| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.8:
fixed obsolete getMock() usage
fixed obsolete getMock() usage
[WebProfilerBundle] Display multiple HTTP headers in WDT
do not remove the Twig ExceptionController service
removed obsolete condition
do not try to register incomplete definitions
|
| | | |
|
| | |\
| | |
| | |
| | |
| | |
| | | |
* 2.7:
fixed obsolete getMock() usage
[WebProfilerBundle] Display multiple HTTP headers in WDT
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[Form] Fix transformer tests after the ICU update
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
bumped Symfony version to 2.8.11
updated VERSION for 2.8.10
updated CHANGELOG for 2.8.10
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
[FrameworkBundle] Check for class existence before is_subclass_of
Update GroupSequence.php
Code enhancement and cleanup
[DI] Add anti-regression test
Revert "minor #19689 [DI] Cleanup array_key_exists (ro0NL)"
[BrowserKit] Fix cookie expiration on 32 bit systems
bumped Symfony version to 2.7.18
updated VERSION for 2.7.17
update CONTRIBUTORS for 2.7.17
updated CHANGELOG for 2.7.17
Update misleading comment about RFC4627
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
[Validator][GroupSequence] fixed GroupSequence validation ignores PropertyMetadata of parent classes
[FrameworkBundle][Security] Remove useless mocks
[DoctrineBridge] Enhance exception message in EntityUserProvider
added friendly exception when constraint validator does not exist or it is not enabled
remove duplicate instruction
[FrameworkBundle] Remove TranslatorBagInterface check
[FrameworkBundle] Remove duplicated code in RouterDebugCommand
[Validator] fixed duplicate constraints with parent class interfaces
SecurityBundle:BasicAuthenticationListener: removed a default argument on getting a header value
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 3.0:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[DoctrineBridge] added missing error code for constraint.
[ClassLoader] Fix declared classes being computed when not needed
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
|
| | |\ \ \
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.8:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[DoctrineBridge] added missing error code for constraint.
[ClassLoader] Fix declared classes being computed when not needed
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
Conflicts:
src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntityValidator.php
src/Symfony/Component/ClassLoader/ClassCollectionLoader.php
|
| | | | |
| | | |
| | | |
| | | | |
in DigestAuthenticationListener
|
| | | | |
| | | |
| | | |
| | | | |
non-Response object
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 3.0: (24 commits)
[Filesystem] Better error handling in remove()
[DependencyInjection] Add coverage for invalid Expression in exportParameters
[DependencyInjection] Add coverage for all invalid arguments in exportParameters
anonymous services are always private
[Form] FormValidator removed code related to removed option
[Console] Correct time formatting.
[WebProfilerBundle] Fixed error from unset twig variable
Force profiler toolbar svg display
[DependencyInjection] Resolve aliases before removing abstract services + add tests
Fix Dom Crawler select option with empty value
Remove unnecessary option assignment
fix tests (use non-deprecated options)
remove unused variable
mock the proper method
[PropertyAccess] Fix regression
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
Windows 10 version check in just one line
Detect CLI color support for Windows 10 build 10586
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
...
|
| | |\ \ \
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.8: (23 commits)
[Filesystem] Better error handling in remove()
[DependencyInjection] Add coverage for invalid Expression in exportParameters
[DependencyInjection] Add coverage for all invalid arguments in exportParameters
anonymous services are always private
[Console] Correct time formatting.
[WebProfilerBundle] Fixed error from unset twig variable
Force profiler toolbar svg display
[DependencyInjection] Resolve aliases before removing abstract services + add tests
Fix Dom Crawler select option with empty value
Remove unnecessary option assignment
fix tests (use non-deprecated options)
remove unused variable
mock the proper method
[PropertyAccess] Fix regression
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
Windows 10 version check in just one line
Detect CLI color support for Windows 10 build 10586
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[EventDispatcher] Try first if the event is Stopped
...
|
| | | |\ \
| | | |/
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.7:
[Filesystem] Better error handling in remove()
[DependencyInjection] Add coverage for invalid Expression in exportParameters
[DependencyInjection] Add coverage for all invalid arguments in exportParameters
anonymous services are always private
[Console] Correct time formatting.
