Symfony News

Symfony 4.3.10 released

Symfony 4.3.10 has just been released. Here is a list of the most important changes:

• bug #35364 [Yaml] Throw on unquoted exclamation mark (@fancyweb)
• bug #35065 [Security] Use supportsClass in addition to UnsupportedUserException (@linaori)
• bug #35343 [Security] Fix RememberMe with null password (@jderusse)
• bug #34223 [DI] Suggest typed argument when binding fails with untyped argument (@gudfar)
• bug #35324 [HttpClient] Fix strict parsing of response status codes (@Armando-Walmeric)
• bug #35318 [Yaml] fix PHP const mapping keys using the inline notation (@xabbuh)
• bug #35304 [HttpKernel] Fix that no-cache MUST revalidate with the origin (@mpdude)
• bug #35299 Avoid stale-if-error in FrameworkBundle's HttpCache if kernel.debug = true (@mpdude)
• bug #35151 [DI] deferred exceptions in ResolveParameterPlaceHoldersPass (@Islam93)
• bug #35278 [EventDispatcher] expand listener in place (@xabbuh)
• bug #35254 [PHPUnit-Bridge] Fail-fast in simple-phpunit if one of the passthru() commands fails (@mpdude)
• bug #35261 [Routing] Fix using a custom matcher & generator dumper class (@fancyweb)
• bug #34643 [Dotenv] Fixed infinite loop with missing quote followed by quoted value (@naitsirch)
• bug #35239 [SecurityHttp] Prevent canceled remember-me cookie from being accepted (@chalasr)
• bug #35267 [Debug] fix ClassNotFoundFatalErrorHandler (@nicolas-grekas)
• bug #35193 [TwigBridge] butto _widget now has its title attr translated even if its label = null or false (@stephen-lewis)
• bug #35219 [PhpUnitBridge] When using phpenv + phpenv-composer plugin, composer executable is wrapped into a bash script (@oleg-andreyev)
• bug #35150 [Messenger] Added check if jso _encode succeeded (@toooni)
• bug #35170 [FrameworkBundle][TranslationUpdateCommand] Do not output positive feedback on stderr (@fancyweb)
• bug #35223 [HttpClient] Don't read from the network faster than the CPU can deal with (@nicolas-grekas)
• bug #35214 [DI] DecoratorServicePass should keep container.servic _locator on the decorated definition (@malarzm)
• bug #35210 [HttpClient] NativeHttpClient should not send >1.1 protocol version (@nicolas-grekas)
• bug #33672 [Mailer] Remove line breaks in email attachment content (@Stuart Fyfe)
• bug #35101 [Routing] Fix i18n routing when the url contains the locale (@fancyweb)
• bug #35124 [TwigBridge][Form] Added missing help messages in form themes (@cmen)
• bug #35168 [HttpClient] fix capturing SSL certificates with NativeHttpClient (@nicolas-grekas)
• bug #35134 [PropertyInfo] Fix BC issue in phpDoc Reflection library (@jaapio)
• bug #35173 [Mailer][MailchimpBridge] Fix missing attachments when sending via Mandrill API (@vilius-g)
• bug #35172 [Mailer][MailchimpBridge] Fix incorrect sender address when sender has name (@vilius-g)
• bug #35125 [Translator] fix performance issue in MessageCatalogue and catalogue operations (@ArtemBrovko)
• bug #35120 [HttpClient] fix scheduling pending NativeResponse (@nicolas-grekas)
• bug #35117 [Cache] do not overwrite variable value (@xabbuh)
• bug #35113 [VarDumper] Fix "Undefined index: argv" when using CliContextProvider (@xepozz)
• bug #35103 [Translation] Use local _parse for computing fallback locales (@alanpoulain)
• bug #35094 [Console] Fix filtering out identical alternatives when there is a command loader (@fancyweb)
• bug #35039 [DI] skip looking for config class when the extension class is anonymous (@nicolas-grekas)
• bug #35049 [ProxyManager] fix generating proxies for root-namespaced classes (@nicolas-grekas)
• bug #35022 [Dotenv] FIX missing getenv (@mccullagh)
• bug #35025 [HttpClient][Psr18Client] Remove Psr18ExceptionTrait (@fancyweb)
• bug #35014 [HttpClient] make pushed responses retry-able (@nicolas-grekas)
• bug #35010 [VarDumper] ignore failing debugInfo() (@nicolas-grekas)
• bug #34998 [DI] fix auto-binding service providers to their service subscribers (@nicolas-grekas)
• bug #33670 [DI] Service locators can't be decorated (@malarzm)
• bug #35000 [Console][SymfonyQuestionHelper] Handle multibytes question choices keys and custom prompt (@fancyweb)
• bug #34996 Fix displaying anonymous classes on PHP 7.4 (@nicolas-grekas)
• bug #29839 [Validator] fix comparisons with null values at property paths (@xabbuh)
• bug #34900 [DoctrineBridge] Fixed submitting invalid ids when using queries with limit (@HeahDude)
• bug #34791 [Serializer] Skip uninitialized (PHP 7.4) properties in PropertyNormalizer and ObjectNormalizer (@vudaltsov)
• bug #34956 [Messenger][AMQP] Use deliver _mode=2 by default (@lyrixx)
• bug #34915 [FrameworkBundle] Fix invalid Windows path normalization in TemplateNameParser (@mvorisek)
• bug #34981 stop using deprecated Doctrine persistence classes (@xabbuh)
• bug #34904 [Validator][ConstraintValidator] Safe fail on invalid timezones (@fancyweb)
• bug #34955 Require doctrine/persistence ^1.3 (@nicolas-grekas)
• bug #34923 [DI] Fix support for immutable setters in CallTrait (@Lctrs)
• bug #34918 [Translation] fix memoryleak in PhpFileLoader (@nicolas-grekas)
• bug #34920 [Routing] fix memoryleak when loading compiled routes (@nicolas-grekas)
• bug #34787 [Cache] Propagate expiry when syncing items in ChainAdapter (@trvrnrth)
• bug #34896 [Cache] fix memory leak when using PhpFilesAdapter (@nicolas-grekas)
• bug #34438 [HttpFoundation] Use Cache-Control: must-revalidate only if explicit lifetime has been given (@mpdude)
• bug #34449 [Yaml] Implement multiline string as scalar block for tagged values (@natepage)
• bug #34601 [MonologBridge] Fix debug processor datetime type (@mRoca)
• bug #34842 [ExpressionLanguage] Process division by zero (@tigr1991)
• bug #34902 [PropertyAccess] forward caught exception (@xabbuh)
• bug #34888 [TwigBundle] add tags before processing them (@xabbuh)
• bug #34762 [Config] never try loading failed classes twice with ClassExistenceResource (@nicolas-grekas)
• bug #34839 [Cache] fix memory leak when using PhpArrayAdapter (@nicolas-grekas)
• bug #34812 [Yaml] fix parsing negative octal numbers (@xabbuh)
• bug #34854 [Messenger] gracefully handle missing event dispatchers (@xabbuh)
• bug #34788 [SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass (@fancyweb)
• bug #34755 [FrameworkBundle] resolve service locators in debug: commands (@nicolas-grekas)
• bug #34832 [Validator] Allow underscore character _" in URL username and password (@romainneutron)
• bug #34776 [DI] fix resolving bindings for named TypedReference (@nicolas-grekas)
• bug #34738 [SecurityBundle] Passwords are not encoded when algorithm set to "true" (@nieuwenhuisen)
• bug #34779 [Security] do not validate passwords when the hash is null (@xabbuh)
• bug #34757 [DI] Fix making the container path-independent when the app is in /app (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.