SymfonyWorld Online 2021 Winter Edition December 9 – 10, 2021 100% Online 25 talks and 10 workshops

Symfony 5.3.3 released

Symfony 5.3 is backed by JoliCode. JoliCode is a team of passionate developers and open-source lovers, with a strong expertise in PHP & Symfony technologies. They can help you build your projects using state-of-the-art practices.

Symfony 5.3.3 has just been released. Here is a list of the most important changes:

  • bug #41910 [Security] Handle concurency in Csrf DoctrineTokenProvider (@jderusse)
  • bug #41881 Fix SessionTokenStorage reuse with Request (@jderusse)
  • bug #41893 [Filesystem] Workaround cannot dumpFile into “protected” folders on Windows (@arnegroskurth)
  • bug #41896 [Messenger] fix FlattenExceptionNormalizer (@nicolas-grekas)
  • bug #41242 [SecurityBundle] Change information label from red to yellow (@94noni)
  • bug #41665 [HttpKernel] Keep max lifetime also when part of the responses don’t set it (@mpdude)
  • bug #41760 [ErrorHandler] fix handling buffered SilencedErrorContext (@nicolas-grekas)
  • bug #41807 [HttpClient] fix Psr18Client when allo _ur _fopen=0 (@nicolas-grekas)
  • bug #41735 [Runtime] Fix project dir variable when vendor not in project root (@Ash014)
  • bug #40857 [DependencyInjection] Add support of PHP enumerations (@alexandre-daubois)
  • bug #41767 [Config] fix tracking default values that reference the parent class (@nicolas-grekas)
  • bug #41768 [DependencyInjection] Fix binding “iterable $foo” when using the PHP-DSL (@nicolas-grekas)
  • bug #41777 [DependencyInjection] accept service locator definitions with no class (@nicolas-grekas)
  • bug #41801 [Uid] Fix fromString() with low base58 values (@fancyweb)
  • bug #41793 [Cache] handle prefixed redis connections when clearing pools (@nicolas-grekas)
  • bug #41804 [Cache] fix eventual consistency when using RedisTagAwareAdapter with a cluster (@nicolas-grekas)
  • bug #41773 [Cache] Disable locking on Windows by default (@nicolas-grekas)
  • bug #41655 [Mailer] fix encoding of addresses using SmtpTransport (@dmaicher)
  • bug #41663 [HttpKernel] [HttpCache] Keep s-maxage=0 from ESI sub-responses (@mpdude)
  • bug #41739 Avoid broken action URL in text notification mail (@mbrodala)
  • bug #41737 [Security] Fix special char used to create cache key (@jderusse)
  • bug #41701 [VarDumper] Fix tests for PHP 8.1 (@alexandre-daubois)
  • bug #41795 [FrameworkBundle] Replace va _export with VarExporter to use array short syntax in secrets list files (@alexandre-daubois)
  • bug #41779 [DependencyInjection] throw proper exception when decorating a synthetic service (@nicolas-grekas)
  • bug #41787 [Security] Implement fluent interface on RememberMeBadge::disable() (@derrabus)
  • bug #41776 [ErrorHandler] [DebugClassLoader] Do not check Phake mocks classes (@adoy)
  • bug #41780 [PhpUnitBridge] fix handling the COMPOSE _BINARY env var when using simple-phpunit (@Taluu)
  • bug #41755 [PasswordHasher] UserPasswordHasher only calls getSalt when method exists (@dbrumann)
  • bug #41670 [HttpFoundation] allow savePath of NativeFileSessionHandler to be null (@simon.chrzanowski)
  • bug #41751 [Messenger] prevent reflection usages when classes do not exist (@xabbuh)
  • bug #41747 [Security] Fixed ‘security.command.debu _firewall’ not found (@Nyholm)
  • bug #41741 [Security] Fix invalid RememberMe value after update (@jderusse)
  • bug #41744 [Security] Fix invalid cookie when migrating to new Security (@jderusse)
  • bug #41740 [Security] make the getter usable if no user identifier is set (@xabbuh)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.


Cool release!
Just a word to point to typo here: 'allo _ur _fopen=0'. It looks like character followed by an _ are replaced by a space

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.