Use new Types::* constants and support new json type
[Debug][ErrorHandler] improved deprecation notices for methods new args and return type
[BrowserKit] Nested file array prevents uploading file
[ExpressionLanguage] Fixed collisions of character operators with object properties
[Validator] Remove specific check for Valid targets
[PhpUnitBridge] Use trait instead of extending deprecated class
Fix versioned namespace clears
fix remember me
Use strict assertion in asset tests
[DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
Do not rely on the current locale when dumping a Graphviz object
fix typo
[Ldap] force default network timeout
[Config] don't throw on missing excluded paths
Docs: Typo, grammar
[Validator] Add the missing translations for the Polish ("pl") locale
[PhpUnitBridge] Add compatibility to PHPUnit 9 #35662
[Routing] Add locale requirement for localized routes
[Console] Inline exact-match handling with 4.4
Set previous exception when rethrown from controller resolver
...
This PR was merged into the 4.4 branch.
Discussion
----------
[Cache] Fix versioned namespace atomic clears
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| License | MIT
When using namespace versioning to achieve atomic cache clears, only delete cache keys matching the old/current version.
This resolves tag inconsistency issues whereby the process running the clear would delete keys set against the new version by more recently spawned concurrent processes. Most seriously this could result in newly set data keys remaining, but with empty associated tag sets meaning the invalidation via tags was no longer possible.
Clearing specific prefixes is not supported when using versioned namespaces as it is desirable to clear all old keys as they will no longer be used and would otherwise eventually fill cache memory.
Commits
-------
971b177d27 Fix versioned namespace clears
This PR was merged into the 3.4 branch.
Discussion
----------
[3.4][DoctrineBridge] Use new Types::* constants and support new json type
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
All `Type::*` constants were moved and deprecated. This PR makes sure we use the good ones when they exist so we are prepared for their removal. It allows to be deprecation free. If deprecated constants could be detected, we would have failing tests 😄
Also, `json_array` was deprecated and renamed to `json`, so I added support for this new type.
Some new components also use these constants on upper branches, so I will submit PRs there.
Commits
-------
3e35fa59ea [DoctrineBridge] Use new Types::* constants and support new json type
* 3.4:
[ExpressionLanguage] Fixed collisions of character operators with object properties
[Validator] Remove specific check for Valid targets
[PhpUnitBridge] Use trait instead of extending deprecated class
fix remember me
Use strict assertion in asset tests
[DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
Do not rely on the current locale when dumping a Graphviz object
fix typo
[Ldap] force default network timeout
[Config] don't throw on missing excluded paths
Docs: Typo, grammar
[Validator] Add the missing translations for the Polish ("pl") locale
[Console] Inline exact-match handling with 4.4
Set previous exception when rethrown from controller resolver
[VarDumper] fixed DateCaster not displaying additional fields
[HttpKernel] fix registering DebugHandlersListener regardless of the PHP_SAPI
This PR was merged into the 4.4 branch.
Discussion
----------
[Debug][ErrorHandler] improved deprecation notices for methods new args and return type
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
~I don't know if this should be considered a bug fix or a feature.~
Commits
-------
83d4aa7683 [Debug][ErrorHandler] improved deprecation notices for methods new args and return type
This PR was merged into the 5.0 branch.
Discussion
----------
Fix bad merge in README of Nexmo Notifier bridge
| Q | A
| ------------- | ---
| Branch? | 5.0
| License | MIT
[Bad merge](85f793bec6 (diff-ba05e8af79b613430b91ba4d4ccbea0d)) made b52b7b9fd6 end up in Nexmo README :)
Commits
-------
a8d0c5b1d7 Fix bad merge in README of Nexmo Notifier bridge
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Remove specific check for Valid targets
| Q | A
| ------------- | ---
| Branch? | 3.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
As covered by `ClassMetadataTest::testAddConstraintDoesNotAcceptValid`, this check is useless, as `Valid` already accepts only properties as targets.
This check is a [leftover of a time](9b07b0c672) `Valid` was extending `Traverse` which was allowing classes & properties.
The `Valid` targets are properly checked by the lines above, the same way as other constraints.
Commits
-------
0086562c77 [Validator] Remove specific check for Valid targets
This PR was merged into the 5.0 branch.
Discussion
----------
[Notifier] Add correct tags for NullTransportFactory
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
I tried to disable the delivery of notifications in `dev` environment with the following configuration:
```
framework:
notifier:
chatter_transports:
slack: 'null://null'
texter_transports:
twilio: 'null://null'
channel_policy:
urgent: ['chat/slack', 'sms/twilio']
high: ['email']
medium: ['email']
low: ['email']
```
While sending the notification like this:
```
$notification = (new Notification())
->subject('Test subject')
->importance(Notification::IMPORTANCE_URGENT)
->content('Test content')
;
$this->notifier->send($notification);
```
I got an `UnsupportedSchemeException`: The "null" scheme is not supported.
After some digging I figured out that this Exception occurred because the `NullTransportFactory` was not tagged with the `chatter.transport_factory` and `texter.transport_factory` tags. Which is the reason the `NullTransportFactory` was not injected in the `Transport` class and so the `NullTransport` couldn't be used.
This PR should fix this Bug.
Commits
-------
1ff5e3c83f [Notifier] Add correct tags for NullTransportFactory
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Fixed Mime dependency missing error
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | kinda
| New feature? | no
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
Follows #35642, by adding a missing exception and a note in the UPGRADE file (CHANGELOG in HttpFoundation was already up to date).
Reported in symfony/symfony-docs#1307
Commits
-------
fef0de3eb6 [HttpFoundation] Fixed Mimes dependency missing error
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[ExpressionLanguage] Fixed collisions of character operators with object properties
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Expression `foo.not in [bar]` compiles to invalid php code:
```
$foo->not in[$bar]
```
Added check for absence of a dot before of the character operators.
PS. I apologize for not starting the issue before create PR. I considered this bug is minor, but obvious.
Commits
-------
4b83ae7547 [ExpressionLanguage] Fixed collisions of character operators with object properties
This PR was merged into the 3.4 branch.
Discussion
----------
[DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/35542 and https://github.com/symfony/symfony/issues/35604
| License | MIT
| Doc PR | -
For https://github.com/symfony/symfony/issues/35604:
To guess the collection key type, the `getPhpType()` method is called. But it does not handle most objects and arrays core types. This is why an indexBy datetime does not work.
For https://github.com/symfony/symfony/issues/35542:
When the php type cannot be guessed, null is returned. In this case, we cannot pass a valid builtin type to PropertyInfo Type, so we should return null.
Commits
-------
018ec1ae5c [DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Use trait instead of extending deprecated class
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Fix#32086
| License | MIT
| Doc PR |
Use `TestListenerDefaultImplementation` instead of deprecated `BaseTestListener` for `CoverageListenerForV6`
As this is my very first pull request for this project, I'd be very glad for hints and suggestions in case I missed something.
Commits
-------
034e1de6e6 [PhpUnitBridge] Use trait instead of extending deprecated class
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Added support for caching choice lists based on options
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | symfony/symfony-docs#13182
Currently, the `CachingFactoryDecorator` is responsible for unnecessary memory usage, anytime a choice option is set with a callback option defined as an anonymous function or a loader, then a new hash is generated for the choice list, while we may expect the list to be reused once "finally" configured in a form type or choice type extension.
A simple case is when using one of the core intl choice types in a collection:
```php
// ...
class SomeFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('some_choices', ChoiceType::class, [
// before: cached choice list (unnecessary overhead)
// after: no cache (better perf)
'choices' => $someObjects,
'choice_value' => function (?object $choice) { /* return some string */ },
])
// see below the nested effects
->add('nested_fields', CollectionType::class, [
'entry_type' => NestedFormType::class,
])
// ...
}
// ...
class NestedFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
// ...
