* 6.4:
[Process] Fix process status tracking
[HttpClient] Fix buffering AsyncResponse with no passthru
[HttpClient] Fix uploading files > 2GB
[Mime] use isRendered method to avoid rendering an email twice
* 7.1:
Do not read from argv on non-CLI SAPIs
[Process] Use %PATH% before %CD% to load the shell on Windows
[HttpFoundation] Reject URIs that contain invalid characters
[HttpClient] Filter private IPs before connecting when Host == IP
* 6.4:
Do not read from argv on non-CLI SAPIs
[Process] Use %PATH% before %CD% to load the shell on Windows
[HttpFoundation] Reject URIs that contain invalid characters
[HttpClient] Filter private IPs before connecting when Host == IP
* 5.4:
Do not read from argv on non-CLI SAPIs
[Process] Use %PATH% before %CD% to load the shell on Windows
[HttpFoundation] Reject URIs that contain invalid characters
[HttpClient] Filter private IPs before connecting when Host == IP
This PR was merged into the 7.2 branch.
Discussion
----------
[Process] On Windows, don't rely on the OS to find executables
| Q | A
| ------------- | ---
| Branch? | 7.2
| Bug fix? | no
| New feature? | no
| Deprecations? | no
| Issues | -
| License | MIT
Porting part of https://github.com/composer/composer/pull/12180 here:
On Windows, when searching for an executable, the OS always looks at the current directory before using the PATH variable. This makes it easier than desired to hijack executables. Unix-like OSes don't have this issue.
This PR proposes to rely on ExecutableFinder instead.
Commits
-------
b35a7d42931 [Process] On Windows, don't rely on the OS to find executables
* 7.1:
[Validator] Fix 58691 (missing plural-options in serbian language translation)
profiler form data collector extart value property if it is setted
[Process] Fix escaping /X arguments on Windows
fix the constant being used
fix the path separator being used
fix the directory separator being used
ignore case of built-in cmd.exe commands
[Process] Improve test cleanup by unlinking in a `finally` block
[Notifier] Fix test with hard coded date in `SmsboxTransportTest`
[Process] Return built-in cmd.exe commands directly in ExecutableFinder
Re-add missing Profiler shortcuts on Profiler homepage
[Config] Handle Phar absolute path in `FileLocator`
[Runtime] Remove unused `SKIPIF` from `dotenv_overload.phpt`
* 6.4:
[Validator] Fix 58691 (missing plural-options in serbian language translation)
profiler form data collector extart value property if it is setted
[Process] Fix escaping /X arguments on Windows
[Config] Handle Phar absolute path in `FileLocator`
[Runtime] Remove unused `SKIPIF` from `dotenv_overload.phpt`
* 5.4:
[Validator] Fix 58691 (missing plural-options in serbian language translation)
profiler form data collector extart value property if it is setted
[Process] Fix escaping /X arguments on Windows
[Config] Handle Phar absolute path in `FileLocator`
* 5.4:
Mitigate PHPUnit deprecations
[TwigBundle] Add support for resetting globals between HTTP requests
[Validator] Add Catalan and Spanish translation for `Week` constraint
Don't use is_resource() on non-streams
[Ldap] Fix extension deprecation
* 7.0:
[Serializer] Improve exception message in UnwrappingDenormalizer
[PropertyInfo] Update DoctrineExtractor for new DBAL 4 BIGINT type
Update security.nl.xlf
[Validator] IBAN Check digits should always between 2 and 98
[Security] Populate translations for trans-unit 20
add missing plural translation messages
filter out empty HTTP header parts
[String] Fix folded in compat mode
Remove calls to `getMockForAbstractClass()`
[ErrorHandler] Do not call xdebug_get_function_stack() with xdebug >= 3.0 when not in develop mode
[Serializer] Fix type for missing property
add test for JSON response with null as content
[Filesystem] Fix dumpFile `stat failed` error hitting custom handler
Return false in isTtySupported() when open_basedir restrictions prevent access to /dev/tty.
Remove calls to `TestCase::iniSet()` and calls to deprecated methods of `MockBuilder`
[PhpUnitBridge] Fix `DeprecationErrorHandler` with PhpUnit 10
* 6.4:
[Serializer] Improve exception message in UnwrappingDenormalizer
[PropertyInfo] Update DoctrineExtractor for new DBAL 4 BIGINT type
Update security.nl.xlf
[Validator] IBAN Check digits should always between 2 and 98
[Security] Populate translations for trans-unit 20
add missing plural translation messages
filter out empty HTTP header parts
[String] Fix folded in compat mode
Remove calls to `getMockForAbstractClass()`
[ErrorHandler] Do not call xdebug_get_function_stack() with xdebug >= 3.0 when not in develop mode
[Serializer] Fix type for missing property
add test for JSON response with null as content
[Filesystem] Fix dumpFile `stat failed` error hitting custom handler
Return false in isTtySupported() when open_basedir restrictions prevent access to /dev/tty.
Remove calls to `TestCase::iniSet()` and calls to deprecated methods of `MockBuilder`
[PhpUnitBridge] Fix `DeprecationErrorHandler` with PhpUnit 10
If open_basedir restrictions are in effect, checking if the file /dev/tty is writable will prevent setting tty mode on the process, and avoid failing to create a Process.
