Symfony 6.2.7 has just been released. Here is the list of the most important changes since 6.2.6:

  • bug #49526 [Security] Migrate the session on login only when the user changes (@nicolas-grekas)
  • bug #49528 [Console] Fix fatal error when accessing Application::signalRegistry without pcntl (@lyrixx)
  • bug #49516 [Workflow] display label with new lines + colours properly when rendering a PUML dump (@alexislefebvre)
  • bug #48965 [TwigBridge] Allow floats in html5 input type number field (@wimhendrikx)
  • bug #48833 [Translation] Handle the translation of empty strings (@javiereguiluz)
  • bug #49292 [VarDumper] Fix error when reflected class has default Enum parameter in constructor (@kapiwko)
  • bug #49493 [FrameworkBundle] Fix denyAccessUnlessGranted for mixed attributes (@delbertooo)
  • bug #49484 [Validator] Fix translation of AtLeastOneOf constraint message (@alexandre-daubois)
  • bug #48998 [Validator] Sync IBAN formats with Swift IBAN registry (@smelesh)
  • bug #49488 [Mailer] Update Infobip API transport (@ndousson)
  • bug #49477 [WebProfilerBundle] Fix the rendering of query explanation with Postgresql (@stof)
  • bug #49446 [SecurityBundle] Fix Security::login() on specific firewall (@chalasr)
  • bug #49405 [MonologBridge] FirePHPHandler::onKernelResponse throws PHP 8.1 deprecation when no user agent is set (@juagarc4)
  • bug #49421 [TwigBridge] do not drop embed label classes (@xabbuh)
  • bug #49459 [Form] Skip password hashing on empty password (@Seb33300)
  • bug #49422 [Cache][Messenger] fixed CallbackInterface support in async expiration handler (@AdamKatzDev)
  • bug #49441 [Contracts] Fix setting $container before calling parent::setContainer in ServiceSubscriberTrait (@edsrzf)
  • bug #49272 [Workflow] remove new lines from workflow metadata (@alexislefebvre)
  • bug #49427 [WebProfilerBundle] Render original (not encoded) email headers (@1ed)
  • bug #48897 [Console] fix clear of section with question (@maxbeckers)
  • bug #49400 [WebProfilerBundle] Tweak Mailer panel rendering (@1ed)
  • bug #49368 [BC Break] Make data providers for abstract test cases static (@OskarStark, @alexandre-daubois)
  • bug #49379 [DependencyInjection] Fix autowire attribute with nullable parameters (@alamirault)
  • bug #49385 [Notifier] Make TransportTestCase data providers static (@alexandre-daubois)
  • bug #49395 fix trying to load Memcached before checking we can (@nicolas-grekas)
  • bug #49326 [Notifier] Fix notifier profiler when transport name is null (@fabpot)
  • bug #49265 [HttpKernel] Fix setting the session on the main request when it's started by a subrequest (@nicolas-grekas)
  • bug #49353 [Cache] Only validate dbindex parameter when applicable (@loevgaard)
  • bug #49346 [ErrorHandler] Do not patch return statements in closures (@wouterj)
  • bug #49334 [DependencyInjection] keep proxy tag on original definition when decorating (@kbond)
  • bug #47946 [FrameworkBundle] Fix checkboxes check assertions (@MatTheCat)
  • bug #49301 [HttpClient] Fix data collector (@fancyweb)
  • bug #49310 [Notifier][WebProfilerBundle] Ignore messages whose getNotification returns null (@MatTheCat)
  • bug #49267 [Form] Check for RepeatedType child in PasswordHasherListener (@MatTheCat)
  • bug #49299 [HttpClient] Fix over-encoding of URL parts to match browser's behavior (@nicolas-grekas)
  • bug #49314 [HttpClient] Revert support for "friendsofphp/well-known-implementations" (@nicolas-grekas)
  • bug #49214 [Mailer] add Sender to the list of bypassed headers (@xabbuh)
  • bug #49282 [VarExporter] Fix lazy-proxying readonly classes on PHP 8.3 (@nicolas-grekas)
  • bug #49147 [Intl] Generate all emoji short name returned by slack api (@adnen-chouibi)
  • bug #49245 [Serializer] Fix CsvEncoder decode on empty data (@cazak)
  • bug #49255 [Cache] Fix Redis proxies (@nicolas-grekas)
  • bug #49249 [Dotenv] Fix phpdoc Dotenv (@alamirault)
  • bug #49247 [Translator] Replace deprecated/removed way to configure enabled_locales (@chr-hertel)
  • bug #49248 [Config] Fix phpdoc nullable (@alamirault)
  • bug #48880 [Response] getMaxAge() returns non-negative integer (@pkruithof, @fabpot)
  • bug #49207 [PropertyInfo] Add meaningful message when phpstan/phpdoc-parser is not installed when using PhpStanExtractor (@alexandre-daubois)
  • bug #49208 [Form] Fix PasswordHasherListener to work with empty data (@1ed)
  • bug #49210 [Mailer] [MailPace] Fix undefined key in error response (@OskarStark)
  • bug #49220 [Validator] Make ConstraintValidatorTestCase compatible with PHPUnit 10 (@gjuric)
  • bug #49224 [WebProfilerBundle] Fix an accessibility issue in the search form of the header (@javiereguiluz)
  • bug #49226 [WebProfilerBundle] Disable Turbo for debug toolbar links (@javiereguiluz)
  • bug #49223 [WebProfilerBundle] Fix some minor HTML issues (@javiereguiluz)
  • bug #49146 [PropertyInfo] fail with a meaningful error when a needed package is missing (@xabbuh)
  • bug #49187 [Ldap] Allow multiple values on extra_fields (@mvhirsch)
  • bug #49128 [DependencyInjection] Fix combinatory explosion when autowiring union and intersection types (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Published in #Releases