Symfony 2.5.3 has just been released. It fixes a lot of issues regarding the backward compatibility of the Validator component. That should ease the migration from 2.4. If you find any other problems when upgrading from 2.4 to 2.5, please consider opening an issue.

Here is a list of the most important changes:

bug #11571 [Form] Fixed FormValidator compatibility with the non-BC 2.5 Validation API (webmozart)
bug #11499 [BrowserKit] Fixed relative redirects for ambiguous paths (pkruithof)
bug #11516 [BrowserKit] Fix browser kit redirect with ports (dakota)
bug #11545 [Bundle][FrameworkBundle] built-in server: exit when docroot does not exist (xabbuh)
bug #11560 Plural fix (1emming)
bug #11558 [DependencyInjection] Fixed missing 'factory-class' attribute in XmlDumper output (kerdany)
bug #11498 [Validator] Made it possible (again) to pass a class name to validatePropertyValue() (webmozart)
bug #11548 [Component][DomCrawler] fix axes handling in Crawler::filterXPath() (xabbuh)
bug #11422 [DependencyInjection] Self-referenced 'service_container' service breaks garbage collection (sun)
bug #11428 [Serializer] properly handle null data when denormalizing (xabbuh)
bug #10687 [Validator] Fixed string conversion in constraint violations (eagleoneraptor, webmozart)
bug #11412 [Validator] Made sure that context changes don't leak out of (Contextual)ValidatorInterface (webmozart)
bug #11475 [EventDispatcher] don't count empty listeners (xabbuh)
bug #11436 fix signal handling in wait() on calls to stop() (xabbuh, romainneutron)
bug #11469 [BrowserKit] Fixed server HTTP_HOST port uri conversion (bcremer, fabpot)
bug #11425 Fix issue described in #11421 (Ben, ben-rosio)
bug #11423 Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper (jakzal)
bug #11448 [MonologBridge] fixed Console handler priorities (fabpot)
bug #11454 [Validator] Fixed memory leak in ValidatorBuilder (webmozart)
bug #11120 [Process] Reduce I/O load on Windows platform (romainneutron)
bug #11370 [FrameworkBundle] avoid raising unexpected RuntimeException when specifying $_SERVER['KERNEL_DIR'] (iteman)
bug #11342 [Form] Check if IntlDateFormatter constructor returned a valid object before using it (romainneutron)
bug #11439 [ExpressionLanguage] Fixed double quoted string literals containing sharps (pylebecq)
bug #11410 [Validator] Fixed object initializers in 2.5 version of the Validator (webmozart)
bug #11411 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object (webmozart)
bug #11403 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator (takeit)
bug #11381 [Process] Use correct test for empty string in UnixPipes (whs, romainneutron)

Want to check the integrity of this new version? Read my blog post about signing releases.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Published in #Releases

Michaël Perrin said on Aug 6, 2014 at 15:17

For those who use PHP < 5.3.9 (well, why I use this ancient PHP version for a project is a long story), I don't recommend upgrading to Symfony 2.5.3 as it crashes on all form validations. I opened this issue https://github.com/symfony/symfony/issues/11580 which is being resolved by @webmozart.

That was for the bad news. The good news which is not mentioned in the changelog is that there is now an app/console security:check command to check for reported package security vulnerabilities. Thanks for that!

Michal Palma said on Aug 7, 2014 at 08:50

THX, please update https://github.com/symfony/symfony/blob/master/CHANGELOG-2.5.md

Symfony 2.5.3 released

Comments

Become a Symfony contributor