diff --git a/.appveyor.yml b/.appveyor.yml index 66409a9c4e34b..35847e4fc3727 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -12,7 +12,7 @@ init: - SET SYMFONY_DEPRECATIONS_HELPER=strict - SET ANSICON=121x90 (121x90) - SET SYMFONY_PHPUNIT_DISABLE_RESULT_CACHE=1 - - SET SYMFONY_DEPRECATIONS_HELPER=max[indirect]=170 + - SET SYMFONY_DEPRECATIONS_HELPER=max[direct]=1 - REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" /v DelayedExpansion /t REG_DWORD /d 1 /f install: @@ -48,12 +48,10 @@ install: - IF NOT EXIST composer.phar (appveyor DownloadFile https://github.com/composer/composer/releases/download/2.0.0/composer.phar) - php composer.phar self-update --2 - copy /Y .github\composer-config.json %APPDATA%\Composer\config.json - - php composer.phar global require --no-progress --no-scripts --no-plugins symfony/flex - git config --global user.email "" - git config --global user.name "Symfony" - FOR /F "tokens=* USEBACKQ" %%F IN (`bash -c "grep ' VERSION = ' src/Symfony/Component/HttpKernel/Kernel.php | grep -o '[0-9][0-9]*\.[0-9]'"`) DO (SET SYMFONY_VERSION=%%F) - php .github/build-packages.php HEAD^ %SYMFONY_VERSION% src\Symfony\Bridge\PhpUnit - - SET "SYMFONY_REQUIRE=>=%SYMFONY_VERSION%" - SET COMPOSER_ROOT_VERSION=%SYMFONY_VERSION%.x-dev - php composer.phar update --no-progress --ansi - php phpunit install diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 19e3da080c93b..b3f3d6cba8d2a 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -157,6 +157,7 @@ jobs: - name: Run tests run: ./phpunit --group integration -v env: + SYMFONY_DEPRECATIONS_HELPER: max[direct]=1 # to be removed once DbalLogger is compatible with dbal 3.2+ REDIS_HOST: localhost REDIS_CLUSTER_HOSTS: 'localhost:7000 localhost:7001 localhost:7002 localhost:7003 localhost:7004 localhost:7005' REDIS_SENTINEL_HOSTS: 'localhost:26379' diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 157f6462b4e67..edd59d3f188f6 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -63,6 +63,7 @@ jobs: echo COLUMNS=120 >> $GITHUB_ENV echo PHPUNIT="$(readlink -f ./phpunit) --exclude-group tty,benchmark,intl-data" >> $GITHUB_ENV echo COMPOSER_UP='composer update --no-progress --ansi' >> $GITHUB_ENV + echo SYMFONY_DEPRECATIONS_HELPER=max[direct]=1 >> $GITHUB_ENV # to be removed once DbalLogger is compatible with dbal 3.2+ SYMFONY_VERSIONS=$(git ls-remote -q --heads | cut -f2 | grep -o '/[1-9][0-9]*\.[0-9].*' | sort -V) SYMFONY_VERSION=$(grep ' VERSION = ' src/Symfony/Component/HttpKernel/Kernel.php | grep -P -o '[0-9]+\.[0-9]+') diff --git a/CHANGELOG-5.3.md b/CHANGELOG-5.3.md index f73800bc11f80..ceeefa8cad098 100644 --- a/CHANGELOG-5.3.md +++ b/CHANGELOG-5.3.md @@ -7,6 +7,15 @@ in 5.3 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v5.3.0...v5.3.1 +* 5.3.12 (2021-11-24) + + * security #cve-2021-41268 [SecurityBundle] Default signature_properties to the previous behavior (wouterj) + * security #cve-2021-41267 [HttpKernel] Fix missing extra trusted header in sub-request (jderusse) + * security #cve-2021-41270 [Serializer] Use single quote to escape formulas (jderusse) + * bug #44232 [Cache] fix connecting to local Redis sockets (nicolas-grekas) + * bug #44204 [HttpClient] fix closing curl multi handle when destructing client (nicolas-grekas) + * bug #44208 [Process] exclude argv/argc from possible default env vars (nicolas-grekas) + * 5.3.11 (2021-11-22) * bug #44188 [VarExporter] fix exporting declared but unset properties when __sleep() is implemented (nicolas-grekas) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 1ac10f641e698..92b9b528b9c50 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -20,9 +20,9 @@ The Symfony Connect username in parenthesis allows to get more information - Jordi Boggiano (seldaek) - Victor Berchet (victor) - Javier Eguiluz (javier.eguiluz) + - Thomas Calvet (fancyweb) - Ryan Weaver (weaverryan) - Roland Franssen (ro0) - - Thomas Calvet (fancyweb) - Jakub Zalas (jakubzalas) - Johannes S (johannes) - Kris Wallsmith (kriswallsmith) @@ -46,20 +46,21 @@ The Symfony Connect username in parenthesis allows to get more information - Jan Schädlich (jschaedl) - Igor Wiedler (igorw) - Eriksen Costa (eriksencosta) + - Kevin Bond (kbond) - Ener-Getick (energetick) - Sarah Khalil (saro0h) - - Kevin Bond (kbond) - Pierre du Plessis (pierredup) + - Vasilij Duško (staff) - Valentin Udaltsov (vudaltsov) - Iltar van der Berg (kjarli) - Jonathan Wage (jwage) - - Vasilij Duško (staff) - Matthias Pigulla (mpdude) - Diego Saint Esteben (dosten) - Grégoire Paris (greg0ire) - Alexandre Salomé (alexandresalome) - William Durand (couac) - ornicar + - Jérôme Tamarelle (gromnan) - Konstantin Myakshin (koc) - Dany Maillard (maidmaid) - Francis Besset (francisbesset) @@ -68,13 +69,12 @@ The Symfony Connect username in parenthesis allows to get more information - Titouan Galopin (tgalopin) - Laurent VOULLEMIER (lvo) - Vasilij Dusko | CREATION - - Jérôme Tamarelle (gromnan) - Bulat Shakirzyanov (avalanche123) - David Maicher (dmaicher) + - Gábor Egyed (1ed) - gadelat (gadelat) - Saša Stamenković (umpirsky) - Peter Rehm (rpet) - - Gábor Egyed (1ed) - Henrik Bjørnskov (henrikbjorn) - Miha Vrhovnik - Diego Saint Esteben (dii3g0) @@ -82,10 +82,10 @@ The Symfony Connect username in parenthesis allows to get more information - Konstantin Kudryashov (everzet) - Vladimir Reznichenko (kalessil) - Bilal Amarni (bamarni) + - Antoine M (amakdessi) - Florin Patan (florinpatan) - Jáchym Toušek (enumag) - Alex Pott - - Antoine M (amakdessi) - Michel Weimerskirch (mweimerskirch) - Andrej Hudec (pulzarraider) - Christian Raue @@ -112,24 +112,25 @@ The Symfony Connect username in parenthesis allows to get more information - Toni Uebernickel (havvg) - Bart van den Burg (burgov) - Jordan Alliot (jalliot) + - Mathieu Santostefano (welcomattic) - John Wards (johnwards) - Tomas Norkūnas (norkunas) - Baptiste Clavié (talus) - Antoine Hérault (herzult) - Paráda József (paradajozsef) + - Alexandre Daubois (alexandre-daubois) - Vincent Langlet (deviling) + - HypeMC (hypemc) - Massimiliano Arione (garak) - Arnaud Le Blanc (arnaud-lb) - Przemysław Bogusz (przemyslaw-bogusz) + - Julien Falque (julienfalque) - Maxime STEINHAUSSER - Michal Piotrowski (eventhorizon) - Tomáš Votruba (tomas_votruba) - Mathias Arlaud (mtarld) - Tim Nagel (merk) - - Alexandre Daubois (alexandre-daubois) - - HypeMC (hypemc) - Chris Wilkinson (thewilkybarkid) - - Julien Falque (julienfalque) - Peter Kokot (maastermedia) - Lars Strojny (lstrojny) - Brice BERNARD (brikou) @@ -144,7 +145,6 @@ The Symfony Connect username in parenthesis allows to get more information - Adrien Brault (adrienbrault) - Yanick Witschi (toflar) - Jacob Dreesen (jdreesen) - - Mathieu Santostefano (welcomattic) - Malte Schlüter (maltemaltesich) - Joel Wurtz (brouznouf) - Théo FIDRY (theofidry) @@ -168,6 +168,7 @@ The Symfony Connect username in parenthesis allows to get more information - Gary PEGEOT (gary-p) - Matthieu Napoli (mnapoli) - Ruud Kamphuis (ruudk) + - Ion Bazan (ionbazan) - Jannik Zschiesche (apfelbox) - Robert Schönthal (digitalkaoz) - Florian Lonqueu-Brochard (florianlb) @@ -186,7 +187,6 @@ The Symfony Connect username in parenthesis allows to get more information - Hidenori Goto (hidenorigoto) - Jan Rosier (rosier) - Alessandro Chitolina (alekitto) - - Ion Bazan (ionbazan) - Albert Casademont (acasademont) - Arnaud Kleinpeter (nanocom) - Guilherme Blanco (guilhermeblanco) @@ -202,6 +202,8 @@ The Symfony Connect username in parenthesis allows to get more information - George Mponos (gmponos) - jwdeitch - Jeroen Spee (jeroens) + - Jérôme Parmentier (lctrs) + - Marco Pivetta (ocramius) - Fabien Bourigault (fbourigault) - Joe Bennett (kralos) - Mikael Pajunen @@ -216,16 +218,16 @@ The Symfony Connect username in parenthesis allows to get more information - Thomas Rabaix (rande) - Chi-teck - Timo Bakx (timobakx) - - Marco Pivetta (ocramius) - Vincent Touzet (vincenttouzet) - Nate Wiebe (natewiebe13) - Rouven Weßling (realityking) - - Jérôme Parmentier (lctrs) + - Michael Babker (mbabker) - Ben Davies (bendavies) - Clemens Tolboom - Helmer Aaviksoo - Christopher Hertel (chertel) - Remon van de Kamp (rpkamp) + - Rokas Mikalkėnas (rokasm) - Filippo Tessarotto (slamdunk) - Hiromi Hishida (77web) - Michael Käfer (michael_kaefer) @@ -233,6 +235,7 @@ The Symfony Connect username in parenthesis allows to get more information - Michał Pipa (michal.pipa) - Dawid Nowak - Andreas Möller (localheinz) + - Roman Martinuk (a2a4) - Amal Raghav (kertz) - Jonathan Ingram (jonathaningram) - Artur Kotyrba @@ -241,8 +244,9 @@ The Symfony Connect username in parenthesis allows to get more information - Samuel NELA (snela) - David Prévot - Hugo Monteiro (monteiro) + - Baptiste Leduc (korbeil) - Dmitrii Poddubnyi (karser) - - Michael Babker (mbabker) + - zairig imad (zairigimad) - Tien Vo (tienvx) - Timothée Barray (tyx) - James Halsall (jaitsu) @@ -270,11 +274,9 @@ The Symfony Connect username in parenthesis allows to get more information - Philippe Segatori - Thibaut Cheymol (tcheymol) - Sebastien Morel (plopix) - - Baptiste Leduc (korbeil) - mcfedr (mcfedr) - Ruben Gonzalez (rubenrua) - Benjamin Dulau (dbenjamin) - - zairig imad (zairigimad) - Baptiste Lafontaine (magnetik) - Mathieu Lemoine (lemoinem) - Denis Brumann (dbrumann) @@ -287,13 +289,11 @@ The Symfony Connect username in parenthesis allows to get more information - Stadly - Stepan Anchugov (kix) - François Pluchino (francoispluchino) - - Rokas Mikalkėnas (rokasm) - bronze1man - sun (sun) - Larry Garfield (crell) - Edi Modrić (emodric) - Gocha Ossinkine (ossinkine) - - Roman Martinuk (a2a4) - Leo Feyer (leofeyer) - Nikolay Labinskiy (e-moe) - Martin Schuhfuß (usefulthink) @@ -317,6 +317,7 @@ The Symfony Connect username in parenthesis allows to get more information - Dustin Whittle (dustinwhittle) - jeff - John Kary (johnkary) + - fd6130 (fdtvui) - Justin Hileman (bobthecow) - Blanchon Vincent (blanchonvincent) - Maciej Malarz (malarzm) @@ -330,6 +331,7 @@ The Symfony Connect username in parenthesis allows to get more information - Bastien Jaillot (bastnic) - Rui Marinho (ruimarinho) - Patrick Landolt (scube) + - Michał (bambucha15) - Eugene Wissner - Bohan Yang (brentybh) - Pascal Montoya @@ -362,7 +364,6 @@ The Symfony Connect username in parenthesis allows to get more information - Marcos Sánchez - Elnur Abdurrakhimov (elnur) - Manuel Reinhard (sprain) - - fd6130 (fdtvui) - Harm van Tilborg (hvt) - Danny Berger (dpb587) - Antonio J. García Lagar (ajgarlag) @@ -375,9 +376,9 @@ The Symfony Connect username in parenthesis allows to get more information - Xavier Perez - Arjen Brouwer (arjenjb) - Katsuhiro OGAWA + - Sylvain Fabre (sylfabre) - Patrick McDougle (patrick-mcdougle) - Marc Weistroff (futurecat) - - Michał (bambucha15) - Alif Rachmawadi - Anton Chernikov (anton_ch1989) - Kristen Gilden (kgilden) @@ -387,6 +388,7 @@ The Symfony Connect username in parenthesis allows to get more information - Sullivan SENECHAL (soullivaneuh) - Thomas Bisignani (toma) - Uwe Jäger (uwej711) + - Dāvis Zālītis (k0d3r1s) - Eugene Leonovich (rybakit) - Joseph Rouff (rouffj) - Félix Labrecque (woodspire) @@ -395,11 +397,13 @@ The Symfony Connect username in parenthesis allows to get more information - Jan Sorgalla (jsor) - Ray - Chekote + - Aleksandar Jakovljevic (ajakov) - Thomas Adam - Jhonny Lidfors (jhonne) - Diego Agulló (aeoris) - jdhoek - Thomas Landauer (thomas-landauer) + - Jurica Vlahoviček (vjurica) - Bob den Otter (bopp) - Thomas Schulz (king2500) - Frank de Jonge (frenkynet) @@ -412,6 +416,7 @@ The Symfony Connect username in parenthesis allows to get more information - Dmitriy Mamontov (mamontovdmitriy) - Ben Ramsey (ramsey) - Laurent Masforné (heisenberg) + - Sergey (upyx) - Giorgio Premi - Guillaume (guill) - renanbr @@ -434,7 +439,6 @@ The Symfony Connect username in parenthesis allows to get more information - Soner Sayakci - Peter Kruithof (pkruithof) - Michael Holm (hollo) - - Sylvain Fabre (sylfabre) - Arjen van der Meijden - Markus Fasselt (digilist) - Damien Alexandre (damienalexandre) @@ -452,7 +456,6 @@ The Symfony Connect username in parenthesis allows to get more information - Chris Smith (cs278) - Florian Klein (docteurklein) - W0rma - - Dāvis Zālītis (k0d3r1s) - Manuel Kiessling (manuelkiessling) - Dimitri Gritsajuk (ottaviano) - Alexey Kopytko (sanmai) @@ -497,6 +500,7 @@ The Symfony Connect username in parenthesis allows to get more information - Berny Cantos (xphere81) - Andrii Bodnar - Thierry Thuon (lepiaf) + - Antonio Jose Cerezo (ajcerezo) - Ricard Clau (ricardclau) - Mark Challoner (markchalloner) - Loïc Frémont (loic425) @@ -507,9 +511,9 @@ The Symfony Connect username in parenthesis allows to get more information - Tri Pham (phamuyentri) - Urinbayev Shakhobiddin (shokhaa) - Gennady Telegin (gtelegin) - - Sergey (upyx) - Krystian Marcisz (simivar) - Toni Rudolf (toooni) + - Dalibor Karlović (dkarlovi) - Erin Millard - Artur Melo (restless) - Matthew Lewinski (lewinski) @@ -526,10 +530,12 @@ The Symfony Connect username in parenthesis allows to get more information - Tobias Sjösten (tobiassjosten) - Gyula Sallai (salla) - Benjamin Cremer (bcremer) + - Hendrik Luup (hluup) - Inal DJAFAR (inalgnu) - Christian Gärtner (dagardner) - Dmytro Borysovskyi (dmytr0) - Tomasz Kowalczyk (thunderer) + - Artem Lopata - Artur Eshenbrener - Thomas Perez (scullwm) - Yoann RENARD (yrenard) @@ -585,7 +591,6 @@ The Symfony Connect username in parenthesis allows to get more information - Daniel Beyer - Manuel Alejandro Paz Cetina - Shein Alexey - - Aleksandar Jakovljevic (ajakov) - Jacek Jędrzejewski (jacek.jedrzejewski) - Romain Gautier (mykiwi) - Stefan Kruppa @@ -611,7 +616,6 @@ The Symfony Connect username in parenthesis allows to get more information - Marc Morales Valldepérez (kuert) - Jean-Baptiste GOMOND (mjbgo) - Vadim Kharitonov (virtuozzz) - - Jurica Vlahoviček (vjurica) - Oscar Cubo Medina (ocubom) - Karel Souffriau - Christophe L. (christophelau) @@ -630,7 +634,6 @@ The Symfony Connect username in parenthesis allows to get more information - Alexandru Furculita (afurculita) - Valentin Jonovs (valentins-jonovs) - Bastien DURAND (deamon) - - Antonio Jose Cerezo (ajcerezo) - Jeanmonod David (jeanmonod) - Christin Gruber (christingruber) - Andrey Sevastianov @@ -640,11 +643,11 @@ The Symfony Connect username in parenthesis allows to get more information - Noémi Salaün (noemi-salaun) - Niklas Fiekas - Philippe Segatori - - Dalibor Karlović (dkarlovi) - Markus Bachmann (baachi) - Kévin THERAGE (kevin_therage) - Michel Hunziker - Gunnstein Lye (glye) + - scyzoryck - Matthias Krauser (mkrauser) - Erkhembayar Gantulga (erheme318) - Lorenzo Millucci (lmillucci) @@ -665,14 +668,12 @@ The Symfony Connect username in parenthesis allows to get more information - Stefan Gehrig (sgehrig) - vagrant - Aurimas Niekis (gcds) - - Hendrik Luup (hluup) - EdgarPE - Florian Pfitzer (marmelatze) - Asier Illarramendi (doup) - Martijn Cuppens - Vlad Gregurco (vgregurco) - Boris Vujicic (boris.vujicic) - - Artem Lopata - Chris Sedlmayr (catchamonkey) - Indra Gunawan (indragunawan) - Mathias STRASSER (roukmoute) @@ -703,6 +704,7 @@ The Symfony Connect username in parenthesis allows to get more information - Lukáš Holeczy (holicz) - Erik Saunier (snickers) - franek (franek) + - Jerzy (jlekowski) - Raulnet - Christian Wahler - Dries Vints @@ -770,6 +772,7 @@ The Symfony Connect username in parenthesis allows to get more information - Alex Bacart - mcben - Jérôme Vieilledent (lolautruche) + - Roman Anasal - Maks Slesarenko - Filip Procházka (fprochazka) - mmoreram @@ -808,6 +811,7 @@ The Symfony Connect username in parenthesis allows to get more information - Tom Klingenberg - Gábor Fási - DUPUCH (bdupuch) + - Dadang NH (dadangnh) - Nate (frickenate) - Joachim Løvgaard (loevgaard) - Stefan Kruppa @@ -832,8 +836,10 @@ The Symfony Connect username in parenthesis allows to get more information - Samuele Lilli (doncallisto) - Gawain Lynch (gawain) - Peter Bowyer (pbowyer) + - Wojciech Kania - mmokhi - NothingWeAre + - Andrii Dembitskyi - Ryan - Lctrs - Alexander Deruwe (aderuwe) @@ -857,6 +863,7 @@ The Symfony Connect username in parenthesis allows to get more information - Johnny Robeson (johnny) - Disquedur - Michiel Boeckaert (milio) + - Benjamin Morel - Dmitriy Derepko - Geoffrey Tran (geoff) - Pablo Lozano (arkadis) @@ -992,7 +999,6 @@ The Symfony Connect username in parenthesis allows to get more information - Timothée BARRAY - Nilmar Sanchez Muguercia - Ivo Bathke (ivoba) - - scyzoryck - Ippei SUmida (ippey_s) - David Molineus - Strate @@ -1010,6 +1016,7 @@ The Symfony Connect username in parenthesis allows to get more information - rtek - Benjamin Dos Santos - Jérémy Jarrié (gagnar) + - Adrien Jourdier - Tomas Javaisis - Ivan Grigoriev - Johann Saunier (prophet777) @@ -1019,6 +1026,7 @@ The Symfony Connect username in parenthesis allows to get more information - Michael Devery (mickadoo) - Antoine Corcy - Ahmed Ashraf (ahmedash95) + - Gert Wijnalda (cinamo) - Luca Saba (lucasaba) - maxime.perrimond - Sascha Grossenbacher @@ -1090,7 +1098,6 @@ The Symfony Connect username in parenthesis allows to get more information - Junaid Farooq (junaidfarooq) - Massimiliano Braglia (massimilianobraglia) - Frankie Wittevrongel - - Jerzy (jlekowski) - Richard Quadling - Raphaëll Roussel - Anton Kroshilin @@ -1240,6 +1247,7 @@ The Symfony Connect username in parenthesis allows to get more information - Jake (jakesoft) - Flinsch - Quentin Dreyer + - Bahman Mehrdad (bahman) - Jordan de Laune (jdelaune) - Christopher Hall (mythmakr) - none (nelexa) @@ -1251,6 +1259,7 @@ The Symfony Connect username in parenthesis allows to get more information - Martin Parsiegla (spea) - Bernhard Rusch - bhavin (bhavin4u) + - Mario Ramundo (rammar) - Ivan - Quentin Schuler - Nico Haase @@ -1259,6 +1268,7 @@ The Symfony Connect username in parenthesis allows to get more information - Sofiane HADDAG (sofhad) - frost-nzcr4 - Taylor Otwell + - Shahriar56 - Sami Mussbach - Dhananjay Goratela - Kien Nguyen @@ -1268,17 +1278,18 @@ The Symfony Connect username in parenthesis allows to get more information - Achilles Kaloeridis (achilles) - Adrien Wilmet (adrienfr) - Laurent Bassin (lbassin) + - Mouad ZIANI (mouadziani) - Tomasz Ignatiuk - andrey1s - Abhoryo - Fabian Vogler (fabian) + - Shakhobiddin - Korvin Szanto - Stéphan Kochen - Steven Dubois - Arjan Keeman - siganushka - Alaattin Kahramanlar (alaattin) - - Dadang NH (dadangnh) - Sergey Zolotov (enleur) - Maksim Kotlyar (makasim) - Neil Ferreira @@ -1287,6 +1298,7 @@ The Symfony Connect username in parenthesis allows to get more information - Paul LE CORRE - Loïc Beurlet - Sébastien COURJEAN + - Ana Raro - Daniel Gorgan - Ana Raro - Tony Malzhacker @@ -1295,9 +1307,9 @@ The Symfony Connect username in parenthesis allows to get more information - Cyril Quintin (cyqui) - Cyrille Bourgois (cyrilleb) - Gerard van Helden (drm) + - Ivan Sarastov (isarastov) - Johnny Peck (johnnypeck) - Jordi Sala Morales (jsala) - - Roman Anasal - Ivan Menshykov - David Romaní - Patrick Allaert @@ -1305,7 +1317,6 @@ The Symfony Connect username in parenthesis allows to get more information - Matt Robinson (inanimatt) - Aleksey Podskrebyshev - Calin Mihai Pristavu - - Andrii Dembitskyi - David Marín Carreño (davefx) - Fabien LUCAS (flucas2) - Ondrej Machulda (ondram) @@ -1328,6 +1339,7 @@ The Symfony Connect username in parenthesis allows to get more information - Derek ROTH - Ben Johnson - mweimerskirch + - Andrew Codispoti - Benjamin Franzke - baron (bastien) - Dmytro Boiko (eagle) @@ -1379,7 +1391,6 @@ The Symfony Connect username in parenthesis allows to get more information - Matthew Davis (mdavis1982) - Paulo Ribeiro (paulo) - Markus S. (staabm) - - Benjamin Morel - Maks - Knallcharge - Antoine LA @@ -1467,6 +1478,7 @@ The Symfony Connect username in parenthesis allows to get more information - Mahmoud Mostafa (mahmoud) - Fractal Zombie - Ahmed Abdou + - Khoo Yong Jun - shreyadenny - Daniel Iwaniec - Pieter @@ -1500,6 +1512,7 @@ The Symfony Connect username in parenthesis allows to get more information - Amirreza Shafaat (amirrezashafaat) - Adoni Pavlakis (adoni) - Nicolas Le Goff (nlegoff) + - Alex Hofbauer (alexhofbauer) - Maarten Nusteling (nusje2000) - Ahmed EBEN HASSINE (famas23) - Ben Oman @@ -1777,6 +1790,7 @@ The Symfony Connect username in parenthesis allows to get more information - Jorge Vahldick (jvahldick) - Frederic Godfrin - Paul Matthews + - aim8604 - Jakub Kisielewski - Vacheslav Silyutin - Aleksandr Dankovtsev @@ -1831,6 +1845,7 @@ The Symfony Connect username in parenthesis allows to get more information - Rubén Calvo (rubencm) - Abdul.Mohsen B. A. A - Swen van Zanten + - Agustin Gomes - Benoît Burnichon - pthompson - Malaney J. Hill @@ -1845,6 +1860,7 @@ The Symfony Connect username in parenthesis allows to get more information - Sebastian Göttschkes (sgoettschkes) - Tatsuya Tsuruoka - Ross Tuck + - Oleksiy (alexndlm) - Kévin Gomez (kevin) - Mihai Nica (redecs) - Andrei Igna @@ -1935,7 +1951,9 @@ The Symfony Connect username in parenthesis allows to get more information - Lance McNearney - Volodymyr Kupriienko (greeflas) - Serhiy Lunak (slunak) + - Wojciech Błoszyk (wbloszyk) - Giorgio Premi + - abunch - Sergey Belyshkin - tamcy - Mikko Pesari @@ -1958,6 +1976,7 @@ The Symfony Connect username in parenthesis allows to get more information - Foxprodev - Max Summe - WedgeSama + - Dale.Nash - Felds Liscia - Chihiro Adachi (chihiro-adachi) - Raphaëll Roussel @@ -2030,6 +2049,7 @@ The Symfony Connect username in parenthesis allows to get more information - Alexander Janssen (tnajanssen) - Thomas Chmielowiec (chmielot) - Jānis Lukss + - Julien BERNARD - Michael Zangerle - rkerner - Alex Silcock @@ -2177,6 +2197,7 @@ The Symfony Connect username in parenthesis allows to get more information - Matt Farmer - catch - aetxebeste + - Juga Paazmaya - Alexandre Segura - afaricamp - Josef Cech @@ -2186,11 +2207,12 @@ The Symfony Connect username in parenthesis allows to get more information - Andrii Boiko - Harold Iedema - WaiSkats + - Morimoto Ryosuke - Ikhsan Agustian - Arnau González (arnaugm) - - Bahman Mehrdad (bahman) - Simon Bouland (bouland) - Jibé Barth (jibbarth) + - Jm Aribau (jmaribau) - Matthew Foster (mfoster) - Reyo Stallenberg (reyostallenberg) - Paul Seiffert (seiffert) @@ -2226,6 +2248,7 @@ The Symfony Connect username in parenthesis allows to get more information - Eric Schildkamp - Andreas - Markus + - agaktr - kernig - Thomas Chmielowiec - shdev @@ -2239,6 +2262,7 @@ The Symfony Connect username in parenthesis allows to get more information - Joe Springe - Mickael GOETZ - Maciej Schmidt + - botbotbot - Dennis Væversted - Timon van der Vorm - nuncanada @@ -2255,7 +2279,6 @@ The Symfony Connect username in parenthesis allows to get more information - Mathieu Dewet (mdewet) - Nicolas Tallefourtané (nicolab) - Botond Dani (picur) - - Mario Ramundo (rammar) - Rémi Faivre (rfv) - Thierry Marianne (thierrymarianne) - Nick Stemerdink @@ -2263,6 +2286,7 @@ The Symfony Connect username in parenthesis allows to get more information - jjanvier - Julius Beckmann - Ruben Jansen + - Marc Biorklund - shreypuranik - loru88 - Thibaut Salanon @@ -2291,6 +2315,7 @@ The Symfony Connect username in parenthesis allows to get more information - Yuri Karaban - Johan - Thomas Rothe + - Edwin - Martin - nietonfir - Andriy @@ -2300,21 +2325,26 @@ The Symfony Connect username in parenthesis allows to get more information - Pavel.Batanov - avi123 - Pavel Prischepa + - qzylalala - alsar - downace - Aarón Nieves Fernández - Mike Meier + - Mikolaj Czajkowski - Kirill Saksin - Shiro - Reda DAOUDI - Koalabaerchen - michalmarcinkowski - Warwick + - Jesper Skytte - Chris - Farid Jalilov - Christiaan Wiesenekker - Florent Olivaud + - Sergey Panteleev - JakeFr + - Dmitry Hordinky - Oliver Klee - Simon Sargeant - efeen @@ -2329,20 +2359,22 @@ The Symfony Connect username in parenthesis allows to get more information - kshida - Michał Dąbrowski (defrag) - Aryel Tupinamba (dfkimera) + - Florian Wolfsjaeger (flowolf) - Hans Höchtl (hhoechtl) - Simone Fumagalli (hpatoio) - Brian Graham (incognito) - Kevin Vergauwen (innocenzo) - Alessio Baglio (ioalessio) + - Jawira Portugal (jawira) - Johannes Müller (johmue) - Jordi Llonch (jordillonch) - - Mouad ZIANI (mouadziani) - Nicholas Ruunu (nicholasruunu) - Jeroen van den Nieuwenhuisen (nieuwenhuisen) - Cyril Pascal (paxal) - Cédric Dugat (ph3nol) - Philip Dahlstrøm (phidah) - Milos Colakovic (project2481) + - Raphael de Almeida (raphaeldealmeida) - Rénald Casagraude (rcasagraude) - Robin Duval (robin-duval) - Grinbergs Reinis (shima5) @@ -2446,6 +2478,7 @@ The Symfony Connect username in parenthesis allows to get more information - Darryl Hein (xmmedia) - Sadicov Vladimir (xtech) - Kevin EMO (zarcox) + - Marcel Berteler - sdkawata - Andrzej - Alexander Zogheb @@ -2473,7 +2506,6 @@ The Symfony Connect username in parenthesis allows to get more information - adenkejawen - Florent SEVESTRE (aniki-taicho) - Ari Pringle (apringle) - - Gert Wijnalda (cinamo) - Dan Ordille (dordille) - Jan Eichhorn (exeu) - Grégory Pelletier (ip512) @@ -2493,16 +2525,13 @@ The Symfony Connect username in parenthesis allows to get more information - grifx - Robert Campbell - Matt Lehner - - Shakhobiddin - Helmut Januschka - Hein Zaw Htet™ - Ruben Kruiswijk - Cosmin-Romeo TANASE - - Ana Raro - Michael J - youssef saoubou - Joseph Maarek - - Ivan Sarastov - Alexander Menk - Alex Pods - hadriengem @@ -2517,6 +2546,7 @@ The Symfony Connect username in parenthesis allows to get more information - Matthieu Prat - Grummfy - zors1 + - Peter Simoncic - Paul Le Corre - Noel Light-Hilary - Filipe Guerra @@ -2693,6 +2723,7 @@ The Symfony Connect username in parenthesis allows to get more information - temperatur - misterx - Cas + - arend - Vincent Godé - Dusan Kasan - Michael Steininger @@ -2739,7 +2770,6 @@ The Symfony Connect username in parenthesis allows to get more information - Daniel Bannert - Karim Miladi - Michael Genereux - - Wojciech Kania - patrick-mcdougle - Dariusz Czech - Bruno Baguette @@ -2811,6 +2841,7 @@ The Symfony Connect username in parenthesis allows to get more information - Adam Klvač - Bruno Nogueira Nascimento Wowk - Tomanhez + - satalaondrej - jonmldr - Yevgen Kovalienia - Lebnik @@ -2871,6 +2902,7 @@ The Symfony Connect username in parenthesis allows to get more information - Nicolas - Sergio Santoro - tirnanog06 + - Andrejs Leonovs - phc - Дмитрий Пацура - Signor Pedro @@ -3037,6 +3069,7 @@ The Symfony Connect username in parenthesis allows to get more information - ddegentesh - DSeemiller - Jan Emrich + - Anne-Julia Seitz - Mark Topper - Xavier REN - Zander Baldwin diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php index de19f488454f2..525726b0bd68d 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php @@ -208,6 +208,7 @@ public function addConfiguration(NodeDefinition $node) ->requiresAtLeastOneElement() ->info('An array of properties on your User that are used to sign the remember-me cookie. If any of these change, all existing cookies will become invalid.') ->example(['email', 'password']) + ->defaultValue(['password']) ->end() ->arrayNode('token_provider') ->beforeNormalization() diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php index a5306b6bf1607..f2eebacf2ca3b 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/RememberMeBundle/Security/UserChangingUserProvider.php @@ -21,6 +21,8 @@ class UserChangingUserProvider implements UserProviderInterface { private $inner; + public static $changePassword = false; + public function __construct(InMemoryUserProvider $inner) { $this->inner = $inner; @@ -28,26 +30,31 @@ public function __construct(InMemoryUserProvider $inner) public function loadUserByUsername($username) { - return $this->inner->loadUserByUsername($username); + return $this->changeUser($this->inner->loadUserByUsername($username)); } public function loadUserByIdentifier(string $userIdentifier): UserInterface { - return $this->inner->loadUserByIdentifier($userIdentifier); + return $this->changeUser($this->inner->loadUserByIdentifier($userIdentifier)); } public function refreshUser(UserInterface $user) { - $user = $this->inner->refreshUser($user); - - $alterUser = \Closure::bind(function (InMemoryUser $user) { $user->password = 'foo'; }, null, class_exists(User::class) ? User::class : InMemoryUser::class); - $alterUser($user); - - return $user; + return $this->changeUser($this->inner->refreshUser($user)); } public function supportsClass($class) { return $this->inner->supportsClass($class); } + + private function changeUser(UserInterface $user): UserInterface + { + if (self::$changePassword) { + $alterUser = \Closure::bind(function (InMemoryUser $user) { $user->password = 'changed!'; }, null, class_exists(User::class) ? User::class : InMemoryUser::class); + $alterUser($user); + } + + return $user; + } } diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeTest.php index 7af43e1154a42..c1958c7dee3ff 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeTest.php @@ -11,8 +11,15 @@ namespace Symfony\Bundle\SecurityBundle\Tests\Functional; +use Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\RememberMeBundle\Security\UserChangingUserProvider; + class RememberMeTest extends AbstractWebTestCase { + protected function setUp(): void + { + UserChangingUserProvider::$changePassword = false; + } + /** * @dataProvider provideConfigs */ @@ -51,11 +58,19 @@ public function testUserChangeClearsCookie() $this->assertSame(302, $client->getResponse()->getStatusCode()); $cookieJar = $client->getCookieJar(); - $this->assertNotNull($cookieJar->get('REMEMBERME')); + $this->assertNotNull($cookie = $cookieJar->get('REMEMBERME')); + + UserChangingUserProvider::$changePassword = true; + // change password (through user provider), this deauthenticates the session $client->request('GET', '/profile'); $this->assertRedirect($client->getResponse(), '/login'); $this->assertNull($cookieJar->get('REMEMBERME')); + + // restore the old remember me cookie, it should no longer be valid + $cookieJar->set($cookie); + $client->request('GET', '/profile'); + $this->assertRedirect($client->getResponse(), '/login'); } public function testSessionLessRememberMeLogout() @@ -121,11 +136,19 @@ public function testLegacyUserChangeClearsCookie() $this->assertSame(302, $client->getResponse()->getStatusCode()); $cookieJar = $client->getCookieJar(); - $this->assertNotNull($cookieJar->get('REMEMBERME')); + $this->assertNotNull($cookie = $cookieJar->get('REMEMBERME')); + + UserChangingUserProvider::$changePassword = true; + // change password (through user provider), this deauthenticates the session $client->request('GET', '/profile'); $this->assertRedirect($client->getResponse(), '/login'); $this->assertNull($cookieJar->get('REMEMBERME')); + + // restore the old remember me cookie, it should no longer be valid + $cookieJar->set($cookie); + $client->request('GET', '/profile'); + $this->assertRedirect($client->getResponse(), '/login'); } /** diff --git a/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php b/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php index 7bb16573db32f..b020ddc9f43a8 100644 --- a/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php +++ b/src/Symfony/Component/Cache/Tests/Adapter/RedisAdapterTest.php @@ -96,6 +96,7 @@ public function provideFailedCreateConnection(): array ['redis://localhost:1234'], ['redis://foo@localhost'], ['redis://localhost/123'], + ['redis:///some/local/path'], ]; } diff --git a/src/Symfony/Component/Cache/Traits/RedisTrait.php b/src/Symfony/Component/Cache/Traits/RedisTrait.php index 4f05dbda934a2..d8747f5e08ca9 100644 --- a/src/Symfony/Component/Cache/Traits/RedisTrait.php +++ b/src/Symfony/Component/Cache/Traits/RedisTrait.php @@ -151,7 +151,7 @@ public static function createConnection(string $dsn, array $options = []) if (preg_match('#/(\d+)$#', $params['path'], $m)) { $params['dbindex'] = $m[1]; $params['path'] = substr($params['path'], 0, -\strlen($m[0])); - } else { + } elseif (isset($params['host'])) { throw new InvalidArgumentException(sprintf('Invalid Redis DSN: "%s", the "dbindex" parameter must be a number.', $dsn)); } } diff --git a/src/Symfony/Component/HttpKernel/HttpCache/SubRequestHandler.php b/src/Symfony/Component/HttpKernel/HttpCache/SubRequestHandler.php index 294b964acc670..fab8fa690ce62 100644 --- a/src/Symfony/Component/HttpKernel/HttpCache/SubRequestHandler.php +++ b/src/Symfony/Component/HttpKernel/HttpCache/SubRequestHandler.php @@ -38,6 +38,7 @@ public static function handle(HttpKernelInterface $kernel, Request $request, int 'X_FORWARDED_HOST' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_HOST, 'X_FORWARDED_PROTO' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PROTO, 'X_FORWARDED_PORT' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PORT, + 'X_FORWARDED_PREFIX' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PREFIX, ]; foreach (array_filter($trustedHeaders) as $name => $key) { $request->headers->remove($name); diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index 0fe69a5e48a4c..ec7d23f26d94b 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -75,11 +75,11 @@ abstract class Kernel implements KernelInterface, RebootableInterface, Terminabl private static $freshCache = []; - public const VERSION = '5.3.11'; - public const VERSION_ID = 50311; + public const VERSION = '5.3.12'; + public const VERSION_ID = 50312; public const MAJOR_VERSION = 5; public const MINOR_VERSION = 3; - public const RELEASE_VERSION = 11; + public const RELEASE_VERSION = 12; public const EXTRA_VERSION = ''; public const END_OF_MAINTENANCE = '01/2022'; diff --git a/src/Symfony/Component/HttpKernel/Tests/HttpCache/SubRequestHandlerTest.php b/src/Symfony/Component/HttpKernel/Tests/HttpCache/SubRequestHandlerTest.php index 7ab9b6c45f037..f17abb20281f3 100644 --- a/src/Symfony/Component/HttpKernel/Tests/HttpCache/SubRequestHandlerTest.php +++ b/src/Symfony/Component/HttpKernel/Tests/HttpCache/SubRequestHandlerTest.php @@ -42,6 +42,7 @@ public function testTrustedHeadersAreKept() $request->headers->set('X-Forwarded-Host', 'Good'); $request->headers->set('X-Forwarded-Port', '1234'); $request->headers->set('X-Forwarded-Proto', 'https'); + $request->headers->set('X-Forwarded-Prefix', '/admin'); $kernel = new TestSubRequestHandlerKernel(function ($request, $type, $catch) { $this->assertSame('127.0.0.1', $request->server->get('REMOTE_ADDR')); @@ -49,6 +50,7 @@ public function testTrustedHeadersAreKept() $this->assertSame('Good', $request->headers->get('X-Forwarded-Host')); $this->assertSame('1234', $request->headers->get('X-Forwarded-Port')); $this->assertSame('https', $request->headers->get('X-Forwarded-Proto')); + $this->assertSame('/admin', $request->headers->get('X-Forwarded-Prefix')); }); SubRequestHandler::handle($kernel, $request, HttpKernelInterface::MAIN_REQUEST, true); @@ -64,6 +66,7 @@ public function testUntrustedHeadersAreRemoved() $request->headers->set('X-Forwarded-Host', 'Evil'); $request->headers->set('X-Forwarded-Port', '1234'); $request->headers->set('X-Forwarded-Proto', 'http'); + $request->headers->set('X-Forwarded-Prefix', '/admin'); $request->headers->set('Forwarded', 'Evil2'); $kernel = new TestSubRequestHandlerKernel(function ($request, $type, $catch) { @@ -72,6 +75,7 @@ public function testUntrustedHeadersAreRemoved() $this->assertFalse($request->headers->has('X-Forwarded-Host')); $this->assertFalse($request->headers->has('X-Forwarded-Port')); $this->assertFalse($request->headers->has('X-Forwarded-Proto')); + $this->assertFalse($request->headers->has('X-Forwarded-Prefix')); $this->assertSame('for="10.0.0.1";host="localhost";proto=http', $request->headers->get('Forwarded')); }); @@ -112,12 +116,14 @@ public function testTrustedXForwardedForHeader() $request->headers->set('X-Forwarded-For', '10.0.0.2'); $request->headers->set('X-Forwarded-Host', 'foo.bar'); $request->headers->set('X-Forwarded-Proto', 'https'); + $request->headers->set('X-Forwarded-Prefix', '/admin'); $kernel = new TestSubRequestHandlerKernel(function ($request, $type, $catch) { $this->assertSame('127.0.0.1', $request->server->get('REMOTE_ADDR')); $this->assertSame('10.0.0.2', $request->getClientIp()); $this->assertSame('foo.bar', $request->getHttpHost()); $this->assertSame('https', $request->getScheme()); + $this->assertSame('/admin', $request->getBaseUrl()); }); SubRequestHandler::handle($kernel, $request, HttpKernelInterface::MAIN_REQUEST, true); diff --git a/src/Symfony/Component/Ldap/Tests/Security/CheckLdapCredentialsListenerTest.php b/src/Symfony/Component/Ldap/Tests/Security/CheckLdapCredentialsListenerTest.php index 3d5475d20039e..9a879c22490ef 100644 --- a/src/Symfony/Component/Ldap/Tests/Security/CheckLdapCredentialsListenerTest.php +++ b/src/Symfony/Component/Ldap/Tests/Security/CheckLdapCredentialsListenerTest.php @@ -41,6 +41,10 @@ class CheckLdapCredentialsListenerTest extends TestCase protected function setUp(): void { + if (!interface_exists(AuthenticatorInterface::class)) { + $this->markTestSkipped('This test requires symfony/security-http:^5.1'); + } + $this->ldap = $this->createMock(LdapInterface::class); } @@ -57,6 +61,10 @@ public function testShouldNotCheckPassport($authenticator, $passport) public function provideShouldNotCheckPassport() { + if (!interface_exists(AuthenticatorInterface::class)) { + $this->markTestSkipped('This test requires symfony/security-http:^5.1'); + } + // no LdapBadge yield [new TestAuthenticator(), new Passport(new UserBadge('test'), new PasswordCredentials('s3cret'))]; @@ -102,6 +110,10 @@ public function testWrongPassport($passport) public function provideWrongPassportData() { + if (!interface_exists(AuthenticatorInterface::class)) { + $this->markTestSkipped('This test requires symfony/security-http:^5.1'); + } + // no password credentials yield [new SelfValidatingPassport(new UserBadge('test'), [new LdapBadge('app.ldap')])]; @@ -194,25 +206,27 @@ private function createListener() } } -class TestAuthenticator implements AuthenticatorInterface -{ - public function supports(Request $request): ?bool +if (interface_exists(AuthenticatorInterface::class)) { + class TestAuthenticator implements AuthenticatorInterface { - } + public function supports(Request $request): ?bool + { + } - public function authenticate(Request $request): PassportInterface - { - } + public function authenticate(Request $request): PassportInterface + { + } - public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface - { - } + public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface + { + } - public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response - { - } + public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response + { + } - public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response - { + public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response + { + } } } diff --git a/src/Symfony/Component/Ldap/composer.json b/src/Symfony/Component/Ldap/composer.json index 0468e28efbce1..dc6b0a5d5a796 100644 --- a/src/Symfony/Component/Ldap/composer.json +++ b/src/Symfony/Component/Ldap/composer.json @@ -22,13 +22,11 @@ "ext-ldap": "*" }, "require-dev": { - "symfony/security-core": "^5.3", - "symfony/security-http": "^5.2" + "symfony/security-core": "^5.3" }, "conflict": { "symfony/options-resolver": "<4.4", - "symfony/security-core": "<5.3", - "symfony/security-http": "<5.2" + "symfony/security-core": "<5.3" }, "autoload": { "psr-4": { "Symfony\\Component\\Ldap\\": "" }, diff --git a/src/Symfony/Component/Process/Process.php b/src/Symfony/Component/Process/Process.php index 27641e20a77f0..bd78d1fdbec01 100644 --- a/src/Symfony/Component/Process/Process.php +++ b/src/Symfony/Component/Process/Process.php @@ -338,7 +338,7 @@ public function start(callable $callback = null, array $env = []) $envPairs = []; foreach ($env as $k => $v) { - if (false !== $v) { + if (false !== $v && 'argc' !== $k && 'argv' !== $k) { $envPairs[] = $k.'='.