->add('some_other_choices', ChoiceType::class, [
// before: cached choice list for every entry because we define a new closure instance for each field
// after: no cache, a bit better for the same result, but much better if it were not nested in a collection
'choices' => $someOtherObjects,
'choice_value' => function (?object $otherChoice) { /* return some string */ },
])
->add('some_loaded_choices', ChoiceType::class, [
// before: cached but for every entry since every field will have its
// own instance of loader, generating a new hash
// after: no cache, same pro/cons as above
'choice_loader' => new CallbackChoiceLoader(function() { /* return some choices */}),
// or
'choice_loader' => new SomeLoader(),
])
->add('person', EntityType::class, [
// before: cached but for every entry, because we define extra `choice_*` option
// after: no cache, same pro/cons as above
'class' => SomeEntity::class,
'choice_label' => function (?SomeEntity $choice) { /* return some label */},
])
// before: cached for every entry, because the type define some "choice_*" option
// after: cached only once, better perf since the same loader is used for every entry
->add('country', CountryType::class)
// before: cached for every entry, because the type define some "choice_*" option
// after: no cache, same pro/cons as above
->add('locale', LocaleType::class, [
'preferred_choices' => [ /* some preferred locales */ ],
'group_by' => function (?string $locale, $label) { /* return some group */ },
])
// ...
```
In such cases, we would expect every entries to use the same cached intl choice list, but not, as many list and views as entries will be kept in cache. This is even worse if some callback options like `choice_label`, `choice_value`, `choice_attr`, `choice_name`, `preferred_choices` or `group_by` are used.
This PR helps making cache explicit when needed and ~deprecate~ drop unexpected implicit caching of choice list for most simple cases responsible of unnecessary overhead.
The result is better performance just by upgrading to 5.1 \o/.
But to solve the cases above when cache is needed per options, one should now use the new `ChoiceList` static methods to wrap option values, which is already done internally in this PR.
```php
use Symfony\Component\Form\ChoiceList\ChoiceList;
// ...
class NestedFormType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
// explicitly shared cached choice lists between entries
->add('some_other_choices', ChoiceType::class, [
'choices' => $someOtherObjects,
'choice_value' => ChoiceList::value($this, function (?object $otherChoice) {
/* return some string */
}),
]),
->add('some_loaded_choices', ChoiceType::class, [
'choice_loader' => ChoiceList::lazy($this, function() {
/* return some choices */
})),
// or
'choice_loader' => ChoiceList::loader($this, new SomeLoader()),
]),
->add('person', EntityType::class, [
'class' => SomeEntity::class,
'choice_label' => ChoiceList::label($this, function (?SomeEntity $choice) {
/* return some label */
},
])
// nothing to do :)
->add('country', CountryType::class)
->add('locale', LocaleType::class, [
'preferred_choices' => ChoiceList::preferred($this, [ /* some preferred locales */ ]),
'group_by' => ChoiceList::groupBy($this, function (?string $locale, $label) {
/* return some group */
}),
])
// ...
```
I've done some nice profiling with Blackfire and the simple example above in a fresh website skeleton and only two empty entries as initial data, then submitting an empty form. That gives the following results:
* Rendering the form - Before vs After
<img width="714" alt="Screenshot 2020-02-16 at 9 24 58 PM" src="https://user-images.githubusercontent.com/10107633/74612132-de533180-5102-11ea-9cc4-296a16949d90.png">
* Rendering the form - Before vs After with `ChoiceList` helpers
<img width="670" alt="Screenshot 2020-02-16 at 9 26 51 PM" src="https://user-images.githubusercontent.com/10107633/74612155-122e5700-5103-11ea-9c16-5d80a7541f4b.png">
* Submitting the form - Before vs After
<img width="670" alt="Screenshot 2020-02-16 at 9 28 01 PM" src="https://user-images.githubusercontent.com/10107633/74612172-3be77e00-5103-11ea-9a18-4294e05402d2.png">
* Submitting the form - Before vs After with `ChoiceList` helpers
<img width="670" alt="Screenshot 2020-02-16 at 9 29 10 PM" src="https://user-images.githubusercontent.com/10107633/74612193-689b9580-5103-11ea-86b9-5b4906200021.png">
_________
TODO:
- [x] Docs
- [x] More profiling
- [x] Add some tests
#EUFOSSA
Commits
-------
b25973cc2e [Form] Added support for caching choice lists based on options
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Validator] Add the divisibleBy option to the Count constraint
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
From my experience, it is sometimes useful to assert that the number of elements in a collection is a multiple of X.
Commits
-------
8dfb7b2ad1 [Validator] Add the divisibleBy option to the Count constraint
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Allow to keep the last word when truncating a text
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35567
| License | MIT
| Doc PR | -
The [truncate filter from twig/extensions](https://github.com/twigphp/Twig-extensions/blob/master/src/TextExtension.php#L36) has a `preserve` parameter to preserve whole words.
Since `twig/extensions` is deprecated and its alternative for `truncate` filter is the use of `u` filter, this PR adds preverse word functionality.
Commits
-------
1cfaeec378 [String] Allow to keep the last word when truncating a text
When using namespace versioning to achieve atomic cache clears, only
delete cache keys matching the old/current version.
This resolves tag inconsistency issues whereby the process running the
clear would delete keys set against the new version by more recently
spawned concurreny processes. Most seriously this could result in newly
set data keys remaining, but with empty associated tag sets meaning the
invalidation via tags was no longer possible.
Clearing specific prefixes is not supported when using versioned
namespaces as it is desirable to clear all old keys as they will no
longer be used and would otherwise eventually fill cache memory.
This PR was merged into the 3.4 branch.
Discussion
----------
[Ldap] force default network timeout
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The default network timeout is infinite, which makes no sense and can block workers.
Note that LDAP supports also "timelimit" options, but those are max-durations for LDAP queries. We cannot limit them by default.
Commits
-------
63f9e013a1 [Ldap] force default network timeout
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Add the missing translations for the Polish ("pl") locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| License | MIT
Fabbot indicates a typo, but there is no typo. The English word `address` is `adres` in Polish (with a single d and a single s).
Commits
-------
8c4de564a8 [Validator] Add the missing translations for the Polish ("pl") locale
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Routing] marked configurators traits as internal
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix https://github.com/symfony/symfony/pull/30501#discussion_r376806342 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | not needed
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/releases):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
52efec76ad [Routing] marked configurators traits as internal
This PR was merged into the 5.1-dev branch.
Discussion
----------
time ( void ) : int
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR |
no need to cast - micro improvement
Commits
-------
9f31581fd8 time ( void ) : int
This PR was merged into the 4.4 branch.
Discussion
----------
Fixes typo in error message.
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | ---
| License | MIT
| Doc PR | ---
Fixes a minor typo where the error message refers to the wrong argument.
Commits
-------
8f2fbf6e2c Fixes typo in error message.
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpClient] Correctly remove trace level options for HttpCache
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The `HttpCache` component allows to [configure a trace level](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php#L46). Due to the behavior of `CachingHttpClient`, options that are meant for the `HttpCache` must be unset before preparing the request. Currently these options can't be set, because `HttpClient` errors with invalid configuration options.
Commits
-------
618cd80b0d Correctly remove trace level options for HttpCache
Until either php 7.4 or doctrine/persistence 2 is required, these will
be needed to make sure php recognises signatures using the old names as
compatible with signatures using the new names.
This is necessary for types defined outside Symfony that extend types
from Symfony and still use the old names in signatures of methods they
override.
More details at https://dev.to/greg0ire/how-to-deprecate-a-type-in-php-48cf
Fixes https://github.com/doctrine/DoctrineMongoDBBundle/issues/616
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Process] Add getter for process starttime
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | issue #35531
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Add a getter for process start time.
