Symfony 5.4.11 has just been released. Here is the list of the most important changes since 5.4.10:

  • bug #47069 [Security] Allow redirect after login to absolute URLs (@Tim Ward)
  • bug #47073 [HttpKernel] Fix non-scalar check in surrogate fragment renderer (@aschempp)
  • bug #47003 [Cache] Ensured that redis adapter can use multiple redis sentinel hosts (@warslett)
  • bug #43329 [Serializer] Respect default context in DateTimeNormalizer::denormalize (@hultberg)
  • bug #47070 [Messenger] Fix function name in TriggerSql on postgresql bridge to support table name with schema (@zimny9932)
  • bug #47086 Workaround disabled "var_dump" (@nicolas-grekas)
  • bug #40828 [BrowserKit] Merge fields and files recursively if they are multidimensional array (@januszmk)
  • bug #47010 [String] Fix width method in AbstractUnicodeString (@TBoileau)
  • bug #47048 [Serializer] Fix XmlEncoder encoding attribute false (@alamirault)
  • bug #47022 [Console] get full command path for command in search path (@remicollet)
  • bug #47000 [ErrorHandler] Fix return type patching for list and class-string pseudo types (@derrabus)
  • bug #43998 [HttpKernel] [HttpCache] Don't throw on 304 Not Modified (@aleho)
  • bug #46792 [Bridge] Corrects bug in test listener trait (@magikid)
  • bug #46985 [DoctrineBridge] Avoid calling AbstractPlatform::hasNativeGuidType() (@derrabus)
  • bug #46958 [Serializer] Ignore getter with required parameters (Fix #46592) (@astepin)
  • bug #46981 [Mime] quote address names if they contain parentheses (@xabbuh)
  • bug #46960 [FrameworkBundle] Fail gracefully when forms use disabled CSRF (@HeahDude)
  • bug #46973 [DependencyInjection] Fail gracefully when attempting to autowire composite types (@derrabus)
  • bug #45884 [Serializer] Fix inconsistent behaviour of nullable objects in key/value arrays (@phramz)
  • bug #46963 [Mime] Fix inline parts when added via attachPart() (@fabpot)
  • bug #46968 [PropertyInfo] Make sure nested composite types do not crash ReflectionExtractor (@derrabus)
  • bug #46931 Flush backend output buffer after closing. (@bradjones1)
  • bug #46947 [Serializer] Prevent that bad Ignore method annotations lead to incorrect results (@astepin)
  • bug #46948 [Validator] : Fix "PHP Warning: Undefined array key 1" in NotCompromisedPasswordValidator (@KevinVanSonsbeek)
  • bug #46905 [BrowserKit] fix sending request to paths containing multiple slashes (@xabbuh)
  • bug #46244 [Validator] Fix traverse option on Valid constraint when used as Attribute (@tobias-93)
  • bug #42033 [HttpFoundation] Fix deleteFileAfterSend on client abortion (@nerg4l)
  • bug #46941 [Messenger] Fix calls to deprecated DBAL methods (@derrabus)
  • bug #46863 [Mime] Fix invalid DKIM signature with multiple parts (@BrokenSourceCode)
  • bug #46808 [HttpFoundation] Fix TypeError on null $_SESSION in NativeSessionStorage::save() (@chalasr)
  • bug #46811 [DoctrineBridge] Fix comment for type on Query::setValue (middlewares) (@l-vo)
  • bug #46790 [HttpFoundation] Prevent PHP Warning: Session ID is too long or contains illegal characters (@BrokenSourceCode)
  • bug #46800 Spaces in system temp folder path cause deprecation errors in php 8 (@demeritcowboy)
  • bug #46797 [Messenger] Ceil waiting time when multiplier is a float on retry (@WissameMekhilef)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Published in #Releases