Skip to content

Add extension requirements #60386

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 801 commits into from
Closed

Add extension requirements #60386

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
801 commits
Select commit Hold shift + click to select a range
930bcf7
feature #60020 [FrameworkBundle] Make `ServicesResetter` autowirable …
nicolas-grekas Mar 21, 2025
baf2067
minor #60017 [MonologBridge] Implement `ResettableInterface` on `Proc…
nicolas-grekas Mar 21, 2025
e36fe60
[DependencyInjection] Enable multiple attribute autoconfiguration cal…
GromNaN Mar 18, 2025
caa6d0e
feature #60011 [DependencyInjection] Enable multiple attribute autoco…
nicolas-grekas Mar 21, 2025
fd38014
minor #59999 [FrameworkBundle] fix compatibility with DependencyInjec…
nicolas-grekas Mar 21, 2025
335bdbe
[Config] Make ifFalse() consistent between value and closure based ch…
arjenm Mar 17, 2025
4c672ef
minor #59995 [Config] Make ifFalse() consistent between value and clo…
nicolas-grekas Mar 21, 2025
146c128
feature #54545 [DoctrineBridge] Add argument to `EntityValueResolver`…
nicolas-grekas Mar 22, 2025
f819aed
[PropertyInfo] Deprecate Type
mtarld Feb 26, 2025
a00855a
[VarExporter] Leverage native lazy objects
nicolas-grekas Feb 28, 2025
4bcf132
feature #59890 [VarExporter] Leverage native lazy objects (nicolas-gr…
nicolas-grekas Mar 22, 2025
4d2ccf4
Fix md formatting
chalasr Mar 22, 2025
2468bae
feature #59902 [PropertyInfo] Deprecate `Type` (mtarld, chalasr)
chalasr Mar 22, 2025
e9c6056
[DoctrineBridge] Strengthen EM reset logic
nicolas-grekas Mar 23, 2025
901d933
minor #60021 [DoctrineBridge] Strengthen EM reset logic (nicolas-grekas)
nicolas-grekas Mar 23, 2025
6ef1ab4
feature #59813 [Cache] Enable namespace-based invalidation by prefixi…
nicolas-grekas Mar 23, 2025
5595a32
Add support for invokable commands in LockableTrait
yceruto Mar 23, 2025
cf5b2f0
feature #60024 [Console] Add support for invokable commands in `Locka…
fabpot Mar 24, 2025
1924719
[Messenger] Add `--class-filter` option to the `messenger:failed:remo…
arnaud-deabreu Mar 14, 2025
322995c
feature #59978 [Messenger] Add `--class-filter` option to the `messen…
fabpot Mar 24, 2025
4e2c638
[Routing] Add alias in `{foo:bar}` syntax in route parameter
eltharin Mar 3, 2025
6f598f9
feature #59904 [Routing] Add alias in `{foo:bar}` syntax in route par…
fabpot Mar 24, 2025
c61752e
[DoctrineBridge] add new `DatePointType` Doctrine type
garak Mar 3, 2025
6872336
feature #59900 [DoctrineBridge] add new `DatePointType` Doctrine type…
fabpot Mar 24, 2025
65c7e13
[TypeInfo] Add `Type::traverse()` method
mtarld Feb 24, 2025
640e7a4
[Security] Add methods param in IsCsrfTokenValid attribute
Oviglo Mar 20, 2025
1492e46
feature #60007 [Security] Add methods param in IsCsrfTokenValid attri…
nicolas-grekas Mar 24, 2025
0ec778b
fix test
xabbuh Mar 24, 2025
f876a66
minor #60027 [Messenger] fix test (xabbuh)
xabbuh Mar 24, 2025
742a863
[FrameworkBundle][HttpKernel] Allow configuring the logging channel p…
Arkalo2 Mar 22, 2025
4fb2615
feature #57309 [FrameworkBundle][HttpKernel] Allow configuring the lo…
nicolas-grekas Mar 24, 2025
3f99b03
[ObjectMapper] Object to Object mapper component