Commits
-------
3b9ed3e378 [Process] Add getter for process starttime
* 5.0:
fix unix root dir issue
sync validator translation files with master
fix anchor
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
[HttpKernel] Fix method name in doc comments
* 4.4:
fix unix root dir issue
sync validator translation files with master
[HttpFoundation] fix not sending Content-Type header for 204 responses
[ErrorHandler] silence warning when zend.assertions=-1
fix anchor
[Console] Handle zero row count in appendRow() for Table
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
* 3.4:
fix unix root dir issue
sync validator translation files with master
fix anchor
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
* 4.4:
[HttpFoundation] fix not sending Content-Type header for 204 responses
[ErrorHandler] silence warning when zend.assertions=-1
[Console] Handle zero row count in appendRow() for Table
This PR was merged into the 4.4 branch.
Discussion
----------
[HttpFoundation] fix not sending Content-Type header for 204 responses
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets |
| License | MIT
| Doc PR |
`$headers->remove('Content-Type')` did not actually work because PHP sends the Content-Type header based on the https://www.php.net/manual/en/ini.core.php#ini.default-mimetype ini setting anyway (which defaults to html). So we need to disable this ini for empty responses.
Commits
-------
06f5a1113d [HttpFoundation] fix not sending Content-Type header for 204 responses
This PR was merged into the 3.4 branch.
Discussion
----------
fix anchor
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | none
| License | MIT
| Doc PR | none
This is a continuation of PR #35703 that was merged a bit too early.
It accepts suggestion made there and, moreover, fixes anchor link (that changed from old roadmap page)
Commits
-------
5825e3c58c fix anchor
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[Console] Handle zero row count in appendRow() for Table
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
When a `Table` is created and rendered with no rows (headers only) and subsequently rows are added using `appendRow()`, the first call to `appendRow()` clears back one line too far., thus removing the last run
This is caused by `calculateRowCount()` not accounting for the fact that the footer separator is also the header separator when no rows are present.
This PR works around the issue by checking to ensure that at least 1 row exists before including the footer separator in the row count.
## Example
Command:
```php
<?php
namespace App\Command;
class TableTestCommand extends Command
{
// ...
protected function execute(InputInterface $input, OutputInterface $output)
{
$output->writeln('My table');
$table = new Table($output->section());
$table->setHeaders(['Column', 'Another column']);
$table->render();
$table->appendRow(['Value', 'Another Value']);
$table->appendRow(['Value', 'Another Value']);
}
}
```
Before fix:
```
+--------+----------------+
| Column | Another column |
+--------+----------------+
| Value | Another Value |
| Value | Another Value |
+--------+----------------+
```
After fix:
```
My table
+--------+----------------+
| Column | Another column |
+--------+----------------+
| Value | Another Value |
| Value | Another Value |
+--------+----------------+
```
Commits
-------
9b382590ee [Console] Handle zero row count in appendRow() for Table
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] Don't load same-namespace alternatives on exact match
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35479
| License | MIT
| Doc PR | -
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
707c5bade0 [Console] Don't load same-namespace alternatives on exact match found
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Added an AbstractChoiceLoader to simplify implementations and handle global optimizations
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | ~
| License | MIT
| Doc PR | ~
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Taking over #33218 (taking over #30983)
The `ChoiceLoaderInterface` is not easy to understand/implement, while its goal is simple, lazy load an array of choices.
What may seem complicated is the how/what to optimize loading, we need to deal with a `$value` callback (which refers to the `choice_value` option allowing to transform a model choice to a unique string value that can be displayed/submitted).
We have now enough implementations in core to justify the need of an abstraction and provide a better DX in the process.
Before this PR we needed to implement 3 methods to create a loader:
- `loadChoiceList(?callable $value): ChoiceListInterface`
- `loadChoicesForValues(array $values, ?callable $value): array`
- `loadValuesForChoices(array $choices, ?callable $value): array`
and handle optimization, in each.
Now we only need to implement:
- `loadChoices(): iterable`
and optionnally:
- `doLoadChoicesForValues(array $values, ?callable $value): array`
if more optimization is needed to only load submitted values, (i.e the core intl loader prevents loading values that are the same as choices, and the doctrine one performs a `WHERE id IN ($ids)` query).
Commits
-------
1394df2dea [Form] Added an AbstractChoiceLoader to simplify implementations and handle global optimizations
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Console][QuestionHelper] Use String width() to properly move the cursor backwards
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/35536#issuecomment-581343181
| License | MIT
| Doc PR | -
This bug can only be fixed on master since we need to require the String component. Once the component is required, we can iterate in the Console component to use it more where it is needed.
Commits
-------
67a1f55ce1 [Console][QuestionHelper] Use String width() to properly move the cursor backwards
* 5.0:
[HttpClient] fix "undefined variable"
[HttpClient] remove useless code in test
[HttpClient] fix getting response content after its destructor throwed an HttpExceptionInterface
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[Security] Fix exception name in doc comments
* 4.4:
[HttpClient] fix "undefined variable"
[HttpClient] remove useless code in test
[HttpClient] fix getting response content after its destructor throwed an HttpExceptionInterface
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[Security] Fix exception name in doc comments
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Notifier] add OvhCloud bridge
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | See #33687
| License | MIT
This would add OvhCloud sms integration for the Notifier component.
Tested with 'ovh-eu' entrypoint.
Inspiration : https://github.com/ovh/php-ovh
Commits
-------
76bfb85e26 [Notifier] add OvhCloud bridge
This PR was merged into the 5.1-dev branch.
Discussion
----------
[PhpUnitBridge] Add the ability to expect a deprecation inside a test
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | todo
Replaces https://github.com/symfony/symfony/pull/25757
Proposed implementation uses a dedicated trait for a better DX. Using `$this->expectDeprecation()` feels natural.
Unfortunately it is not currently possible to test the cases that should produce errors or risky, so there are some things that are not testable here. I plan to propose another feature for the PhpUnitBridge to be able to test those kind of things. If it's accepted, we will then be able to strenghten the tests of this one.
Commits
-------
a3a928050d [PhpUnitBridge] Add the ability to expect a deprecation inside a test
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Contracts] Split the global CHANGELOG in dedicated CHANGELOG per contract
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
---
This is more in sync with what we do with other components + bundles.
And when we contribute to a contact, it's easier to find the file (because with the substree, we don't get the global package)
Commits
-------
a05ee087a2 [Constracts] Split the global CHANGELOG in dedicated CHANGELOG per contract
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[Console] Moved estimated & remaining calculation logic to separate get method
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
This way, we can use `getEstimated()`and `getRemaining()` to get easy access to the estimated / remaining number of seconds to be used in our placeholder definition set with `setPlaceholderFormatterDefinition` without having to redefine the calculation ourself.
Example before;
```php
ProgressBar::setPlaceholderFormatterDefinition(
'eta',
function (ProgressBar $progressBar) {
$estimated = round((time() - $progressBar->getStartTime()) / ($progressBar->getProgress() ?: 0.1) * $progressBar->getMaxSteps());
return date('H:i:s', strtotime('+' . $estimated . ' seconds'));
}
);
```
Example after;
```php
ProgressBar::setPlaceholderFormatterDefinition(
'eta',
function (ProgressBar $progressBar) {
return date('H:i:s', strtotime('+' . $this->getEstimated() . ' seconds'));
}
);
```
Commits
-------
19958fba5a [Console] Moved estimated & remaining calculation logic to separate get method
This PR was squashed before being merged into the 5.1-dev branch (closes#33968).
Discussion
----------
[Notifier] Add Firebase bridge
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | See #33687
| License | MIT
This would add [Firebase](https://firebase.google.com) integration for the Notifier component. With Firebase you can send push notifications to the users of you Android and iOS app and website (formerly known as Google Cloud messaging).
I'm not sure if it's possible to have this merged, like the other bridges. Or if I should create a stand-alone repository? That'd be fine too.
