Skip to content

Latest commit

 

History

History
270 lines (247 loc) · 20.4 KB

CHANGELOG-2.5.md

File metadata and controls

270 lines (247 loc) · 20.4 KB

CHANGELOG for 2.5.x

This changelog references the relevant changes (bug and security fixes) done in 2.5 minor versions.

To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.5.0...v2.5.1

  • 2.5.6 (2014-10-24)

  • bug #11696 [Form] Fix #11694 - Enforce options value type check in some form types (kix)

  • bug #12225 [SecurityBundle] Add trust_resolver variable into expression (zulus)

  • bug #12209 [FrameworkBundle] Fixed ide links (hason)

  • bug #12208 Add missing argument (WouterJ)

  • bug #12197 [TwigBundle] do not pass a template reference to twig (Tobion)

  • bug #12196 [TwigBundle] show correct fallback exception template in debug mode (Tobion)

  • bug #12187 [CssSelector] don't raise warnings when exception is thrown (xabbuh)

  • bug #12151 [Framework][DX] Set the proper validator class according to the configured api version (peterrehm)

  • bug #12128 [Console] clean handling of :: passed to find() (xabbuh)

  • bug #11998 [Intl] Integrated ICU data into Intl component #2 (webmozart)

  • bug #11920 [Intl] Integrated ICU data into Intl component #1 (webmozart)

  • 2.5.5 (2014-09-28)

  • bug #12016 [Validator] Added ConstraintValidator::buildViolation() helper for BC with the 2.4 API (webmozart)

  • bug #12031 [Validator] Fixed LegacyValidator when only a constraint is validated (webmozart)

  • bug #9453 [Form][DateTime] Propagate invalid_message & invalid_message_parameters to date & time (egeloen)

  • bug #12030 Fix expression language in the container when using the "container" variable (fabpot)

  • bug #12032 [Command] Set the process title as late as possible (lyrixx)

  • bug #11058 [Security] bug #10242 Missing checkPreAuth from RememberMeAuthenticationProvider (glutamatt)

  • bug #12004 [Form] Fixed ValidatorTypeGuesser to guess properties without constraints not to be required (webmozart)

  • bug #11904 Make twig ExceptionController conformed with ExceptionListener (megazoll)

  • bug #11924 [Form] Moved POST_MAX_SIZE validation from FormValidator to request handler (rpg600, webmozart)

  • bug #12002 [Security] [Firewall] Bug fixed in SimplePreAuthenticationListener when createToken() not return TokenInterface object (adenkejawen, fabpot)

  • bug #11079 Response::isNotModified returns true when If-Modified-Since is later than Last-Modified (skolodyazhnyy)

  • bug #11989 [Finder][Urgent] Remove asterisk and question mark from folder name in test to prevent windows file system issues. (Adam)

  • bug #11908 [Translation] [Config] Clear libxml errors after parsing xliff file (pulzarraider)

  • bug #11839 [FrameworkBundle] check if the Validator component is present when forms are enabled (xabbuh)

  • bug #11418 [JsonResponse] Silent only JSON errors (GromNaN)

  • bug #11937 [HttpKernel] Make sure HttpCache is a trusted proxy (thewilkybarkid)

  • bug #11970 [Finder] Escape location for regex searches (ymc-dabe)

  • bug #11837 Use getPathname() instead of string casting to get BinaryFileReponse file path (nervo)

  • bug #11513 [Translation] made XliffFileDumper support CDATA sections. (hhamon)

  • bug #11928 [Validator] The ratio of the ImageValidator is rounded to two decimals now (webmozart)

  • bug #11907 [Intl] Improved bundle reader implementations (webmozart)

  • bug #11874 [Console] guarded against non-traversable aliases (thierrymarianne)

  • bug #11799 [YAML] fix handling of empty sequence items (xabbuh)

  • bug #11906 [Intl] Fixed a few bugs in TextBundleWriter (webmozart)