soyuka Sep 25, 2023
21b4dd7
feature #51741 [ObjectMapper] Object to Object mapper component (soyuka)
fabpot Mar 24, 2025
133d2b0
[FrameworkBundle] Object Mapper component bindings
soyuka Oct 24, 2024
e2d9c52
[ObjectMapper] CS fixes
OskarStark Mar 24, 2025
df25ca7
[Mailer][Mailomat] remove `void` from test
OskarStark Mar 25, 2025
8531d2a
minor #60035 [Mailer] [Mailomat] remove `void` from test (OskarStark)
GromNaN Mar 25, 2025
f803dc1
minor #60031 [ObjectMapper] CS fixes (OskarStark)
GromNaN Mar 25, 2025
fded1eb
[TypeInfo] Add `ArrayShapeType::$extraKeyType` and `ArrayShapeType::$…
mtarld Mar 14, 2025
452ad95
feature #59981 [TypeInfo] Add `ArrayShapeType::$sealed` (mtarld)
fabpot Mar 26, 2025
7100c7b
feature #59831 [Mailer][Mime] Refactor S/MIME encryption handling in …
fabpot Mar 26, 2025
f7aae0b
bug #59646 [JsonStreamer] Max depth handling and JSON errors (mtarld)
fabpot Mar 26, 2025
c8780d1
[TwigBundle] Enable `#[AsTwigFilter]`, `#[AsTwigFunction]` and `#[AsT…
GromNaN Nov 27, 2024
0b026f9
feature #52748 [TwigBundle] Enable `#[AsTwigFilter]`, `#[AsTwigFuncti…
fabpot Mar 26, 2025
de86b5c
[Messenger] Use newer version of Beanstalkd bridge library
HypeMC Mar 25, 2025
e282c2f
feature #60040 [Messenger] Use newer version of Beanstalkd bridge lib…
fabpot Mar 26, 2025
97eb49b
[Mailer][TwigBridge] Add support for translatable subject
norkunas Mar 13, 2025
d93dc9c
feature #58654 [FrameworkBundle] Binding for Object Mapper component …
fabpot Mar 26, 2025
f79ae58
[FrameworkBundle] Add missing line in CHANGELOG
fabpot Mar 26, 2025
fcdc0cf
feature #59967 [Mailer][TwigBridge] Add support for translatable subj…
fabpot Mar 26, 2025
e2eab14
fix typo in expected exception message
xabbuh Mar 26, 2025
12c73a1
minor #60045 [TypeInfo] fix typo in expected exception message (xabbuh)
xabbuh Mar 26, 2025
f67a1ce
Merge branch '7.2' into 7.3
alexandre-daubois Mar 26, 2025
6ce7ec5
fix compatibility with TwigBridge < 7.3
xabbuh Mar 26, 2025
b5b0cbf
minor #60047 [Mailer] fix compatibility with TwigBridge < 7.3 (xabbuh)
fabpot Mar 26, 2025
dc3b88a
require phpstan/phpdoc-parser to fully support sealed array shapes
xabbuh Mar 26, 2025
e51607b
Revert "fix compatibility with TwigBridge < 7.3"
kbond Mar 26, 2025
f638a6a
Revert "[Mailer][TwigBridge] Add support for translatable subject"
kbond Mar 26, 2025
41cc1d6
code review
kbond Mar 26, 2025
d9e5036
feature #60052 [Mailer][TwigBridge] Revert "Add support for translata…
fabpot Mar 26, 2025
8f4bb30
[Validator] Don't skip `WhenTest` case after fix merge in `php-src`
alexandre-daubois Mar 27, 2025
f1e169e
minor #60046 [TypeInfo] require `phpstan/phpdoc-parser` to fully supp…
xabbuh Mar 27, 2025
c0b7ecf
[ObjectMapper] rename variable $object to $source
soyuka Mar 28, 2025
8370ad6
minor #60068 [ObjectMapper] rename variable $object to $source (soyuka)
fabpot Mar 28, 2025
2f60031
[Messenger] [Amqp] Add default exchange support
ilyachase Mar 11, 2024
23e2230
feature #54275 [Messenger] [Amqp] Add default exchange support (ilyac…
fabpot Mar 28, 2025
89eeaee
Add the twig constraint and its validator
sfmok Nov 10, 2024
6ae4c85
feature #58805 [TwigBridge][Validator] Add the Twig constraint and it…
fabpot Mar 28, 2025
c40d3b4
