SymfonyWorld Online 2020
100% online
30+ talks + workshops
Live + Replay watch talks later

A Week of Symfony #692 (30 March - 5 April 2020)

This week, Symfony published 4.4.7 and 5.0.7 versions to address some security vulnerabilities. Meanwhile, the upcoming Symfony 5.1 version added a feature to dump factory files as classes and improved class preloading. This will be one of the topics of the next SymfonyLive Online event on April 17, 2020.

Symfony development highlights

This week, 76 pull requests were merged (42 in code and 34 in docs) and 49 issues were closed (43 in code and 6 in docs). Excluding merges, 42 authors made 3,915 additions and 1,484 deletions. See details for code and docs.

3.4 changelog:

  • b9c2693: [Validator] fixed calling getters before resolving groups
  • 0b27194: [HttpKernel] prevent keys collisions in the sanitized logs processing
  • 6dbf9eb: [Serializer] fixed unitialized properties
  • 6254cdb: [Validator] allow URL-encoded special characters in basic auth part of URLs
  • 21a6ab0: [HttpFoundation] no need to reconnect the bags to the session after session_regenerate_id
  • 004f1f3: [WebProfilerBundle] support for Content Security Policy style-src-elem and script-src-elem in WebProfiler
  • 60a35f8: [Validator] updated Ukrainian and Russian translations

4.4 changelog:

  • ff2c362: [DomCrawler] fixed BC break in assertions breaking Panther
  • c266ab1: [FrameworkBundle] reverted to legacy wiring of the session when circular refs are detected
  • b1d21af: [Security] allow setting cookie security settings for delete_cookies
  • fe091d4: [DependencyInjection] fixed generating TypedReference from PriorityTaggedServiceTrait
  • c935e4a: [Security] fixed access_control behavior with unanimous decision strategy
  • dca3434: [HttpFoundation] do not set the default Content-Type based on the Accept header
  • 6f25ce5: [Security] forward multiple attributes voting flag
  • a5af8f6: fixed the reporting of deprecations in twig:lint
  • b9c2693: [Validator] fixed calling getters before resolving groups
  • 15edfd3: [Security] ignored all non existent username protection errors in SwitchUserListener
  • 38cbcc6: [Security] track session usage whenever a new token is set

Master changelog:

  • bb9d522: [Uid] improve the code
  • 0876480: [DependencyInjection] dump factory files as classes
  • 0c74ff4: [FrameworkBundle] dump kernel extension configuration
  • 2130465: [HttpFoundation] improve UnexpectedSessionUsageException backtrace
  • c8f4d16: [DependencyInjection] improve the deprecation features by handling package and version
  • 9381dd6: [HttpKernel] deprecate single-colon notation for controllers
  • 09dcbfc: [FrameworkBundle] deprecate flashbag and attributebag services
  • 2fc5f13: [DependencyInjection] deprecate ContainerInterface aliases
  • 0bec08f: [Config] improve the deprecation features by handling package and version
  • 5aeecc2: [Form] action allows only strings
  • fdd8ac5: [Messenger] add a \Throwable argument in RetryStrategyInterface methods
  • 1fc7b86: [Security] refactor logout listener to dispatch an event instead
  • 6f57fcf: [Mime] strengthen is_resource() checks
  • 8a2a69f: [HttpKernel] allow cache warmers to add to the list of preloaded classes and files
  • 3b38f38: [DependencyInjection] add tags container.preload/.no_preload to declare extra classes to preload/services to not preload

Newest issues and pull requests

They talked about us

Call to Action

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

A Week of Symfony #692 (30 March - 5 April 2020) symfony.com/blog/a-week-of-symfony-692-30-march-5-april-2020

Tweet this

Comments

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.