This PR was merged into the main branch.
Discussion
----------
Remove DoctrineMigrationsBundle
The DoctrineMigrationsBundle was originally installed as part of the [symfony/orm-pack](https://github.com/symfony/orm-pack) and later [unpacked](5fafa37c71).
AFAIK it was never really used and there is no plan to start using it for database migrations.
So instead of upgrading to DoctrineMigrationsBundle v4 l propose to remove the unneeded dependencies.
Commits
-------
3d72dd80 Remove DoctrineMigrationsBundle
This PR was merged into the main branch.
Discussion
----------
Fix DoctrineBundle v3.1 deprecations
Fixes the deprecations:
- The "enable_native_lazy_objects" option is deprecated and will be removed in DoctrineBundle 4.0, as native lazy objects are now always enabled.
- The "doctrine.orm.controller_resolver.auto_mapping" option is deprecated and will be removed in DoctrineBundle 4.0, as it only accepts `false` since 3.0.
Commits
-------
3f2a2555 Fix DoctrineBundle deprecations
This PR was merged into the main branch.
Discussion
----------
Upgrade to SymfonyCasts SassBundle v0.9
Commits
-------
ae1aed08 Upgrade to SymfonyCasts SassBundle v0.9
This PR was merged into the main branch.
Discussion
----------
[PHP CS Fixer] Apply ruleset `@PHP8x4Migration`
Commits
-------
827d75fb [PHP CS Fixer] Apply ruleset `@PHP8x4Migration`
This PR was merged into the main branch.
Discussion
----------
Bump dependencies and update to Symfony v8.0.5
Includes fixes for CVE-2026-24739 and CVE-2026-24765
Replaces #1641 and #1642
Commits
-------
6472d9df Bump dependencies and update to Symfony v8.0.5
This PR was merged into the main branch.
Discussion
----------
Bump symfony/process from 8.0.3 to 8.0.5
Bumps [symfony/process](https://github.com/symfony/process) from 8.0.3 to 8.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/symfony/process/releases">symfony/process's releases</a>.</em></p>
<blockquote>
<h2>v8.0.5</h2>
<p><strong>Changelog</strong> (<a href="https://github.com/symfony/process/compare/v8.0.4...v8.0.5">https://github.com/symfony/process/compare/v8.0.4...v8.0.5</a>)</p>
<ul>
<li>security #cve-2026-24739 Fix escaping for MSYS on Windows (nicolas-grekas)</li>
<li>bug <a href="https://redirect.github.com/symfony/process/issues/63164">#63164</a> Fix escaping for MSYS on Windows (<a href="https://github.com/nicolas-grekas"><code>@nicolas-grekas</code></a>)</li>
</ul>
<h2>v8.0.4</h2>
<p><strong>Changelog</strong> (<a href="https://github.com/symfony/process/compare/v8.0.3...v8.0.4">https://github.com/symfony/process/compare/v8.0.3...v8.0.4</a>)</p>
<ul>
<li>bug <a href="https://redirect.github.com/symfony/process/issues/63004">#63004</a> Ignore invalid env var names (<a href="https://github.com/nicolas-grekas"><code>@nicolas-grekas</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b5f3aa6762"><code>b5f3aa6</code></a> Merge branch '7.4' into 8.0</li>
<li><a href="608476f460"><code>608476f</code></a> Merge branch '7.3' into 7.4</li>
<li><a href="81fe4ea2c3"><code>81fe4ea</code></a> Merge branch '6.4' into 7.3</li>
<li><a href="c46e854e79"><code>c46e854</code></a> [Process] Fix escaping for MSYS on Windows</li>
<li><a href="10df72602d"><code>10df726</code></a> * 7.4: (27 commits) [JsonStreamer] Fix exponential resource class memory gr...</li>
<li><a href="626f07a53f"><code>626f07a</code></a> Merge branch '7.3' into 7.4</li>
<li><a href="4424bc14e7"><code>4424bc1</code></a> Merge branch '6.4' into 7.3</li>
<li><a href="c593135be6"><code>c593135</code></a> [Process] Adjust Process mustRun method phpdoc</li>
<li><a href="a9d633eb14"><code>a9d633e</code></a> Merge branch '7.4' into 8.0</li>
<li><a href="f532042054"><code>f532042</code></a> Merge branch '7.3' into 7.4</li>
<li>Additional commits viewable in <a href="https://github.com/symfony/process/compare/v8.0.3...v8.0.5">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/symfony/demo/network/alerts).