[DependencyInjection] Resolve aliases before removing abstract services + add tests
Fix Dom Crawler select option with empty value
Remove unnecessary option assignment
remove unused variable
mock the proper method
[PropertyAccess] Fix regression
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.3:
[DependencyInjection] Resolve aliases before removing abstract services + add tests
Fix Dom Crawler select option with empty value
Remove unnecessary option assignment
remove unused variable
[PropertyAccess] Fix regression
|
| | | | | |
|
| | | |\ \
| | | |/
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.7:
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
Windows 10 version check in just one line
Detect CLI color support for Windows 10 build 10586
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[EventDispatcher] Try first if the event is Stopped
[FrameworkBundle] fixes grammar in container:debug command manual.
[Form] fix "prototype" not required when parent form is not required
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.3:
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[Form] fix "prototype" not required when parent form is not required
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* check for existance of `setMetadataFactory()` method (this is needed
for tests run with deps=high as the method was removed in Symfony
3.0)
* fix mock testing the `EngineInterface` as the `stream()` method cannot
be mocked when it is does not exist in the mocked interface
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 2.3:
fix mocks
Conflicts:
src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php
|
| | | | | |
|
| |/ / / |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
[Process] Fix transient tests for incremental outputs
[Console] Add missing `@require` annotation in test
Fix merge
[appveyor] Fix failure reporting
[#17634] move DebugBundle license file
backport GlobTest from 2.7 branch
Move licenses according to new best practices
[FrameworkBundle] Remove unused code in test
[2.3] Fixed an undefined variable in Glob::toRegex
simplified a test
fix container cache key generation
[Form] fix option name in upgrade file
[Form] fix option name in changelog
[Translation] Add resources from fallback locale
[DependencyInjection] enforce tags to have a name
[YAML] Refine the return value of Yaml::parse()
Conflicts:
UPGRADE-2.8.md
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
[Console] Add missing `@require` annotation in test
Fix merge
[appveyor] Fix failure reporting
[#17634] move DebugBundle license file
backport GlobTest from 2.7 branch
Move licenses according to new best practices
[FrameworkBundle] Remove unused code in test
[2.3] Fixed an undefined variable in Glob::toRegex
simplified a test
fix container cache key generation
[Form] fix option name in changelog
[Translation] Add resources from fallback locale
[DependencyInjection] enforce tags to have a name
[YAML] Refine the return value of Yaml::parse()
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/Loader/YamlFileLoaderTest.php
|
| | | |
| | |
| | |
| | |
| | | |
* 2.3:
[appveyor] Fix failure reporting
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
[WebProfilerBundle] Don't inherit CSS text-transform property for the toolbar.
Remove duplicate cursor property
Increase the inlining YAML level for config:debug
[Serializer] Minor: fix CS and PHPDoc
[Form] fix tests
[Serializer] Ensure that groups are strings
[Debug] Tell that the extension is for PHP 5 only
Static code analysis
Update AnnotationDirectoryLoader.php
added a test
Escape the delimiter in Glob::toRegex
[FrameworkBundle] Fix template location for PHP templates
[FrameworkBundle] Add path verification to the template parsing test cases
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
Increase the inlining YAML level for config:debug
[Serializer] Minor: fix CS and PHPDoc
[Form] fix tests
[Serializer] Ensure that groups are strings
[Debug] Tell that the extension is for PHP 5 only
Static code analysis
Update AnnotationDirectoryLoader.php
added a test
Escape the delimiter in Glob::toRegex
[FrameworkBundle] Fix template location for PHP templates
[FrameworkBundle] Add path verification to the template parsing test cases
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
Static code analysis
Update AnnotationDirectoryLoader.php
[FrameworkBundle] Fix template location for PHP templates
[FrameworkBundle] Add path verification to the template parsing test cases
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
removed usage of the deprecated StringUtils::equals() method
Fix: Resolve tempdir symlink, not working on OSX
fixed tests
migrate session after remember me authentication
prevent timing attacks in digest auth listener
mitigate CSRF timing attack vulnerability
fix potential timing attack issue
[WebProfilerBundle] Added a top left border radius to the minified to…
[Routing] Changing RouteCollectionBuilder::import() behavior to add to the builder
[HttpKernel] Don't reset on shutdown but in FrameworkBundle/Test/KernelTestCase
[Process] PhpExecutableFinder: add regression test
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
fixed tests
migrate session after remember me authentication
prevent timing attacks in digest auth listener
mitigate CSRF timing attack vulnerability
fix potential timing attack issue
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
migrate session after remember me authentication
prevent timing attacks in digest auth listener
mitigate CSRF timing attack vulnerability
fix potential timing attack issue
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
Fixed tabs when there are several groups of tabs in the same page