Also it's now using the `ChatMessage` as implementation of `Symfony\Component\Notifier\Message\MessageInterface`, but I feel like this component could use a `PushMessage` or something similar. Although I'm not sure if it would contain more than `subject` that the `ChatMessage` does.
Commits
-------
2776d2f811 [Notifier] Add Firebase bridge
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add SQS transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | TODO
This PR add the AWS SQS transport in messenger.
It also add a `DisconnectedReceiverInterface` that allows the worker to release not-proceeded message (which are not automatically released in SQS and have to wait a TTL). Tell me if you prefer to move it in a dedicated PR.
accepted DNS:
- `sqs://default/accountId/queueName`
- `sqs://default/queueName`
- `sqs://default/queueName?region=us-east-2`
- `sqs://my_custome_endpoint:12345/queueName?sslmode=disabled`
To reduce AWS costs, the implementation performs a long polling call and prefetch several messages.
TO get ~real time worker, one could use `./bin/console messenger:consume --sleep 0.001`
Commits
-------
c226479d5f [Messenger] Add SQS transport
This PR was merged into the 5.1-dev branch.
Discussion
----------
[RFC][DX][OptionsResolver] Allow setting info message per option
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | TODO
This is a DX proposal that will help in debugging/errors to better understand the meaning of one defined option.
This is how you'd use it:
```php
$resolver = new OptionsResolver();
$resolver->setDefined('date');
$resolver->setAllowedTypes('date', \DateTime::class);
$resolver->setInfo('date', 'A future date'); // <-- NEW
// ...
```
This information may be useful for those options where their name cannot be intuitive enough, or their purpose is too complex. Here is an example (based on the example above):
```php
// ...
$resolver->setAllowedValues('date', static function ($value): bool {
return $value >= new \DateTime('now');
});
```
So, if you introduce a date value that does not match the criteria, you will get this error message:
**Before:**
```
The option "date" with value DateTime is invalid.
```
Note that the allowed value is not printable in this case, hence the error message cannot be clear at all.
**After:**
```
The option "date" with value DateTime is invalid. Info: A future date.
```
Although a more accurate error message can be triggered within the `\Closure` if desired.
Also you'll see this info message on `debug:form` command (see tests), then you have in advance the informative description of any option.
What do you think?
Commits
-------
0477a06d8a Allow setting one info message per option
This PR was squashed before being merged into the 3.4 branch (closes#35657).
Discussion
----------
[Security] Fix exception name in doc comments
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
f10098e9f1 [Security] Fix exception name in doc comments
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Translation] Support name attribute on the xliff2 translator loader
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#32048
| License | MIT
| Doc PR | not done yet
Support using the `name` attribute on the `unit` element in xliff 2.0 to use as the "translation key" rather than always relying on the `<source>` content, as was done on the xliff 1.2.
Commits
-------
37b31149c6 Support name attribute on the xliff2 translator loader
* 5.0:
Add missing symfony/mime to require-dev
[Validator] Added the missing Mongolian translations
[ErrorHandler] Never throw on warnings triggered by assert() and set assert.exception=1 in Debug::enable()
refactor(Process): fromShellCommandLine
[Mailer] Do not ping the SMTP server before sending every message
* 4.4:
Add missing symfony/mime to require-dev
[Validator] Added the missing Mongolian translations
[ErrorHandler] Never throw on warnings triggered by assert() and set assert.exception=1 in Debug::enable()
refactor(Process): fromShellCommandLine
[Mailer] Do not ping the SMTP server before sending every message
This PR was merged into the 5.1-dev branch.
Discussion
----------
[MonologBridge] Add Mailer handler
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #33209 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
5b7393b823 Add monolog mailer handler
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add receiving of old pending messages (redis)
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12976
This PR makes it possible for the redis transport to get abandoned messages from not running/idle consumers by using `XPENDING` and `XCLAIM`.
Usually it would be best to let the claiming of pending messages be handled by a separate command. Since the messenger component's commands are fixed, we do need to set a `claimTimeout`. The `claimTimeout` defines how long an idle message should be left alone until it will get claimed by the current consumer (Must be a value higher than the longest running handling time of a message or else the message will be handled twice).
Using this solution makes the remarks (https://github.com/symfony/symfony-docs/pull/11869#pullrequestreview-257483666) regarding not being able to use the hostname as consumer name obsolete. I would even recommend the hostname as the consumer name.
**Questions**
- [x] Which value should we use as default `claimTimeout`?
- [x] How should the `claimTimeout` be configured?
- [x] Feature or Bugfix?
I will create a docs PR and a PR for the other branches as soon as the questions are resolved.
Commits
-------
9cb6fdfabb Implemted receiving of old pending messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Validator] Add a constraint to sequentially validate a set of constraints
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | Todo
Follows https://github.com/symfony/symfony/issues/20017#issuecomment-331276007 given some feedbacks about the suggested feature.
```php
/**
* @var string
*
* @Assert\Sequentially({
* @Assert\Type("string"),
* @Assert\Length(min="4"),
* @Assert\Regex("[a-z]"),
* @SomeCustomConstraintWithHeavyExternalCalls(),
* })
*/
public $foo;
```
This new `Sequentially` constraint solves - with less power but better DX - some of the use-cases of the `GroupSequence` feature, allowing to interrupt the validation of some constraints if a previous one in the list failed before. Constraints are validated in given order, and the first violation raised will prevent other constraint validators to be executed.
It can either prevent unexpected type exceptions thrown by further constraints or heavy & unnecessary calls to a database or external services if the value to validate already doesn't match some of the basic requirements.
Commits
-------
dfd9038d28 [Validator] Add a constraint to sequentially validate a set of constraints
This PR was squashed before being merged into the 5.1-dev branch (closes#34334).
Discussion
----------
[Validator] Allow to define a reusable set of constraints
| Q | A
| ------------- | ---
| Branch? | 5.1 <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | TODO
The goal of this feature is to simplify writing a set of validation constraints to be reused consistently across the application. Which is especially useful with DTOs, as a same set of constraints can be used in different places.
For instance, given multiple DTOs containing the new user password in for different use-cases (register, forgot pwd, change pwd), the same rules apply on the property. Hence with this PR, you can write a single constraint class to be reused:
```php
/**
* @Annotation
*/
class MatchesPasswordRequirements extends Compound
{
protected function getConstraints(array $options): array
{
return [
new NotBlank(),
new Type('string'),
new Length(['min' => 12]),
new NotCompromisedPassword(),
];
}
}
```
I'm open to better naming and ways to expose the options to the `Compound::getConstraints` method, so options can be forwarded to the nested constraints for most specific use-cases.
Commits
-------
8f1b0dfdb7 [Validator] Allow to define a reusable set of constraints
This PR was merged into the 4.4 branch.
Discussion
----------
[Process] throw when PhpProcess::fromShellCommandLine() is used
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35637
| License | MIT
| Doc PR | None
Close#35638
Final PR (rebased and tests added)
Commits
-------
7f6d71c2a3 refactor(Process): fromShellCommandLine
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Make dependency on Mime component optional
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Make the Mime component dependency optional
/cc @nicolas-grekas
Commits
-------
11cef32ff7 [HttpFoundation] Make dependency on Mime component optional
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Never throw on warnings triggered by assert() and set assert.exception=1 in Debug::enable()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Because we don't use `assert()`, this is something we completely overlooked, but warnings triggered should not throw as there is already a dedicated exception mode when using `assert()`.
This turns this exception mode to 1 in debug mode and logs the assert() warnings in prod.
Commits
-------
f18ef6ca08 [ErrorHandler] Never throw on warnings triggered by assert() and set assert.exception=1 in Debug::enable()
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] Make ErrorListener unaware of the event dispatcher
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Under certain circumstances, HttpKernel's `ErrorListener` class might dynamically register and unregister a listener with the dispatcher. If our goal is to make the dispatcher immutable, that specific behavior would be in our way. Also, #34988 would break this workflow.
