* 4.4:
[FrameworkBundle] start session on flashbag injection
[Validator] Remove commas in translations
[Console] Fallback to default answers when unable to read input
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] start session on flashbag injection
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix [#33084](https://github.com/symfony/symfony/issues/33084)
| License | MIT
This PR addresses an issue whereby if the FlashBag is injected into the application using the default service configuration, we cannot rely that the session has been started. This behaviour is in contradiction to [the docs](https://symfony.com/doc/current/session.html#avoid-starting-sessions-for-anonymous-users):
> Sessions are automatically started whenever you read, write or even check for the existence of data in the session.
This is because symfony ensures the session has been started on calls to getFlashBag() which is normally how the flashbag will be accessed but this is not called if you inject the FlashBag directly into the container.
I have addressed this issue by changing the way the Flashbag service is built so that it uses Session as a factory service and getFlashBag as a factory method. This means that anywhere in symfony where FlashBag is injected can now rely on the fact the session is started.
I have also added a new functional test to verify this behaviour.
Commits
-------
e8b4d35616 [FrameworkBundle] start session on flashbag injection
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[ErrorHandler][FrameworkBundle] better error messages in failing tests
| Q | A
| ------------- | ---
| Branch? | master for features
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#32752
| License | MIT
| Doc PR |
Purpose of this PR is to enhance tests by giving a way to report an exception that occured during the processing of the request.
The ErrorHandler will add an X-Debug-Exception, and the assertThat() method of WebTestCase will throw an exception if this header exists and status code is 5xx.
In practice, this adds the "Caused by" section in this example:
```
Time: 374 ms, Memory: 20.00 MB
There was 1 failure:
1) App\Tests\Controller\HomeControllerTest::testC
Failed asserting that the Response has header "Content-Type" with value "application/json".
/srv/symfony/src/Symfony/Bundle/FrameworkBundle/Test/BrowserKitAssertionsTrait.php:132
/srv/symfony/src/Symfony/Bundle/FrameworkBundle/Test/BrowserKitAssertionsTrait.php:66
/srv/blog/tests/Controller/HomeControllerTest.php:29
Caused by
Exception: This a test exception. in /the/file.php:139
Stack trace:
[...]
```
Commits
-------
0da9469ee2 [ErrorHandler][FrameworkBundle] better error messages in failing tests
* 5.0:
Add missing dots at the end of exception messages
Add missing dots at the end of exception messages
[DI][Form] Fixed test suite (TimeType changes & unresolved merge conflict)
Fix bad merge
Add missing dots at the end of exception messages
* 4.4:
Add missing dots at the end of exception messages
[DI][Form] Fixed test suite (TimeType changes & unresolved merge conflict)
Fix bad merge
Add missing dots at the end of exception messages
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Framework-Bundle] fixed kernel.secret not being overridden when loaded from extension using MicroKernelTrait
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Previously, when extending `Kernel::class` and using the `MicroKernelTrait::class` setting the `secret` like
```
protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader)
{
$container->loadFromExtension('framework', [ 'secret' => 'foo',]);
```
would not replace the `kernel.secret` parameter set by `$container->setParameter('kernel.secret', '%env(APP_SECRET)%');` in the `MicroKernelTrait`.
Initiating a service with a secret argument without a `APP_ENV` value set in `.env` would throw:
`Symfony\Component\DependencyInjection\Exception\EnvNotFoundException : Environment variable not found: "APP_SECRET".`
This PR allows the `kernel.secret` set in the `MicroKernelTrait::registerContainerConfiguration()` to be overridden in a class extending `Kernel` while using the trait.
Thanks @nicolas-grekas for the help on this one.
Commits
-------
76d398851f fixed kernel.secret not being overridden when loaded from extension
* 5.0: (36 commits)
Add test for tagged iterator with numeric index
Fix container lint command when a synthetic service is used in combination with the expression language
Fix Travis script
[Validator][Range] Fix typos
[SecurityBundle] Minor fix in LDAP config tree builder
[HttpClient] fix requests to hosts that idn_to_ascii() cannot handle
Revert "minor #35559 [FrameworkBundle] remove mention of the old Controller class (nicolas-grekas)"
[FrameworkBundle] remove redundant PHPDoc in console Descriptor and subclass
[Mime] remove phpdoc mentioning Utf8AddressEncoder
Add missing phpdoc
Remove int return type from FlattenException::getCode
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
[Form] Handle false as empty value on expanded choices
[Messenger] Add ext-redis min version req to tests
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Add new packages on the link script
...
* 4.4: (34 commits)
Add test for tagged iterator with numeric index
Fix container lint command when a synthetic service is used in combination with the expression language
[Validator][Range] Fix typos
[SecurityBundle] Minor fix in LDAP config tree builder
[HttpClient] fix requests to hosts that idn_to_ascii() cannot handle
[FrameworkBundle] remove redundant PHPDoc in console Descriptor and subclass
[Mime] remove phpdoc mentioning Utf8AddressEncoder
Add missing phpdoc
Remove int return type from FlattenException::getCode
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
[Form] Handle false as empty value on expanded choices
[Messenger] Add ext-redis min version req to tests
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Add new packages on the link script
[DI] fix dumping errored definitions
[DI] ignore extra tags added by autoconfiguration in PriorityTaggedServiceTrait
...
* 3.4:
[Yaml] fix dumping strings containing CRs
[DI] Fix XmlFileLoader bad error message
Tweak message
improve PlaintextPasswordEncoder docBlock summary
[Validator] Add two missing translations for the Arabic (ar) locale
Use some PHP 5.4 constants unconditionally
Revert "bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form"
Add Spanish translation
Fix typo
[Validator] add Japanese translation
Fix typo
Add Polish translation
[SecurityBundle] Minor fixes in configuration tree builder
bumped Symfony version to 3.4.39
updated VERSION for 3.4.38
update CONTRIBUTORS for 3.4.38
updated CHANGELOG for 3.4.38
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DX][Testing] Added a loginUser() method to test protected resources
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#26839
| License | MIT
| Doc PR | tbd
This finishes https://github.com/symfony/symfony/pull/32850 original description:
> I know this won't work for 100% of our users ... but the goal is to make life easier to *most* of them. Thanks!
A custom `ConcreteToken` test-object is created as suggested by @linaori, to not bind this token to any specific implementation (as other implementations aren't fully compatible with eachother).
Commits
-------
2980a680d4 Added special test token and implemented 'real' functional tests
f516829d99 [DX][Testing] Added a loginUser() method to test protected resources
* 5.0:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 5.0.6
updated VERSION for 5.0.5
updated CHANGELOG for 5.0.5
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
* 4.4:
register only existing transport factories
prevent deprecation being triggered from assertion
bumped Symfony version to 4.4.6
updated VERSION for 4.4.5
updated CHANGELOG for 4.4.5
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle][HttpKernel] Add session usage reporting in stateless mode
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| License | MIT
| Doc PR | TODO
https://github.com/orgs/symfony/projects/1#card-30506005
Provide a `@Stateless` annotation that forbid session usage for annotated controllers (or classes).
## Implementations
**v1**
- ~~New session proxy that allows session to be marked as disabled~~
- ~~New default route attribute: `_stateless` (automatically set by `@Stateless`)~~
- ~~On kernel controller event, if `_stateless` is `true`, session is marked as disabled~~
- ~~Session listener is able to check if the session is disabled and prevent its creation~~
**v2**
- New default route attribute: `_stateless` (automatically set by `@Stateless`)
- On kernel response, check the session usage and if session was used when `_stateless` attribute is set to `true`: Either throw an exception (debug enabled) or log a warning (debug disabled)
Commits
-------
bc48db2424 [FrameworkBundle][HttpFoundation] Add `_stateless`
* 5.0:
minor #35833 [FrameworkBundle] Add missing items in the unused tag pass whitelist (fabpot)
[HttpClient][DX] Add URL context to JsonException messages
[Routing] Improve localized routes performances
[4.4][DoctrineBridge] Use new Types::* constants and support new json type
[Validator] Add missing translations
[Notifier] Dispatch message event in null transport
[Messenger] Use Doctrine DBAL new Types::* constants
* 4.4:
minor #35833 [FrameworkBundle] Add missing items in the unused tag pass whitelist (fabpot)
[HttpClient][DX] Add URL context to JsonException messages
[Routing] Improve localized routes performances
[4.4][DoctrineBridge] Use new Types::* constants and support new json type
[Validator] Add missing translations
[Messenger] Use Doctrine DBAL new Types::* constants
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Add missing items in the unused tag pass whitelist
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
We have some missing tags in the whitelist. I've added a script that adds the missing ones, and added a test to avoid forgetting about updating the whitelist.
Commits
-------
d1bcc0fc5e [FrameworkBundle] Add a script that checks for missing items in the unused tag whitelist
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Add missing items in the unused tag pass whitelist
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
We have some missing tags in the whitelist. I've added a script that adds the missing ones, and added a test to avoid forgetting about updating the whitelist.
Commits
-------
d1bcc0fc5e [FrameworkBundle] Add a script that checks for missing items in the unused tag whitelist
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpFoundation] Added MarshallingSessionHandler
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | TODO
Added `MarshallingSessionHandler`, a decorator for session handlers which uses the cache marshaller in order to encrypt session data.
(This is an alternative solution to #35643)
To use it, we can simply decorate the session marshaller, after that all session data will be encrypted
```yaml
Symfony\Component\Cache\Marshaller\SodiumMarshaller:
decorates: 'session.marshaller'
arguments:
- ['%env(file:resolve:SODIUM_DECRYPTION_FILE)%']
- '@Symfony\Component\Cache\Marshaller\SodiumMarshaller.inner'
```
TODO:
- [x] unit tests
Commits
-------
155d980aea [HttpFoundation][Cache] Added MarshallingSessionHandler
* 5.0: (28 commits)
[DoctrineBridge] Use new Types::* constants and support new json type
Fix bad merge in README of Nexmo Notifier bridge
[Debug][ErrorHandler] improved deprecation notices for methods new args and return type
[BrowserKit] Nested file array prevents uploading file
[ExpressionLanguage] Fixed collisions of character operators with object properties
remove usage of already deleted Symfony\Component\EventDispatcher\Event
[Notifier] Add correct tags for NullTransportFactory
[Validator] Remove specific check for Valid targets
[PhpUnitBridge] Use trait instead of extending deprecated class
Fix versioned namespace clears
fix remember me
Use strict assertion in asset tests
[DoctrineBridge][DoctrineExtractor] Fix indexBy with custom and some core types
Do not rely on the current locale when dumping a Graphviz object
fix typo
[Ldap] force default network timeout
[Config] don't throw on missing excluded paths
Docs: Typo, grammar
[Validator] Add the missing translations for the Polish ("pl") locale
[PhpUnitBridge] Add compatibility to PHPUnit 9 #35662
...
This PR was merged into the 5.0 branch.
Discussion
----------
[Notifier] Add correct tags for NullTransportFactory
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
I tried to disable the delivery of notifications in `dev` environment with the following configuration:
```
framework:
notifier:
chatter_transports:
slack: 'null://null'
texter_transports:
twilio: 'null://null'
channel_policy:
urgent: ['chat/slack', 'sms/twilio']
high: ['email']
medium: ['email']
low: ['email']
```
While sending the notification like this:
```
$notification = (new Notification())
->subject('Test subject')
->importance(Notification::IMPORTANCE_URGENT)
->content('Test content')
;
$this->notifier->send($notification);
```
I got an `UnsupportedSchemeException`: The "null" scheme is not supported.
After some digging I figured out that this Exception occurred because the `NullTransportFactory` was not tagged with the `chatter.transport_factory` and `texter.transport_factory` tags. Which is the reason the `NullTransportFactory` was not injected in the `Transport` class and so the `NullTransport` couldn't be used.
This PR should fix this Bug.
Commits
-------
1ff5e3c83f [Notifier] Add correct tags for NullTransportFactory
* 5.0:
fix unix root dir issue
sync validator translation files with master
fix anchor
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
[HttpKernel] Fix method name in doc comments
* 4.4:
fix unix root dir issue
sync validator translation files with master
[HttpFoundation] fix not sending Content-Type header for 204 responses
[ErrorHandler] silence warning when zend.assertions=-1
fix anchor
[Console] Handle zero row count in appendRow() for Table
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
* 3.4:
fix unix root dir issue
sync validator translation files with master
fix anchor
fix links to releases page (formerly known as "roadmap")
[Console] Don't load same-namespace alternatives on exact match found
This PR was squashed before being merged into the 5.1-dev branch (closes#33968).
Discussion
----------
[Notifier] Add Firebase bridge
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | See #33687
| License | MIT
This would add [Firebase](https://firebase.google.com) integration for the Notifier component. With Firebase you can send push notifications to the users of you Android and iOS app and website (formerly known as Google Cloud messaging).
I'm not sure if it's possible to have this merged, like the other bridges. Or if I should create a stand-alone repository? That'd be fine too.
Also it's now using the `ChatMessage` as implementation of `Symfony\Component\Notifier\Message\MessageInterface`, but I feel like this component could use a `PushMessage` or something similar. Although I'm not sure if it would contain more than `subject` that the `ChatMessage` does.
Commits
-------
2776d2f811 [Notifier] Add Firebase bridge
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Messenger] Add SQS transport
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | TODO
This PR add the AWS SQS transport in messenger.
