SymfonyWorld Online 2021 Winter Edition December 9 – 10, 2021 100% Online +20 talks and workshops

Symfony 2.7.0 released

Warning: Symfony 2.7 is no longer supported. Consider upgrading your applications to the most recent Symfony version.

Symfony 2.7.0 has just been released. 2.7 is the new LTS version of Symfony.

Symfony 2.7.0 comes with more than 100 new features and enhancements.

Read the UPGRADE from 2.6 to 2.7 guide to learn more about new ways of doing things and deprecated features that will be removed in 3.0.

Yesterday, I told you that 2.7 comes with an unexpected surprise... Symfony has now early built-in support for PSR-7. And that works as of Symfony 2.3, without breaking backward compatibility. Hurray for everyone involved in this effort! As this is something important, Ryan wrote a dedicated blog post about it.

Now, for the boring stuff with the list of the most important changes since the last beta:

  • bug #14777 Avoid using the app global variable in the profiler templates (stof)
  • bug #14262 [REVERTED] [TwigBundle] Refresh twig paths when resources change. (aitboudad)
  • security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
  • bug #14745 [Serializer] AbstractNormalizer::instantiateObject allow default values when not optional (boekkooi)
  • bug #14743 [DebugBundle] Fix config XSD (nicolas-grekas)
  • bug #14711 [Serializer] AbstractNormalizer instantiateObject avoid null rejection (boekkooi)
  • bug #14726 [Translation] fixed JSON loader on PHP 7 when file is empty (fabpot)
  • bug #14715 [Form] Check instance of FormBuilderInterface instead of FormBuilder (dosten)
  • bug #14654 [Console] SymfonyStyle : fix blocks failed when $messages is null (ogizanagi)
  • bug #14708 [TwigBridge] use proper class to fetch asset version strategy property (xabbuh)
  • bug #14678 [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts (MacDada)
  • bug #14635 [HttpKernel] Handle an array vary header in the http cache store (jakzal)
  • bug #14513 [console][formater] allow format toString object. (aitboudad)
  • bug #14335 [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo (danez)
  • bug #14593 [Security][Firewall] Avoid redirection to XHR URIs (asiragusa)
  • bug #14576 [DoctrineBridge][Form] Fix BC break in DoctrineType (malarzm)
  • bug #14551 [Form] Fixed ChoiceType with legacy ChoiceList (xelaris)
  • bug #14648 [Console] Fix first choice was invalid when using value (ogizanagi)
  • bug #14618 [DomCrawler] Throw an exception if a form field path is incomplete (jakzal)
  • bug #14699 Fix HTML escaping of to-source links (amenk, nicolas-grekas)
  • bug #14698 Fix HTML escaping of to-source links (nicolas-grekas)
  • bug #14690 [HttpFoundation] IpUtils::checkIp4() should allow /0 networks (zerkms)
  • bug #14696 Fix the rendering of deprecation log messages (stof)
  • bug #14683 Fixed the indentation in the compiled template for the DumpNode (stof)
  • bug #14262 [TwigBundle] Refresh twig paths when resources change. (aitboudad)
  • bug #13633 [ServerBag] Handled bearer authorization header in REDIRECT_ form (Lance0312)
  • bug #13637 [CSS] WebProfiler break words (nicovak)
  • bug #14217 [WebProfilerBundle] Fix regexp (romqin)
  • bug #14644 [BridgeTwig] Adding a space between the icon and the error message (zmikael, nicolas-grekas)
  • bug #14645 [WebProfilerBundle] Fix compatiblity with HttpKernel < 2.7 (GromNaN)
  • bug #14640 [DebugBundle] Allow alternative destination for dumps (nicolas-grekas)
  • bug #14600 [Console] SymfonyStyle: fix block rpadding when escaping '<' (ogizanagi)
  • bug #14633 [EventDispatcher] make listeners removable from an executed listener (xabbuh)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to check the integrity of this new version? Read my blog post about signing releases .

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Being this version an LTS, there should be a path to upgrade directly from the previous LTS, so something like
Very nice! Thanks for your hard work!
Will Silex 1.2.x update the dependencies to 2.7?
Great news...
Awesome news. Thank you for this release and congrats to everyone involved. The link to the file in above post should probably be this one:
(it has more info on the upgrade from the previous version)
Thank you guys for the new LTS release. I really appreciate your work.
As Peter Kokot pointed out, the link for the upgrade info should be:
I agree - LTS to LTS upgrade path would be super helpful. We've got to do it on a load of projects now. Not all of us are bleeding edge! :-)
Great work as usual, guys.
@fabpot I think you should mention that symfony 2.7 requires php >= 5.3.9 and will not work with php >=5.3.3,
How can I ignore deprecated messages in log related to 3rd party bundles?
@michael Someone answered your question, already, but for others, details on silencing the notices are here:

But, they will still show up in your profiler, and that's by design as a reminder that you won't be able to upgrade to Symfony 3.0 until all deprecated code (including from other bundles) is gone :).

+1 for adding docs to upgrade from 2.3 to 2.7
+1 for adding docs to upgrade from 2.3 to 2.7
In the composer.json file still appears as "symfony/symfony": "[email protected]", how can I upgrade to the release version? I used the symfony installer for a new project.
+1 for adding docs to upgrade from 2.3 to 2.7
+1 for adding docs to upgrade from 2.3 to 2.7
Great fix!
+1 for adding docs to upgrade from 2.3 to 2.7

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.