Symfony blog posts for May 2018
Filter posts by publication date
New in Symfony 4.1: Misc. improvements (part 4)
In Symfony 4.1, AbstractController provides a getParameter() helper, anonymous services can be configured with PHP DSL, PropertyInfo can introspect information using the constructor arguments and the level of the PHP logger is configurable.
New in Symfony 4.1: Misc. improvements (part 3)
In Symfony 4.1, MoneyType rounding is configurable, updating LDAP entries is more efficient, query strings can be kept when redirecting and hassers are supported by the PropertyInfo component.
A week of symfony #595 (21-27 May 2018)
This week Symfony released 2.7.48, 2.8.41, 3.3.17, 3.4.11 and 4.0.11 versions to address several security vulnerabilities. Meanwhile Symfony 4.1.0 beta3 was published in preparation for next week's final release. Lastly, it was announced that the SymfonyLive USA 2018 conference will take place in San Francisco on October 11th and 12th.
CVE-2018-11408: Open redirect vulnerability on security handlers
CVE-2018-11408 fixes an open redirect vulnerability on DefaultAuthenticationSuccessHandler and DefaultAuthenticationFailureHandler.
CVE-2018-11406: CSRF Token Fixation
CVE-2018-11406 fixes a possible CSRF token fixation.
CVE-2018-11385: Session Fixation Issue for Guard Authentication
CVE-2018-11385 fixes a session fixation issue when using Guard authentication.
CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password
CVE-2018-11407 fixes an unauthorized access on a misconfigured LDAP server when using an empty password.
CVE-2018-11386: Denial of service when using PDOSessionHandler
CVE-2018-11386 fixes a possible denial of service when using PDOSessionHandler.
New in Symfony 4.1: Misc. improvements (part 2)
In Symfony 4.1 there is a new choice_translation_locale option for some form types, a new command to delete cache items, allow_if expression can use custom expressions and you can use the new dd() debug helper.
New in Symfony 4.1: Misc. improvements (part 1)
Some small but nice new features added to Symfony 4.1: use csrf_token() without the Form component, parse env vars stored in CSV files, change progress bars dynamically and check more easily the contents of your .env files.
New in Symfony 4.1: Configurable trailing slash on imported routes
In Symfony 4.1, when importing some routes under a common prefix, you can configure whether or not the root route adds a trailing slash to its path.
A week of symfony #594 (14-20 May 2018)
This week, we continued polishing Symfony 4.1 before its stable release in two weeks. Our focus was on the Messenger component, which gained a ChainSender to implement multiple senders and also added support for middleware factories in config. Meanwhile, the work on Symfony 4.2 has already started and we added support for meta refresh in the BrowserKit component. Lastly, the dates for the SymfonyCon 2018 conference in Lisbon (Portugal) were announced for December 6th to 8th.
New in Symfony 4.1: Faster serializer
In Symfony 4.1 some operations of the Serializer component have been cached, improving the application performance up to 40%.
New in Symfony 4.1: Form field help
In Symfony 4.1 form fields can define their own help messages with a new help option.
New in Symfony 4.1: Hidden services
In Symfony 4.1, the debug:container command displays both public and private services by default. That's why you can now also define hidden services, to not display them in the debug:container output.
Diversity Initiative: The CARE Team
Meet the first members of the CARE team.
A week of symfony #593 (7-13 May 2018)
This week, the first beta of Symfony 4.1 was released, allowing you to test it more easily in your projects. We also posted some important updates about our diversity initiative. Lastly, we unveiled some new features for symfony.com, such as a new "dark theme" / "night mode".
Symfony Website Updates #2
During the past weeks we've been busy improving and adding new features to symfony.com. This article recaps the most important new features.
Diversity initiative Update #2
Symfony now has a code of conduct and a process to deal when issues arise. We are looking for organisations interested in sponsoring diversity initiative ideas. We ask for feedback on how useful Google Translate is on the Symfony documentation. Finally, we are interested in bringing the SymfonyLive format to other countries and are requesting interested local people to contact us.
A week of symfony #592 (30 April - 6 May 2018)
This week Symfony introduced new polyfills for PHP 7.3 and Ctype and started using the Ctype polyfill in Symfony's code. In addition, we made the Symfony command exceptions more concise and introduced a new Serializer interface to enable caching support. Lastly, the German Symfony community celebrated the SymfonyLive Phantasialand 2018 conference with great success.
Finding a new home for IvoryCKEditorBundle
IvoryCKEditorBundle was abandoned, but the Friends of Symfony organization has adopted the bundle and committed to maintain it in the future.
SymfonyLive London 2018 is announced!
We’re so thrilled and excited to announce SymfonyLive London! We’ve just confirmed the official dates, SymfonyLive London will be held on September 28th at the Park Plaza Westminster!
New in Symfony 4.1: Console improvements
In Symfony 4.1, the Console component includes new table styles, new methods to define custom styles, support for iterators and other productivity improvements.
Introducing new Symfony Polyfills for PHP 7.3 and Ctype
Symfony has introduced a polyfill for the new features added in the upcoming PHP 7.3 version and another polyfill for the Ctype extension.