It also add a `DisconnectedReceiverInterface` that allows the worker to release not-proceeded message (which are not automatically released in SQS and have to wait a TTL). Tell me if you prefer to move it in a dedicated PR.
accepted DNS:
- `sqs://default/accountId/queueName`
- `sqs://default/queueName`
- `sqs://default/queueName?region=us-east-2`
- `sqs://my_custome_endpoint:12345/queueName?sslmode=disabled`
To reduce AWS costs, the implementation performs a long polling call and prefetch several messages.
TO get ~real time worker, one could use `./bin/console messenger:consume --sleep 0.001`
Commits
-------
c226479d5f [Messenger] Add SQS transport
* 5.0:
[FrameworkBundle] fix "samesite" in XSD
[Console] Consider STDIN interactive
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
* 4.4:
[FrameworkBundle] fix "samesite" in XSD
[Console] Consider STDIN interactive
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
* 3.4:
[FrameworkBundle] fix "samesite" in XSD
Update UserPasswordEncoderCommand.php
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
[DoctrineBridge] Fixed submitting ids with query limit or offset
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35520
| License | MIT
| Doc PR | -
This PR cherry-picks #28168 on 3.4, with a rationale given by @ConneXNL in https://github.com/symfony/symfony/issues/35520#issuecomment-582296847:
> I hope I am wrong but I see the impact of not making any changes to Symfony 3.4 will have a tons of sites break if we cannot set the cookie's samesite setting (in the framework session and remember me) before Chrome pushes this update.
>
> Very soon all existing cookies are no longer going to work with cross-domains if you do not specify 'None' for the cookie_samesite. All external APIs that use cookies and are running SF 3.4 will break and devs will have no quick solution to fix their auth process.
>
> If you are using PHP 7.4, yes you can most likely use ini_set to workaround this issue.
>
> However, ini_set('cookie_samesite') does not work in PHP Version <= 7.2.
I am not even sure PHP 7.3 supports the value 'None' as php.watch/articles/PHP-Samesite-cookies says it has support for 'Lax' and 'Scrict'.
>
> This effectively means SF 3.4 on PHP 7.2 (or PHP 7.3) is no longer supported for cross domain APIs with cookies. People would have to either update PHP to 7.4 (if they even can?) or go to Symfony 4 (with a dead live site is going to be a complete disaster).
>
> Since the impact of the change that chrome is about to roll out is so fundamentally changing our way to set cookies, I consider configuring samesite configuration in the framework an absolute requirement, not a feature, especially since SF 3.4 is still supported.
>
> What am i missing?
>
> Note: SF3 HTTPFoundation already supports the new cookie settings, it's just the framework that doesn't support it.
Our BC policy embeds the promise that one should be able to keep the same app on a newest infrastructure (eg that's why supporting a PHP version is a bug fix). I think we can consider this for browsers here also. WDYT?
Commits
-------
f46e6cb8a0 [HttpFoundation][FrameworkBundle] fix support for samesite in session cookies
* 5.0:
[Mailer] fix typos
[Messenger] fix typo
[DI] Unknown env prefix not regornized as such
[DI] Fix support for multiple tags for locators and iterators
[PhpUnitBridge] Fix some errors when using serialized deprecations
Fix HTTP client config handling
* 4.4:
[Mailer] fix typos
[Messenger] fix typo
[DI] Unknown env prefix not regornized as such
[DI] Fix support for multiple tags for locators and iterators
[PhpUnitBridge] Fix some errors when using serialized deprecations
Fix HTTP client config handling
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Use MailerAssertionsTrait in KernelTestCase
| Q | A
| ------------- | ---
| Branch? | 4.4+
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#35510
| License | MIT
| Doc PR |
Since 4.4, we have new PHPUnit constraints for the mailer component, but these are only available with `WebTestCase` and not `KernelTestCase`. I think this would be useful to access these constraints from both TestCase.
I don't know if I should move these [tests](https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/FrameworkBundle/Tests/Functional/MailerTest.php) or add new ones only for `KernelTestCase`?
Commits
-------
1b1ab2991a [FrameworkBundle] Use MailerAssertionsTrait in KernelTestCase
This PR was merged into the 4.4 branch.
Discussion
----------
Fix HTTP client config handling
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Defining a `key` parameter in the `query` option of a scoped HTTP client triggers an error:
```
Undefined index: value
```
This PR fixes this issue but an edge case still remains with YAML and PHP config. If one wants to define parameters `key=foo`, `value=bar` and nothing else, the query will actually be `foo=bar` instead of `key=foo&value=bar`. Not sure how to fix this case without breaking the tests I added here.
Commits
-------
963d0cce86 Fix HTTP client config handling
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Translation] Introduce a way to configure the enabled locales
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31563
| License | MIT
| Doc PR | -
This implements the idea #31563 so we can decide if we want to add this or not. I tested it in the "Symfony Demo" app. Before: 107 catalogs created in cache/dev/translations/. After: 43 catalogs. But that's because the app is translated into lots of languages. In most cases, only 2 catalog files will be generated (vs 107 before).
If this idea is approved, I'll add tests and docs. Thanks.
Commits
-------
765843426e [Translation] Introduce a way to configure the enabled locales
* 5.0:
Add missing use statements
[Translation] Add missing use statement
[Translation] Add missing use statement
[Config][XmlReferenceDumper] Prevent potential \TypeError
[Mailer] Fix broken mandrill http send for recipients with names
[Translation] prefer intl domain when adding messages to catalogue
Fix CS
Fix CS
Fail on empty password verification (without warning on any implementation)
[Translation][Debug] Add installation and minimal example to README
[Validator] try to call __get method if property is uninitialized
Show both missing packages in the same error message
Fix handling of empty_data's \Closure value in Date/Time form types
* 4.4:
Add missing use statements
[Translation] Add missing use statement
[Translation] Add missing use statement
[Config][XmlReferenceDumper] Prevent potential \TypeError
[Mailer] Fix broken mandrill http send for recipients with names
[Translation] prefer intl domain when adding messages to catalogue
Fix CS
Fix CS
Fail on empty password verification (without warning on any implementation)
[Translation][Debug] Add installation and minimal example to README
[Validator] try to call __get method if property is uninitialized
Show both missing packages in the same error message
Fix handling of empty_data's \Closure value in Date/Time form types
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpKernel] allow using public aliases to reference controllers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This PR allows referencing a controller with an alias when needed. The use case I'm targetting is using `@Route` annotations on methods of the `App\Kernel` and have them work. This PR allows it.
Sidekick of https://github.com/symfony/recipes/pull/735
Commits
-------
94bc1f7d3b [HttpKernel] allow using public aliases to reference controllers
* 5.0:
[Phpunit] Fix running skipped tests expecting only deprecations
Fix merge
[Config] dont catch instances of Error
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[FrameworkBundle] remove mention of the old Controller class
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
* 4.4:
[Phpunit] Fix running skipped tests expecting only deprecations
Fix merge
[Config] dont catch instances of Error
[HttpClient] fix HttpClientDataCollector when handling canceled responses
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
* 3.4:
[Phpunit] Fix running skipped tests expecting only deprecations
[DependencyInjection] #35505 Fix typo in test name
[Yaml][Inline] Fail properly on empty object tag and empty const tag
Check non-null type for numeric type
Check value isset to avoid PHP notice
bug symfony#28179 [DomCrawler] Skip disabled fields processing in Form
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Check non-null type for numeric type
$maxAge and $sharedAge can both be zero
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
Commits
-------
2797867ae9 Check non-null type for numeric type
This PR was squashed before being merged into the 5.1-dev branch (closes#35538).
Discussion
----------
[FrameworkBundle] fixed suggesting deprecated WebServerBundle
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35495
| License | MIT
| Doc PR |
Removed suggestion to install `symfony/web-server-bundle` in console missing packages suggestions. The web server bundle was deprecated and no longer works with Symfony 5.x, .
Commits
-------
134129b5ad [FrameworkBundle] fixed suggesting deprecated WebServerBundle
* 5.0:
[Validator] fix access to uninitialized property when getting value
[HttpClient] Fix regex bearer
[Translator] Default value for 'sort' option in translation:update should be 'asc'
[HttpKernel] Fix stale-if-error behavior, add tests
[Intl] Provide more locale translations
[Mailer] Fix STARTTLS support for Postmark and Mandrill
[Messenger] Check for all serialization exceptions during message dec…
[Messenger] Fix bug when using single route with XML config
Fix exception message in Doctrine Messenger
[DI] CheckTypeDeclarationsPass now checks if value is type of parameter type
[SecurityBundle] fix security.authentication.provider.ldap_bind arguments
Improved error message when no supported user provider is found
Mysqli doesn't support the named parameters used by PdoAdapter
Added debug argument to decide if debug page should be shown or not
Mysqli doesn't support the named parameters used by PdoStore
Properly handle phpunit arguments for configuration file
[Mailer] add tests for http transports
* 4.4:
[Validator] fix access to uninitialized property when getting value
[HttpClient] Fix regex bearer
[Translator] Default value for 'sort' option in translation:update should be 'asc'
[HttpKernel] Fix stale-if-error behavior, add tests
[Intl] Provide more locale translations
[Mailer] Fix STARTTLS support for Postmark and Mandrill
[Messenger] Check for all serialization exceptions during message dec…
[Messenger] Fix bug when using single route with XML config
Fix exception message in Doctrine Messenger
[DI] CheckTypeDeclarationsPass now checks if value is type of parameter type
[SecurityBundle] fix security.authentication.provider.ldap_bind arguments
Improved error message when no supported user provider is found
Mysqli doesn't support the named parameters used by PdoAdapter
Added debug argument to decide if debug page should be shown or not
Mysqli doesn't support the named parameters used by PdoStore
Properly handle phpunit arguments for configuration file
[Mailer] add tests for http transports
This PR was squashed before being merged into the 5.1-dev branch (closes#29139).
Discussion
----------
[FrameworkBundle][TranslationDebug] Return non-zero exit code on failure
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | TBD
This PR introduces non-zero exit codes upon failure for the `debug:translations` command. The addition can be useful for projects which wish to determine results easily in CI.
The exit code returned can be interpreted as a bit array and to determine what failed, one could Bitwise AND the returned exit code to determine what failed.
Exit Codes:
| Failure Reason | bit array | integer |
| ---------------- | --------- | --------- |
| General Failure (i.e no translations at all) | `1000000` | 64 |
| Missing Translations | `1000001` | 65 |
| Unused Translations | `1000010` | 66 |
| Fallback Translations | `1000100` | 68 |
Example: Given there are missing and unused translations, the expected status code would be `TranslationDebugCommand::EXIT_CODE_MISSING | TranslationDebugCommand::EXIT_CODE_UNUSED`, which would be evaluated to `67`.
Commits
-------
0baafd8bc5 [FrameworkBundle][TranslationDebug] Return non-zero exit code on failure
This PR was squashed before being merged into the 4.4 branch (closes#35486).
Discussion
----------
[Translator] Default value for 'sort' option in translation:update should be 'asc'
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
The value for 'sort' option for `bin/console translation:update --sort` is optional, but no default value is defined. So the list isn't sorted if no value is explicitly defined.
This MR brings a default value "asc" if no value is defined, so the list is correctly sorted.
Commits
-------
fdb13c8ab8 [Translator] Default value for 'sort' option in translation:update should be 'asc'
This PR was merged into the 5.1-dev branch.
Discussion
----------
[DI][Routing] add wither to configure the path of PHP-DSL configurators
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
This makes PHP-DSL configurators more flexible, by allowing to use them for a different path than they were initially created for.
Sidekick of https://github.com/symfony/recipes/pull/721
Commits
-------
8f92c85689 [DI][Routing] add wither to configure the path of PHP-DSL configurators
This PR was squashed before being merged into the 5.1-dev branch (closes#35422).
Discussion
----------
[Messenger] Move Transports to separate packages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR | coming
I think it is a good idea to have the transports in a separate package. The benefits a many:
- It allows us to have usage statistics
- The core messenger package is smaller
- Transports can have dependencies specified in composer.json instead of just suggests
This PR will not break BC but it requires to configure subtree split.
Commits
-------
2990c8f1e7 [Messenger] Move Transports to separate packages
* 5.0: (21 commits)
[DoctrineBridge] [DX] Improve condition for exception text in ManagerRegistry to avoid confusion
Fix testing with mongodb
suggest a non-deprecated function replacement
Minor Travis cosmetic patch
[Cache] fix checking for igbinary availability
[HttpKernel] Check if lock can be released
Fixes a runtime error (Impossible to access an attribute ("value") on a double variable...) when accessing the cache panel (@see #35419)
bumped Symfony version to 5.0.4
updated VERSION for 5.0.3
updated CHANGELOG for 5.0.3
bumped Symfony version to 4.4.4
updated VERSION for 4.4.3
updated CHANGELOG for 4.4.3
bumped Symfony version to 4.3.11
updated VERSION for 4.3.10
updated CHANGELOG for 4.3.10
bumped Symfony version to 3.4.38
updated VERSION for 3.4.37
update CONTRIBUTORS for 3.4.37
updated CHANGELOG for 3.4.37
...
* 4.4:
[DoctrineBridge] [DX] Improve condition for exception text in ManagerRegistry to avoid confusion
Fix testing with mongodb
suggest a non-deprecated function replacement
Minor Travis cosmetic patch
[Cache] fix checking for igbinary availability
[HttpKernel] Check if lock can be released
Fixes a runtime error (Impossible to access an attribute ("value") on a double variable...) when accessing the cache panel (@see #35419)
bumped Symfony version to 4.4.4
updated VERSION for 4.4.3
updated CHANGELOG for 4.4.3
bumped Symfony version to 4.3.11
updated VERSION for 4.3.10
updated CHANGELOG for 4.3.10
bumped Symfony version to 3.4.38
updated VERSION for 3.4.37
update CONTRIBUTORS for 3.4.37
updated CHANGELOG for 3.4.37
[FrameworkBundle] Add --show-arguments example to debug:container command help text
This PR was merged into the 4.4 branch.