This PR provides an alternative. The listener is always registered, but I'm using the request to piggyback a flag that activates/deactivates the listener.
Commits
-------
a9d1dede44 [HttpKernel] Make ErrorListener unaware of the event dispatcher.
This PR was squashed before being merged into the 4.4 branch (closes#35633).
Discussion
----------
[Mailer] Do not ping the SMTP server before sending every message
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35515
| License | MIT
This pull request changes the SMTP transport to only ping the server if the last message was sent more than a specified number of seconds ago (instead of pinging the server before every message). By default, it will ping the server if 100 or more seconds since the last message have passed.
This should make sending emails with the SMTP transport more robust with many emails, as SMTP servers will often drop the connection if too many non-mail commands are sent (like pinging the server with NOOP commands).
Commits
-------
28178108d3 [Mailer] Do not ping the SMTP server before sending every message
Optimise various methods and conditions to use best
performing alternatives where possible. Roughly:
* Uses methods that do not copy memory, e.g. strncmp
as alternative for strpos matching beginning of string.
* Switches order of some conditions to put the cheapest
checks first in order.
* Checks input before calling trim() - despite the function
returning the same string as input, it still costs memory
and introduces unnecessary overhead.
* Extracts variables for repeated identical function calls.
* Uses negative substring offsets instead of strlen + substr.
* Replaces single-char substr usages with substring access.
* 5.0:
[FrameworkBundle] fix "samesite" in XSD
[Console] Consider STDIN interactive
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
* 4.4:
[FrameworkBundle] fix "samesite" in XSD
[Console] Consider STDIN interactive
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
* 3.4:
[FrameworkBundle] fix "samesite" in XSD
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Cache] add SodiumMarshaller
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Add `SodiumMarshaller` to encrypt cache values
To use the `SodiumMarshaller` we can decorate the `cache.default_marshaller`:
```yaml
Symfony\Component\Cache\Marshaller\SodiumMarshaller:
decorates: cache.default_marshaller
arguments:
- ['%env(CACHE_DECRYPTION_KEY)%', '%env(OLD_CACHE_DECRYPTION_KEY)%']
- '@Symfony\Component\Cache\Marshaller\SodiumMarshaller.inner'
```
The first provided key is used to encrypt and decrypt cached values.
In order to allow rotating keys, more keys can be provided - they will be used only to decrypt values.
/cc @nicolas-grekas
Commits
-------
540d7eb174 [Cache] add SodiumMarshaller
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35520
| License | MIT
| Doc PR | -
This PR cherry-picks #28168 on 3.4, with a rationale given by @ConneXNL in https://github.com/symfony/symfony/issues/35520#issuecomment-582296847:
> I hope I am wrong but I see the impact of not making any changes to Symfony 3.4 will have a tons of sites break if we cannot set the cookie's samesite setting (in the framework session and remember me) before Chrome pushes this update.
>
> Very soon all existing cookies are no longer going to work with cross-domains if you do not specify 'None' for the cookie_samesite. All external APIs that use cookies and are running SF 3.4 will break and devs will have no quick solution to fix their auth process.
>
> If you are using PHP 7.4, yes you can most likely use ini_set to workaround this issue.
>
> However, ini_set('cookie_samesite') does not work in PHP Version <= 7.2.
I am not even sure PHP 7.3 supports the value 'None' as php.watch/articles/PHP-Samesite-cookies says it has support for 'Lax' and 'Scrict'.
>
> This effectively means SF 3.4 on PHP 7.2 (or PHP 7.3) is no longer supported for cross domain APIs with cookies. People would have to either update PHP to 7.4 (if they even can?) or go to Symfony 4 (with a dead live site is going to be a complete disaster).
>
> Since the impact of the change that chrome is about to roll out is so fundamentally changing our way to set cookies, I consider configuring samesite configuration in the framework an absolute requirement, not a feature, especially since SF 3.4 is still supported.
>
> What am i missing?
>
> Note: SF3 HTTPFoundation already supports the new cookie settings, it's just the framework that doesn't support it.
Our BC policy embeds the promise that one should be able to keep the same app on a newest infrastructure (eg that's why supporting a PHP version is a bug fix). I think we can consider this for browsers here also. WDYT?
Commits
-------
f46e6cb8a0 [HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
This PR was merged into the 3.4 branch.
Discussion
----------
[DoctrineBridge] Fixed submitting ids with query limit or offset
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix https://github.com/symfony/symfony/pull/34900#discussion_r375246113 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | ~ <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
9bb194098f [DoctrineBridge] Fixed submitting ids with query limit or offset
This PR was merged into the 5.1-dev branch.
Discussion
----------
[String] Remove the @experimental status
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/pull/35578#discussion_r375955786
| License | MIT
| Doc PR | -
Commits
-------
3d15f91723 [String] Remove the @experimental status
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] added possibility to define services with abstract arguments
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#31769
| License | MIT
| Doc PR | n/a
feature caused by rfc #31769 from issues list
I hope, this PR will be useful
Abstract argument have to replaced by one of compiler passes or exception will be thrown.
Example:
This service definition
```xml
...
<service id="App\Test\Test">
<argument key="$a" type="abstract">should be defined by TestPass</argument>
</service>
...
```
or this for yaml
```yaml
App\Test\Test:
arguments:
$a: !abstract should be defined by TestPass
```
causes exception like `Argument "$a" of service "App\Test\Test" is abstract (should be defined by TestPass), did you forget to define it?`
if argument was not replaced by compiler pass
```php
...
public function process(ContainerBuilder $container)
{
$test = $container->getDefinition(Test::class);
$test->setArgument('$a', 'test');
}
...
```
Commits
-------
62fefaa59f [DI] added possibility to define services with abstract arguments
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Routing] add priority option to annotated routes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | yes
| Tickets | Fix #26132
| License | MIT
| Doc PR | -
This PR allows defining the priority of routes using annotations:
`@Route(name="foo", priority=10)`
As requested [in this comment](https://github.com/symfony/symfony/pull/26132#pullrequestreview-352321332), priority is reserved to using annotations. For other formats, the order works fine.
Commits
-------
8522a83217 [Routing] add priority option to annotated routes
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Contracts/Deprecation] Provide a generic function and convention to trigger deprecation notices
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR results from a discussion we had yesterday with @alcaeus, @beberlei and others at the Symfony UG meetup in Berlin (thanks SensioLabs for bringing me there).
It provides a generic function and convention to trigger deprecation notices, which could be a better alternative to the `@trigger_error(..., E_USER_DEPRECATED)` calls that we use currently.
This proposed package would provide a single global function named `deprecated()`.
Its purpose is to trigger deprecations in a way that can be silenced on production environment
by using the `zend.assertions` ini setting and that can be caught during development to generate reports.
The function requires at least 3 arguments:
- the name of the package that is triggering the deprecation
- the version of the package that introduced the deprecation
- the message of the deprecation
- more arguments can be provided: they will be inserted in the message using `printf()` formatting
Example:
```php
deprecated('symfony/blockchain', 8.9, 'Using "%s" is deprecated, use "%s" instead.', 'bitcoin', 'fabcoin');
```
This will generate the following message:
`Since symfony/blockchain 8.9: Using "bitcoin" is deprecated, use "fabcoin" instead.`
Check #35550 to see how using this function could look like on Symfony itself.
Commits
-------
f0f41cbfc5 [Contracts/Deprecation] Provide a generic function and convention to trigger deprecation notices
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Form] Add "is empty callback" to form config
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/31572 for 4.4+
| License | MIT
| Doc PR | -
This PR introduces a new feature that allow to resolve a bug.
Currently, the `isEmpty()` behavior of the `Form` class is the same whatever its configuration. That prevents us to specify a different behavior by form type.