  • bug #11459 [Form][Validator] All index items after children are to be considered grand-children when resolving ViolationPath (Andrew Moore)

  • bug #11715 [Form] FormBuilder::getIterator() now deals with resolved children (issei-m)

  • bug #11892 [SwiftmailerBridge] Bump allowed versions of swiftmailer (ymc-dabe)

  • bug #11918 [DependencyInjection] remove service parameter type from XSD (xabbuh)

  • bug #11905 [Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle (webmozart)

  • bug #11497 Use separated function to resolve command and related arguments (JJK801)

  • bug #11374 [DI] Added safeguards against invalid config in the YamlFileLoader (stof)

  • bug #11897 [FrameworkBundle] Remove invalid markup (flack)

  • bug #11860 [Security] Fix usage of unexistent method in DoctrineAclCache. (mauchede)

  • bug #11850 [YAML] properly mask escape sequences in quoted strings (xabbuh)

  • bug #11856 [FrameworkBundle] backport more error information from 2.6 to 2.3 (xabbuh)

  • bug #11843 [Yaml] improve error message when detecting unquoted asterisks (xabbuh)

  • 2.5.4 (2014-09-03)

  • security #11832 CVE-2014-6072 (fabpot)

  • security #11831 CVE-2014-5245 (stof)

  • security #11830 CVE-2014-4931 (aitboudad, Jérémy Derussé)

  • security #11829 CVE-2014-6061 (damz, fabpot)

  • security #11828 CVE-2014-5244 (nicolas-grekas, larowlan)

  • bug #10197 [FrameworkBundle] PhpExtractor bugfix and improvements (mtibben)

  • bug #11772 [Filesystem] Add FTP stream wrapper context option to enable overwrite (Damian Sromek)

  • bug #11791 [Process] fix mustRun() in sigchild environments (xabbuh)

  • bug #11788 [Yaml] fixed mapping keys containing a quoted # (hvt, fabpot)

  • bug #11787 fixed DateComparator if file does not exist (avi123)

  • bug #11160 [DoctrineBridge] Abstract Doctrine Subscribers with tags (merk)

  • bug #11768 [ClassLoader] Add a __call() method to XcacheClassLoader (tstoeckler)

  • bug #11739 [Validator] Pass strict argument into the strict email validator (brianfreytag)

  • bug #11749 [TwigBundle] Remove hard dependency of RequestContext in AssetsExtension (pgodel)

  • bug #11726 [Filesystem Component] mkdir race condition fix #11626 (kcassam)

  • bug #11677 [YAML] resolve variables in inlined YAML (xabbuh)

  • bug #11639 [DependencyInjection] Fixed factory service not within the ServiceReferenceGraph. (boekkooi)

  • bug #11778 [Validator] Fixed wrong translations for Collection constraints (samicemalone)

  • bug #11756 [DependencyInjection] fix @return anno created by PhpDumper (jakubkulhan)

  • bug #11711 [DoctrineBridge] Fix empty parameter logging in the dbal logger (jakzal)

  • bug #11692 [DomCrawler] check for the correct field type (xabbuh)

  • bug #11672 [Routing] fix handling of nullable XML attributes (xabbuh)

  • bug #11624 [DomCrawler] fix the axes handling in a bc way (xabbuh)

  • bug #11676 [Form] Fixed #11675 ValueToDuplicatesTransformer accept "0" value (Nek-)

  • bug #11695 [Validators] Fixed failing tests requiring ICU 52.1 which are skipped otherwise (webmozart)

  • bug #11584 [FrameworkBundle] Fixed validator factory definition when the Validator API is "auto" for PHP < 5.3.9 (webmozart)

  • bug #11645 [Form] Fixed ValidatorExtension to work with the 2.5 Validation API (webmozart)

  • bug #11529 [WebProfilerBundle] Fixed double height of canvas (hason)