Discussion
----------
Fixes a runtime error when accessing the cache panel
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35419
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Fixes a runtime error (_Impossible to access an attribute ("value") on a double variable..._) when accessing the cache panel on 4.4.3
Commits
-------
4740b10132 Fixes a runtime error (Impossible to access an attribute ("value") on a double variable...) when accessing the cache panel (@see #35419)
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Add --show-arguments example to debug:container command help text
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
I like this option a lot and I think it deserves to be mentioned in the command help text :-)
Commits
-------
f703a58215 [FrameworkBundle] Add --show-arguments example to debug:container command help text
* 5.0:
[Filesystem] chown and chgrp should also accept int as owner and group
[DI] Fix EnvVar not loaded when Loader requires an env var
Fixed#34713 Move new messages to intl domain when possible
[FrameworkBundle] Fix small typo in output comment
chown and chgrp should also accept int as owner and group
Revert "Fixed translations file dumper behavior"
Fix RememberMe with null password
[Validator] Fix plurals for sr_Latn (Serbian language written in latin script) validation messages
Set booted flag to false when test kernel is unset
[FrameworkBundle] remove messenger cache if not enabled
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove some unneeded code
[HttpClient] Fix strict parsing of response status codes
fix PHP const mapping keys using the inline notation
[SecurityBundle] Drop duplicated code
[FrameworkBundle] Make sure one can use fragments.hinclude_default_template
Fix that no-cache requires positive validation with the origin, even for fresh responses
Improve upgrading instructions for deprecated router options
[DI] Suggest typed argument when binding fails with untyped argument
* 4.4:
[DI] Fix EnvVar not loaded when Loader requires an env var
Fixed#34713 Move new messages to intl domain when possible
[FrameworkBundle] Fix small typo in output comment
chown and chgrp should also accept int as owner and group
Revert "Fixed translations file dumper behavior"
Fix RememberMe with null password
[Validator] Fix plurals for sr_Latn (Serbian language written in latin script) validation messages
Set booted flag to false when test kernel is unset
[FrameworkBundle] remove messenger cache if not enabled
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove some unneeded code
[HttpClient] Fix strict parsing of response status codes
fix PHP const mapping keys using the inline notation
[SecurityBundle] Drop duplicated code
[FrameworkBundle] Make sure one can use fragments.hinclude_default_template
Fix that no-cache requires positive validation with the origin, even for fresh responses
Improve upgrading instructions for deprecated router options
[DI] Suggest typed argument when binding fails with untyped argument
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
Revert #34797 "Fixed translations file dumper behavior" and fix#34713
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35264
| License | MIT
| Doc PR | -
Revert https://github.com/symfony/symfony/pull/34797
See also https://github.com/symfony/symfony/issues/35328
It's very likely that the new way will be completely different from this one that is being reverted. That's why I'm reverting rather than fixing it.
Commits
-------
9ca872054bFixed#34713 Move new messages to intl domain when possible
56e79fefa1 Revert "Fixed translations file dumper behavior"
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Fix small typo in output comment
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | - <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
d18f5ed851 [FrameworkBundle] Fix small typo in output comment
* 4.3:
[FrameworkBundle] remove messenger cache if not enabled
[HttpClient] Fix strict parsing of response status codes
[DI] Suggest typed argument when binding fails with untyped argument
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Deprecate *not* setting the "framework.router.utf8" option
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | yes
| Tickets | -
| License | MIT
| Doc PR | -
The goal here is to get rid of the `config/packages/routing.yaml` file in Symfony 6.
This should have no practical impact as all new apps already define this setting for 2 years.
Commits
-------
84849bc96a [FrameworkBundle] Deprecate *not* setting the "framework.router.utf8" option
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Add missing entry about framework.router.context
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Relates to #35281 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
Some minor tweaks about #35281
Commits
-------
5a83b07bf4 [FrameworkBundle] Add missing entry about framework.router.context
* 5.0:
Avoid stale-if-error if kernel.debug = true, because it hides errors
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
[SecurityBundle] Fix collecting traceable listeners info using anonymous: lazy
[Filesystem][FilesystemCommonTrait] Use a dedicated directory when there are no namespace
[Workflow] Fix configuration node reference for "initial_marking"
expand listener in place
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
Do not throw exception on valut generate key
* 4.4:
Avoid stale-if-error if kernel.debug = true, because it hides errors
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
[SecurityBundle] Fix collecting traceable listeners info using anonymous: lazy
[Filesystem][FilesystemCommonTrait] Use a dedicated directory when there are no namespace
[Workflow] Fix configuration node reference for "initial_marking"
expand listener in place
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
Do not throw exception on valut generate key
* 4.3:
Avoid stale-if-error if kernel.debug = true, because it hides errors
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
[Workflow] Fix configuration node reference for "initial_marking"
expand listener in place
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
* 3.4:
Avoid stale-if-error if kernel.debug = true, because it hides errors
[Console] Fix SymfonyQuestionHelper tests sometimes failing on AppVeyor
[DI] deferred exceptions in ResolveParameterPlaceHoldersPass
This PR was squashed before being merged into the 5.1-dev branch (closes#35257).
Discussion
----------
[FrameworkBundle] TemplateController should accept extra arguments to be sent to the template
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
In the official documentation (symfony.com/doc/master/templates.html#rendering-a-template-directly-from-a-route) it says that TemplateController should accept extra arguments. In fact it's not available for instance.
So i added the context argument as an array. Because of deprecation of templating, only the twig instance will apply the context argument.
It will need to be implemented in branch 5.
The following issue has been created in documentation project : https://github.com/symfony/symfony-docs/issues/12897
Commits
-------
e27b417817 [FrameworkBundle] TemplateController should accept extra arguments to be sent to the template
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Adding better output to secrets:decrypt-to-local command
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | none
| License | MIT
| Doc PR | not needed
Hi!
The `secrets:decrypt-to-local` doesn't give any output. This adds some basic details:
<img width="1280" alt="Screen Shot 2020-01-09 at 11 53 54 AM" src="https://user-images.githubusercontent.com/121003/72087704-ebe0f480-32d6-11ea-950c-c698abde783d.png">
(note the `-vvv` wasn't necessary in the command to show the output). And the `<info>`part is fixed.
Cheers!
Commits
-------
a6aa9781eb Adding better output to secrets:decrypt-to-local command
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Configure RequestContext through router config
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix#35229 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
- [ ] PR on symfony/symfony-docs
Commits
-------
6658900703 [FrameworkBundle] Configure RequestContext through router config
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Do not throw exception on value generate key
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | N/A
| License | MIT
| Doc PR | N/A
When using env variable instead of key files and creating a new Secret, the check in `generateKeys` (called by the command `SecretsSetCommand`) prevents generating a secret.
reproducer:
```
$ rm config/secrets/prod/prod.decrypt.private.php
$ export SYMFONY_DECRYPTION_SECRET=XXX
$ ./bin/console secret:set FOO
In SodiumVault.php line 50:
Cannot generate keys when a decryption key has been provided while instantiating the vault.
```
This PR converts the exception in a warning message.
Commits
-------
2f608b4dfa Do not throw exception on valut generate key
* 5.0:
[Debug] fix ClassNotFoundFatalErrorHandler
[FrameworkBundle] Document the router.cache_class_prefix parameter removal
[Routing] Fix using a custom matcher & generator dumper class
[Notifier] Add more specific types at documentation level when php engine can't
[Serializer] Fix cache in MetadataAwareNameConverter
[Dotenv] Fixed infinite loop with missing quote followed by quoted value
[HttpClient] Added missing sprintf
[TwigBridge] button_widget now has its title attr translated even if its label = null or false
[PhpUnitBridge] When using phpenv + phpenv-composer plugin, composer executable is wrapped into a bash script
[Messenger] Added check if json_encode succeeded
[Messenger] Added check if json_encode succeeded
[FrameworkBundle][ContainerLintCommand] Only skip .errored. services
[HttpClient] fix exception in case of PSR17 discovery failure
[DependencyInjection] Handle ServiceClosureArgument for callable in container linting
fix processing chain adapter based cache pool
[HttpKernel] release lock explicitly
[Security] Prevent canceled remember-me cookie from being accepted
[FrameworkBundle][TranslationUpdateCommand] Do not output positive feedback on stderr
[Security\Guard] Fix missing typehints
do not render preferred choices as selected
* 4.4:
[Debug] fix ClassNotFoundFatalErrorHandler
[Routing] Fix using a custom matcher & generator dumper class
[Serializer] Fix cache in MetadataAwareNameConverter
[Dotenv] Fixed infinite loop with missing quote followed by quoted value
[HttpClient] Added missing sprintf
[TwigBridge] button_widget now has its title attr translated even if its label = null or false
[PhpUnitBridge] When using phpenv + phpenv-composer plugin, composer executable is wrapped into a bash script
[Messenger] Added check if json_encode succeeded
[Messenger] Added check if json_encode succeeded
[FrameworkBundle][ContainerLintCommand] Only skip .errored. services
[HttpClient] fix exception in case of PSR17 discovery failure
[DependencyInjection] Handle ServiceClosureArgument for callable in container linting
fix processing chain adapter based cache pool
[HttpKernel] release lock explicitly
[Security] Prevent canceled remember-me cookie from being accepted
[FrameworkBundle][TranslationUpdateCommand] Do not output positive feedback on stderr
[Security\Guard] Fix missing typehints
do not render preferred choices as selected
* 4.3:
[Debug] fix ClassNotFoundFatalErrorHandler
[Routing] Fix using a custom matcher & generator dumper class
[Dotenv] Fixed infinite loop with missing quote followed by quoted value
[HttpClient] Added missing sprintf
[TwigBridge] button_widget now has its title attr translated even if its label = null or false
[PhpUnitBridge] When using phpenv + phpenv-composer plugin, composer executable is wrapped into a bash script
[Messenger] Added check if json_encode succeeded
[Security] Prevent canceled remember-me cookie from being accepted
[FrameworkBundle][TranslationUpdateCommand] Do not output positive feedback on stderr
[Security\Guard] Fix missing typehints
* 3.4:
[Debug] fix ClassNotFoundFatalErrorHandler
[Dotenv] Fixed infinite loop with missing quote followed by quoted value
[TwigBridge] button_widget now has its title attr translated even if its label = null or false
[PhpUnitBridge] When using phpenv + phpenv-composer plugin, composer executable is wrapped into a bash script
[Security] Prevent canceled remember-me cookie from being accepted
[FrameworkBundle][TranslationUpdateCommand] Do not output positive feedback on stderr
This PR was merged into the 3.4 branch.
Discussion
----------
[Security\Http] Prevent canceled remember-me cookie from being accepted
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35198
| License | MIT
| Doc PR | -
`RememberMeServices::autoLogin()` only checks that the cookie exists in `$request->cookies` while `loginFail()` only alter `$request->attributes` (which allows child implementations to read the canceled cookie for e.g. removing a persistent one).
This makes `autoLogin()` checks for `request->attributes` first, which fixes the linked issue.
Failure expected on deps=high build.
Commits
-------
9b711b87fe [Security] Prevent canceled remember-me cookie from being accepted
* 5.0:
Fix closing tag in mailer collector template
[Notifier] Fix two minor issues
[HttpClient] Don't read from the network faster than the CPU can deal with
[DI] DecoratorServicePass should keep container.service_locator on the decorated definition
* 4.4:
Fix closing tag in mailer collector template
[HttpClient] Don't read from the network faster than the CPU can deal with
[DI] DecoratorServicePass should keep container.service_locator on the decorated definition
* 5.0: (31 commits)
[HttpClient] NativeHttpClient should not send >1.1 protocol version
[HttpClient] fix support for non-blocking resource streams
[Mailer] Make sure you can pass custom headers to Mailgun
[Mailer] Remove line breaks in email attachment content
Update links to documentation
[Validator] Add the missing translations for the Arabic (ar) locale
ensure to expect no validation for the right reasons
[Security-Guard] fixed 35203 missing name tag in param docblock
[HttpClient] fix casting responses to PHP streams
[PhpUnitBridge] Add test case for @expectedDeprecation annotation
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove $testsWithWarnings stack
[FrameworkBundle] Fix getUser() phpdoc in AbstractController
[Mailer] Fix addresses management in Sendgrid API payload
[Mailer][MailchimpBridge] Fix missing attachments when sending via Mandrill API
[Mailer][MailchimpBridge] Fix incorrect sender address when sender has name
[HttpClient] fix capturing SSL certificates with NativeHttpClient
Update year in license files
Update year in license files
[TwigBridge][Form] Added missing help messages in form themes
Update year in license files
...
This PR was merged into the 5.0 branch.
