This week, three symfony security releases were published (1.2.12, 1.3.3 and 1.4.3). In addition, Yaml component gained lots of fixes and Doctrine Bundle integration with Symfony 2 was improved.

Development mailing list

Development highlights

Symfony 1.X branch:

  • r28260: [1.2, 1.3, 1.4] fixed sql injection vulnerability in doctrine admin generator

Symfony 2.X branch:

  • d2da..58fe: [WebBundle] switch the order of the response status codes in the RedirectController's redirectAction
  • 62c2..ba24: [Yaml] removed the unused value property from Parser. Tweaked one-line check to be self explaining
  • 0dca..05ee: [Foundation] added kernel.bundles to the list of default parameters of the DIC
  • f87f..e973: [DoctrineBundle] made the ORM integration of DoctrineBundle usable
  • 68af..0f87: [WebBundle, DoctrineBundle] Use backslashes in namespaces
  • caa7..fd8a, 46c4..809f: [Yaml] added backtick and question mark (?) to the list of characters that trigger quotes as it is reserved for future use
  • 8302..3ee2: [Yaml] fixed offset when the document use --- or the %YAML element
  • a80a..f39d: [Yaml] added support for compact notation
  • 19f9..7728: [Yaml] fixed compact notation when there is an inlined hash
  • 22e3..b933: [WebBundle] refactored the data collector sub-system

...and many other changes

Development digest: 149 changesets, 36 bugs reported, 17 bugs fixed, 7 enhancements suggested, 5 documentation defects reported, 4 documentation defects fixed, and 12 documentation edits.

Documentation

New Job Postings

New developers for hire

  • Florian Heinze: Web developer and project manager with more than 10 years experience. Symfony, Doctrine, MySQL, NoSQL, JavaScript, etc. Clean and secure object oriented code. Based in Germany, OWL, Bielefeld.

Plugins

  • New plugins
    • mbJrollerMenuPlugin: Builds a menu from a YAML file with a defined structure. Requires sfAdminThemejRollerPlugin which gets all the styles and the Javascripts features.
    • sfPHPUnit2Plugin: adds basic functionality for unit and functional testing with PHPUnit.
    • sfJSLibJQueryLogPlugin: offers helpers that integrate the http://plugins.jquery.com/project/log JQuery Plugin. The plugin depends on sfJSLibManagerPlugin.
    • dvbNewsletterPlugin: a newsletter management plugin.
  • Updated plugins
    • sfSympalCommentsPlugin: adding some top margin to the comments so they don't smash against the content
    • sfDoctrineSimpleForumPlugin: fixed urls in default.css, importerd external images, almost fully I18N, recursive replies for idefinite depth, works with symfony 1.2
    • sfDoctrineActAsTaggablePlugin: fixing schema in order to get a vaid yml syntax
    • sfSphinxPlugin: fixed wrong references to internal methods
    • sfTaskExtraPlugin: added propel:build-app-forms and propel:build-app-filters tasks, updated skeleton package.xml with correct symfony version requirements
    • sfSolrPlugin: fixed tests, added Xms and Xmn options
    • tdAudioPlugin: updated layout, forward404 if no audio added
    • tdVideoPlugin: forward404 if no video added
    • sfDoctrine2Plugin: added limit and hydrate options to runDql task, added callback to project config after Entity Manager is created
    • tdVisualFactoryPlugin: removed unused admin generator for single images
    • sfSympalPlugin: bringed in the assets in a more intelligent way - hook these up to the widget that actually requires them, added some doc-block to this useful but confusing method, made the markdown plugin proper (it now outputs its own setup javascript and includes the css and js that it needs), major refactoring of the frontend slot editing, adding saving of slots via ajax
    • rsLucenePlugin: entities fix
    • sfDoctrineApplyPlugin: stray use of nonexistent variable was crashing rather than producing a graceful error message in the event that email delivery failed outright
    • sfOrmBreadcrumbsPlugin: initial commit
    • sfSocialPlugin: fixed bug in groups, improved tests, migrated schema to alternate syntax
    • sfJqueryReloadedPlugin: corrected channel setting for the next release
    • sfDoctrineMasterSlavePlugin: fixed filtering of model builder options, fixed required symfony version markup, made example emulation database config a bit more sexy
    • csGlossaryPlugin: changed private methods to protected (for overriding)
    • sfEasyAuthPlugin: removed the option to not hash passwords in the setter (it was causing problems with Doctrine), deleting an object correctly deletes associated profiles
    • sfUnobstrusiveWidgetPlugin: updated package jquery.uo, added spinner JS in the jquery.uo package, updated sfUoWidget->hasJsTranformer function to be able to test a specific transformer name
    • sfDatagridPlugin: fixed an error_message into _call_action
    • pkToolkitPlugin: fix for custom admin generator theme to address security problem found in symfony 1.2, 1.3, and 1.4
    • sfTrafficCMSPlugin: default value for datepicker
    • sfPropel15Plugin: fixed automated pk addition when concrete inheritance is set
    • sfFCKEditorPlugin: simplified widget, removed reliance of obsolete editor helper classes, moved height/width into attributes array
    • sfSympalBlogPlugin: removed unnecessary p tag
    • apostropheFormBuilderPlugin: disabled changing layout type when editing existing layout, disabled the ability to change the type of an already existing layout, fixed calculation of rank to properly work when loading fixtures and in normal use, changed route class of a_form_submission_sequence, fixed doctrine routing issue for new form submission sequences, fixed link to fill out form from edit form page, fixed bootstrap code for unit test
    • apostrophePlugin: all of our components and actions classes are now extensible at the app level, save slideshows without smooshing any other fields that might bein the values array, fixed csrf issue with batch actions in admin generator theme, replaced use of sfValidatorDoctrineChoiceMany with sfValidatorDoctrineChoice for sf1.4 compatibility, removed obsolete separate layout.php for media repository, fix for custom admin generator theme to address security problem found in symfony 1.2, 1.3, and 1.4, fixed bug in navigation component that caused caused the root page to lose its slots after the first when navigation was included in the homeTemplate, changes to navigation component
    • apostropheBlogPlugin: added ability to filter blog posts by there category on an engine page, added app.yml hook for adjusting date and time formatting for upcoming events

New symfony powered websites

  • Mailing Report: (French) email marketing software built to send and analyze email campaigns
  • hediyeDilegi.com: (Turkish) Wishlist and shopping lists: Collect items from anywhere by the bookmarklet, and share with friends & family

They talked about us

Published in #A week of symfony