</details>
Commits
-------
7ce08288 Bump symfony/process from 8.0.3 to 8.0.5
This PR was merged into the main branch.
Discussion
----------
Bump phpunit/phpunit from 11.5.47 to 11.5.50
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 11.5.47 to 11.5.50.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/sebastianbergmann/phpunit/releases">phpunit/phpunit's releases</a>.</em></p>
<blockquote>
<h2>PHPUnit 11.5.50</h2>
<h3>Changed</h3>
<ul>
<li>To prevent Poisoned Pipeline Execution (PPE) attacks using prepared <code>.coverage</code> files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs</li>
</ul>
<hr />
<p>Learn how to install or update PHPUnit 11.5 in the <a href="https://docs.phpunit.de/en/11.5/installation.html">documentation</a>.</p>
<h4>Keep up to date with PHPUnit:</h4>
<ul>
<li>You can follow <a href="https://phpc.social/`@phpunit`"><code>@phpunit@phpc.social</code></a> to stay up to date with PHPUnit's development.</li>
<li>You can subscribe to the <a href="https://phpunit.de/newsletter">PHPUnit Updates</a> newsletter to receive updates about and tips for PHPUnit.</li>
</ul>
<h2>PHPUnit 11.5.49</h2>
<h3>Fixed</h3>
<ul>
<li><a href="https://redirect.github.com/sebastianbergmann/phpunit/issues/6362">#6362</a>: Manually instantiated test doubles are broken since PHPUnit 11.2</li>
<li><a href="https://redirect.github.com/sebastianbergmann/phpunit/issues/6470">#6470</a>: Infinite recursion in <code>Count::getCountOf()</code> for unusal implementations of <code>Iterator</code> or <code>IteratorAggregate</code></li>
</ul>
<hr />
<p>Learn how to install or update PHPUnit 11.5 in the <a href="https://docs.phpunit.de/en/11.5/installation.html">documentation</a>.</p>
<h4>Keep up to date with PHPUnit:</h4>
<ul>
<li>You can follow <a href="https://phpc.social/`@phpunit`"><code>@phpunit@phpc.social</code></a> to stay up to date with PHPUnit's development.</li>
<li>You can subscribe to the <a href="https://phpunit.de/newsletter">PHPUnit Updates</a> newsletter to receive updates about and tips for PHPUnit.</li>
</ul>
<h2>PHPUnit 11.5.48</h2>
<h3>Changed</h3>
<ul>
<li>Reverted a change that caused a <a href="https://github.com/php/php-src/actions/runs/21052584327/job/60542023395#step:14:3729">build failure</a> for the <a href="https://phpunit.expert/articles/how-php-and-its-ecosystem-test-each-other.html?ref=github">PHP project's nightly community job</a></li>
</ul>
<hr />
<p>Learn how to install or update PHPUnit 11.5 in the <a href="https://docs.phpunit.de/en/11.5/installation.html">documentation</a>.</p>
<h4>Keep up to date with PHPUnit:</h4>
<ul>
<li>You can follow <a href="https://phpc.social/`@phpunit`"><code>@phpunit@phpc.social</code></a> to stay up to date with PHPUnit's development.</li>
<li>You can subscribe to the <a href="https://phpunit.de/newsletter">PHPUnit Updates</a> newsletter to receive updates about and tips for PHPUnit.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/sebastianbergmann/phpunit/blob/11.5.50/ChangeLog-11.5.md">phpunit/phpunit's changelog</a>.</em></p>
<blockquote>
<h2>[11.5.50] - 2026-01-27</h2>
<h3>Changed</h3>
<ul>
<li>To prevent Poisoned Pipeline Execution (PPE) attacks using prepared <code>.coverage</code> files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs</li>
</ul>
<h2>[11.5.49] - 2026-01-24</h2>
<h3>Fixed</h3>
<ul>
<li><a href="https://redirect.github.com/sebastianbergmann/phpunit/issues/6362">#6362</a>: Manually instantiated test doubles are broken since PHPUnit 11.2</li>
<li><a href="https://redirect.github.com/sebastianbergmann/phpunit/issues/6470">#6470</a>: Infinite recursion in <code>Count::getCountOf()</code> for unusal implementations of <code>Iterator</code> or <code>IteratorAggregate</code></li>
</ul>
<h2>[11.5.48] - 2026-01-16</h2>
<h3>Changed</h3>
<ul>
<li>Reverted a change that caused a <a href="https://github.com/php/php-src/actions/runs/21052584327/job/60542023395#step:14:3729">build failure</a> for the <a href="https://phpunit.expert/articles/how-php-and-its-ecosystem-test-each-other.html?ref=github">PHP project's nightly community job</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="fdfc727f0f"><code>fdfc727</code></a> Prepare release</li>
<li><a href="35ea7fd8e5"><code>35ea7fd</code></a> Merge branch '10.5' into 11.5</li>
<li><a href="33198268da"><code>3319826</code></a> Prepare release</li>
<li><a href="b0d98a227a"><code>b0d98a2</code></a> Merge branch '9.6' into 10.5</li>
<li><a href="b36f023174"><code>b36f023</code></a> Fix regression introduced in PHPUnit 9.6.33</li>
<li><a href="3f7dd5066e"><code>3f7dd50</code></a> Prepare release</li>
<li><a href="9c95cf0cdf"><code>9c95cf0</code></a> Merge branch '9.6' into 10.5</li>
<li><a href="fea06253ec"><code>fea0625</code></a> Prepare release</li>
<li><a href="1a677f663f"><code>1a677f6</code></a> Merge branch '8.5' into 9.6</li>
<li><a href="1015741814"><code>1015741</code></a> Prepare release</li>
<li>Additional commits viewable in <a href="https://github.com/sebastianbergmann/phpunit/compare/11.5.47...11.5.50">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/symfony/demo/network/alerts).