[TwigBridge] Fix `TwigValidatorTest` expectation
alexandre-daubois Mar 28, 2025
82cf90a
minor #60070 [TwigBridge] Fix `TwigValidatorTest` expectation (alexan…
fabpot Mar 28, 2025
f34f4c4
[JsonPath] Add the component as experimental
alexandre-daubois Jan 28, 2025
38e0df1
feature #59655 [JsonPath] Add the component (alexandre-daubois)
fabpot Mar 28, 2025
b37086d
Merge branch '7.2' into 7.3
fabpot Mar 28, 2025
e5cc3d4
[JsonPath] Fix error message when evaluating a resource
alexandre-daubois Mar 28, 2025
681d4e7
minor #60072 [JsonPath] Fix error message when evaluating a resource …
fabpot Mar 28, 2025
79ea49c
Merge branch '7.2' into 7.3
fabpot Mar 28, 2025
3975043
Remove always-true condition
GromNaN Mar 28, 2025
d442a43
minor #60079 [HttpKernel] Remove always-true condition on existence o…
GromNaN Mar 28, 2025
787d60a
Deprecate returning a non-integer value from a `\Closure` function se…
yceruto Mar 28, 2025
f6b63a2
feature #60076 [Console] Deprecate returning a non-int value from a `…
fabpot Mar 29, 2025
2e59467
Enable controller service with #[Route] attribute instead of #[AsCont…
GromNaN Mar 28, 2025
981b556
feature #60081 [FrameworkBundle] Enable controller service with `#[Ro…
fabpot Mar 29, 2025
2d86ff1
[TwigBridge] Collect all deprecations with `lint:twig` command
Fan2Shrek Mar 25, 2025
2f9677b
feature #60039 [TwigBridge] Collect all deprecations with `lint:twig`…
fabpot Mar 29, 2025
06ed516
[WebProfilerBundle] Update the logic that minimizes the toolbar
javiereguiluz Sep 24, 2024
cca60b4
feature #58380 [WebProfilerBundle] Update the logic that minimizes th…
fabpot Mar 29, 2025
006ea39
[Notifier] Deprecate sms77 Notifier bridge
MrYamous Sep 8, 2024
764fe52
feature #58200 [Notifier] Deprecate sms77 Notifier bridge (MrYamous)
fabpot Mar 29, 2025
1742f67
Add stamps to handle trait
alexander-schranz Dec 13, 2024
c6baf1b
feature #42124 [Messenger] Add `$stamps` parameter to `HandleTrait::h…
chalasr Mar 29, 2025
c142673
[ObjectMapper] mapping on target (reverse-side mapping)
soyuka Mar 28, 2025
091ae5b
minor #60061 [Validator] Don't skip `WhenTest` case after fix merge i…
nicolas-grekas Mar 30, 2025
8b4d5a2
add TypeFactoryTrait::arrayKey()
xabbuh Mar 30, 2025
4ca9c2d
feature #60087 [TypeInfo] add TypeFactoryTrait::arrayKey() (xabbuh)
GromNaN Mar 31, 2025
561d4a0
Merge branch '7.2' into 7.3
xabbuh Mar 31, 2025
fe4a9ea
Merge branch '7.2' into 7.3
nicolas-grekas Mar 31, 2025
682f453
[DoctrineBridge] Adjust non-legacy tests
nicolas-grekas Mar 30, 2025
ab46732
minor #60086 [DoctrineBridge] Adjust non-legacy tests (nicolas-grekas)
nicolas-grekas Mar 31, 2025
4ae07d6
[FrameworkBundle] Exclude validator constrains, attributes, enums fro…
nicolas-grekas Mar 31, 2025
85e922a
minor #60095 [FrameworkBundle] Exclude validator constraints, attribu…
nicolas-grekas Mar 31, 2025
408d09a
[FrameworkBundle] Deprecate setting the `collect_serializer_data` to …
mtarld Mar 28, 2025
58a14ab
feature #60069 [FrameworkBundle] Deprecate setting the `collect_seria…
nicolas-grekas Mar 31, 2025
9689e5e
[FrameworkBundle][RateLimiter] default `lock_factory` to `auto`
kbond Mar 31, 2025
1db80a5
[Console] Mark `AsCommand` attribute as `@final`
Somrlik Mar 28, 2025
1a8b82e