Fix mode
Fixed failing test for HHVM
Removed unused logic in MockStream
Update coding standard for MockStream
[Filesystem] added tempnam() stream wrapper aware version of PHP's native tempnam() and fixed dumpFile to allow dumping to streams
Renamed key to secret
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
[Routing] use constants in tests
[Process] tweaked README
[TwigBundle] Fix Twig cache is not properly warmed
[Validator] Allow an empty path in a URL with only a fragment or a query
[Security] Use SessionAuthenticationStrategy on RememberMe login
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
[Routing] use constants in tests
[Process] tweaked README
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
[Routing] use constants in tests
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
|
| | |\ \
| | |/
| | |
| | |
| | |
| | | |
* 2.7:
[TwigBundle] Fix Twig cache is not properly warmed
[Security] Use SessionAuthenticationStrategy on RememberMe login
|
| | | |
| | |
| | |
| | | |
Regenerate session ID with default session strategy
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
composer.json
src/Symfony/Bundle/FrameworkBundle/Resources/config/annotations.xml
src/Symfony/Bundle/FrameworkBundle/Resources/config/routing.xml
src/Symfony/Bundle/FrameworkBundle/Resources/config/security_csrf.xml
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/Security/Core/composer.json
src/Symfony/Component/Security/Csrf/composer.json
src/Symfony/Component/Security/Http/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Translation/PluralizationRules.php
src/Symfony/Component/VarDumper/Exception/ThrowingCasterException.php
|
| | | | |
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
src/Symfony/Component/Security/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php
src/Symfony/Component/Security/composer.json
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
src/Symfony/Component/Security/Tests/Core/SecurityContextTest.php
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8: (21 commits)
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Throw exception if tempnam returns false in ProcessPipes
[DomCrawler] Deprecated using /_root/ in XPath expressions
Pass missing request template variables
Simplify AbstractVoter
[Form] add missing deprecation triggers
Throw exception if tempnam returns false
Fix PropertyAccessor modifying array in object when array key does not exist
[DependencyInjection] Add autowiring capabilities
Fixing typo in variable name
Add a few additional tests for the Crawler
[Form] remove obsolete deprecation comments
Updated the style of the event commands
[Debug] Deprecate providing $fileLinkFormat as second argument
[Form] minor CS fix
Updated PHPDoc of the AbstractVoter class
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
...
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.7:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
Fix PropertyAccessor modifying array in object when array key does not exist
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
[ci] Use current PHP_BINARY when running ./phpunit
Fixed typos
[UPGRADE-3.0] fix bullet indentation
[Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
|
| |\ \ \
| |/ /
| | |
| | |
| | | |
* 2.8:
[Security] made tests work for 2.8 and 3.0
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.8:
Remove profiler storages
deprecate finding deep items in request parameters
[CssSelector] updated README
[CssSelector] remove ConverterInterface
[DependencyInjection] improved a comment for reading fluency
[HttpKernel] change a class in tests to avoid depending on SQLite
[FrameworkBundle] Fix tests
[Bridge\Twig] Fix form lowest version
[ci] Display fastest results first when running tests in parallel
[Yaml] Improve newline handling in folded scalar blocks
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
CHANGELOG-2.7.md
UPGRADE-2.8.md
src/Symfony/Bundle/FrameworkBundle/Resources/config/form_debug.xml
src/Symfony/Component/Config/CHANGELOG.md
src/Symfony/Component/DependencyInjection/Tests/ContainerTest.php
src/Symfony/Component/HttpKernel/Kernel.php
|
| | |\ \
| | |/
| | |
| | |
| | | |
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
|
| | | | |
|
| | | | |
|
| | | | |
|
| |/ / |
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.7:
[Twig+FrameworkBundle] Fix forward compat with Form 2.8
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
[Serializer] Fix bugs reported in https://github.com/symfony/symfony/commit/b5990be49149501bef7bb83a797a1aea2eb5fbe0#commitcomment-12301266
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Component/Security/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
|
| | |\
| | |
| | |
| | |
| | |
| | | |
* 2.6:
[2.6] Static Code Analysis for Components
[Security/Http] Fix test relying on a private property
|
| | | | |
|
| |\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This PR was squashed before being merged into the 2.8 branch (closes #15141).
Discussion
----------
[DX] [Security] Renamed Token#getKey() to getSecret()
There are 2 very vague parameter names in the authentication process: `$providerKey` and `$key`. Some tokens/providers have the first one, some tokens/providers the second one and some both. An overview:
| Token | `providerKey` | `key`
| --- | --- | ---
| `AnonymousToken` | - | yes
| `PreAuth...Token` | yes | -
| `RememberMeToken` | yes | yes
| `UsernamePasswordToken` | yes | -
Both names are extremely general and their PHPdocs contains pure no-shit-sherlock-descriptions :squirrel: (like "The key."). This made me and @iltar think it's just an inconsistency and they have the same meaning.
