A Week of Symfony #672 (11-17 November 2019)

This week, Symfony 2.8.52, 3.4.35, 4.2.12 and 4.3.8 versions were published to fix some security vulnerabilities. In addition, Symfony 4.4-beta and 5.0-beta were published so you can test these upcoming versions in your projects. Meanwhile, the new ErrorHandler component was simplified and performance was improved when checking for cache freshness. Finally, the upcoming Symfony 5: The Fast Track book published some updates and will be fully unveiled next week at the SymfonyCon Amsterdam 2019 conference.

Symfony development highlights

This week, 63 pull requests were merged (49 in code and 14 in docs) and 28 issues were closed (26 in code and 2 in docs). Excluding merges, 28 authors made 2,144 additions and 2,170 deletions. See details for code and docs.

3.4 changelog:

• 0102134: [HttpKernel] use constant time comparison in UriSigner
• b21025b: [HttpFoundation] fix guessing mime-types of files with leading dash
• 4cc37df: [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
• 53dc781: [Serializer] allow returning null from NormalizerInterface::normalize
• 1382149: [Finder] allow ssh2 stream wrapper for sftp
• 83a1061: [HttpFoundation] fix MySQL column type definition

4.3 changelog:

• 227e73d: [VarExporter] fix exporting some strings
• 3ae3094: [Security] throw AccessDeniedException when switch user fails
• 8522a88: [DependencyInjection] use reproducible entropy to generate env placeholders
• a90de43: [Config] fix id-generation for GlobResource
• 1fbe615: [Cache] catch exceptions when using PDO directly

4.4 changelog:

• 0112177: [HttpFoundation, Lock] fixed connection parameter
• 0b867be, f63976f: [ErrorHandler] merge and remove the ErrorRenderer component
• a903522: [HttpKernel] fix missing import in GetResponseForExceptionEvent
• f4c9254: [HttpFoundation] added a way to anonymize IPs
• e4ddc75: [Workflow] simplified EventDispatcherMock
• d688a79: [Security] added migrating encoder configuration
• 758e266: [Security] fix defining multiple roles per access_control rule
• 10a349c: [HttpKernel] make ExceptionEvent able to propagate any throwable
• afdb89f: [DependencyInjection] fix detecting singly implemented interfaces
• 6fd1077: [FrameworkBundle] fix wiring of httplug client
• b8f8ac9: [Security] always check the token on non-lazy firewalls
• 1374abd: [HttpKernel] don't check cache freshness more than once per process
• fda36e8: [HttpKernel] collect bundle classes instead of paths
• 278dcfb: [Cache] Redis Tag Aware warn on wrong eviction policy
• 1f73247: [HttpKernel] flatten "exception" controller argument if not typed

Master changelog:

• 417d2e1: more strict requirements of experimental components

Symfony Local Server

Symfony Local Server, the best way to run Symfony applications on your local machine, released its new 4.10.0 and 4.10.1 versions with the following changes:

• Add support for Bitbucket integration
• Add support for SYMFONY_DEFAULT_ROUTE_* locally
• Add open:remote:rabbitmq and open:local:rabbitmq
• Add information about environment variables on server:status
• Env vars from SymfonyCloud are not exposed by default anymore when a tunnel is open (use --expose-env-vars on tunnel:open explicitly instead)
• Remove --force on var:export and local:run (use --expose-env-vars on tunnel:open instead)
• Remove SYMFONY_FORCE_TUNNEL_ENVS_MASTER (use --expose-env-vars on tunnel:open instead)
• Add a link to the RabbitMQ management interface is available via Docker locally
• Add --first flag to env:urls command
• Support routes served by services (like Varnish) in env:urls and open:remote commands
• Support dir1,dir2 syntax for --watch flag of the symfony run command
• Add an argument to var:export to allow printing one env var value
• Add support for SPAs in the local web server (symfony server:start --passthru=index.html)
• Add env:needs-deploy command
• Update available extensions list
• Improve domain:attach output when domain name is invalid
• Fix symfony ssh multiline handling when output is captured or piped
• Fix log parsing when PHP uses RFC3339Nano for dates
• Fix parsing very long log lines (Symfony exceptions for instance)
• Fix a race condition when using PHP CLI as the local web server backend

Newest issues and pull requests

• [Serializer] Add an annotation to exclude properties from serialization
• [Console] make ConsoleLogger::interpolate public
• [Serializer] Serializer should implement LoggerAwareInterface / have DataCollector for profiler
• [Messenger] Add option to stop the worker after a message failed

They talked about us

• How to visualize Symfony logs in dev with Elasticsearch and Kibana
• Implementing a search engine with elasticsearch and Symfony (part 3)
• Redis pub-sub vs Cron job in symfony
• Symfony and MJML. Sending emails like a professional
• How to set up a Symfony 4 Flex project with the latest PHP (PHP 7.3)
• Symfony on Google Cloud Run
• Se publican las actualizaciones de seguridad 2.8.52, 3.4.35, 4.2.12 y 4.3.8
• Se publican las primeras betas de Symfony 4.4 y 5.0
• Novedades sobre el libro Symfony 5: The Fast Track
• Forum PHP 2019 : Jour 2
• Implémenter un moteur de recherche avec elasticsearch et Symfony (partie 3)
• CSS optimieren mit PurgeCSS in Symfony & Webpack

Upcoming Symfony Events

• 9. PHP Symfony User Group Basel: Basel, Switzerland (November 27)
• Symfony Cloud & new Notifier Component: Basel, Switzerland (November 28)
• Treffen der Symfony User Group Hamburg: Hamburg, Germany (December 3)
• Symfony User Group Osnabrück: Osnabrück, Germany (December 12)

Call to Action

• Give Symfony a star on GitHub
• Follow Symfony on Twitter and retweet this article.
• Subscribe to the Symfony blog RSS and never miss a Symfony story again.