Discussion
----------
[FrameworkBundle] Fix getUser() phpdoc in AbstractController
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#35185
| License | MIT
| Doc PR | N/A
This imports the `Symfony\Component\Security\Core\User\UserInterface` as the docs state that it returns `UserInterface` but doesn't use a FQN or import the class. This makes `getUser()` appear to return `Symfony\Bundle\FrameworkBundle\Controller\UserInterface`
Commits
-------
bba9fd6ccf [FrameworkBundle] Fix getUser() phpdoc in AbstractController
* 4.4: (26 commits)
[HttpClient] NativeHttpClient should not send >1.1 protocol version
[HttpClient] fix support for non-blocking resource streams
[Mailer] Make sure you can pass custom headers to Mailgun
[Mailer] Remove line breaks in email attachment content
Update links to documentation
[Validator] Add the missing translations for the Arabic (ar) locale
ensure to expect no validation for the right reasons
[Security-Guard] fixed 35203 missing name tag in param docblock
[HttpClient] fix casting responses to PHP streams
[PhpUnitBridge] Add test case for @expectedDeprecation annotation
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove $testsWithWarnings stack
[Mailer] Fix addresses management in Sendgrid API payload
[Mailer][MailchimpBridge] Fix missing attachments when sending via Mandrill API
[Mailer][MailchimpBridge] Fix incorrect sender address when sender has name
[HttpClient] fix capturing SSL certificates with NativeHttpClient
Update year in license files
[TwigBridge][Form] Added missing help messages in form themes
Update year in license files
Update year in license files
fix version when "anonymous: lazy" was introduced
...
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] fix version when "anonymous: lazy" was introduced
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
c280a01724 fix version when "anonymous: lazy" was introduced
* 4.3:
[Mailer] Remove line breaks in email attachment content
Update links to documentation
[Validator] Add the missing translations for the Arabic (ar) locale
ensure to expect no validation for the right reasons
[PhpUnitBridge] Add test case for @expectedDeprecation annotation
[PhpUnitBridge][SymfonyTestsListenerTrait] Remove $testsWithWarnings stack
[Mailer][MailchimpBridge] Fix missing attachments when sending via Mandrill API
[Mailer][MailchimpBridge] Fix incorrect sender address when sender has name
[HttpClient] fix capturing SSL certificates with NativeHttpClient
[TwigBridge][Form] Added missing help messages in form themes
Update year in license files
Update year in license files
[HttpClient] fix typo
[Console][FormatterHelper] Use helper strlen statically and remove duplicated code
[Routing] Fix i18n routing when the url contains the locale
Fix BC issue in phpDoc Reflection library
[Translator] Performance improvement in MessageCatalogue and catalogue operations.
* 3.4:
Update links to documentation
[Validator] Add the missing translations for the Arabic (ar) locale
ensure to expect no validation for the right reasons
[PhpUnitBridge] Add test case for @expectedDeprecation annotation
Update year in license files
[Console][FormatterHelper] Use helper strlen statically and remove duplicated code
Fix BC issue in phpDoc Reflection library
[Translator] Performance improvement in MessageCatalogue and catalogue operations.
This PR was merged into the 5.0 branch.
Discussion
----------
[DebugBundle] Drop RemoveWebServerBundleLoggerPass
| Q | A
| ------------- | ---
| Branch? | 5.0
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
167411c194 [DebugBundle] Drop RemoveWebServerBundleLoggerPass
* 5.0: (24 commits)
Removing unused variable
Fixed#35084
Add missing use statement
[HttpClient] fix scheduling pending NativeResponse
do not overwrite variable value
[Profiler] wording
Use spaces correctly to display options in DebugCommand
Add supported schemes doc blocks type
X-Accel Nginx URL updated
ticket-30197 [Validator] Add the missing translations for the Chinese (Taiwan) ("zh_TW") locale
Fixed test added in #35022
Use locale_parse for computing fallback locales
[Console] Fix filtering out identical alternatives when there is a command loader
[String][UnicodeString] Remove unneeded flag in chunk regex pattern
add note about HTTP status code change
Migrate server:log command away from WebServerBundle
[DependencyInjection][CheckTypeDeclarationsPass] Handle \Closure for callable
[Security] Fix missing defaults for auto-migrating encoders
bumped Symfony version to 5.0.3
updated VERSION for 5.0.2
...
* 4.4:
Fixed#35084
Add missing use statement
[HttpClient] fix scheduling pending NativeResponse
do not overwrite variable value
[Profiler] wording
Use spaces correctly to display options in DebugCommand
X-Accel Nginx URL updated
ticket-30197 [Validator] Add the missing translations for the Chinese (Taiwan) ("zh_TW") locale
Fixed test added in #35022
Use locale_parse for computing fallback locales
[Console] Fix filtering out identical alternatives when there is a command loader
add note about HTTP status code change
Migrate server:log command away from WebServerBundle
[DependencyInjection][CheckTypeDeclarationsPass] Handle \Closure for callable
[Security] Fix missing defaults for auto-migrating encoders
bumped Symfony version to 4.4.3
updated VERSION for 4.4.2
updated CHANGELOG for 4.4.2
* 4.3:
Fixed#35084
Add missing use statement
[HttpClient] fix scheduling pending NativeResponse
do not overwrite variable value
[Profiler] wording
Use spaces correctly to display options in DebugCommand
X-Accel Nginx URL updated
ticket-30197 [Validator] Add the missing translations for the Chinese (Taiwan) ("zh_TW") locale
Fixed test added in #35022
Use locale_parse for computing fallback locales
[Console] Fix filtering out identical alternatives when there is a command loader
* 3.4:
Add missing use statement
[Profiler] wording
X-Accel Nginx URL updated
ticket-30197 [Validator] Add the missing translations for the Chinese (Taiwan) ("zh_TW") locale
Fixed test added in #35022
Use locale_parse for computing fallback locales
[Console] Fix filtering out identical alternatives when there is a command loader
This PR was squashed before being merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Remove env var table from AboutCommand
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | -
| Deprecations? | -
| Tickets | -
| License | MIT
| Doc PR | -
Fixed AboutCommand output by shortening environment variable value (replacing with `...`) to fit the screen width if the value is too long.
Right now all output is a mess if it does not fit in the terminal window.
Commits
-------
6962da93c1 [FrameworkBundle] Remove env var table from AboutCommand
This PR was squashed before being merged into the 5.1-dev branch (closes#34548).
Discussion
----------
Added access decision strategy to respect voter priority
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | _will happily do if this is of interest/to be merged 🙃_
The priority-based access decision strategy will decide based on the first voter that does not abstain from the decision. Security voters can be registered with priority (`PriorityTaggedServiceTrait`), so a voter with higher priority can overrule other voters.
In [Contao CMS](https://github.com/contao/contao), the core system should provide security voters that provide the "default permissions", but extensions/bundles can override almost anything and therefore need to be able to override the core decision. None of the existing strategies allow for something like that.
/ping @chalasr @Toflar @leofeyer @ausi
#SymfonyHackday
Commits
-------
0b8028a0ec Added access decision strategy to respect voter priority
* 5.0:
[DI] Service locators can't be decorated
[HttpClient] force HTTP/1.1 when NTLM auth is used
[Validation][FrameworkBundle] Allow EnableAutoMapping to work without auto-mapping namespaces
[Console][SymfonyQuestionHelper] Handle multibytes question choices keys and custom prompt
[DI] fix auto-binding service providers to their service subscribers
[Mailer] fixed undefined index when sending mail
* 4.4:
[DI] Service locators can't be decorated
[HttpClient] force HTTP/1.1 when NTLM auth is used
[Validation][FrameworkBundle] Allow EnableAutoMapping to work without auto-mapping namespaces
[Console][SymfonyQuestionHelper] Handle multibytes question choices keys and custom prompt
[DI] fix auto-binding service providers to their service subscribers
[Mailer] fixed undefined index when sending mail
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Allow using the kernel as a registry of controllers and service factories
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#28992, fix#29997
| License | MIT
| Doc PR | -
This PR builds on #34873 and #34872 and allows using the `Kernel` as a registry of autowired controllers and service factories. The `ContainerConfigurator` passed to `configureContainer()` defaults to declaring autowired and autoconfigured services.
TL;DR: Silex is back but in a much more powerful way \o/
Here is a Kernel that just works and displays `Hello App\Foo` on the `/` route:
```php
class Kernel extends BaseKernel
{
use MicroKernelTrait;
protected function configureContainer(ContainerConfigurator $container): void
{
$container->services()
->load('App\\', '../src')
->set(Foo::class)
->factory([$this, 'createFoo']);
}
public function createFoo(Bar $bar)
{
return new Foo($bar);
}
protected function configureRoutes(RoutingConfigurator $routes): void
{
$routes->add('home', '/')->controller([$this, 'helloAction']);
}
public function helloAction(Foo $foo)
{
return new Response('Hello '.get_class($foo));
}
}
```
Commits
-------
9c9b99cc65 [FrameworkBundle] Allow using the kernel as a registry of controllers and service factories
* 5.0: (21 commits)
fix merge
CS
[FrameworkBundle][ContainerLintCommand] Improve messages when the kernel or the container is not supported
[Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer
stop using deprecated Doctrine persistence classes
[Cache] Fix wrong classname in deprecation message
Fix regex lookahead syntax in ApplicationTest
Fixed syntax in comment
[SecurityBundle][FirewallMap] Remove unused property
[Messenger][AMQP] Use delivery_mode=2 by default
[FrameworkBundle][DependencyInjection] Skip removed ids in the lint container command and its associated pass
[SECURITY] Revert "AbstractAuthenticationListener.php error instead info. Rebase of #28462"
[FrameworkBundle][Secrets] Hook configured local dotenv file
[DI] Improve performance of processDefinition
fix redis multi host dsn not recognized
fix constructor argument type declaration
Fix invalid Windows path normalization
[Validator][ConstraintValidator] Safe fail on invalid timezones
[DoctrineBridge] Fixed submitting invalid ids when using queries with limit
[FrameworkBundle] Add info & example to auto_mapping config
...
* 4.4: (21 commits)
fix merge
CS
[FrameworkBundle][ContainerLintCommand] Improve messages when the kernel or the container is not supported
[Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer
stop using deprecated Doctrine persistence classes
[Cache] Fix wrong classname in deprecation message
Fix regex lookahead syntax in ApplicationTest
Fixed syntax in comment
[SecurityBundle][FirewallMap] Remove unused property
[Messenger][AMQP] Use delivery_mode=2 by default
[FrameworkBundle][DependencyInjection] Skip removed ids in the lint container command and its associated pass
[SECURITY] Revert "AbstractAuthenticationListener.php error instead info. Rebase of #28462"
[FrameworkBundle][Secrets] Hook configured local dotenv file
[DI] Improve performance of processDefinition
fix redis multi host dsn not recognized
fix constructor argument type declaration
Fix invalid Windows path normalization
[Validator][ConstraintValidator] Safe fail on invalid timezones
[DoctrineBridge] Fixed submitting invalid ids when using queries with limit
[FrameworkBundle] Add info & example to auto_mapping config
...
* 4.3:
fix merge
CS
[Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer
stop using deprecated Doctrine persistence classes
[Cache] Fix wrong classname in deprecation message
Fix regex lookahead syntax in ApplicationTest
Fixed syntax in comment
[SecurityBundle][FirewallMap] Remove unused property
[Messenger][AMQP] Use delivery_mode=2 by default
[DI] Improve performance of processDefinition
Fix invalid Windows path normalization
[Validator][ConstraintValidator] Safe fail on invalid timezones
[DoctrineBridge] Fixed submitting invalid ids when using queries with limit
[FrameworkBundle] Add info & example to auto_mapping config
fix comparisons with null values at property paths
This PR was merged into the 4.3 branch.
Discussion
----------
[FrameworkBundle] Add info & example to auto_mapping config
| Q | A
| ------------- | ---
| Branch? | 4.3 <!-- see below -->
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | N/A <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | N/A
Backport part of #34707 and add example.
Commits
-------
8eb29a7b73 [FrameworkBundle] Add info & example to auto_mapping config
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Fix invalid Windows path normalization in TemplateNameParser
| Q | A
| ------------- | ---
| Branch? | 3.4 - <5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | no
| License | MIT
| Doc PR | Fix invalid Windows path normalization
All versions of Symfony until 5.0 (which does no longer do extra file path normalization) normalize Windows paths wrongly.
See https://github.com/PrestaShop/PrestaShop/issues/16736 and https://bugs.php.net/bug.php?id=78939
Currently this issue can be observed when Symfony is run by NTS PHP only, but once the PHP issue will be fixed, this issue will probably affects all Windows users when absolute template name is passed to Symfony templating.
Commits
-------
130df8ca8c Fix invalid Windows path normalization
This PR was merged into the 5.1-dev branch.
Discussion
----------
[FrameworkBundle] Added flex-compatible default implementations for `MicroKernelTrait::registerBundles()` and `getProjectDir()`
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I think it's safe now to migrate some flex-based defaults from the recipe to the bundle.
No BC break here as all existing kernels already redefine this method.
Commits
-------
a689807387 [FrameworkBundle] Added flex-compatible default implementations for `MicroKernelTrait::registerBundles()` and `getProjectDir()`
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle][DependencyInjection] Skip removed ids in the lint container command and its associated pass
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34858
| License | MIT
| Doc PR | -
We remove the "removing" passes again and to avoid what https://github.com/symfony/symfony/pull/34502 fixed, we skip validating the "live" container removed ids in the pass (the "live" container is supposed to have the same definitions than the "debug container" one).
Logically, an errored service cannot pass the "live" container compilation without being removed. Consequently, it also skips the errored services that ended up being removed in the "live" container.
Commits
-------
a0f581ba9d [FrameworkBundle][DependencyInjection] Skip removed ids in the lint container command and its associated pass
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle][Secrets] Hook configured local dotenv file
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34905
| License | MIT
| Doc PR | -
Configured local_dotenv_file does not currently substitute the secrets.vault service definition first argument value, rendering this configuration option useless + we don't need to set defaults in secrets.xml since everything is overriden in FrameworkExtension with the same default values (from the configuration).
