Symfony 4.1.0-BETA3 has just been released. Here is a list of the most important changes:

  • bug #27388 [Routing] Account for greediness when merging route patterns (@nicolas-grekas)
  • bug #27344 [HttpKernel] reset kernel start time on reboot (@kiler129)
  • bug #27365 [Serializer] Check the value of enabl _ma _depth if defined (@dunglas)
  • bug #27358 [PhpUnitBridge] silence some stderr outputs (@ostrolucky)
  • bug #27366 [DI] never inline lazy services (@nicolas-grekas)
  • bug #27352 Remove reference to the test container after kernel shutdown (@stof)
  • bug #27350 [HttpKernel] fix deprecation in AbstractTestSessionListener (@alekitto)
  • bug #27367 [FrameworkBundle] cleanup generated test container (@nicolas-grekas)
  • bug #27379 [FrameworkBundle] Fix using test.servic _container when Client is rebooted (@nicolas-grekas)
  • bug #27364 [DI] Fix bad exception on uninitialized references to non-shared services (@nicolas-grekas)
  • bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (@nicolas-grekas)
  • security #cve-2018-11408 [SecurityBundle] Fail if security.htt _utils cannot be configured
  • security #cve-2018-11406 clear CSRF tokens when the user is logged out
  • security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener
  • security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener
  • security #cve-2018-11385 Adding session authentication strategy to Guard to avoid session fixation
  • security #cve-2018-11385 Adding session strategy to ALL listeners to avoid any possible fixation
  • security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode
  • bug #27341 [WebProfilerBundle] Fixed validator/dump trace CSS (@yceruto)
  • bug #27337 [FrameworkBundle] fix typo in CacheClearCommand (@emilielorenzo)
  • bug #27292 [Serializer] Fix and improve constraintViolationListNormalizer's RFC7807 compliance (@dunglas)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Published in #Releases