...until we dived deeper into the code and came to the conclusion that `$key` has a Security task (while `$providerKey` doesn't really). If it takes people connected to Symfony internals 30+ minutes to find this out, it should be considered for an improvement imo.
So here is our suggestion: **Rename `$key` to `$secret`**. This explains much better what the value of the string has to be (for instance, it's important that the string is not easily guessable and cannot be found out, according to the Spring docs). It also explains the usage better (it's used as a replacement for credentials and to hash the RememberMeToken).
**Tl;dr**: `$key` and `$providerKey` are too general names, let's improve DX by renaming them. This PR tackles `$key` by renaming it to `$secret`.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
*My excuse for the completely unrelated branch name*
Commits
-------
24e0eb6 [DX] [Security] Renamed Token#getKey() to getSecret()
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ /
|/| /
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
[2.6] Towards 100% HHVM compat
[Security/Http] Fix test
[Stopwatch] Fix test
Minor fixes
Towards 100% HHVM compat
unify default AccessDeniedExeption message
trigger event with right user (add test)
[Security] Initialize SwitchUserEvent::targetUser on attemptExitUser
[Form] Fixed: Data mappers always receive forms indexed by their names
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Controller/Controller.php
src/Symfony/Component/VarDumper/Tests/CliDumperTest.php
src/Symfony/Component/VarDumper/Tests/HtmlDumperTest.php
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
Minor fixes
Towards 100% HHVM compat
trigger event with right user (add test)
[Security] Initialize SwitchUserEvent::targetUser on attemptExitUser
[Form] Fixed: Data mappers always receive forms indexed by their names
Conflicts:
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Filesystem.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
Add test for HHVM FatalErrors
[2.6][Debug] Fix fatal-errors handling on HHVM
[2.3][Debug] Fix fatal-errors handling on HHVM
Standardize the name of the exception variables
[2.3] Static Code Analysis for Components
Remove duplicated paths
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
src/Symfony/Component/Security/Http/Firewall/RememberMeListener.php
src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
[2.3][Debug] Fix fatal-errors handling on HHVM
Standardize the name of the exception variables
[2.3] Static Code Analysis for Components
Remove duplicated paths
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/HttpFoundation/Session/Storage/MockArraySessionStorage.php
src/Symfony/Component/Security/Acl/Dbal/AclProvider.php
src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6: (30 commits)
[Translation] fixed JSON loader on PHP 7 when file is empty
Fix typo
Check instance of FormBuilderInterface instead of FormBuilder
[Security] TokenBasedRememberMeServices test to show why encoding username is required
[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
fixed typo
[console][formater] allow format toString object.
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
Avoid redirection to XHR URIs
[HttpFoundation] IpUtils::checkIp4() should allow networks
[2.6] Fix HTML escaping of to-source links
Fix HTML escaping of to-source links
ExceptionHandler: More Encoding
Fix the rendering of deprecation log messages
[FrameworkBundle] Removed unnecessary parameter in TemplateController
[DomCrawler] Throw an exception if a form field path is incomplete.
Fixed the indentation in the compiled template for the DumpNode
[Console] Delete duplicate test in CommandTest
[TwigBundle] Refresh twig paths when resources change.
WebProfiler break words
...
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig
src/Symfony/Component/Debug/ExceptionHandler.php
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
Fix typo
Check instance of FormBuilderInterface instead of FormBuilder
[Security] TokenBasedRememberMeServices test to show why encoding username is required
[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
[console][formater] allow format toString object.
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
Avoid redirection to XHR URIs
[HttpFoundation] IpUtils::checkIp4() should allow networks
Fix HTML escaping of to-source links
[FrameworkBundle] Removed unnecessary parameter in TemplateController
[DomCrawler] Throw an exception if a form field path is incomplete.
[Console] Delete duplicate test in CommandTest
[TwigBundle] Refresh twig paths when resources change.
WebProfiler break words
fixed typo
Update README.md
[HttpKernel] Handle an array vary header in the http cache store
[Security][Translation] fixes #14584
[Framework] added test for Router commands.