Commits
-------
56f542c36b [FrameworkBundle][Secrets] Hook configured local dotenv file
* 5.0:
Fix merge
[DoctrineBridge] try to fix deprecations from doctrine/persistence
[DI] Add support for immutable setters in CallTrait
[Cache] Propagate expiry when syncing items in ChainAdapter
Removed request header "Content-Type" from the preferred format guessing mechanism
[Routing] fix memoryleak when loading compiled routes
[Translation] fix memoryleak in PhpFileLoader
fix triggering deprecation in file locator
bug #34877 [TwigBundle] fix findTemplate() to return `null`
* 4.4:
Fix merge
[DoctrineBridge] try to fix deprecations from doctrine/persistence
[DI] Add support for immutable setters in CallTrait
[Cache] Propagate expiry when syncing items in ChainAdapter
Removed request header "Content-Type" from the preferred format guessing mechanism
[Routing] fix memoryleak when loading compiled routes
[Translation] fix memoryleak in PhpFileLoader
fix triggering deprecation in file locator
bug #34877 [TwigBundle] fix findTemplate() to return `null`
* 4.3:
Fix merge
[DoctrineBridge] try to fix deprecations from doctrine/persistence
[DI] Add support for immutable setters in CallTrait
[Cache] Propagate expiry when syncing items in ChainAdapter
[Routing] fix memoryleak when loading compiled routes
[Translation] fix memoryleak in PhpFileLoader
Twig3 FilesystemLoader::findTemplate() should return `string|null`
instead of Twig2 `string|null|false`: see
<https://github.com/twigphp/Twig/blob/3.x/src/Loader/FilesystemLoader.php#L167>
Returning `null` fixes `exists()` of Twig 3 FilesystemLoader without
breaking Twig 2 (which expected `null` or `false` for not found
templates).
Change the test to assert `null` instead of `false`.
* 5.0:
[Validator] Fix auto-mapping constraints should not be validated
[Debug] Updated the README to deprecate the component
[Cache] fix memory leak when using PhpFilesAdapter
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
Fixing bad order of operations with null coalescing operator
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
[Process] change the syntax of portable prepared command lines
[MonologBridge] Fix debug processor datetime type
* 4.4:
[Validator] Fix auto-mapping constraints should not be validated
[Debug] Updated the README to deprecate the component
[Cache] fix memory leak when using PhpFilesAdapter
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
Fixing bad order of operations with null coalescing operator
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
[Process] change the syntax of portable prepared command lines
[MonologBridge] Fix debug processor datetime type
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Some bundles extensions are "instances dependents", eg they cache service registrations (eg: 70dec3c8a3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php (L743)).
Launching the lint command loads all bundles a first time, just to be able to run the command.
Then, when we build the container again for the lint command, it loads all bundles a second time. But since it's the same bundles instances, some services are not registered, leading to missing services in `CheckExceptionOnInvalidReferenceBehaviorPass`.
Commits
-------
31975e4981 [FrameworkBundle][ContainerLintCommand] Reinitialize bundles when the container is reprepared
* 4.3:
[Cache] fix memory leak when using PhpFilesAdapter
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[MonologBridge] Fix debug processor datetime type
* 3.4:
[Yaml] Implement multiline string as scalar block for tagged values
[HttpFoundation] Use `Cache-Control: must-revalidate` only if explicit lifetime has been given
[FrameworkBundle] Use UserInterface to @return in getUser method
[CI] Replace php7.4snapshot with php7.4 in Travis configuration
[ExpressionLanguage][Node][BinaryNode] Process division by zero
forward caught exception
[Validator][ConstraintValidator] Stop passing unnecessary timezone argument to \DateTime
add tags before processing them
[MonologBridge] Fix debug processor datetime type
This PR was squashed before being merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Use UserInterface to @return in getUser method
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| License | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch master.
-->
Commits
-------
9f1ebd7fb9 [FrameworkBundle] Use UserInterface to @return in getUser method
* 5.0: (38 commits)
[Security] Check UserInterface::getPassword is not null before calling needsRehash
gracefully handle missing event dispatchers
Fix TokenStorage::reset not called in stateless firewall
[DotEnv] Remove `usePutEnv` property default value
[HttpFoundation] get currently session.gc_maxlifetime if ttl doesnt exists
Set up typo fix
[DependencyInjection] Handle env var placeholders in CheckTypeDeclarationsPass
[Cache] fix memory leak when using PhpArrayAdapter
[Validator] Allow underscore character "_" in URL username and password
[TwigBridge] Update bootstrap_4_layout.html.twig
[DoctrineBridge] Removed QueryBuilder type hint in getLoader()
[FrameworkBundle][SodiumVault] Create secrets directory only when needed
fix parsing negative octal numbers
[String] implement __sleep()/__wakeup() on strings
Fixed translations file dumper behavior
[Routing][ObjectLoader] Remove forgotten deprecation after merge
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
[DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
[SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
do not validate passwords when the hash is null
...
* 4.4: (30 commits)
[Security] Check UserInterface::getPassword is not null before calling needsRehash
gracefully handle missing event dispatchers
Fix TokenStorage::reset not called in stateless firewall
[DotEnv] Remove `usePutEnv` property default value
[HttpFoundation] get currently session.gc_maxlifetime if ttl doesnt exists
Set up typo fix
[DependencyInjection] Handle env var placeholders in CheckTypeDeclarationsPass
[Cache] fix memory leak when using PhpArrayAdapter
[Validator] Allow underscore character "_" in URL username and password
[TwigBridge] Update bootstrap_4_layout.html.twig
[FrameworkBundle][SodiumVault] Create secrets directory only when needed
fix parsing negative octal numbers
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
[DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
[SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
do not validate passwords when the hash is null
[DI] fix resolving bindings for named TypedReference
[Config] never try loading failed classes twice with ClassExistenceResource
[Mailer] Fix SMTP Authentication when using STARTTLS
[DI] Fix making the container path-independent when the app is in /app
...
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/34774
| License | MIT
| Doc PR | -
`%s` should be escaped, so it is dumped as `%%s` (it ends up being properly unescaped at load time, so the passed value to the service is the same).
Commits
-------
de03cee846 [SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
* 4.3:
[DotEnv] Remove `usePutEnv` property default value
Set up typo fix
[Validator] Allow underscore character "_" in URL username and password
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
do not validate passwords when the hash is null
[DI] fix resolving bindings for named TypedReference
[DI] Fix making the container path-independent when the app is in /app
Allow copy instead of symlink for ./link script
[FrameworkBundle] resolve service locators in `debug:*` commands
bumped Symfony version to 4.3.10
updated VERSION for 4.3.9
updated CHANGELOG for 4.3.9
bumped Symfony version to 3.4.37
updated VERSION for 3.4.36
update CONTRIBUTORS for 3.4.36
updated CHANGELOG for 3.4.36
Add test on ServerLogHandler
* 3.4:
[Validator] Allow underscore character "_" in URL username and password
[SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
do not validate passwords when the hash is null
[DI] Fix making the container path-independent when the app is in /app
Allow copy instead of symlink for ./link script
[FrameworkBundle] resolve service locators in `debug:*` commands
bumped Symfony version to 3.4.37
updated VERSION for 3.4.36
update CONTRIBUTORS for 3.4.36
updated CHANGELOG for 3.4.36
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] resolve service locators in `debug:*` commands
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34470
| License | MIT
| Doc PR | -
Because of the way ServiceClosureArgument are dumped, we need to resolve locators after loading the xml dump of the container:
https://github.com/symfony/symfony/blob/3.4/src/Symfony/Component/DependencyInjection/Dumper/XmlDumper.php#L273
Commits
-------
820da66346 [FrameworkBundle] resolve service locators in `debug:*` commands
* 4.4:
Fixed translations file dumper behavior
When set, get secret from config variable
[FrameworkBundle] Set the parameter bag as resolved in ContainerLintCommand
[SecurityBundle] Fix switch_user provider configuration handling
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Use config variable in AnonymousFactory
| Q | A
| ------------- | ---
| Branch? | 4.4 and 5.0
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
It looks like the `AnonymousFactory` was copied incorrectly in https://github.com/symfony/symfony/pull/33503 as it uses the old `$firewall` variable available in `SecurityExtension.php`. Changing this to `$config` yields the desired results
Commits
-------
8d850d2da4 When set, get secret from config variable
* 5.0:
[DI] auto-register singly implemented interfaces by default
[DI] fix overriding existing services with aliases for singly-implemented interfaces
remove service when base class is missing
do not depend on the QueryBuilder from the ORM
[Security/Http] call auth listeners/guards eagerly when they "support" the request
[Messenger] add tests to FailedMessagesShowCommand
Fix the translation commands when a template contains a syntax error
[Security] Fix clearing remember-me cookie after deauthentication
[Validator] Update Slovenian translations
[HttpClient] remove conflict rule with HttpKernel that prevents using the component in Symfony 3.4
[Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
Fix compatibility with Monolog 2
fix dumping number-like string parameters
Fix CI
[Console] Fix autocomplete multibyte input support
[Config] don't break on virtual stack frames in ClassExistenceResource
more robust initialization from request
Changing the multipart form-data behavior to use the form name as an array, which makes it recognizable as an array by PHP on the $_POST globals once it is coming from the HttpClient component
* 4.4:
[DI] auto-register singly implemented interfaces by default
[DI] fix overriding existing services with aliases for singly-implemented interfaces
remove service when base class is missing
do not depend on the QueryBuilder from the ORM
[Security/Http] call auth listeners/guards eagerly when they "support" the request
[Messenger] add tests to FailedMessagesShowCommand
Fix the translation commands when a template contains a syntax error
[Security] Fix clearing remember-me cookie after deauthentication
[Validator] Update Slovenian translations
[HttpClient] remove conflict rule with HttpKernel that prevents using the component in Symfony 3.4
[Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
fix dumping number-like string parameters
Fix CI
[Console] Fix autocomplete multibyte input support
[Config] don't break on virtual stack frames in ClassExistenceResource
more robust initialization from request
Changing the multipart form-data behavior to use the form name as an array, which makes it recognizable as an array by PHP on the $_POST globals once it is coming from the HttpClient component
* 4.3:
[Messenger] add tests to FailedMessagesShowCommand
Fix the translation commands when a template contains a syntax error
[Security] Fix clearing remember-me cookie after deauthentication
[Validator] Update Slovenian translations
[Config][ReflectionClassResource] Handle parameters with undefined constant as their default values
fix dumping number-like string parameters
Fix CI
[Console] Fix autocomplete multibyte input support
[Config] don't break on virtual stack frames in ClassExistenceResource
more robust initialization from request
This PR was merged into the 4.4 branch.
Discussion
----------
[TwigBundle] remove service when base class is missing
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
c3a658ac0f remove service when base class is missing
This PR was merged into the 4.4 branch.
Discussion
----------
[Security/Http] call auth listeners/guards eagerly when they "support" the request
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34614, Fix#34679
| License | MIT
| Doc PR | -
This fixes the form authenticator linked to #34614.
Since laziness is here to provide compatibility with HTTP caching, it should be disabled when the request cannot be cached.
Tests don't pass yet, but I'm on the path to something here.
The PR now introduces a new `AbstractListener` that splits the handling logic in two:
- `supports(Request): ?bool` is always called eagerly and tells whether the listener matches the request for an earger call or a lazy call
- `authenticate(RequestEvent)` does the rest of the job when `supports()` allows so - lazily or not depending on the return value of `supports()`.
Of course, this remains compatible with non-lazy logics, see `AbstractListener::__invoke()`.
Commits
-------
b20ebe6b90 [Security/Http] call auth listeners/guards eagerly when they "support" the request
This PR was merged into the 5.1-dev branch.
Discussion
----------
[Mailer] Allow to configure or disable the message bus to use
| Q | A
| ------------- | ---
| Branch? | master <!-- see below -->
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | #34633 <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | todo
A new `mailer.message_bus` option allowing to choose the message bus to use instead of using the default one.
Also allows to set it to `false` so no message bus is used and the transport will be called directly.
Commits
-------
42fd0cf985 [Mailer] Allow to configure or disable the message bus to use
* 5.0: (30 commits)
bug #34554 [HttpClient] Fix early cleanup of pushed HTTP/2 responses (lyrixx)
Fix tests
[Console] Fix commands description with numeric namespaces
[HttpFoundation] Fixed typo
[DI] Skip unknown method calls for factories in check types pass
[EventDispatcher] Better error reporting when arguments to dispatch() are swapped
[errorHandler] Remove old references from the old debug component
improve upgrade instructions for twig.exception_controller configuration
[HttpFoundation] Update CHANGELOG for PdoSessionHandler BC BREAK in 4.4
[Serializer] CsvEncoder::NO_HEADERS_KEY ignored when used in constructor
[Form] Keep preferred_choices order for choice groups
[Debug] work around failing chdir() on Darwin
[PhpUnitBridge] Read configuration CLI directive
[DI] Missing test on YamlFileLoader
Revert "minor #34608 [Process] add tests for php executable finder if file does not exist (ahmedash95)"
Simpler example for Apache basic auth workaround
[Console] Fix trying to access array offset on value of type int
[Config] Remove extra sprintf arg
[HttpKernel] fix typo
[HttpKernel] Support typehint to deprecated FlattenException in controller
...