But I think that some form types should have dedicated empty values. For example, the `CheckboxType` model data either resolves to `true` (checked) or `false` (unchecked). But `false` is not an empty value in the `Form::isEmpty()` method, so a `CheckboxType` form can never be empty. `false` should not be in that list because for other form types, it's perfectly fine that it's not considered as an empty value.
The problem is better seen in https://github.com/symfony/symfony/issues/31572 with a `ChoiceType` that is never considered as empty (when no radio button is checked).
Being able to specify the "is empty" behavior by form type would also allow users to define their own logic in their custom form types + probably define it ourselves in all our form types in order to get rid of the default common behavior.
Commits
-------
7bfc27e7cf [Form] Add "is empty callback" to form config
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI] Enable auto alias compiler pass by default
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? |
| Deprecations? | no
| Tickets | Fix#34194
| License | MIT
| Doc PR |
I'm sending this PR to trigger a discussion as @nicolas-grekas suggested in #34194
I'm using this quite a lot in one of my applications and I don't see any reasons why it shouldn't be enabled by default.
Commits
-------
4fde51745b Enable auto alias compiler pass by default
* 5.0:
[Mailer] fix typos
[Messenger] fix typo
[DI] Unknown env prefix not regornized as such
[DI] Fix support for multiple tags for locators and iterators
[PhpUnitBridge] Fix some errors when using serialized deprecations
Fix HTTP client config handling
* 4.4:
[Mailer] fix typos
[Messenger] fix typo
[DI] Unknown env prefix not regornized as such
[DI] Fix support for multiple tags for locators and iterators
[PhpUnitBridge] Fix some errors when using serialized deprecations
Fix HTTP client config handling
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Validator] add Validation::createCallable()
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
This is an initial PR to check/discuss the implementation of a callable validator.
If there is interest in merging this, I will gladly update the docs and such.
The use case is mainly for validation of console questions, since the default validation has been removed in the latest version and i could not find an easy solution to replace it (if there already is some solution for this, i'm not aware of it) and the question helper uses callables.
This small class allows the standard symfony validators to be used in console questions, or any other location that requires a callable validator.
Example use case:
```php
$io = new SymfonyStyle($input, $output);
$required = new CallableValidator([new NotBlank()]);
$wsdl = $io->ask('Wsdl location (URL or path to file)', null, $required);
```
As said before, this is by no means the final version, but I would like to know if there is interest in merging this (and receive some feedback about the implementation) before I put any more effort into this.
Commits
-------
2e4f2ac322 [Validator] add Validation::createCallable()
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier] Added possibility to extract path from provided DSN
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#34746
| License | MIT
I'm currently working on Microsoft Teams Webhook Notifier (https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/connectors-using#setting-up-a-custom-incoming-webhook), and there is no way to provide DSN for it, because of missing parse_url()['path'] option
It looks like
`teams://outlook.office.com/webhook/{uuid}@{uuid}/IncomingWebhook/{id}/{uuid}`
and I'd like to be able to build Notifier Transport endpoint from it
Commits
-------
ab9b49b5c6 [Notifier] Added possibility to extract path from provided DSN
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Use MailerAssertionsTrait in KernelTestCase
| Q | A
| ------------- | ---
| Branch? | 4.4+
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35510
| License | MIT
| Doc PR |
Since 4.4, we have new PHPUnit constraints for the mailer component, but these are only available with `WebTestCase` and not `KernelTestCase`. I think this would be useful to access these constraints from both TestCase.
I don't know if I should move these [tests](https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/FrameworkBundle/Tests/Functional/MailerTest.php) or add new ones only for `KernelTestCase`?
Commits
-------
1b1ab2991a [FrameworkBundle] Use MailerAssertionsTrait in KernelTestCase
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] use framework.translator.enabled_locales to build routes' default "_locale" requirement
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
No need to configure the same requirements for `_locale` in all routes any more thanks to the `framework.translator.enabled_locales` config option introduced in #32433.
Commits
-------
5eebd37625 [FrameworkBundle] use framework.translator.enabled_locales to build routes' default "_locale" requirement
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Notifier] Remove superfluous parameters in *Message::fromNotification()
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Those classes are final so I think we don't need those extra arguments.
Commits
-------
d0dacf51e1 [Notifier] Remove superfluous parameters in *Message::fromNotification()
This PR was squashed before being merged into the 5.1-dev branch (closes#35485).
Discussion
----------
[Messenger] Add support for PostgreSQL LISTEN/NOTIFY
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | todo
PostgreSQL comes with a builtin, performant, scalable and transactional pub/sub system called [`LISTEN`/`NOTIFY`](https://www.postgresql.org/docs/current/sql-notify.html).
This PR allows to leverage this mechanism when using the Messenger component with Postgres.
When the Postgres is used, workers are notified in real-time when a message is dispatched.
This reduces the latency, and prevents the worker from executing useless SQL queries. Basically, it allows to switch from a polling-based approach to an event-based one.
This patch can be used with all existing installation of Messenger, as long as the underlying DBMS is Postgres. For many (most ?) projects, it allows to get the benefits of using a queue system such as RabbitMQ or Pulsar without having to introduce new services to monitor, replicate or upgrade.
If PostgreSQL is used, `LISTEN`/`NOTIFY` is used automatically!
That's all!
It's also possible to configure how long the worker must wait for new messages:
```yaml
framework:
messenger:
transports:
async:
dsn: '%env(MESSENGER_TRANSPORT_DSN)%'
options:
pgsql_get_notify: true
pgsql_get_notify_timeout: 500
```
Then you can use start the workers with something like: `php bin/console messenger:consume --sleep=0`
A demo app using this new feature is available in this repository: https://github.com/dunglas/demo-postgres-listen-notify
TODO:
* [ ] Add tests
Commits
-------
01f33c3ab5 [Messenger] Add support for PostgreSQL LISTEN/NOTIFY
This PR was merged into the 4.4 branch.
Discussion
----------
Fix HTTP client config handling
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Defining a `key` parameter in the `query` option of a scoped HTTP client triggers an error:
```
Undefined index: value
```
This PR fixes this issue but an edge case still remains with YAML and PHP config. If one wants to define parameters `key=foo`, `value=bar` and nothing else, the query will actually be `foo=bar` instead of `key=foo&value=bar`. Not sure how to fix this case without breaking the tests I added here.
Commits
-------
963d0cce86 Fix HTTP client config handling
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mailer] Fix MandrillHttpTransport::getRecipients()'s call
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Should make the CI green.
Commits
-------
f88d1bb328 [Mailer] Fix MandrillHttpTransport::getRecipients()'s call
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Cache] Add couchbase cache adapter
| Q | A
| ------------- | ---
| Branch? | 4.4 for features
| Bug fix? | no
| New feature? | yes
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32038
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/11748
Add new cache adapter to be able using Couchbase as cache system.
Commits
-------
1ae7dd5ec7 [Cache] Add couchbase cache adapter
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Translation] Introduce a way to configure the enabled locales
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31563
| License | MIT
| Doc PR | -
This implements the idea #31563 so we can decide if we want to add this or not. I tested it in the "Symfony Demo" app. Before: 107 catalogs created in cache/dev/translations/. After: 43 catalogs. But that's because the app is translated into lots of languages. In most cases, only 2 catalog files will be generated (vs 107 before).
If this idea is approved, I'll add tests and docs. Thanks.
Commits
-------
765843426e [Translation] Introduce a way to configure the enabled locales
This PR was merged into the 5.1-dev branch.
Discussion
----------
[VarDumper] Add a RdKafka caster
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
Hello,
This is the very beginning of this new feature.
First, I'd like to know if there's a no-go for this feature so I won't waste my time.
Then, if you are a RdKafka expert, I'd take your comments with much pleasure sincer I'm a noob in this technology (and that's why I'm implementing this caster 🤓)
Tests need to be added once the implementation will be a bit more complete.