Handled bearer authorization header in REDIRECT_ form
Conflicts:
src/Symfony/Component/Debug/ExceptionHandler.php
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
fixed CS
fixed CS
Conflicts:
src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
|
| | | |
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
[DebugBundle] Allow alternative destination for dumps
[DebugBundle] Use output mechanism of dumpers instead of echoing
[DebugBundle] Always collect dumps
Fix tests in HHVM
CS: Pre incrementation/decrementation should be used if possible
Conflicts:
src/Symfony/Component/Finder/Expression/Glob.php
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
Fix tests in HHVM
CS: Pre incrementation/decrementation should be used if possible
Conflicts:
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/EventDispatcher/Tests/EventDispatcherTest.php
src/Symfony/Component/HttpKernel/DataCollector/LoggerDataCollector.php
src/Symfony/Component/HttpKernel/HttpCache/EsiResponseCacheStrategy.php
src/Symfony/Component/Security/Acl/Dbal/AclProvider.php
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
[Validator] Add missing pt_BR translations
Add parsing of hexadecimal strings for PHP 7
[Configuration] improve description for ignoreExtraKeys on ArrayNodeDefinition
[Validator] Added missing Hungarian translation
[Validator] Fixed grammar in Hungarian translation
CS: Unary operators should be placed adjacent to their operands
CS: Binary operators should be arounded by at least one space
remove useless tests that fail in php 7
[Translator] fix test for php 7 compatibility
Update phpdoc of ProcessBuilder#setPrefix()
Conflicts:
src/Symfony/Bridge/Propel1/Logger/PropelLogger.php
src/Symfony/Component/Validator/Resources/translations/validators.hu.xlf
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
[Validator] Add missing pt_BR translations
Add parsing of hexadecimal strings for PHP 7
[Configuration] improve description for ignoreExtraKeys on ArrayNodeDefinition
[Validator] Added missing Hungarian translation
[Validator] Fixed grammar in Hungarian translation
CS: Unary operators should be placed adjacent to their operands
CS: Binary operators should be arounded by at least one space
remove useless tests that fail in php 7
[Translator] fix test for php 7 compatibility
Update phpdoc of ProcessBuilder#setPrefix()
Conflicts:
src/Symfony/Component/HttpFoundation/Session/Attribute/NamespacedAttributeBag.php
src/Symfony/Component/PropertyAccess/PropertyAccessor.php
src/Symfony/Component/Validator/Resources/translations/validators.pt_BR.xlf
src/Symfony/Component/Yaml/Parser.php
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* 2.6:
Changed visibility of setUp() and tearDown to protected
|
| | | |
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6:
Php Inspections (EA Extended): squash all PR-13813 commits
replaced the last remaining is_integer() call
[2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
[FrameworkBundle] simplify dep declaration
[VarDumper] Fix "next element is already occupied"
[Validator] Added missing galician (gl) translations
[PropertyAccess] stop overwriting once a reference is reached (3rd)
[OptionsResolver] Remove Unused Variable from Foreach Cycles
[travis] Tests Security sub-components
[Twig] bootstrap_3_layout.html.twig is usable as a trait
[travis] Tests Security sub-components
CS fixes
[TwigBridge] Bootstrap Layout - Fix the label of checkbox cannot be empty
[travis] test with php nightly
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
replaced the last remaining is_integer() call
[2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
[Validator] Added missing galician (gl) translations
[travis] Tests Security sub-components
[travis] Tests Security sub-components
CS fixes
[travis] test with php nightly
Conflicts:
src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
|
| | | |
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.6: (21 commits)
[FrameworkBundle] Fix title and placeholder rendering in php form templates.
[TwigBridge] Removed duplicated code from TwigRenderer
[Translator][Logging] implement TranslatorBagInterface.
RequestDataCollector - small fix
renamed composer.phar to composer to be consistent with the Symfony docs
[FrameworkBundle] bumped min version of Routing to 2.3
removed composer --dev option everywhere
fixed a test
[Console] Fixed output bug, if escaped string in a formatted string.
“console help” ignores --raw option
Fix form icon position in web profiler
[Security] Remove ContextListener's onKernelResponse listener as it is used
Revert "minor #12652 [HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value (skler)"
Revert "fixed assertion"
fixed assertion
[HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value
fixed URL
Add reference to documentation in FormEvents phpdocs
[YAML] Fix one-liners to work with multiple new lines
Keep "pre" meaning for var_dump quick-and-dirty debug
...
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 2.3:
[FrameworkBundle] Fix title and placeholder rendering in php form templates.
RequestDataCollector - small fix
renamed composer.phar to composer to be consistent with the Symfony docs
[FrameworkBundle] bumped min version of Routing to 2.3
removed composer --dev option everywhere
fixed a test
[Console] Fixed output bug, if escaped string in a formatted string.