feature #60103 [Console] Mark `AsCommand` attribute as ``@final`` (So…
GromNaN Apr 1, 2025
fe14dc1
Improve exception message when `EntityValueResolver` gets no mapping …
MatTheCat Apr 1, 2025
110762f
feature #60112 [DoctrineBridge] Improve exception message when `Entit…
fabpot Apr 2, 2025
7a24bdc
bug #60073 mapping on target (reverse-side mapping) (soyuka)
fabpot Apr 2, 2025
59d8c63
feature #60099 [FrameworkBundle][RateLimiter] default `lock_factory` …
fabpot Apr 3, 2025
3c7fce2
[Config] Add `NodeDefinition::docUrl()`
alexandre-daubois Feb 12, 2025
2795d95
feature #59762 [Config] Add `NodeDefinition::docUrl()` (alexandre-dau…
fabpot Apr 4, 2025
0e8f8e4
make data providers static
xabbuh Apr 4, 2025
d54febf
Notifier mercure7.3
ernie76 Apr 2, 2025
8a84530
feature #60140 Notifier mercure7.3 (ernie76)
fabpot Apr 4, 2025
b5f7d94
minor #60143 [JsonPath] make data providers static (xabbuh)
fabpot Apr 4, 2025
649a641
make data provider static
xabbuh Apr 4, 2025
059e483
Merge branch '7.2' into 7.3
alexandre-daubois Apr 4, 2025
ee1d4ca
minor #60144 [Yaml] make data provider static (xabbuh)
fabpot Apr 4, 2025
17445a3
Merge branch '7.2' into 7.3
fabpot Apr 4, 2025
bbba700
Remove non-final readonly classes
nicolas-grekas Apr 4, 2025
8a53fae
replace expectDeprecation() with expectUserDeprecationMessage()
xabbuh Apr 4, 2025
b2a5efa
let the data provider key match the test method argument names
xabbuh Apr 4, 2025
22d505a
[Runtime] Support extra dot-env files
natepage Apr 4, 2025
7af915c
feature #60139 [Runtime] Support extra dot-env files (natepage)
fabpot Apr 6, 2025
8e35dd2
minor #60149 replace expectDeprecation() with expectUserDeprecationMe…
fabpot Apr 6, 2025
1d2d181
minor #60150 [Notifier] let the data provider key match the test meth…
fabpot Apr 6, 2025
46bd34c
minor #60148 Remove non-final readonly classes (nicolas-grekas)
fabpot Apr 6, 2025
f328d6a
choose the correctly cased class name for the SQLite platform
xabbuh Apr 4, 2025
160529b
minor #60159 choose the correctly cased class name for the SQLite pla…
fabpot Apr 7, 2025
567064e
declare the required extension
xabbuh Apr 6, 2025
240b66b
minor #60161 [SecurityBundle] declare the required extension (xabbuh)
nicolas-grekas Apr 7, 2025
f047c9a
Merge branch '7.2' into 7.3
xabbuh Apr 7, 2025
a9f8369
Merge branch '7.2' into 7.3
xabbuh Apr 7, 2025
f3b6cd5
skip tests if OpenSSL is unable to generate tokens
xabbuh Apr 7, 2025
fefa9b4
minor #60169 [SecurityBundle] skip tests if OpenSSL is unable to gene…
nicolas-grekas Apr 7, 2025
b102b51
[HttpFoundation] Follow language preferences more accurately in `getP…
chillbram Apr 3, 2025
aad2b51
minor #60136 [HttpFoundation] Follow language preferences more accura…
nicolas-grekas Apr 7, 2025
c252578
Merge branch '7.2' into 7.3
alexandre-daubois Apr 8, 2025
e4aa3a5
[FrameworkBundle][RateLimiter] deprecate `RateLimiterFactory` alias
kbond Apr 7, 2025
8e0d7dd
feature #60171 [FrameworkBundle][RateLimiter] deprecate `RateLimiterF…
nicolas-grekas Apr 8, 2025
ee2a127
[FrameworkBundle][RateLimiter] compound rate limiter config
kbond Apr 5, 2025
549126b
feature #60155 [FrameworkBundle][RateLimiter] compound rate limiter c…
nicolas-grekas Apr 8, 2025
8b44a51
Merge branch '7.2' into 7.3