* 7.0:
[VarExporter] Uniform unitialized property error message under ghost and non-ghost objects
[AssetMapper] Ignore comment lines in JavaScriptImportPathCompiler
Update configuration path in help message
[Validator] Review Albanian translation
[Process] Fix Inconsistent Exit Status in proc_get_status for PHP Versions Below 8.3
[Validator] Update Czech (cz) translation
Sync translations
[Mailer][Postmark][Webhook] Make allowed IPs configurable
Review portuguese translations
[Validator] Fix fields without constraints in `Collection`
deal with fields for which no constraints have been configured
[DomCrawler] [Form] Fix the exclusion of <template>
* 6.4:
[VarExporter] Uniform unitialized property error message under ghost and non-ghost objects
[AssetMapper] Ignore comment lines in JavaScriptImportPathCompiler
Update configuration path in help message
[Validator] Review Albanian translation
[Process] Fix Inconsistent Exit Status in proc_get_status for PHP Versions Below 8.3
[Validator] Update Czech (cz) translation
Sync translations
[Mailer][Postmark][Webhook] Make allowed IPs configurable
Review portuguese translations
[Validator] Fix fields without constraints in `Collection`
deal with fields for which no constraints have been configured
[DomCrawler] [Form] Fix the exclusion of <template>
* 5.4:
Update configuration path in help message
[Validator] Review Albanian translation
[Process] Fix Inconsistent Exit Status in proc_get_status for PHP Versions Below 8.3
[Validator] Update Czech (cz) translation
Sync translations
Review portuguese translations
[Validator] Fix fields without constraints in `Collection`
deal with fields for which no constraints have been configured
* 7.0:
List CS fix in .git-blame-ignore-revs
Fix implicitly-required parameters
minor #53524 [Messenger] [AmazonSqs] Allow `async-aws/sqs` version 2 (smoench)
Fix bad merge
List CS fix in .git-blame-ignore-revs
Fix implicitly-required parameters
List CS fix in .git-blame-ignore-revs
Apply php-cs-fixer fix --rules nullable_type_declaration_for_default_null_value
[Messenger][AmazonSqs] Allow async-aws/sqs version 2
* 6.4:
Fix implicitly-required parameters
minor #53524 [Messenger] [AmazonSqs] Allow `async-aws/sqs` version 2 (smoench)
Fix bad merge
List CS fix in .git-blame-ignore-revs
Fix implicitly-required parameters
List CS fix in .git-blame-ignore-revs
Apply php-cs-fixer fix --rules nullable_type_declaration_for_default_null_value
[Messenger][AmazonSqs] Allow async-aws/sqs version 2
* 6.3:
minor #53524 [Messenger] [AmazonSqs] Allow `async-aws/sqs` version 2 (smoench)
Fix bad merge
List CS fix in .git-blame-ignore-revs
Fix implicitly-required parameters
List CS fix in .git-blame-ignore-revs
Apply php-cs-fixer fix --rules nullable_type_declaration_for_default_null_value
* 6.4: (28 commits)
[Serializer] Fix `@method` annotation
fix compatibility with Doctrine DBAL 4
ensure string type with mbstring func overloading enabled
[HttpKernel] Fix quotes expectations in tests
[Validator] updated Greek translation
[Cache][HttpFoundation][Lock] Fix empty username/password for PDO PostgreSQL
[HttpClient][WebProfilerBundle] Do not generate cURL command when files are uploaded
render newline in front of all script elements
fix test fixture
fix tests
[Cache] Fix property types in PdoAdapter
PHP files cannot be executable without shebang
[TwigBridge] Mark CodeExtension as @internal
Remove full DSNs from exception messages
[Yaml] Fix uid binary parsing
Disable the "Copy as cURL" button when the debug info are disabled
[HttpClient] Replace `escapeshellarg` to prevent overpassing `ARG_MAX`
Fix missing `profile` option for console commands
[HttpFoundation][Lock] Makes MongoDB adapters usable with `ext-mongodb` only
[HttpKernel] Preventing error 500 when function putenv is disabled
...
* 6.4:
[Process] remove fixing of legacy bug, when PTS functionality is enabled
DX: re-apply self_accessor and phpdoc_types_order by PHP CS Fixer
[HttpClient] Psr18Client: parse HTTP Reason Phrase for Response
fix test
Fix wrong yaml parse null test
[AssetMapper] Fixing merge from multiple PR's
Bump Symfony version to 5.4.31
Update VERSION for 5.4.30
Update CONTRIBUTORS for 5.4.30
Update CHANGELOG for 5.4.30
Fix wrong merge
[AssetMapper] Allowing circular references in JavaScriptImportPathCompiler
[AssetMapper] Fix file deleting errors & remove nullable MappedAsset on JS import
[Lock] Fix mongodb extension requirement in tests
[Yaml] Remove dead code
[AssetMapper] Fix in-file imports to resolve via filesystem
throw better exception in TranslatableNormalizer, add to changelog
Passing null to Inline::parse is not allowed
Fix passing null to trim()
* 6.4: (33 commits)
[Console][FrameworkBundle][HttpKernel][WebProfilerBundle] Enable profiling commands
[AssetMapper] Disable profiler when the "dev server" respond
Adds translations for Portuguese (pt)
[AssetMapper] Link needs as="style"
Allow Symfony 7.0 on Phrase translation provider
[Mime] Throw InvalidArgumentException on invalid form field type inside array
[Mailer][Bridges] Allow Symfony 7
[Tests] Use `JsonMockResponse` where applicable
[FrameworkBundle][HttpKernel] Introduce `$buildDir` argument to `WarmableInterface::warmup` to warm read-only artefacts in `build_dir`
[ErrorHandler] Fix expected missing return types
[Form] Fix merging params & files when "multiple" is enabled
[HttpFoundation] Do not swallow trailing `=` in cookie value
Fix markdown in README files
Handle Sendinblue error responses without a message key
Handle Brevo error responses without a message key
[Scheduler] Add failureEvent
[Notifier][Bridges] Allow Symfony 7
[Mailer][Brevo][Sendinblue] Fix typo
[Serializer] Fix collecting only first missing constructor argument
[ErrorHandler] Fix file link format call in trace view
...
Nicolas Grekas