[Security] Remove ContextListener's onKernelResponse listener as it is used
Revert "minor #12652 [HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value (skler)"
Revert "fixed assertion"
fixed assertion
[HttpFoundation] [Hackday] #9942 test: Request::getContent() for null value
fixed URL
Add reference to documentation in FormEvents phpdocs
[YAML] Fix one-liners to work with multiple new lines
Keep "pre" meaning for var_dump quick-and-dirty debug
[Console][Table] Fix cell padding with multi-byte
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/widget_attributes.html.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Console/Helper/TableHelper.php
|
| | | |
|
| | | |
|
| |\ \
| |/
| |
| |
| | |
* 2.6:
[Security] moved test files into the right place
|
| | |\
| | |
| | |
| | |
| | | |
* 2.5:
[Security] moved test files into the right place
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.6:
bumped Symfony version to 2.6.4
updated VERSION for 2.6.3
updated CHANGELOG for 2.6.3
bumped Symfony version to 2.6.3
updated VERSION for 2.6.2
updated CHANGELOG for 2.6.2
bumped Symfony version to 2.5.10
updated VERSION for 2.5.9
updated CHANGELOG for 2.5.9
[FrameworkBundle] Use security.token_storage service in Controller::getUser()
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
Removed unneeded version requirements
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
[Process] Fix input reset in WindowsPipes
add back model_timezone and view_timezone options
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.5:
bumped Symfony version to 2.5.10
updated VERSION for 2.5.9
updated CHANGELOG for 2.5.9
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
Removed unneeded version requirements
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
bumped Symfony version to 2.3.25
updated VERSION for 2.3.24
update CONTRIBUTORS for 2.3.24
updated CHANGELOG for 2.3.24
fixed tests
[Security] Don't destroy the session on buggy php releases.
Conflicts:
src/Symfony/Component/Console/Tests/Fixtures/application_2.json
src/Symfony/Component/HttpKernel/Kernel.php
|
| |\ \ \
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.6:
[2.3] Remove useless tests skips
[ClassLoader] removes deprecated classes from documentation.
[ClassLoader] added missing deprecation notice.
[HttpFoundation] Fix an issue caused by php's Bug #66606.
[Yaml] Update README.md
Don't add Accept-Range header on unsafe HTTP requests
simplify hasScheme method
adapted merge to 2.5
adapted previous commit for 2.3
[Security] Don't send remember cookie for sub request
[Security] fixed wrong phpdoc
[HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri
[2.3] Cleanup deprecations
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Component/ClassLoader/UniversalClassLoader.php
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/Form/ButtonBuilder.php
src/Symfony/Component/HttpKernel/Exception/FatalErrorException.php
src/Symfony/Component/HttpKernel/Exception/FlattenException.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Validator/composer.json
|
| | |\ \
| | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.5:
[2.3] Remove useless tests skips
[ClassLoader] removes deprecated classes from documentation.
[ClassLoader] added missing deprecation notice.
[HttpFoundation] Fix an issue caused by php's Bug #66606.
[Yaml] Update README.md
Don't add Accept-Range header on unsafe HTTP requests
simplify hasScheme method
adapted merge to 2.5
adapted previous commit for 2.3
[Security] Don't send remember cookie for sub request
[Security] fixed wrong phpdoc
[HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri
[2.3] Cleanup deprecations
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig
src/Symfony/Component/HttpKernel/composer.json
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* 2.3:
[2.3] Remove useless tests skips
[2.3] Cleanup deprecations
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypePerformanceTest.php
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Component/Debug/Tests/MockExceptionHandler.php
src/Symfony/Component/Debug/composer.json
src/Symfony/Component/Form/Tests/ResolvedFormTypeTest.php
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Tests/DataCollector/LoggerDataCollectorTest.php
src/Symfony/Component/HttpKernel/Tests/DataCollector/RequestDataCollectorTest.php
src/Symfony/Component/HttpKernel/Tests/Debug/TraceableEventDispatcherTest.php
src/Symfony/Component/HttpKernel/Tests/EventListener/LocaleListenerTest.php
src/Symfony/Component/HttpKernel/Tests/EventListener/RouterListenerTest.php
src/Symfony/Component/HttpKernel/Tests/Fixtures/KernelForTest.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Routing/Tests/Annotation/RouteTest.php
src/Symfony/Component/Security/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php
src/Symfony/Component/Security/composer.json
|