* 4.4: (28 commits)
bug #34554 [HttpClient] Fix early cleanup of pushed HTTP/2 responses (lyrixx)
Fix tests
[Console] Fix commands description with numeric namespaces
[HttpFoundation] Fixed typo
[DI] Skip unknown method calls for factories in check types pass
[EventDispatcher] Better error reporting when arguments to dispatch() are swapped
improve upgrade instructions for twig.exception_controller configuration
[HttpFoundation] Update CHANGELOG for PdoSessionHandler BC BREAK in 4.4
[Serializer] CsvEncoder::NO_HEADERS_KEY ignored when used in constructor
[Form] Keep preferred_choices order for choice groups
[Debug] work around failing chdir() on Darwin
[PhpUnitBridge] Read configuration CLI directive
[DI] Missing test on YamlFileLoader
Revert "minor #34608 [Process] add tests for php executable finder if file does not exist (ahmedash95)"
Simpler example for Apache basic auth workaround
[Console] Fix trying to access array offset on value of type int
[Config] Remove extra sprintf arg
[HttpKernel] fix typo
[HttpKernel] Support typehint to deprecated FlattenException in controller
Add preview mode support for Html and Serializer error renderers
...
* 4.3:
Fix tests
[Console] Fix commands description with numeric namespaces
[HttpFoundation] Fixed typo
[EventDispatcher] Better error reporting when arguments to dispatch() are swapped
[Serializer] CsvEncoder::NO_HEADERS_KEY ignored when used in constructor
[Form] Keep preferred_choices order for choice groups
[Debug] work around failing chdir() on Darwin
[PhpUnitBridge] Read configuration CLI directive
[DI] Missing test on YamlFileLoader
Revert "minor #34608 [Process] add tests for php executable finder if file does not exist (ahmedash95)"
Simpler example for Apache basic auth workaround
[Console] Fix trying to access array offset on value of type int
[Config] Remove extra sprintf arg
[VarDumper] notice on potential undefined index
[HttpClient] turn exception into log when the request has no content-type
[Process] add tests for php executable finder if file does not exist
[Cache] Make sure we get the correct number of values from redis::mget()
[TwigBridge] Add row_attr to all form themes
[Serializer] Fix MetadataAwareNameConverter usage with string group
This PR was merged into the 4.3 branch.
Discussion
----------
[TwigBridge] Add row_attr to all form themes
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#33552
| License | MIT
| Doc PR | -
The rules I applied:
- Always done on the first HTML tag of the row.
- Current existing row attrs (`class` or `style`) are applied unless they are defined by the `row_attr` override. They can be removed if they are explicitly set to `false`.
Starting from:
```
<div class="form-group">
```
With `row_attr: {foo: "bar"}`:
```
<div foo="bar" class="form-group">
```
With `row_attr: {class: "ccc"}`:
```
<div class="ccc">
```
With `row_attr: {foo: "bar", class: false}`:
```
<div foo="bar">
```
Commits
-------
dfdcbb401e [TwigBridge] Add row_attr to all form themes
This PR was squashed before being merged into the 4.4 branch.
Discussion
----------
[FWBundle] Remove error_renderer.serializer if the Serializer isn't available
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a
| License | MIT
| Doc PR | n/a
(Should help for https://github.com/hautelook/AliceBundle/pull/485).
Commits
-------
0b4c21b3d2 [FWBundle] Remove error_renderer.serializer if the Serializer isn't available
* 5.0: (47 commits)
reset the kernel cache after each test
[HttpKernel] Ability to define multiple kernel.reset tags
[Routing] Continue supporting single colon in object route loaders
[FWBundle] Remove unused parameter
[Intl] [Workflow] fixes English grammar typos
[Filesystem] [Serializer] fixes English grammar typo
mailer: mailchimp bridge is throwing undefined index _id when setting message id in mandrill http transport
has_roles should be is_granted in security upgrade file
has_roles should be is_granted in upgrade files
[HttpClient] Fix early cleanup of pushed HTTP/2 responses
skip test on incompatible PHP versions
[HttpKernel] Don't cache "not-fresh" state
Drop WebServerBundle directory
[FrameworkBundle][Cache] Don't deep-merge cache pools configuration
[Messenger] Adding exception to amqp transport in case amqp ext is not installed
[SecurityBundle] Don't require a user provider for the anonymous listener
[DoctrineBridge] Fixed cs in DoctrineType
[Monolog Bridge] Fixed accessing static property as non static.
Improve Symfony description
[Mailer] Add UPGRADE entries about Envelope and MessageEvent
...
* 4.4: (38 commits)
reset the kernel cache after each test
[HttpKernel] Ability to define multiple kernel.reset tags
[Routing] Continue supporting single colon in object route loaders
[FWBundle] Remove unused parameter
[Intl] [Workflow] fixes English grammar typos
[Filesystem] [Serializer] fixes English grammar typo
mailer: mailchimp bridge is throwing undefined index _id when setting message id in mandrill http transport
has_roles should be is_granted in upgrade files
[HttpClient] Fix early cleanup of pushed HTTP/2 responses
skip test on incompatible PHP versions
[HttpKernel] Don't cache "not-fresh" state
[FrameworkBundle][Cache] Don't deep-merge cache pools configuration
[Messenger] Adding exception to amqp transport in case amqp ext is not installed
[SecurityBundle] Don't require a user provider for the anonymous listener
[Monolog Bridge] Fixed accessing static property as non static.
Improve Symfony description
[Mailer] Add UPGRADE entries about Envelope and MessageEvent
[FrameworkBundle] fix leftover mentioning "secret:" processor
Add DateTimeZoneNormalizer into Dependency Injection
[Messenger] Error when specified default bus is not among the configured
...
* 4.3:
[FWBundle] Remove unused parameter
[Intl] [Workflow] fixes English grammar typos
[Filesystem] [Serializer] fixes English grammar typo
[Messenger] Adding exception to amqp transport in case amqp ext is not installed
[Monolog Bridge] Fixed accessing static property as non static.
Improve Symfony description
Add DateTimeZoneNormalizer into Dependency Injection
[Messenger] Error when specified default bus is not among the configured
[Validator] Add Japanese translation
[Workflow] Apply the same logic of precedence between the apply() and the buildTransitionBlockerList() method
Remove some unused methods parameters
Avoid empty \"If-Modified-Since\" header in validation request
[Security] Fix SwitchUser is broken when the User Provider always returns a valid user
Fix error message according to the new regex
compatibility with DoctrineBundle 2
[Validator] ConstraintValidatorTestCase: add missing return value to mocked validate method calls
This PR was squashed before being merged into the 5.1-dev branch (closes#32937).
Discussion
----------
[Routing] Deprecate RouteCollectionBuilder
| Q | A
| ------------- | ---
| Branch? | 5.1
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #32240
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/12688
| Recipe PR | https://github.com/symfony/recipes/pull/690
A lot to be done here after the implementation is accepted:
- [x] finish deprecations in the MicroKernelTrait
- [x] deprecate the class
- [x] mention in the CHANGELOG file
- [x] mention in the UPGRADE file
- [x] mark tests as legacy
- [x] add a doc PR
- [x] update the recipe
Ping @Tobion , @nicolas-grekas .
Commits
-------
e641cbdd46 [Routing] Deprecate RouteCollectionBuilder
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] Don't require a user provider for the anonymous listener
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34504
| License | MIT
| Doc PR | -
Forgotten when adding the AnonymousFactory in #33503
Commits
-------
0950cfbc65 [SecurityBundle] Don't require a user provider for the anonymous listener
* 5.0:
[Routing] fix tests
[DI] minor cleanup
[Form] group constraints when calling the validator
Remove wrong @group legacy annotations
[DependencyInjection] Fix dumping multiple deprecated aliases
allow button names to start with uppercase letter
Allow PHP ^7.2.5
States that the HttpClient provides a Http Async implementation
[Routing] Fix ContainerLoader and ObjectLoaderTest
[HttpKernel] Make ErrorListener::onKernelException()'s dispatcher argument explicit
[HttpKernel] Drop deprecated ExceptionListener
Removed extra whitespace
[Security] Fix best encoder not wired using migrate_from
* 4.4:
[Routing] fix tests
[Form] group constraints when calling the validator
Remove wrong @group legacy annotations
[DependencyInjection] Fix dumping multiple deprecated aliases
allow button names to start with uppercase letter
States that the HttpClient provides a Http Async implementation
* 4.4:
[Messenger] Perform no deep merging of bus middleware
[HttpFoundation] Added possibility to configure expiration time in redis session handler
[FrameworkBundle] Remove project dir from Translator cache vary scanned directories
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
Drop useless executable bit
[DoctrineBridge] Improve queries parameters display in Profiler
catch exceptions when using PDO directly
[SecurityBundle] fix failing test
* 4.3:
[FrameworkBundle] Remove project dir from Translator cache vary scanned directories
[HttpFoundation] Allow redirecting to URLs that contain a semicolon
catch exceptions when using PDO directly
[SecurityBundle] fix failing test
This PR was merged into the 4.4 branch.
Discussion
----------
[Messenger] Perform no deep merging of bus middleware
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
This change helps in case one needs to configure a bus differently for a custom environment while keeping existing handlers attached by name.
Commits
-------
c264583f28 [Messenger] Perform no deep merging of bus middleware
* 4.4: (23 commits)
[HttpFoundation] fix docblock
[HttpKernel] Flatten "exception" controller argument if not typed
Fix MySQL column type definition.
Link the right file depending on the new version
[Cache] Redis Tag Aware warn on wrong eviction policy
[HttpClient] fix HttpClientDataCollector
[HttpKernel] collect bundle classes, not paths
[Config] fix id-generation for GlobResource
[HttpKernel] dont check cache freshness more than once per process
[Finder] Allow ssh2 stream wrapper for sftp
[FrameworkBundle] fix wiring of httplug client
add FrameworkBundle requirement
[SecurityBundle] add tests with empty authenticator
[Security] always check the token on non-lazy firewalls
[DI] Use reproducible entropy to generate env placeholders
[WebProfilerBundle] Require symfony/twig-bundle
[Mailer] Add UPGRADE entry about the null transport DSN
bumped Symfony version to 4.3.9
updated VERSION for 4.3.8
updated CHANGELOG for 4.3.8
...
* 4.4:
[Console] Constant STDOUT might be undefined.
Add missing conflict with symfony/serializer <4.4
Allow returning null from NormalizerInterface::normalize
bumped Symfony version to 4.4.0
updated VERSION for 4.4.0-BETA1
updated CHANGELOG for 4.4.0-BETA1
[Security\Core] throw AccessDeniedException when switch user fails
[Mime] fix guessing mime-types of files with leading dash
[HttpFoundation] fix guessing mime-types of files with leading dash
[VarExporter] fix exporting some strings
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
* 4.3:
[Console] Constant STDOUT might be undefined.
Allow returning null from NormalizerInterface::normalize
[Security\Core] throw AccessDeniedException when switch user fails
[Mime] fix guessing mime-types of files with leading dash
[HttpFoundation] fix guessing mime-types of files with leading dash
[VarExporter] fix exporting some strings
[Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
Use constant time comparison in UriSigner
This PR was merged into the 5.0-dev branch.
Discussion
----------
more strict requirements of experimental components
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets |
| License | MIT
| Doc PR |
Commits
-------
23bc40b764 more strict requirements of experimental components
* 4.4:
[DI] fix locators with numeric keys
Add support for NO_COLOR env var
[DI][FrameworkBundle] add EnvVarLoaderInterface - remove SecretEnvVarProcessor
Fix error when we use VO for the marking property
[DI] Remove LazyString from 4.4, before adding back to the String component
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Remove LazyString from 4.4, before adding back to the String component
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
In #34190 I'm proposing to move LazyString to the Service contracts, but String might be a better fit actually. Let's remove the class from 4.4 where it's not really needed, and add it back on 5.0 in the String component.
Commits
-------
b1a3ee76ac [DI] Remove LazyString from 4.4, before adding back to the String component
* 4.4:
[DI] Dont cache classes with missing parents
[HttpClient] Fix a crash when calling CurlHttpClient::__destruct()
Unallow symfony/http-kernel ^5.0
[FrameworkBundle] fix SodiumVault after stof review
[HttpClient] allow arbitrary JSON values in requests
[DependencyInjection] Added option `ignore_errors: not_found` while importing config files
[Validator] Add the missing translations for the Hebrew (\"he\") locale and fix 2 typos
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] fix SodiumVault after stof review
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
As spotted by @stof in https://github.com/symfony/symfony/pull/34275#pullrequestreview-313355834
Commits
-------
a594599078 [FrameworkBundle] fix SodiumVault after stof review
* 4.3:
[DI] Dont cache classes with missing parents
[HttpClient] Fix a crash when calling CurlHttpClient::__destruct()
[Validator] Add the missing translations for the Hebrew (\"he\") locale and fix 2 typos
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
This PR was merged into the 5.0-dev branch.
Discussion
----------
[SecurityBundle] Remove deprecated service and code
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Remove deprecated service in https://github.com/symfony/symfony/pull/25839 and deprecated code in https://github.com/symfony/symfony/pull/33676.
Commits
-------
ad61d6f72b [SecurityBundle] Remove deprecated service and code
This PR was merged into the 4.3 branch.
Discussion
----------
[FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | https://github.com/symfony/symfony/issues/33992
| License | MIT
| Doc PR | -
The cache file name needs to depend on the scanned directories list. Otherwise, when a new directory is added, even if the container is rebuilt and the `FWB Translator` gets the new scanned directories list, the cached catalogue name is still the same and is resolved accordingly.
An alternative would be to make the `Translation Translator` `getCatalogueCachePath()` method and `fallbackLocales` `@internal` and `protected` to just override everything in the `FWB Translator`. The `cacheVary` argument has the benefit to be reusable by all the `Translation` component users.
Note that there is a negative minor performance impact that increases when the list of scanned directories grows.