  • bug #11666 [DIC] Fixed: anonymous services are always private (lyrixx)

  • bug #11641 [WebProfilerBundle ] Fix toolbar vertical alignment (blaugueux)

  • bug #11637 fix dependencies on HttpFoundation component (xabbuh)

  • bug #11559 [Validator] Convert objects to string in comparison validators (webmozart)

  • feature #11510 [HttpFoundation] MongoDbSessionHandler supports auto expiry via configurable expiry_field (catchamonkey)

  • bug #11408 [HttpFoundation] Update QUERY_STRING when overrideGlobals (yguedidi)

  • bug #11625 [FrameworkBundle] resolve parameters before the configs are processed in the config:debug command (xabbuh)

  • bug #11633 [FrameworkBundle] add missing attribute to XSD (xabbuh)

  • bug #11601 [Validator] Allow basic auth in url when using UrlValidator. (blaugueux)

  • bug #11609 [Console] fixed style creation when providing an unknown tag option (fabpot)

  • bug #10914 [HttpKernel] added an analyze of environment parameters for built-in server (mauchede)

  • bug #11598 [Finder] Shell escape and windows support (Gordon Franke, gimler)

  • bug #11582 [DoctrineBridge] Changed UniqueEntityValidator to use the 2.5 Validation API (webmozart)

  • 2.5.3 (2014-08-06)

  • bug #11571 [Form] Fixed FormValidator compatibility with the non-BC 2.5 Validation API (webmozart)

  • bug #11499 [BrowserKit] Fixed relative redirects for ambiguous paths (pkruithof)

  • bug #11516 [BrowserKit] Fix browser kit redirect with ports (dakota)

  • bug #11545 [Bundle][FrameworkBundle] built-in server: exit when docroot does not exist (xabbuh)

  • bug #11560 Plural fix (1emming)

  • bug #11558 [DependencyInjection] Fixed missing 'factory-class' attribute in XmlDumper output (kerdany)

  • bug #11498 [Validator] Made it possible (again) to pass a class name to validatePropertyValue() (webmozart)

  • bug #11548 [Component][DomCrawler] fix axes handling in Crawler::filterXPath() (xabbuh)

  • bug #11422 [DependencyInjection] Self-referenced 'service_container' service breaks garbage collection (sun)

  • bug #11428 [Serializer] properly handle null data when denormalizing (xabbuh)

  • bug #10687 [Validator] Fixed string conversion in constraint violations (eagleoneraptor, webmozart)

  • bug #11412 [Validator] Made sure that context changes don't leak out of (Contextual)ValidatorInterface (webmozart)

  • bug #11475 [EventDispatcher] don't count empty listeners (xabbuh)

  • bug #11436 fix signal handling in wait() on calls to stop() (xabbuh, romainneutron)

  • bug #11469 [BrowserKit] Fixed server HTTP_HOST port uri conversion (bcremer, fabpot)

  • bug #11425 Fix issue described in #11421 (Ben, ben-rosio)

  • bug #11423 Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper (jakzal)

  • bug #11448 [MonologBridge] fixed Console handler priorities (fabpot)

  • bug #11454 [Validator] Fixed memory leak in ValidatorBuilder (webmozart)

  • bug #11120 [Process] Reduce I/O load on Windows platform (romainneutron)

  • bug #11370 [FrameworkBundle] avoid raising unexpected RuntimeException when specifying $_SERVER['KERNEL_DIR'] (iteman)

  • bug #11342 [Form] Check if IntlDateFormatter constructor returned a valid object before using it (romainneutron)

  • bug #11439 [ExpressionLanguage] Fixed double quoted string literals containing sharps (pylebecq)

  • bug #11410 [Validator] Fixed object initializers in 2.5 version of the Validator (webmozart)

  • bug #11411 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object (webmozart)

  • bug #11403 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator (takeit)

  • bug #11381 [Process] Use correct test for empty string in UnixPipes (whs, romainneutron)