nicolas-grekas Apr 8, 2025
8d4ed97
Merge branch '7.2' into 7.3
xabbuh Apr 8, 2025
1718d48
add PHP version and extension that are required to run tests
xabbuh Apr 8, 2025
8d1d108
minor #60175 [Serializer] add PHP version and extension that are requ…
nicolas-grekas Apr 8, 2025
a8d6a36
Merge branch '7.2' into 7.3
nicolas-grekas Apr 8, 2025
896ab90
[Messenger] Reset peak memory usage for each message
TimWolla Mar 19, 2025
99881e6
feature #60018 [Messenger] Reset peak memory usage for each message (…
nicolas-grekas Apr 8, 2025
875a466
CS fix
nicolas-grekas Apr 8, 2025
3ec30b6
Merge branch '7.2' into 7.3
nicolas-grekas Apr 8, 2025
f7991df
Merge branch '7.2' into 7.3
nicolas-grekas Apr 9, 2025
5b65bd3
Merge branch '7.2' into 7.3
xabbuh Apr 9, 2025
afe0aee
remove service if its class does not exist
xabbuh Apr 9, 2025
79fa5f2
bug #60185 [FrameworkBundle] remove service if its class does not exi…
nicolas-grekas Apr 9, 2025
3bc3559
[JsonPath][DX] Add utils methods to `JsonPath` builder
alexandre-daubois Apr 9, 2025
c16162f
feature #60188 [JsonPath] Add two utils methods to `JsonPath` builder…
GromNaN Apr 10, 2025
5082e72
[Workflow] Add a link to mermaid.live from the profiler
lyrixx Apr 10, 2025
19bb3a4
feature #60193 [Workflow] Add a link to mermaid.live from the profile…
lyrixx Apr 11, 2025
5276de0
Merge branch '7.2' into 7.3
lyrixx Apr 11, 2025
20fbc9c
[Workflow] Deprecate `Event::getWorkflow()` method
lyrixx Apr 10, 2025
f2357a0
feature #60195 [Workflow] Deprecate `Event::getWorkflow()` method (ly…
nicolas-grekas Apr 14, 2025
187524d
[DependencyInjection] Add "when" argument to #[AsAlias]
Zuruuh Apr 9, 2025
d5b5581
feature #60186 [DependencyInjection] Add "when" argument to #[AsAlias…
nicolas-grekas Apr 14, 2025
1088f53
Merge branch '7.2' into 7.3
alexandre-daubois Apr 16, 2025
7e29f05
[TwigBridge] Allow attachment name to be set for inline images
aleho Mar 31, 2025
01c26aa
feature #60163 [TwigBridge] Allow attachment name to be set for inlin…
nicolas-grekas Apr 16, 2025
4566f3a
[HttpFoundation][FrameworkBundle] clock support for `UriSigner`
kbond Apr 15, 2025
e86ffe3
[Uid] Add component-specific exception classes
rela589n Apr 5, 2025
6b0459c
Merge branch '7.2' into 7.3
xabbuh Apr 17, 2025
1d7c9ec
feature #60226 [Uid] Add component-specific exception classes (rela589n)
nicolas-grekas Apr 17, 2025
872c060
[Process] Narrow `PhpExecutableFinder` return types
Slamdunk Apr 17, 2025
ed7dba6
minor #60229 [Process] Narrow `PhpExecutableFinder` return types (Sla…
nicolas-grekas Apr 17, 2025
904df78
feature #60222 [FrameworkBundle][HttpFoundation] Add Clock support fo…
chalasr Apr 17, 2025
45e67ac
[DependencyInjection] Add better return type on ContainerInterface::g…
lyrixx Mar 31, 2025
f30cc7b
minor #60096 [DependencyInjection] Add better return type on `Contain…
nicolas-grekas Apr 18, 2025
ac4de2c
[HttpFoundation] Add `UriSigner::verify()` that throws named exceptions
kbond Mar 31, 2025
eb71515
feature #60102 [HttpFoundation] Add `UriSigner::verify()` that throws…
nicolas-grekas Apr 18, 2025
fab90e3
Merge branch '7.2' into 7.3
xabbuh Apr 20, 2025
46b0b53
Add callable type to CustomCredentials
BenMorel Apr 20, 2025
fe94cfb