$v; } } @@ -1141,25 +1141,12 @@ public function getEnv() /** * Sets the environment variables. * - * Each environment variable value should be a string. - * If it is an array, the variable is ignored. - * If it is false or null, it will be removed when - * env vars are otherwise inherited. - * - * That happens in PHP when 'argv' is registered into - * the $_ENV array for instance. - * - * @param array $env The new environment variables + * @param array $env The new environment variables * * @return $this */ public function setEnv(array $env) { - // Process can not handle env values that are arrays - $env = array_filter($env, function ($value) { - return !\is_array($value); - }); - $this->env = $env; return $this; @@ -1662,12 +1649,6 @@ private function getDefaultEnv(): array $env = getenv(); $env = array_intersect_key($env, $_SERVER) ?: $env; - foreach ($_ENV as $k => $v) { - if (\is_string($v)) { - $env[$k] = $v; - } - } - - return $env; + return $_ENV + $env; } } diff --git a/src/Symfony/Component/Serializer/Encoder/CsvEncoder.php b/src/Symfony/Component/Serializer/Encoder/CsvEncoder.php index 4afa17184ae9e..747178953feeb 100644 --- a/src/Symfony/Component/Serializer/Encoder/CsvEncoder.php +++ b/src/Symfony/Component/Serializer/Encoder/CsvEncoder.php @@ -36,7 +36,8 @@ class CsvEncoder implements EncoderInterface, DecoderInterface private const UTF8_BOM = "\xEF\xBB\xBF"; - private $formulasStartCharacters = ['=', '-', '+', '@']; + private const FORMULAS_START_CHARACTERS = ['=', '-', '+', '@', "\t", "\r"]; + private $defaultContext = [ self::DELIMITER_KEY => ',', self::ENCLOSURE_KEY => '"', @@ -227,8 +228,8 @@ private function flatten(iterable $array, array &$result, string $keySeparator, if (is_iterable($value)) { $this->flatten($value, $result, $keySeparator, $parentKey.$key.$keySeparator, $escapeFormulas); } else { - if ($escapeFormulas && \in_array(substr((string) $value, 0, 1), $this->formulasStartCharacters, true)) { - $result[$parentKey.$key] = "\t".$value; + if ($escapeFormulas && \in_array(substr((string) $value, 0, 1), self::FORMULAS_START_CHARACTERS, true)) { + $result[$parentKey.$key] = "'".$value; } else { // Ensures an actual value is used when dealing with true and false $result[$parentKey.$key] = false === $value ? 0 : (true === $value ? 1 : $value); diff --git a/src/Symfony/Component/Serializer/Tests/Encoder/CsvEncoderTest.php b/src/Symfony/Component/Serializer/Tests/Encoder/CsvEncoderTest.php index c71a173d42b61..b28667b2e19d4 100644 --- a/src/Symfony/Component/Serializer/Tests/Encoder/CsvEncoderTest.php +++ b/src/Symfony/Component/Serializer/Tests/Encoder/CsvEncoderTest.php @@ -257,31 +257,52 @@ public function testEncodeFormulas() $this->assertSame(<<<'CSV' 0 -" =2+3" +'=2+3 CSV , $this->encoder->encode(['=2+3'], 'csv')); $this->assertSame(<<<'CSV' 0 -" -2+3" +'-2+3 CSV , $this->encoder->encode(['-2+3'], 'csv')); $this->assertSame(<<<'CSV' 0 -" +2+3" +'+2+3 CSV , $this->encoder->encode(['+2+3'], 'csv')); $this->assertSame(<<<'CSV' 0 -" @MyDataColumn" +'@MyDataColumn CSV , $this->encoder->encode(['@MyDataColumn'], 'csv')); + + $this->assertSame(<<<'CSV' +0 +"' tab" + +CSV + , $this->encoder->encode(["\ttab"], 'csv')); + + $this->assertSame(<<<'CSV' +0 +"'=1+2"";=1+2" + +CSV + , $this->encoder->encode(['=1+2";=1+2'], 'csv')); + + $this->assertSame(<<<'CSV' +0 +"'=1+2'"" ;,=1+2" + +CSV + , $this->encoder->encode(['=1+2\'" ;,=1+2'], 'csv')); } public function testDoNotEncodeFormulas() @@ -313,13 +334,34 @@ public function testDoNotEncodeFormulas() CSV , $this->encoder->encode(['@MyDataColumn'], 'csv')); + + $this->assertSame(<<<'CSV' +0 +" tab" + +CSV + , $this->encoder->encode(["\ttab"], 'csv')); + + $this->assertSame(<<<'CSV' +0 +"=1+2"";=1+2" + +CSV + , $this->encoder->encode(['=1+2";=1+2'], 'csv')); + + $this->assertSame(<<<'CSV' +0 +"=1+2'"" ;,=1+2" + +CSV + , $this->encoder->encode(['=1+2\'" ;,=1+2'], 'csv')); } public function testEncodeFormulasWithSettingsPassedInContext() { $this->assertSame(<<<'CSV' 0 -" =2+3" +'=2+3 CSV , $this->encoder->encode(['=2+3'], 'csv', [ @@ -328,7 +370,7 @@ public function testEncodeFormulasWithSettingsPassedInContext() $this->assertSame(<<<'CSV' 0 -" -2+3" +'-2+3 CSV , $this->encoder->encode(['-2+3'], 'csv', [ @@ -337,7 +379,7 @@ public function testEncodeFormulasWithSettingsPassedInContext() $this->assertSame(<<<'CSV' 0 -" +2+3" +'+2+3 CSV , $this->encoder->encode(['+2+3'], 'csv', [ @@ -346,12 +388,39 @@ public function testEncodeFormulasWithSettingsPassedInContext() $this->assertSame(<<<'CSV' 0 -" @MyDataColumn" +'@MyDataColumn CSV , $this->encoder->encode(['@MyDataColumn'], 'csv', [ CsvEncoder::ESCAPE_FORMULAS_KEY => true, ])); + + $this->assertSame(<<<'CSV' +0 +"' tab" + +CSV + , $this->encoder->encode(["\ttab"], 'csv', [ + CsvEncoder::ESCAPE_FORMULAS_KEY => true, + ])); + + $this->assertSame(<<<'CSV' +0 +"'=1+2"";=1+2" + +CSV + , $this->encoder->encode(['=1+2";=1+2'], 'csv', [ + CsvEncoder::ESCAPE_FORMULAS_KEY => true, + ])); + + $this->assertSame(<<<'CSV' +0 +"'=1+2'"" ;,=1+2" + +CSV + , $this->encoder->encode(['=1+2\'" ;,=1+2'], 'csv', [ + CsvEncoder::ESCAPE_FORMULAS_KEY => true, + ])); } public function testEncodeWithoutHeader() diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.cs.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.cs.xlf index b341436bc5e18..75410192190ef 100644 --- a/src/Symfony/Component/Validator/Resources/translations/validators.cs.xlf +++ b/src/Symfony/Component/Validator/Resources/translations/validators.cs.xlf @@ -394,6 +394,14 @@ This value is not a valid CSS color. Tato hodnota není platná barva CSS. + + This value is not a valid CIDR notation. + Tato hodnota není platná notace CIDR. + + + The value of the netmask should be between {{ min }} and {{ max }}. + Hodnota masky sítě musí být mezi {{ min }} a {{ max }}. +