  • 2.5.2 (2014-07-15)

  • [Security] Forced validate of locales passed to the translator

  • bug #11350 [Form] solved dependency to ValidatorInterface, fix #11036 (Sebastian Blum)

  • bug #11278 Remove Spaceless Blocks From Twig Templates (chrisguitarguy)

  • feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore)

  • bug #11284 [Console] Remove estimated field from debug_nomax (bburnichon)

  • bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy)

  • bug #9719 [TwigBundle] fix configuration tree for paths (mdavis1982, cordoval)

  • bug #11244 [HttpFoundation] Remove body-related headers when sending the response, if body is empty (SimonSimCity)

  • 2.5.1 (2014-07-08)

  • bug #11283 [SecurityBundle] Remove Expression Language services when the component is unavailable (thewilkybarkid)

  • bug #11238 [Translation] Added unescaping of ids in PoFileLoader (JustBlackBird)

  • bug #11194 [DomCrawler] Remove the query string and the anchor of the uri of a link (benja-M-1)

  • bug #11272 [Console] Make sure formatter is the same. (akimsko)

  • bug #11259 [Config] Fixed failed config schema loads due to libxml_disable_entity_loader usage (ccorliss)

  • bug #11234 [ClassLoader] fixed PHP warning on PHP 5.3 (fabpot)

  • bug #11179 [Process] Fix ExecutableFinder with open basedir (cs278)

  • bug #11242 [CssSelector] Refactored the CssSelector to remove the circular object graph (stof)

  • bug #11219 [DomCrawler] properly handle buttons with single and double quotes insid... (xabbuh)

  • bug #11220 [Components][Serializer] optional constructor arguments can be omitted during the denormalization process (xabbuh)

  • bug #11186 Added missing break statement (apfelbox)

  • bug #11168 [YAML] fix merge node (<<) (Tobion)

  • bug #11170 [Console] Fixed notice in QuestionHelper (florianv)

  • bug #11169 [Console] Fixed notice in DialogHelper (florianv)

  • bug #11144 [HttpFoundation] Fixed Request::getPort returns incorrect value under IPv6 (kicken)

  • bug #11121 [Process] Do not redirect output to file handles when output is disabled, simply discard it (romainneutron)

  • bug #10966 PHP Fatal error when getContainer method of ContainerAwareCommand has be... (kevinvergauwen)

  • bug #10981 [HttpFoundation] Fixed isSecure() check to be compliant with the docs (Jannik Zschiesche)

  • bug #11117 [Validator] Fix array notation in the PropertyPath::append() (jakzal)

  • bug #11113 [HttpKernel] Fix event dispatcher dependency (hacfi)

  • bug #11111 Fixed undefined ImageValidator::$suffices property when uploading an image during functional tests (OwlyCode)

  • bug #11099 [Debug] work-around https://bugs.php.net/61272 (nicolas-grekas)

  • bug #11092 [HttpFoundation] Fix basic authentication in url with PHP-FPM (Kdecherf)

  • bug #11097 [Debug] simplify code path to remove potential blank pages (nicolas-grekas)

  • bug #10808 [DomCrawler] Empty select with attribute name="foo[]" bug fix (darles)

  • bug #11063 [HttpFoundation] fix switch statement (Tobion)

  • bug #11054 [Serializer] Xml encoder whitespace fix (fieg)

  • bug #11009 [HttpFoundation] smaller fixes for PdoSessionHandler (Tobion)

  • bug #11047 #10862 loadClassMetadata vs loadValidatorMetadata: revert default config (phramz)

  • bug #11042 [Debug] fix debug handlers config (nicolas-grekas)

  • bug #11043 [Console] OutputFormatter Unset Bold has wrong id (DZunke)

  • bug #11033 [Debug] fix wrong case mismatch exception (nicolas-grekas)

  • bug #11044 [Serializer] Fix BC break since 2.5 (fieg)