Commits
-------
6cbee0944c [FrameworkBundle][Translation] Invalidate cached catalogues when the scanned directories change
* 4.4: (39 commits)
[Console] Fix#33915, Detect dimensions using mode CON if vt100 is supported
[PhpUnitBridge] Also search for composer.phar in git root folder
[HttpKernel][DataCollectorInterface] Ease compatibility
Add tests to ensure defaultLocale is properly passed to the URL generator
[DependencyInjection] Fix broken references in tests
[VarDumper] display the method we're in when dumping stack traces
[HttpClient] Retry safe requests when then fail before the body arrives
[Console] Rename some methods related to redraw frequency
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
Fix CS
[Serializer] Fix property name usage for denormalization
Name test accordingly to the tested class
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
[Security] Fix SwitchUserToken wrongly deauthenticated
Supporting Bootstrap 4 custom switches
Add new Form WeekType
bumped Symfony version to 4.3.7
...
* 4.3: (26 commits)
[Console] Fix#33915, Detect dimensions using mode CON if vt100 is supported
[HttpKernel][DataCollectorInterface] Ease compatibility
Add tests to ensure defaultLocale is properly passed to the URL generator
[DependencyInjection] Fix broken references in tests
[HttpClient] Retry safe requests when then fail before the body arrives
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[PropertyInfo] Fixed type extraction for nullable collections of non-nullable elements
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
[Serializer] Fix property name usage for denormalization
Name test accordingly to the tested class
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
bumped Symfony version to 4.3.7
updated VERSION for 4.3.6
updated CHANGELOG for 4.3.6
bumped Symfony version to 3.4.34
updated VERSION for 3.4.33
update CONTRIBUTORS for 3.4.33
updated CHANGELOG for 3.4.33
[HttpClient] Fix perf issue when doing thousands of requests with curl
...
* 3.4:
[DependencyInjection] Fix broken references in tests
Avoid using of kernel after shutdown
Simplify PHP CS Fixer configuration
[FrameworkBundle] [HttpKernel] fixed correct EOL and EOM month
Fix MockFileSessionStorageTest::sessionDir being used after it's unset
bumped Symfony version to 3.4.34
updated VERSION for 3.4.33
update CONTRIBUTORS for 3.4.33
updated CHANGELOG for 3.4.33
[Stopwatch] Fixed a bug in stopwatch event getStartTime
[Stopwatch] Fixed bug in getDuration when counting multiple ongoing periods
Adding some validations tags on validators.et.xlf
add missing translation for 94 (it)
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorRenderer] Show generic message in non-debug mode
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
I agree with @Tobion here https://github.com/symfony/symfony/pull/34158#issuecomment-548181099, so let's always show the detail message, but for 5xx errors we'll send a generic message instead.
/cc @dunglas wdyt?
Commits
-------
45f1a5ee06 Show generic message in non-debug mode
This PR was merged into the 4.4 branch.
Discussion
----------
[DI] Add compiler pass and command to check that services wiring matches type declarations
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27744
| License | MIT
| Doc PR |
PR replacing https://github.com/symfony/symfony/pull/27825.
It adds a `lint:container` command asserting the type hints used in your code are correct.
Commits
-------
8230a1543e Make it really work on real apps
4b3e9d4c96 Fix comments, improve the feature
a6292b917b [DI] Add compiler pass to check arguments type hint
* Added a hardcoded day 01 in order to output the proper month November
which is the correct EOL and EOM month.
* \DateTime::createFromFormat('mY') will output December for every month
where day 31 exists.
This PR was merged into the 4.4 branch.
Discussion
----------
Add new Form WeekType
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #32029
| License | MIT
| Doc PR | <!--symfony/symfony-docs#...--> coming soon
----
#### Update
After the first try, I've updated the field to have more options, and be more "straight".
The field acts like the `DateTimeType` or `TimeType`, various fields type (pure text, html5 type, select boxes), data validation, ....
For that I took the choice to update the `DateTimeToStringTransformer` and `DateTimeToArrayTransformer` to make them work with weeks format.
I was not sure if it was better to update them or create new ones, WDYT?
Before addind tests and docs, it would be nice to have your first thoughts/comments 😊
Do you need/want a small test repo?
Commits
-------
c4a2f026e0 Add new Form WeekType
This PR was merged into the 4.4 branch.
Discussion
----------
Fix typo
| Q | A
| ------------- | ---
| Branch? | 4.4 <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | n/a <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | n/a
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
327a13cac0 Fix typo
This PR was squashed before being merged into the 4.4 branch (closes#34155).
Discussion
----------
Revert SyncTransport simplification and fix properly
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix#34115 (and also related to #34066)
| License | MIT
| Doc PR | Not needed
In #34069, I made `SyncTransport` simpler by removing that transport class and making the whole things a config trick. I felt GREAT about that solution... until i realized two big problems:
1) It kills using env vars for `sync://` because we read the config values at build time - #34115 - that could probably be fixed by adding a factory, but then there is also the next problem
2) If someone routed a message to `[async, sync]` (weird, but allowed), my #34069 config solution basically maps this internally to `[async]`, which actually causes the message to *not* be handled immediately. Basically, my solution only worked if you route a message ONLY to one sync transport, but fails if you route to multiple transports.
So... this fixes things in a less-cool, but sensible way:
A) The first commit reverts #34069 exactly
B) The second commit solves the issue that we need to know if a message is being handled in a "worker" context or not, so middleware can decide if they should reset things before/after handling things. Previously we were using `ReceivedStamp` to know this. But because `SyncTransport` also "receives" the message and adds this stamp, it's not enough. To fix this, I added a new `ConsumedByWorkerStamp` that clearly means: "This message is being handled by a worker" (and so, you might want to "reset" some things before/after handling).
Thanks!
Commits
-------
01a9fefe77 Adding ConsumedByWorkerStamp as way to mark a message in a "worker context"
38f19a960c Revert "[Messenger] Removing "sync" transport and replacing it with much nicer config trick"
This PR was merged into the 4.3 branch.
Discussion
----------
[4.3] Remove unused local variables
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Follow up of https://github.com/symfony/symfony/pull/34105 on 4.3.
Commits
-------
58161b8eec [4.3] Remove unused local variables
* 4.4:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[HttpClient] always return the empty string when the response cannot have a body
[TwigBundle][exception] Added missing css variable to highlight line in trace
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
* 4.3:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[HttpClient] always return the empty string when the response cannot have a body
[TwigBundle][exception] Added missing css variable to highlight line in trace
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
* 3.4:
[Config] Disable default alphabet sorting in glob function due of unstable sort
[Serializer] Improve messages for unexpected resources values
[SecurityBundle] correct types for default arguments for firewall configs
* 4.4:
[HttpFoundation][FrameworkBundle] allow configuring the session handler with a DSN
[Validator] Add AutoMapping constraint to enable or disable auto-validation
[DI] Fix "!tagged" related upgrade/changelog notes
* 4.4:
Re-allow to use "tagged" in service definitions
[HttpFoundation] Allow to not pass a parameter to Request::isMethodSafe()
Add missing lock connection string in FrameworkExtension
[DomCrawler] normalizeWhitespace should be true by default
[DoctrineBridge] Auto-validation must work if no regex are passed
Allows URL DSN in Lock and Cache
* 4.4:
[OptionsResolve] Revert change in tests for a not-merged change in code
[HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
[Workflow] Made the configuration more robust for the 'property' key
[Security/Core] make NativePasswordEncoder use sodium to validate passwords when possible
[FrameworkBundle] make SodiumVault report bad decryption key accurately
cs fix
[Security] Allow to set a fixed algorithm
[Security/Core] make encodedLength computation more generic
[Security/Core] add fast path when encoded password cannot match anything
#30432 fix an error message
fix paths to detect code owners
[HttpClient] ignore the body of responses to HEAD requests
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
[SecurityBundle] Fix wrong assertion
Remove unused local variables in tests
[Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
Make sure to collect child forms created on *_SET_DATA events
[WebProfilerBundle] Improve display in Email panel for dark theme
do not render errors for checkboxes twice
* 4.3:
[OptionsResolve] Revert change in tests for a not-merged change in code
[HttpClient] fix handling of 3xx with no Location header - ignore Content-Length when no body is expected
[Workflow] Made the configuration more robust for the 'property' key
[Security/Core] make NativePasswordEncoder use sodium to validate passwords when possible
#30432 fix an error message
fix paths to detect code owners
[HttpClient] ignore the body of responses to HEAD requests
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
[SecurityBundle] Fix wrong assertion
Remove unused local variables in tests
[Yaml][Parser] Remove the getLastLineNumberBeforeDeprecation() internal unused method
Make sure to collect child forms created on *_SET_DATA events
[WebProfilerBundle] Improve display in Email panel for dark theme
do not render errors for checkboxes twice
This PR was merged into the 3.4 branch.
Discussion
----------
[SecurityBundle] correct types for default arguments for firewall configs
| Q | A
| ------------- | ---
| Branch? | 3.4 (and forward)
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | n/a
| License | MIT
| Doc PR | n/a
Up until now, the default template arguments in the `security.firewall.config` abstract service definition have been each defined (aside from the argument for `$listeners` which is given a `collection` type) in the XML as
```xml
<argument />
```
which resolves to an empty string, despite that some of the arguments are typed to being either `bool` or `array|null` on the `Symfony\Bundle\SecurityBundle\Security\FirewallConfig` class itself.
This wouldn't be so much of a problem if the child definitions that use this as a template overrode all the arguments every time, but in the case of firewall configs that mark security as _not_ being enabled, [only the first few arguments are overwritten](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php#L349-L352), so firewall config objects that do not have security enabled are instantiated by the DI container with parameters with some of the wrong types.
In general this wouldn't be an issue, as firewalls with security not enabled would not usually be consumed in a context where further security-related config were needed, but there is a case in `Symfony\Bundle\SecurityBundle\DataCollector\SecurityDataCollector` where the method `getSwitchUser()` on the firewall config object [can be called](https://github.com/symfony/symfony/blob/3.4/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php#L181) without checking first whether the firewall has security enabled, which leads to an exception being thrown:
```
Symfony\Component\Debug\Exception\ContextErrorException
Warning: Illegal string offset 'parameter'
in vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php (line 184)
```
which is down to the firewall config being set with an empty string rather than `null` (in which case the logic here would function as expected).
It seemed most appropriate as a fix (especially given possible introduction of scalar type hints in the future) to apply types to the default arguments so that it was no longer possible to instantiate a firewall config object with parameters of unexpected types.
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Always add tests and ensure they pass.
- Never break backward compatibility (see https://symfony.com/bc).
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too.)
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
6b7044fc01 [SecurityBundle] correct types for default arguments for firewall configs
* 3.4:
#30432 fix an error message
fix paths to detect code owners
[Validator] Ensure numeric subpaths do not cause errors on PHP 7.4
Remove unused local variables in tests
Make sure to collect child forms created on *_SET_DATA events
do not render errors for checkboxes twice
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] Allow to stick to a specific password hashing algorithm
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fix#33054
| License | MIT
| Doc PR | todo
Allows using `argon2i`, `argon2id` and `bcrypt`.
Commits
-------
6712d1e504 [Security] Allow to set a fixed algorithm
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Remove suffix convention when using env vars to override secrets from the vault
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Right now, env vars that override encrypted secrets must en up with `_SECRET`.
This PR removes this convention. It also enforces that only vars defined in the vault can be overriden locally. This means one cannot set a local-only secret.
Commits
-------
2ec9647e75 [FrameworkBundle] Remove suffix convention when using env vars to override secrets from the vault
* 4.4:
[Validator] Set Length::$allowEmptyString to false when a NotBlank contraint is defined
[FrameworkBundle] Dont reset the test container but the real one instead
Import missing classes
[SecurityBundle] test with doctrine-bundle 2
This PR was merged into the 4.4 branch.
Discussion
----------
[FrameworkBundle] Don't reset the test container but the real one instead
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes/no
| New feature? | yes/no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | yes/no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets | Fix #... <!-- prefix each issue number with "Fix #", if any -->
| License | MIT
| Doc PR | -
After #31202 and #32056, the tearDown method keeps throwing deprecation notices about "Getting the container from a non-booted kernel". The reason is that resetting the test-container calls `$kernel->getContainer()` while the kernel has been shut down.
This fixes it and a few other glitches found meanwhile.
Commits
-------
8e16143256 [FrameworkBundle] Dont reset the test container but the real one instead
This PR was merged into the 4.4 branch.
Discussion
----------
[SecurityBundle] test with doctrine-bundle 2
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e3261f4f7f [SecurityBundle] test with doctrine-bundle 2
* 4.4:
[Debug] remove return types that break FC badly
[Mailer][MailchimpBridge] Don't send address names if empty string
[ExpressionLanguage][Lexer] Exponential format for number
[Mailer] Fix SES Message Id retrieval
Add .gitignore to .gitattributes
This PR was merged into the 4.4 branch.