minor #60245 [Security] Add callable type to CustomCredentials (BenMo…
nicolas-grekas Apr 22, 2025
0e865e6
[HttpClient] Improve memory consumption
nicolas-grekas Apr 18, 2025
29da4f5
minor #60241 [HttpClient] Improve memory consumption (nicolas-grekas)
nicolas-grekas Apr 22, 2025
d5a3769
Don't enable tracing unless the profiler is enabled
nicolas-grekas Apr 18, 2025
2676ce9
drop support for nikic/php-parser 4
xabbuh Apr 22, 2025
2ae7fe3
minor #60255 [Translation] drop support for nikic/php-parser 4 (xabbuh)
fabpot Apr 23, 2025
debe722
[Messenger] show sanitized DSN in exception message when no transport…
dantleech Apr 16, 2025
6dfbfff
minor #60225 [Messenger] show sanitized DSN in exception message when…
nicolas-grekas Apr 23, 2025
9cb5585
conflict with nikic/php-parser 4
xabbuh Apr 24, 2025
c10a83f
minor #60263 [Translation] conflict with nikic/php-parser 4 (xabbuh)
chalasr Apr 24, 2025
5c930dd
[JsonStreamer] Fix reading/writing objects with generics
mtarld Apr 27, 2025
bf72397
[HttpFoundation] Flush after each echo in `StreamedResponse`
mtarld Apr 24, 2025
2491a28
Add PHP config support for routing
fabpot Apr 17, 2025
2a5aa45
Deprecate using XML routing configuration files
fabpot Apr 27, 2025
f80550e
minor #60243 [Cache][EventDispatcher][HttpClient][HttpKernel][Messeng…
fabpot Apr 27, 2025
022f495
Merge branch '7.2' into 7.3
fabpot Apr 27, 2025
5d656da
Merge branch '7.2' into 7.3
fabpot Apr 27, 2025
ffb7884
Remove unneeded use statements
fabpot Apr 27, 2025
90edbbe
feature #60232 Add PHP config support for routing (fabpot)
fabpot Apr 27, 2025
a2a47bc
bug #60262 [HttpFoundation] Fix flush after echo in `StreamedResponse…
fabpot Apr 27, 2025
2f7d665
fix the upgrade instructions and trigger deprecations
xabbuh Apr 28, 2025
1771ebd
do not lose response information when truncating the debug buffer
xabbuh Apr 28, 2025
072ddcc
bug #60281 [JsonStreamer] Fix reading/writing objects with generics (…
fabpot Apr 29, 2025
31c45d4
align the type to the one in the human description
dkarlovi Apr 28, 2025
4d29af3
minor #60294 align the type to the one in the human description (dkar…
fabpot Apr 29, 2025
195f1f1
minor #60290 [FrameworkBundle][WebProfilerBundle] fix the upgrade ins…
fabpot Apr 29, 2025
a175dd4
bump the required Twig bridge version
xabbuh Apr 30, 2025
ea5767d
use deprecation catching error handler only when parsing Twig templates
xabbuh Apr 30, 2025
b766607
[Messenger] Fix integration with newer version of Pheanstalk
HypeMC May 1, 2025
468c22b
Merge branch '7.2' into 7.3
xabbuh May 1, 2025
119795e
update scorecards actions
xabbuh May 1, 2025
d7ab0fb
fix compatibility between WebProfilerBundle and the Workflow component
xabbuh May 2, 2025
406e68a
drop the limiters option for non-compound rater limiters
xabbuh May 2, 2025
e01f633
bug #60295 [HttpClient] do not lose response information when truncat…
fabpot May 2, 2025
8c8b58d
bug #60321 [WebProfilerBundle] fix compatibility between WebProfilerB…
fabpot May 2, 2025
e19fc0b
minor #60313 update scorecards actions (xabbuh)
fabpot May 2, 2025
687a0c1
minor #60304 [TwigBundle] bump the required Twig bridge version (xabbuh)
fabpot May 2, 2025
d9d3d6a
bug #60303 [Validator] use deprecation catching error handler only wh…