  • bug #11041 Remove undefined variable $e (skydiablo)

  • 2.5.0 (2014-05-31)

  • bug #11014 [Validator] Remove property and method targets from the optional and required constraints (jakzal)

  • bug #10983 [DomCrawler] Fixed charset detection in html5 meta charset tag (77web)

  • 2.5.0-RC1 (2014-05-28)

  • bug #10979 Make rootPath part of regex greedy (artursvonda)

  • bug #10995 [TwigBridge][Trans]set %count% only on transChoice from the current context. (aitboudad)

  • bug #10989 [Debug] throw even in stacking mode to preserve code paths (nicolas-grekas)

  • bug #10987 [DomCrawler] Fixed a forgotten case of complex XPath queries (stof)

  • feature #10930 [Process] Deprecate using values that are not string for Process::setStdin and ProcessBuilder::setInput (romainneutron)

  • bug #10971 [Process] Fix conflicts between latest 2.3 fix and 2.5 deprecation (romainneutron)

  • feature #10932 [Process] Deprecate Process::setStdin in favor of Process::setInput (romainneutron)

  • bug #10849 [WIP][Finder] Fix wrong implementation on sortable callback comparator (ProPheT777)

  • bug #10929 [Process] Add validation on Process input (romainneutron)

  • bug #10946 [PropertyAccess] Fixed getValue() when accessing non-existing indices of ArrayAccess implementations (webmozart)

  • bug #10958 [DomCrawler] Fixed filterXPath() chaining loosing the parent DOM nodes (stof, robbertkl)

  • bug #10953 [HttpKernel] fixed file uploads in functional tests without file selected (realmfoo)

  • feature #10941 [Debug] cleanup interfaces before 2.5-final (nicolas-grekas)

  • bug #10947 [PropertyAccess] Fixed getValue() when accessing non-existing indices of ArrayAccess implementations (webmozart)

  • bug #10937 [HttpKernel] Fix "absolute path" when we look to the cache directory (BenoitLeveque)

  • bug #10933 Changed the default value of checkbox and radio to match the HTML spec (stof)

  • bug #10927 [DomCrawler] Changed typehints form DomNode to DomElement (stof)

  • bug #10894 [HttpKernel] removed absolute paths from the generated container (fabpot)

  • bug #10926 [DomCrawler] Fixed the initial state for options without value attribute (stof)

  • bug #10925 [DomCrawler] Fixed the handling of boolean attributes in ChoiceFormField (stof)

  • feature #10882 Fix issue #10867 (umpirsky)

  • bug #10902 [Yaml] Fixed YAML Parser does not ignore duplicate keys, violating YAML spec. (sun)

  • feature #10912 [Form] Added support for injecting HttpFoundation's Request in ServerParams for the Validator extension (csarrazi)

  • bug #10777 [Form] Automatically add step attribute to HTML5 time widgets to display seconds if needed (tucksaun)

  • bug #10909 [PropertyAccess] Fixed plurals for -ves words (csarrazi)

  • bug #10904 [HttpKernel] Replace sha1 with sha256 in recently added tests (jakzal)

  • bug #10899 Explicitly define the encoding. (jakzal)

  • bug #10897 [Console] Fix a console test (jakzal)

  • bug #10896 [HttpKernel] Fixed cache behavior when TTL has expired and a default "global" TTL is defined (alquerci, fabpot)

  • bug #10841 [DomCrawler] Fixed image input case sensitive (geoffrey-brier)

  • bug #10714 [Console]Improve formatter for double-width character (denkiryokuhatsuden)

  • bug #10872 [Form] Fixed TrimListenerTest as of PHP 5.5 (webmozart)

  • feature #10880 [DependencyInjection] GraphvizDumper now displays unresolved parameters (rosstuck)

  • bug #10876 [Console] Make Helper\Table::setStyle() chainable again (stloyd)

