Archives


Master Symfony2 fundamentals

Be trained by SensioLabs experts (2 to 6 day sessions -- French or English).
trainings.sensiolabs.com

Discover the SensioLabs Support

Access to the SensioLabs Competency Center for an exclusive and tailor-made support on Symfony
sensiolabs.com

gravatar
symfony 1.3.5 and 1.4.5
by Kris Wallsmith – May 31, 2010 – 6 comments

The symfony core team is happy to announce the immediate availability of symfony versions 1.3.5 and 1.4.5. Read on for the details.

Security Fix

A vulnerability was discovered in Doctrine and Propel form classes that allowed a user to update a record other than the one presented in the form. The primary key validators generated by symfony have been updated to disallow this from happening. Isolated patches for this fix are available on Trac for symfony 1.3 (raw) and 1.4 (raw).

Updated Libraries

The bundled version of Propel has been updated to 1.4.2 and the bundled version of lime has been updated to 1.0.9.

Some Other Changes

  • Cleanup better: You can now rely on the handy doctrine:clean task to delete generated form classes for those models whose forms have since been disabled.
  • Traditional Chinese: We've added language files for Traditional Chinese to the admin generator (thanks rickysu!).
  • 503 Service Temporarily Unavailable: symfony now responds to requests make while an application is locked with the HTTP 503 status code.
  • Doctrine culture: The default culture for Doctrine model classes is now set much earlier in the stack during plugin initialization.
  • Date and time widgets: The date and time widget classes now use the id_format option as you would expect.

How to Upgrade

If you've checked out a copy of the tag from Subversion you can switch to the latest version:

// symfony 1.3
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_3_5

// symfony 1.4
$ svn switch http://svn.symfony-project.com/tags/RELEASE_1_4_5

If you are using the PEAR package you can update using the pear command:

// symfony 1.3
$ pear upgrade symfony/symfony-1.3.5

// symfony 1.4
$ pear upgrade symfony/symfony-1.4.5

Once that's done, rebuild your project's model and form classes and clear the cache:

// Doctrine
$ php symfony doctrine:build --all-classes
$ php symfony cache:clear

// Propel
$ php symfony propel:build --all-classes
$ php symfony cache:clear

Have you upgraded your app to 1.4?

Just a gentle reminder that the end of maintenance for symfony 1.3 is coming up in November of this year. That's only time_ago_in_words(strtotime('November 2010')) away! You can start by running the project:validate task on your symfony 1.2 or 1.3 project and ping the community via the symfony-users mailing list or on the IRC #symfony channel with any questions.

Comments RSS

  • gravatar
    #1 M. said on the 2010/05/31 at 23:52
    Is there a reason why it is not included propel 1.5 ?
  • gravatar
    #2 Michal said on the 2010/06/01 at 01:05
    @M.

    Yeah - stability and reliability of orm distributed with symfony - people are depending on it.

    If you want to use Propel 1.5 you can just install the plugin.

    Regards,
    M
  • gravatar
    #3 M. said on the 2010/06/01 at 09:07
    It was just for information: since propel site states that it is stable and retro-compatible, i was wondering if you have some info that negates that...

    Btw, i am already testing that on a small project,but i didn't know it wasn't considered stable or reliable.
  • gravatar
    #4 Medvision Medline said on the 2010/06/01 at 12:45
    You have to install the Plugin to use Propel 1.5, otherwise it won't work
  • gravatar
    #5 halfer said on the 2010/06/01 at 16:56
    M. - Propel 1.5 is stable, but symfony has a policy of not introducing new features in minor updates. Upgrading Propel would expose a new API to peoples' code. AFAIK the same API is available between 1.4 and 1.5 (plus new features not available in 1.4) but it is a higher risk than just including security updates and bug fixes.

    AFAIK, it is easy to swap out 1.4 for 1.5.
  • gravatar
    #6 Mannur Kuangaliev said on the 2010/06/24 at 09:23
    Hello!
    I have problem with realease 1.4.5. Doctrine table inheritance (column_aggregation) doesn't work. =\