fabpot May 2, 2025
24c805a
Merge branch '7.2' into 7.3
fabpot May 2, 2025
060d2c1
Update CHANGELOG for 7.3.0-BETA1
fabpot May 2, 2025
1ffeabe
Update VERSION for 7.3.0-BETA1
fabpot May 2, 2025
366bfc8
Merge pull request #60327 from fabpot/release-7.3.0-BETA1
fabpot May 2, 2025
25e04ae
Bump Symfony version to 7.3.0
fabpot May 2, 2025
6678e91
[Mailer][Mime] Update SMIME repository node description in configuration
Spomky May 2, 2025
6e4d251
minor #60335 [Mailer][Mime] Update SMIME repository node description …
fabpot May 3, 2025
5dd87d2
bug #60322 [FrameworkBundle] drop the limiters option for non-compoun…
fabpot May 3, 2025
ffac95c
Merge branch '7.2' into 7.3
xabbuh May 4, 2025
b0199cc
Merge branch '7.2' into 7.3
xabbuh May 4, 2025
28d1a83
require the 7.3+ of the Config component
xabbuh May 4, 2025
2b9f361
minor #60341 [DebugBundle] require the 7.3+ of the Config component (…
fabpot May 4, 2025
84c0e5b
[Console] Use kebab-case for auto-guessed input arguments/options names
chalasr May 4, 2025
76ab38f
feature #60344 [Console] Use kebab-case for auto-guessed input argume…
wouterj May 5, 2025
a5698aa
[ObjectMapper] Condition to target a specific class
soyuka Apr 2, 2025
7379bfb
feature #60028 [ObjectMapper] Condition to target a specific class (…
fabpot May 6, 2025
8084241
remove conflict rule
xabbuh May 6, 2025
f77c403
Ensure overriding Command::execute() keep priority over __invoke
GromNaN May 6, 2025
ed0a235
bug #60361 [Console] Ensure overriding `Command::execute()` keeps pri…
chalasr May 6, 2025
fe4f1ee
bump min constraint for the ObjectMapper component
xabbuh May 6, 2025
41ea779
choose the correctly cased class name for the SQLite platform
xabbuh May 6, 2025
6763e77
[Console] Set description as first parameter to Argument and Option a…
alamirault May 6, 2025
57d4f08
bug #60366 [Console] Set description as first parameter to `Argument`…
fabpot May 7, 2025
c1da2be
minor #60364 [Cache] choose the correctly cased class name for the SQ…
fabpot May 7, 2025
925dacb
minor #60360 [Console] remove conflict rule (xabbuh)
fabpot May 7, 2025
8ced9d9
minor #60363 [FrameworkBundle] bump min constraint for the ObjectMapp…
fabpot May 7, 2025
7c43418
Merge branch '7.2' into 7.3
xabbuh May 7, 2025
0040477
bug #60308 [Messenger] Fix integration with newer versions of Pheanst…
fabpot May 8, 2025
d044b21
Merge branch '7.2' into 7.3
xabbuh May 8, 2025
72c0a36
Merge branch '7.2' into 7.3
xabbuh May 8, 2025
f67540e
Add extension requirements
afilina May 8, 2025
c255ab4
Merge pull request #1 from afilina/add-ext-reqs
afilina May 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
[Security] Add methods param in IsCsrfTokenValid attribute
  • Loading branch information
@Oviglo @nicolas-grekas
Oviglo authored and nicolas-grekas committed Mar 24, 2025
commit 640e7a4d9919b339c4911a79e64e31654d7fc5d4
1 change: 1 addition & 0 deletions src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ CHANGELOG
* Add `--method` option to the `debug:router` command
* Auto-exclude DI extensions, test cases, entities and messenger messages
* Add DI alias from `ServicesResetterInterface` to `services_resetter`
* Add `methods` argument in `#[IsCsrfTokenValid]` attribute