</details>
Commits
-------
e860a8eb Bump phpunit/phpunit from 11.5.47 to 11.5.50
This PR was squashed before being merged into the main branch.
Discussion
----------
Update to Symfony 8.0
Commits
-------
2fcf7b7e Update to Symfony 8.0
This PR was merged into the main branch.
Discussion
----------
Upgrade to MonologBundle v4
The `reference.php` file is updated because we removed many configuration keys in [MonologBundle v4.0.0](https://github.com/symfony/monolog-bundle/releases/tag/v4.0.0).
Commits
-------
29e87142 Upgrade to MonologBundle v4
This PR was merged into the main branch.
Discussion
----------
Bump dependencies and update to Symfony v7.4.3
Latest fixes and updates
Commits
-------
2771b70e Bump dependencies and update to Symfony v7.4.3
This PR was merged into the main branch.
Discussion
----------
Update the namespace of AppExtensionTest
To reproduce run: `composer dump-autoload -o`
Fixes:
```
Class Twig\AppExtensionTest located in ./tests/Twig/AppExtensionTest.php does not comply with psr-4 autoloading standard (rule: App\Tests\ => ./tests). Skipping.
```
Commits
-------
8674ede0 Update the namespace of AppExtensionTest
This PR was squashed before being merged into the main branch.
Discussion
----------
PHP CS Fixer: apply PHP 8.2 rules
Commits
-------
3350f771 PHP CS Fixer: apply PHP 8.2 rules
This PR was merged into the main branch.
Discussion
----------
chore: ability to run PHP CS Fixer on local machine
similar as one can run phpstan etc
Commits
-------
b271461c chore: ability to run PHP CS Fixer on local machine
This PR was merged into the main branch.
Discussion
----------
[CI] Update to actions/checkout@v6
Commits
-------
8b622edb [CI] Update to actions/checkout@v6
This PR was squashed before being merged into the main branch.
Discussion
----------
Use the new Symfony 7.4 features
Commits
-------
e3c3e653 Use the new Symfony 7.4 features
This PR was merged into the main branch.
Discussion
----------
Fix import of bootswatch styles
Fixes:
- #1619
Commits
-------
4a69a1d3 Fix import of bootswatch styles
This PR was squashed before being merged into the main branch.
Discussion
----------
Update to Symfony 7.4
Commits
-------
d5693df2 Update to Symfony 7.4
This PR was merged into the main branch.
Discussion
----------
Fix styles
Without this change, I don't see any styles on the app and the server shows this:
```
[Application] Nov 4 14:19:23 |CRITICA| REQUES Uncaught PHP Exception
Symfony\Component\AssetMapper\Exception\RuntimeException:
"Unable to find asset "./bootswatch/_variables" referenced in "demo/assets/styles/_variables.scss".
The file "demo/assets/styles/bootswatch/_variables" does not exist."
at CssAssetUrlCompiler.php line 111
```
Commits
-------
28c46a62 Fix styles
This PR was squashed before being merged into the main branch.
Discussion
----------
Remove usage of deprecated `Request::get()` in twig template
- https://github.com/symfony/symfony/pull/61948
Commits
-------
4101cc45 Remove usage of deprecated `Request::get()` in twig template