Discussion
----------
Add .gitignore to .gitattributes
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | #33946
| License | MIT
Commits
-------
246c5fdf43 Add .gitignore to .gitattributes
* 4.4:
[ErrorRenderer] FlattenException cannot be final
Fixing issue where worker-only middleware were run in all contexts
[Messenger] Removing "sync" transport and replacing it with much nicer config trick
Use port 465 for SES SMTP transport
[DI] made the `%env(base64:...)%` processor able to decode base64url
[VarDumper] improve displaying cut closures
Set ReturnType of LockFactory to LockInterface
[EventDispatcher] handle lazy-callable invokable
* 4.4:
[Console] Revert wrong change
[HttpClient] Add a canceled state to the ResponseInterface
Fix small typo in Exception message
Restrict secrets management to sodium+filesystem
Add secrets management
Proof of concept for encrypted secrets
* 4.4:
extend legacy exception for backwards compatibility
[HttpClient] workaround curl_multi_select() issue
[CI] fix building local packages
Add show-deprecations option to lint:twig command
[HttpClient] try using php-http/discovery when nyholm/psr7 is not installed
[FrameworkBundle] Improve the sorting of tagged services
[HttpClient] add HttpClient::createForBaseUri()
Increase limits for flakey appveyor tests
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Rework fatal errors
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32605
| License | MIT
| Doc PR | -
Built on top of https://github.com/symfony/symfony/pull/33038 so review only the second commit : d5c3f7ed48
The goals of this PR is to replace current "fatal error handlers" with "error enhancers" since all our current fatal error handlers works on \Error since PHP7.
That means we won't use the FatalErrorException anymore, so we will be able to remove it (once we don't need it in the rest of the codebase).
The final goal btw is to handle \Throwable everywhere in the code so we can remove FatalThrowableError & FatalErrorException classes.
Commits
-------
aaa0cdf523 [ErrorHandler] Rework fatal error handlers
* 4.4: (26 commits)
cs fix
[Validator] sync NO and NB translations
[Cache] improve perf of pruning for fs-based adapters
[Cache] cs fix
[Cache] clean tags folder on invalidation
[Cache] remove implicit dependency on symfony/filesystem
Allow to set cookie_samesite to 'none'
[Dotenv] support setting default env var values
[VarDumper] fix array key error for class SymfonyCaster
[Cache] Improve RedisTagAwareAdapter invalidation logic & requirements
Adds missing translations for no nb
[HttpKernel] fix $dotenvVars in data collector
Add the missing translations for the Swedish ("sv") locale
Prevent ProgressBar redraw when message is same
[DI] enable improved syntax for defining method calls in Yaml
bumped Symfony version to 4.3.6
updated VERSION for 4.3.5
updated CHANGELOG for 4.3.5
bumped Symfony version to 3.4.33
updated VERSION for 3.4.32
...
* 4.3:
[Cache] clean tags folder on invalidation
[Cache] remove implicit dependency on symfony/filesystem
Allow to set cookie_samesite to 'none'
[VarDumper] fix array key error for class SymfonyCaster
Adds missing translations for no nb
[HttpKernel] fix $dotenvVars in data collector
Add the missing translations for the Swedish ("sv") locale
bumped Symfony version to 4.3.6
updated VERSION for 4.3.5
updated CHANGELOG for 4.3.5
bumped Symfony version to 3.4.33
updated VERSION for 3.4.32
update CONTRIBUTORS for 3.4.32
updated CHANGELOG for 3.4.32
[Messenger] DoctrineTransport: ensure auto setup is only done once
[Form][DateTimeImmutableToDateTimeTransformer] Preserve microseconds and use \DateTime::createFromImmutable() when available
[Crawler] document $default as string|null
* 4.4:
[travis] Fix build-packages script
Add types to constructors and private/final/internal methods (Batch III)
[HttpClient] Async HTTPlug client
[Messenger] Allow to configure the db index on Redis transport
[HttpClient] bugfix exploding values of headers
[VarDumper] Made all casters final
[VarDumper] Added a support for casting Ramsey/Uuid
Remove useless testCanCheckIfTerminalIsInteractive test case
[Validator] Add the missing translations for the Thai (\"th\") locale
[Routing] gracefully handle docref_root ini setting
[Validator] Fix ValidValidator group cascading usage
This PR was squashed before being merged into the 4.4 branch (closes#33770).
Discussion
----------
Add types to constructors and private/final/internal methods (Batch III)
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | #32179, #33228
| License | MIT
| Doc PR | N/A
Followup to #33709, this time with:
* Validator
* VarDumper
* Workflow
* Yaml
* all bridges
* all bundles
That should be the final batch. 😃
Commits
-------
6493902287 Add types to constructors and private/final/internal methods (Batch III)
* 4.4: (27 commits)
[Validator] add notice in UPGRADE file for new Range constraint option
[CssSelector] Support *:only-of-type pseudo class selector
[Intl] Update the ICU data to 65.1 (4.4 branch)
[Intl] Update the ICU data to 65.1 (4.3 branch)
Replace deprecated calls in tests
[Intl] Update the ICU data to 65.1
Delete 5_Security_issue.md
[DI] Whitelist error_renderer.renderer tag in UnusedTagsPass
[DI] Whitelist validator.auto_mapper in UnusedTagsPass
Update CHANGELOG.md
[HttpClient] Fixed#33832 NO_PROXY option ignored in NativeHttpClient::request() method
[EventDispatcher] A compiler pass for aliased userland events.
[Cache] give 100ms before starting the expiration countdown
[Cache] fix logger usage in CacheTrait::doGet()
[VarDumper] fix dumping uninitialized SplFileInfo
Added missing translations.
[Form] Added CountryType option for using alpha3 country codes
Fixed invalid changelog 4.0.0 for VarDumper
[Workflow] Fixed BC break on WorkflowInterface
Fix wrong expression language value
...
This PR was squashed before being merged into the 5.0-dev branch (closes#33868).
Discussion
----------
Skip the intl notice if run with phpunit
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | Re #33825
| License | MIT
| Doc PR | -
Commits
-------
25461b358c Skip the intl notice if run with phpunit
* 4.3:
[Intl] Update the ICU data to 65.1 (4.3 branch)
Replace deprecated calls in tests
[Intl] Update the ICU data to 65.1
Delete 5_Security_issue.md
[DI] Whitelist validator.auto_mapper in UnusedTagsPass
[HttpClient] Fixed#33832 NO_PROXY option ignored in NativeHttpClient::request() method
[Cache] give 100ms before starting the expiration countdown
[Cache] fix logger usage in CacheTrait::doGet()
[VarDumper] fix dumping uninitialized SplFileInfo
Added missing translations.
Fixed invalid changelog 4.0.0 for VarDumper
Fixed invalid VarDumper upgrade doc.
[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
Don't let falsey usernames slip through
This PR was merged into the 5.0-dev branch.
Discussion
----------
[FrameworkBundle] encourage installing intl when String is available
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
Commits
-------
215595be5a [FrameworkBundle] encourage installing intl when String is available
* 4.4: (24 commits)
[Console] Command::execute() should always return int - deprecate returning null
[FrameworkBundle] Fix wrong returned status code in ConfigDebugCommand
[AnnotationCacheWarmer] add RedirectController to annotation cache
[WebProfilerBundle] Try to display the most useful panel by default
Add note about deprecating the XmlEncoder::TYPE_CASE_ATTRIBUTES constant in the upgrade guide
fix merge
[DI] add tests loading calls with returns-clone
[DI] dont mandate a class on inline services with a factory
Fixed Redis Sentinel usage when only one Sentinel specified
[EventDispatcher] Added tests for aliased events.
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
Deprecate the XmlEncoder::TYPE_CASE_ATTRIBUTES constant
[Mailer] Tweak some code
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[WebserverBundle] Remove duplicated deprecation message
remove duplicated test
[Security/Http] fix parsing X509 emailAddress
[FrameworkBundle] conflict with VarDumper < 4.4
...
- added deprecation message for non-int return value in Command::execute()
- fixed all core commands to return proper int values
- added proper return type-hint to Command::execute() method in all core Commands
This prevents to exclude the RedirectController from the warmed annotation cache which would lead to warnings when trying to use the warmed cache on read only file systems
See #29357
* 4.3:
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[Security/Http] fix parsing X509 emailAddress
[Serializer] fix denormalization of string-arrays with only one element #33731
[Cache] fix known tag versions ttl check
* 3.4:
Sync Twig templateExists behaviors
Fix the :only-of-type pseudo class selector
[Serializer] Add CsvEncoder tests for PHP 7.4
Copy phpunit.xsd to a predictable path
[Security/Http] fix parsing X509 emailAddress
[Serializer] fix denormalization of string-arrays with only one element #33731
[Cache] fix known tag versions ttl check
* 4.4:
sync phpunit script with master
[HttpFoundation] allow additinal characters in not raw cookies
[Console] Deprecate abbreviating hidden command names using Application->find()
Do not include hidden commands in suggested alternatives
[Messenger] Improve error message when routing to an invalid transport (closes#31613)
[DependencyInjection] Fix wrong exception when service is synthetic
[Security] add "anonymous: lazy" mode to firewalls
This PR was merged into the 4.4 branch.
Discussion
----------
[DX][Messenger] Improve error message when routing to an invalid transport
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31613
| License | MIT
| Doc PR | -
Commits
-------
7909092891 [Messenger] Improve error message when routing to an invalid transport (closes#31613)
This PR was merged into the 4.4 branch.
Discussion
----------
[Security] add "anonymous: lazy" mode to firewalls
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | Fixes#26769 et al.
| License | MIT
| Doc PR | -
Contains #33663 until it is merged.
This PR allows defining a firewall as such:
```yaml
security:
firewalls:
main:
anonymous: lazy
```
This means that the corresponding area should not start the session / load the user unless the application actively gets access to it. On pages that don't fetch the user at all, this means the session is not started, which means the corresponding token neither is. Lazily, when the user is accessed, e.g. via a call to `is_granted()`, the user is loaded, starting the session if needed.
See #27817 for previous explanations on the topic also.
Note that thanks to the logic in #33633, this PR doesn't have the drawback spotted in #27817: here, the profiler works as expected.
Recipe update pending at https://github.com/symfony/recipes/pull/649
Commits
-------
5cd1d7b4cc [Security] add "anonymous: lazy" mode to firewalls
* 4.4:
[Form][Validator][Intl] Fix tests
[Messenger] return empty envelopes when RetryableException occurs
[Intl] Excludes locale from language codes (split localized language names)
[FrameworkBundle] WebTestCase KernelBrowser::getContainer null return type
[Intl] Fix compile type errors
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Add types to constructors and private/final/internal methods (Batch I)
[HttpFoundation] optimize normalization of headers
Replace REMOTE_ADDR in trusted proxies with the current REMOTE_ADDR
[ErrorHandler] Forward \Throwable
Fix toolbar load when GET params are present in "_wdt" route
* 4.3:
[Form][Validator][Intl] Fix tests
[Messenger] return empty envelopes when RetryableException occurs
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Fix toolbar load when GET params are present in "_wdt" route
* 3.4:
[Form][Validator][Intl] Fix tests
[Validator] Accept underscores in the URL validator as the URL will resolve correctly
[Translation] Collect original locale in case of fallback translation
Fix toolbar load when GET params are present in "_wdt" route
This PR was merged into the 4.4 branch.
Discussion
----------
[ErrorHandler] Forward \Throwable
| Q | A
| ------------- | ---
| Branch? | 4.4
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/32605
| License | MIT
| Doc PR | -
The goal of this PR is that `ErrorHandler::handleException()` handles `\Throwable` directly and forwards it without altering it.
Commits
-------
62483ed305 [ErrorHandler] Forward \Throwable
This PR was merged into the 3.4 branch.
Discussion
----------
Fix toolbar load when GET params are present in "_wdt" route
When using a custom router that inject GET parameters, eg:
```
# services.yaml
parameters:
# Replace default url generator service
router.options.generator_base_class: Combodo\iTop\Portal\Routing\UrlGenerator
```
The path generated by the toolbar JS is HTML entity encoded which breaks the JS call (`&` becomes `&`).
| Q | A
| ------------- | ---
| Branch? | 4.4 for features / 3.4, 4.2 or 4.3 for bug fixes <!-- see below -->
| Bug fix? | yes
| New feature? | no <!-- please update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.
Additionally (see https://symfony.com/roadmap):
- Bug fixes must be submitted against the lowest maintained branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against branch 4.4.
- Legacy code removals go to the master branch.
-->
Commits
-------
5309e64949 Fix toolbar load when GET params are present in "_wdt" route
This PR was squashed before being merged into the 3.4 branch (closes#32925).
Discussion
----------
[Translation] Collect original locale in case of fallback translation
Before, it collected the fallback locale that was used to translate a key. But this information is confusing, as it does not reveal which translation key is missing in the requested language.
So I'd like to propose to track the "requested" locale instead, so that the Symfony profiler gives me the information in which locale the key is missing instead of which locale was used as a fallback.
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes?
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In principle, this change is a BC break, but imho also a bug. It's really confusing when the Profiler tells you that it uses a translation fallback for an ID and locale that is actually translated. Took some debugging so recognize that this fallback came from another locale. If you think it's better to target 5.0, I'll update the PR.
Commits
-------
5564e149cb [Translation] Collect original locale in case of fallback translation
* 4.4: (28 commits)
[FrameworkBundle] Fix framework bundle lock configuration not working as expected
[Validator] Add the missing translations for the Azerbaijani locale
[HttpClient] workaround bad Content-Length sent by old libcurl
[Cache] dont override native Memcached options
Fix CS
Fix exceptions (PDOException) error code type
[ErrorHandler] fix return-type patching logic
[Messenger] Added support for `from_transport` attribute on `messenger.message_handler` tag
[ErrorHandler] don't throw deprecations for return-types by default
ensure legacy event dispatcher compatibility
ensure legacy event dispatcher compatibility
Fix return type of Process::restart().
[Cache] fail gracefully when locking is not supported
[HttpKernel] compress files generated by the profiler
tweak deprecation messages and changelog
fix version in @deprecated annotation
Use VarCloner data instead of legacy array for query params
[Security] use LegacyEventDispatcherProxy
[HttpClient] fix undefined index access
[HttpClient] fix race condition when reading response with informational status
...