7.2
---
Expand Down
6 changes: 6 additions & 0 deletions src/Symfony/Component/Security/Http/Attribute/IsCsrfTokenValid.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ public function __construct(
* Sets the key of the request that contains the actual token value that should be validated.
*/
public ?string $tokenKey = '_token',

/**
* Sets the available http methods that can be used to validate the token.
* If not set, the token will be validated for all methods.
*/
public array|string $methods = [],
) {
}
}
5 changes: 5 additions & 0 deletions src/Symfony/Component/Security/Http/EventListener/IsCsrfTokenValidAttributeListener.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,11 @@ public function onKernelControllerArguments(ControllerArgumentsEvent $event): vo

foreach ($attributes as $attribute) {
$id = $this->getTokenId($attribute->id, $request, $arguments);
$methods = \array_map('strtoupper', (array) $attribute->methods);

if ($methods && !\in_array($request->getMethod(), $methods, true)) {
continue;
}

if (!$this->csrfTokenManager->isTokenValid(new CsrfToken($id, $request->getPayload()->getString($attribute->tokenKey)))) {
throw new InvalidCsrfTokenException('Invalid CSRF token.');
Expand Down
137 changes: 137 additions & 0 deletions ...ony/Component/Security/Http/Tests/EventListener/IsCsrfTokenValidAttributeListenerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -206,4 +206,141 @@ public function testExceptionWhenInvalidToken()
$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidCalledCorrectlyWithDeleteMethod()
{
$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('DELETE');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->once())
->method('isTokenValid')
->with(new CsrfToken('foo', 'bar'))
->willReturn(true);

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withDeleteMethod'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidIgnoredWithNonMatchingMethod()
{
$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('POST');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->never())
->method('isTokenValid')
->with(new CsrfToken('foo', 'bar'));

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withDeleteMethod'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidCalledCorrectlyWithGetOrPostMethodWithGetMethod()
{
$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('GET');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->once())
->method('isTokenValid')
->with(new CsrfToken('foo', 'bar'))
->willReturn(true);

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withGetOrPostMethod'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidNoIgnoredWithGetOrPostMethodWithPutMethod()
{
$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('PUT');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->never())
->method('isTokenValid')
->with(new CsrfToken('foo', 'bar'));

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withGetOrPostMethod'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidCalledCorrectlyWithInvalidTokenKeyAndPostMethod()
{
$this->expectException(InvalidCsrfTokenException::class);

$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('POST');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->once())
->method('isTokenValid')
->withAnyParameters()
->willReturn(false);

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withPostMethodAndInvalidTokenKey'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}

public function testIsCsrfTokenValidIgnoredWithInvalidTokenKeyAndUnavailableMethod()
{
$request = new Request(request: ['_token' => 'bar']);
$request->setMethod('PUT');

$csrfTokenManager = $this->createMock(CsrfTokenManagerInterface::class);
$csrfTokenManager->expects($this->never())
->method('isTokenValid')
->withAnyParameters();

$event = new ControllerArgumentsEvent(
$this->createMock(HttpKernelInterface::class),
[new IsCsrfTokenValidAttributeMethodsController(), 'withPostMethodAndInvalidTokenKey'],
[],
$request,
null
);

$listener = new IsCsrfTokenValidAttributeListener($csrfTokenManager);
$listener->onKernelControllerArguments($event);
}
}
15 changes: 15 additions & 0 deletions ...ony/Component/Security/Http/Tests/Fixtures/IsCsrfTokenValidAttributeMethodsController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,4 +44,19 @@ public function withCustomTokenKey()
public function withInvalidTokenKey()
{
}

#[IsCsrfTokenValid('foo', methods: 'DELETE')]
public function withDeleteMethod()
{
}

#[IsCsrfTokenValid('foo', methods: ['GET', 'POST'])]
public function withGetOrPostMethod()
{
}

#[IsCsrfTokenValid('foo', tokenKey: 'invalid_token_key', methods: ['POST'])]
public function withPostMethodAndInvalidTokenKey()
{
}
}
Loading