Symfony 6.4.18 has just been released. Here is the list of the most important changes since 6.4.17:

  • bug #58889 [Serializer] Handle default context in Serializer (@Valmonzo)
  • bug #59631 [HttpClient] Fix processing a NativeResponse after its client has been reset (@Jean-Beru)
  • bug #59590 [Security] Throw an explicit error when refreshing a token with a null user (@alexandre-daubois)
  • bug #59625 [FrameworkBundle] Add missing not-compromised-password entry in XSD (@alexandre-daubois)
  • bug #59610 [Mailer] Ensure TransportExceptionInterface populates stream debug data (@bytestream)
  • bug #59598 [Mime] Fix body validity check in Email when using Message::setBody() (@alexandre-daubois)
  • feature #59544 [AssetMapper] Fix CssCompiler matches url in comments (@smnandre)
  • bug #59575 [DoctrineBridge] Add support for doctrine/persistence 4 (@greg0ire)
  • bug #59399 [DomCrawler] Make ChoiceFormField::isDisabled return true for unchecked disabled checkboxes (@MatTheCat)
  • bug #59581 [Cache] Don't clear system caches on cache:clear (@nicolas-grekas)
  • bug #59579 [FrameworkBundle] Fix patching refs to the tmp warmup dir in files generated by optional cache warmers (@nicolas-grekas)
  • bug #59525 [HtmlSanitizer] Fix access to undefined keys in UrlSanitizer (Antoine Beyet)
  • bug #59538 [VarDumper] fix dumped markup (@xabbuh)
  • bug #59515 [FrameworkBundle] Fix wiring ConsoleProfilerListener (@nicolas-grekas)
  • bug #59486 [Validator] Update sr_Cyrl 120:This value is not a valid slug. (@kaznovac)
  • bug #59403 [FrameworkBundle][HttpFoundation] Reset Request's formats using the service resetter (@nicolas-grekas)
  • bug #59404 [Mailer] Fix SMTP stream EOF handling on Windows by using feof() (@skmedix)
  • bug #59390 [VarDumper] Fix blank strings display (@MatTheCat)
  • bug #59446 [Routing] Fix configuring a single route's hosts (@MatTheCat)
  • bug #58901 [HttpClient] Ignore RuntimeExceptions thrown when rewinding the PSR-7 created in HttplugWaitLoop::createPsr7Response (@KurtThiemann)
  • bug #59046 [HttpClient] Fix Undefined array key connection (@PhilETaylor)
  • bug #59055 [HttpFoundation] Fixed IpUtils::anonymize exception when using IPv6 link-local addresses with RFC4007 scoping (@jbtronics)
  • bug #59256 [Mailer] Fix Sendmail memory leak (@rch7)
  • bug #59375 [RemoteEvent][Webhook] fix SendgridPayloadConverter category support (@ericabouaf)
  • bug #59367 [PropertyInfo] Make sure that SerializerExtractor returns null for invalid class metadata (@wuchen90)
  • bug #59376 [RemoteEvent][Webhook] Fix SendgridRequestParser and SendgridPayloadConverter (@ericabouaf)
  • bug #59381 [Yaml] fix inline notation with inline comment (@alexpott)
  • bug #59352 [Messenger] Fix TransportMessageIdStamp not always added (@HypeMC)
  • bug #59185 [DoctrineBridge] Fix compatibility to Doctrine persistence 2.5 in Doctrine Bridge 6.4 to avoid Projects stuck on 6.3 (@alexander-schranz)
  • bug #59245 [PropertyInfo] Fix add missing composer conflict (@mtarld)
  • bug #59292 [WebProfilerBundle] Fix event delegation on links inside toggles (@MatTheCat)
  • bug #59362 [Doctrine][Messenger] Prevents multiple TransportMessageIdStamp being stored in envelope (@rtreffler)
  • bug #59323 [Serializer] Fix exception thrown by YamlEncoder (@VincentLanglet)
  • bug #59293 [AssetMapper] Fix JavaScript compiler creates self-referencing imports (@smnandre)
  • bug #59349 [Yaml] reject inline notations followed by invalid content (@xabbuh)
  • bug #59363 [VarDumper] Fix displaying closure's "this" from anonymous classes (@nicolas-grekas)
  • bug #59364 [ErrorHandler] Don't trigger "internal" deprecations for anonymous LazyClosure instances (@nicolas-grekas)
  • bug #59221 [PropertyAccess] Fix compatibility with PHP 8.4 asymmetric visibility (@Florian-Merle)
  • bug #59357 [HttpKernel] Don't override existing LoggerInterface autowiring alias in LoggerPass (@nicolas-grekas)
  • bug #59347 [Security] Fix triggering session tracking from ContextListener (@nicolas-grekas)
  • bug #59188 [HttpClient] Fix reset() not called on decorated clients (@HypeMC)
  • bug #59343 [Security] Adjust parameter order in exception message (@Link1515)
  • bug #59312 [Yaml] Fix parsing of unquoted strings in Parser::lexUnquotedString() to ignore spaces (@Link1515)
  • bug #59334 [ErrorHandler] [A11y] Simple proposal for color updates on error stack traces against colorblindness (@DocFX)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Published in #Releases