  • bug #10762 [BrowserKit] Allow URLs that don't contain a path when creating a cookie from a string (thewilkybarkid)

  • bug #10861 [Debug] enhance perf of DebugClassLoader (nicolas-grekas)

  • bug #10863 [Security] Add check for supported attributes in AclVoter (artursvonda)

  • bug #10854 [Debug] fix handling deprecated warnings and stacked errors turned into exceptions (nicolas-grekas)

  • feature #10843 [TwigBridge] Added compile-time issues checking in twig:lint command (maxromanovsky)

  • feature #10829 Fix issue 9172 (umpirsky)

  • bug #10833 [TwigBridge][Transchoice] set %count% from the current context. (aitboudad)

  • bug #10820 [WebProfilerBundle] Fixed profiler seach/homepage with empty token (tucksaun)

  • bug #10809 Fixed composer to include config component for mocks in phpunit (jpauli)

  • bug #10815 Fixed issue #5427 (umpirsky)

  • bug #10817 [Debug] fix #10313: FlattenException not found (nicolas-grekas)

  • 2.5.0-BETA2 (2014-04-29)

  • bug #10803 [Debug] fix ErrorHandlerTest when context is not an array (nicolas-grekas)

  • bug #10801 [Debug] ErrorHandler: remove $GLOBALS from context in PHP5.3 fix #10292 (nicolas-grekas)

  • bug #10799 [Debug] less intrusive work around for https://bugs.php.net/54275 (nicolas-grekas)

  • bug #10797 [HttpFoundation] Allow File instance to be passed to BinaryFileResponse (anlutro)

  • bug #10798 [Console] Fix #10795: Allow instancing Console Application when STDIN is not declared (romainneutron)

  • bug #10643 [TwigBridge] Removed strict check when found variables inside a translation (goetas)

  • bug #10605 [ExpressionLanguage] Strict in_array check in Parser.php (parnas)

  • bug #10789 [Console] Fixed the rendering of exceptions on HHVM with a terminal width (stof)

  • bug #10773 [WebProfilerBundle ] Fixed an edge case on WDT loading (tucksaun)

  • feature #10786 [FrameworkBundle] removed support for HHVM built-in web server as it is deprecated now (fabpot)

  • bug #10784 [Security] removed $csrfTokenManager type hint from SimpleFormAuthenticationListener constructor argument (choonge)

  • bug #10776 [Debug] fix #10771 DebugClassLoader can't load PSR4 libs (nicolas-grekas)

  • bug #10763 [Process] Disable TTY mode on Windows platform (romainneutron)

  • bug #10772 [Finder] Fix ignoring of unreadable dirs in the RecursiveDirectoryIterator (jakzal)

  • bug #10757 [Process] Setting STDIN while running should not be possible (romainneutron)

  • bug #10749 Fixed incompatibility of x509 auth with nginx (alcaeus)

  • feature #10725 [Debug] Handled errors (nicolas-grekas)

  • bug #10735 [Translation] [PluralizationRules] Little correction for case 'ar' (klyk50)

  • bug #10720 [HttpFoundation] Fix DbalSessionHandler (Tobion)

  • bug #10721 [HttpFoundation] status 201 is allowed to have a body (Tobion)

  • bug #10728 [Process] Fix #10681, process are failing on Windows Server 2003 (romainneutron)

  • bug #10733 [DomCrawler] Textarea value should default to empty string instead of null. (Berdir)

  • bug #10723 [Security] fix DBAL connection typehint (Tobion)

  • bug #10715 [Debug] Fixed ClassNotFoundFatalErrorHandler on windows. (lyrixx)

  • bug #10700 Fixes various inconsistencies in the code (fabpot)

  • bug #10697 [Translation] Make IcuDatFileLoader/IcuResFileLoader::load invalid resource compatible with HHVM. (idn2104)

  • 2.5.0-BETA1 (2014-04-11)

  • first beta release