Commits
-------
6cd1235539 Add a RdKafka caster to Var-Dumper
* 5.0:
Add missing use statements
[Translation] Add missing use statement
[Translation] Add missing use statement
[Config][XmlReferenceDumper] Prevent potential \TypeError
[Mailer] Fix broken mandrill http send for recipients with names
[Translation] prefer intl domain when adding messages to catalogue
Fix CS
Fix CS
Fail on empty password verification (without warning on any implementation)
[Translation][Debug] Add installation and minimal example to README
[Validator] try to call __get method if property is uninitialized
Show both missing packages in the same error message
Fix handling of empty_data's \Closure value in Date/Time form types
* 4.4:
Add missing use statements
[Translation] Add missing use statement
[Translation] Add missing use statement
[Config][XmlReferenceDumper] Prevent potential \TypeError
[Mailer] Fix broken mandrill http send for recipients with names
[Translation] prefer intl domain when adding messages to catalogue
Fix CS
Fix CS
Fail on empty password verification (without warning on any implementation)
[Translation][Debug] Add installation and minimal example to README
[Validator] try to call __get method if property is uninitialized
Show both missing packages in the same error message
Fix handling of empty_data's \Closure value in Date/Time form types
* 3.4:
[Translation] Add missing use statement
[Translation][Debug] Add installation and minimal example to README
[Validator] try to call __get method if property is uninitialized
Fix handling of empty_data's \Closure value in Date/Time form types
This PR was merged into the 3.4 branch.
Discussion
----------
[Form] Fix handling of empty_data's \Closure value in Date/Time form types
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33188
| License | MIT
| Doc PR | -
Basically this would solve the posibility to pass a `\Closure` to the `empty_data` option for Date/Time form types.
> https://symfony.com/doc/current/reference/forms/types/form.html#empty-data
> If a form is compound, you can set empty_data as an array, object or **closure**. See the [How to Configure empty Data](https://symfony.com/doc/current/form/use_empty_data.html) for a Form Class article for more details about these options.
Also related to https://github.com/symfony/symfony/pull/29182
Commits
-------
4939f0e323 Fix handling of empty_data's \Closure value in Date/Time form types
This PR was squashed before being merged into the 4.4 branch (closes#35430).
Discussion
----------
[Translation] prefer intl domain when adding messages to catalogue
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
This PR ensures that when adding translations to a catalogue using the `add(array $messages, string $domain = 'messages')` method internally the intl icu domain is checked first.
Otherwise it could happen that existing messages in e.g. `messages+intl-icu` are not updated but the same keys are added to `messages`.
This is a follow-up of #35370, now targeting the `4.4` branch.
Commits
-------
b72b7d3413 [Translation] prefer intl domain when adding messages to catalogue
This PR was merged into the 4.4 branch.
Discussion
----------
[DX][TwigBridge] Show both missing packages for NotificationMail in the same error message
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
I ran `composer req twig` expecting to be ready to use the notification mail feature. After that, it required 2 page refreshes in the browser and 2 composer commands to be ready. This PR merges both missing packages into one error message, to improve developer experience.
Commits
-------
f462285381 Show both missing packages in the same error message
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] adding NoPrivateNetworkHttpClient decorator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The purpose of NoPrivateNetworkHttpClient is for block requests to private networks by default or block one or more subnetwork if specified. NoPrivateNetworkHttpClient accepts two arguments, first one is a HttpClientInterface instance and subnetworks as a second argument.
Second argument $subnets can be null for blocking requests to private networks, or string to specify a single subnet of array for a set of subnets.
```php
<?php
use Symfony\Component\HttpClient\HttpClient;
use Symfony\Component\HttpClient\NoPrivateNetworkHttpClient;
$client = new NoPrivateNetworkHttpClient(HttpClient::create());
// You can request public networks normally using the code above
$client->request('GET', 'https://symfony.com/');
// Requests to private neworks will be blocked because second argument ($subnets) is null
$client->request('GET', 'http://localhost/');
// If we request from 104.26.14.0 to 104.26.15.255 we'll get an exception, since I'm specifying a subnetwork
$client = new NoPrivateNetworkHttpClient(HttpClient::create(), ['104.26.14.0/23']);
// Let's suppose that our DNS server resolves symfony.com to 104.26.14.6, then the following request will be blocked
$client->request('GET', 'https://symfony.com/');
```
Commits
-------
63fec805f4 [HttpClient] adding NoPrivateNetworkHttpClient decorator
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] allow using public aliases to reference controllers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR allows referencing a controller with an alias when needed. The use case I'm targetting is using `@Route` annotations on methods of the `App\Kernel` and have them work. This PR allows it.
Sidekick of https://github.com/symfony/recipes/pull/735
Commits
-------
94bc1f7d3b [HttpKernel] allow using public aliases to reference controllers
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] make response stream functionality consistent
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
There are three ways of creating a stream from a response:
1. Calling `$response->toStream()` (if the response supports this)
2. Calling `StreamWrapper::createResource($response)`
3. Calling `StreamWrapper::createResource($response, $httpClient)` (note the second argument)
Currently, the 3rd method creates a stream that is not rewindable (the other two are). The first commit adds tests showing the inconsistencies (1 test fails). The second commit is a fix to make the 3 ways consistent.
See https://twitter.com/nicolasgrekas/status/1224047079422599168 for reference.
Commits
-------
64f9111686 [HttpClient] make response stream functionality consistent
This PR was squashed before being merged into the 3.4 branch (closes#35552).
Discussion
----------
[Translation][Debug] Add installation and minimal example to README
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | -
At SymfonyCon, we decided to test out removing some component documentation from the official docs. These were duplicating quite some information of the main guides and were confusing people that used the components in the framework.
I think it's good to reintroduced the composer installation command and a very minimal example in the README's of the component. This doesn't require maintenance and can kickstart people to gain knowledge on how to use the component.
For now, we've (re)moved the Debug and Translation component docs, so that's why I've only modified those README's.
cc @symfony/team-symfony-docs
Commits
-------
b52b7b9fd6 [Translation][Debug] Add installation and minimal example to README
* 5.0:
[Phpunit] Fix running skipped tests expecting only deprecations
Fix merge
[Config] dont catch instances of Error
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[FrameworkBundle] remove mention of the old Controller class
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
* 4.4:
[Phpunit] Fix running skipped tests expecting only deprecations
Fix merge
[Config] dont catch instances of Error
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] check for __get method existence if property is uninitialized
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35544
| License | MIT
Resolve bug #35544.
On PHP 7.4, check if object implements `__get` magic method if property is reported as uninitialized before returning null.
Commits
-------
427bc3aa18 [Validator] try to call __get method if property is uninitialized
* 3.4:
[Phpunit] Fix running skipped tests expecting only deprecations
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
This PR was merged into the 3.4 branch.
Discussion
----------
[DependencyInjection] Fix typo in test name
Rename testThrowsExceptionWhenAddServiceOnACompiledContainer to testNoExceptionWhenAddServiceOnACompiledContainer.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes (technically)
| New feature? | no
| Deprecations? | no
| Tickets | #35505
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Commits
-------
9cbfad5853 [DependencyInjection] #35505 Fix typo in test name
This PR was merged into the 3.4 branch.
Discussion
----------
[Yaml][Inline] Fail properly on empty object tag and empty const tag
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Rework of https://github.com/symfony/symfony/pull/35208 to not end up in `parseScalar` with an empty string or a boolean (and thus, avoid unfriendly error such as `Trying to access array offset on value of type bool`).
Ping @xabbuh
Commits
-------
bdf02c0a7e [Yaml][Inline] Fail properly on empty object tag and empty const tag
This PR was merged into the 3.4 branch.
Discussion
----------
[PhpUnitBridge] Fix running skipped tests expecting only deprecations
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
If a test class has unsatisfied `@requires` and contains test methods expecting deprecation only, you get:
> Fatal error: Uncaught Error: Call to a member function beStrictAboutTestsThatDoNotTestAnything() on null in ./symfony/symfony-dev/vendor/symfony/phpunit-bridge/Legacy/SymfonyTestsListenerTrait.php:229
Spotted in #34925's build.
Commits
-------
6b02362c5b [Phpunit] Fix running skipped tests expecting only deprecations
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Check non-null type for numeric type
$maxAge and $sharedAge can both be zero
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Commits
-------
2797867ae9 Check non-null type for numeric type
This PR was merged into the 3.4 branch.
Discussion
----------
[DomCrawler] Skip disabled fields processing in Form
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#28179
| License | MIT
Commits
-------
c73b042044 bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
This PR was merged into the 3.4 branch.
Discussion
----------
[Console] SymonfyStyle - Check value isset to avoid PHP notice
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34093
| License | MIT
| Doc PR | n/a
This PR addresses the issue when a default value is not a valid choice. Currently this would throw a notice which outputs to the console.
This fix is a similar implementation to the `QuestionHelper`: https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Console/Helper/QuestionHelper.php#L63
Example console command and output can be found in the issue: #34093
Commits
-------
c9072c70ef Check value isset to avoid PHP notice
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] dont display any content when none has been collected
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
36536c94d2 [HttpClient] dont display any content when none has been collected
This PR was merged into the 5.0 branch.
Discussion
----------
[FrameworkBundle] remove mention of the old Controller class
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This class is gone in 5.0.
Commits
-------
6620f8afd9 [FrameworkBundle] remove mention of the old Controller class
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] Allow pass array of callable to the mocking http client
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | not yet
For the now MockHttpClient allows pass closure as response factory. It useful for tests to perform assertions that expected request was sent. But If we are sending multiple sequental requests then it became a little bit tricky to perform assertions:
```php
<?php
$requestIndex = 0;
$expectedRequest = function ($method, $url, $options) use (&$requestIndex) {
switch (++$requestIndex) {
case 1:
$this->assertSame('GET', $method);
$this->assertSame('https://example.com/api/v1/customer', $url);
return new MockResponse(CustomerFixture::CUSTOMER_RESPONSE);
case 2:
$this->assertSame('POST', $method);
$this->assertSame('https://example.com/api/v1/customer/1/products', $url);
$this->assertJsonStringEqualsJsonFile(CustomerFixture::CUSTOMER_PRODUCT_PAYLOAD, $options['json']);
return new MockResponse();
default:
throw new \InvalidArgumentException('Too much requests');
}
};
$client = new MockHttpClient($expectedRequest);
static::$container->set('http_client.example', $client);
$commandTester->execute(['--since' => '2019-01-01 00:05:00', '--until' => '2019-01-01 00:35:00']);
$this->assertSame(2, $requestIndex, 'All expected requests was sent.');
```
This PR introduces possibility to define multiple callable response factories and `getSentRequestsCount` method to make sure that each factory was called:
```php
<?php
$expectedRequests = [
function ($method, $url, $options) {
$this->assertSame('GET', $method);
$this->assertSame('https://example.com/api/v1/customer', $url);
return new MockResponse(CustomerFixture::CUSTOMER_RESPONSE);
},
function ($method, $url, $options) {
$this->assertSame('POST', $method);
$this->assertSame('https://example.com/api/v1/customer/1/products', $url);
$this->assertJsonStringEqualsJsonFile(CustomerFixture::CUSTOMER_PRODUCT_PAYLOAD, $options['json']);
return new MockResponse();
},
];
$client = new MockHttpClient($expectedRequest);
static::$container->set('http_client.example', $client);
$commandTester->execute(['--since' => '2019-01-01 00:05:00', '--until' => '2019-01-01 00:35:00']);
$this->assertSame(2, $client->getSentRequestsCount(), 'All expected requests was sent.');
```
Also it adds a lot of tests.
Commits
-------
a36797d60e Allow pass array of callable to the mocking http client
This PR was merged into the 5.1-dev branch.
Discussion
----------
[PropertyInfo] Add accessor and mutator extractor interface and implementation on reflection
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30248, partially: #22190, #18016, #5013, #9336, #5219,
| License | MIT
| Doc PR | TODO
This PR brings accessor / mutator extraction on the PropertyInfo component,
There is no link to existing code, as IMO it should be in another PR as this will add a dependency on property access to the property info component and not sure this is something wanted (although, it will reduce a lot of code base on the property access component as a lot of code seems to be duplicated)
Code is extracted from #30248 also there is some new features (that can be removed if not wanted)
* Allow extracting private accessor / mutator (will do a new PR that improve private extraction on reflection latter)
* Allow extracting static accessor / mutators
* Allow extracting constructor mutators
Current implementation try to be as close as the PropertyAccess implementation and i did not reuse some methods already available in the class as there is some differences in implementation, but maybe it will be a good time to make this consistent (Looking forward to your input) ?
Things that should be done in a new PR:
* Linking property info to property access to remove a lot of duplicate code
* Add a new system that allow adding Virtual Property based on this extractor
Commits
-------
0a92dab753 Rebase, fix tests, review & update CHANGELOG
fc250863a8 [PropertyInfo] Add accessor and mutator extractor interface and implementation on reflection
This PR was squashed before being merged into the 5.1-dev branch (closes#35538).
Discussion
----------
[FrameworkBundle] fixed suggesting deprecated WebServerBundle
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35495
| License | MIT
| Doc PR |
Removed suggestion to install `symfony/web-server-bundle` in console missing packages suggestions. The web server bundle was deprecated and no longer works with Symfony 5.x, .
Commits
-------
134129b5ad [FrameworkBundle] fixed suggesting deprecated WebServerBundle
* 5.0:
[Validator] fix access to uninitialized property when getting value
[HttpClient] Fix regex bearer
[Translator] Default value for 'sort' option in translation:update should be 'asc'
[HttpKernel] Fix stale-if-error behavior, add tests
[Intl] Provide more locale translations
[Mailer] Fix STARTTLS support for Postmark and Mandrill
[Messenger] Check for all serialization exceptions during message dec…
[Messenger] Fix bug when using single route with XML config
Fix exception message in Doctrine Messenger
[DI] CheckTypeDeclarationsPass now checks if value is type of parameter type
[SecurityBundle] fix security.authentication.provider.ldap_bind arguments
Improved error message when no supported user provider is found
Mysqli doesn't support the named parameters used by PdoAdapter
Added debug argument to decide if debug page should be shown or not
Mysqli doesn't support the named parameters used by PdoStore
Properly handle phpunit arguments for configuration file
[Mailer] add tests for http transports
* 4.4:
[Validator] fix access to uninitialized property when getting value
[HttpClient] Fix regex bearer
[Translator] Default value for 'sort' option in translation:update should be 'asc'
[HttpKernel] Fix stale-if-error behavior, add tests
[Intl] Provide more locale translations
[Mailer] Fix STARTTLS support for Postmark and Mandrill
[Messenger] Check for all serialization exceptions during message dec…
[Messenger] Fix bug when using single route with XML config
Fix exception message in Doctrine Messenger
[DI] CheckTypeDeclarationsPass now checks if value is type of parameter type
[SecurityBundle] fix security.authentication.provider.ldap_bind arguments
Improved error message when no supported user provider is found
Mysqli doesn't support the named parameters used by PdoAdapter
Added debug argument to decide if debug page should be shown or not
Mysqli doesn't support the named parameters used by PdoStore
Properly handle phpunit arguments for configuration file
[Mailer] add tests for http transports
* 4.3:
[Validator] fix access to uninitialized property when getting value
[HttpClient] Fix regex bearer
[HttpKernel] Fix stale-if-error behavior, add tests
Improved error message when no supported user provider is found
Properly handle phpunit arguments for configuration file
* 3.4:
[Validator] fix access to uninitialized property when getting value
[HttpKernel] Fix stale-if-error behavior, add tests
Improved error message when no supported user provider is found