Symfony News

Symfony 4.4.23 released

Symfony 4.4.23 has just been released. Here is a list of the most important changes:

• security #cve-2021-21424 [Security][Guard] Prevent user enumeration (@chalasr)
• bug #41176 [DependencyInjection] fix dumping service-closure-arguments (@nicolas-grekas)
• bug #41168 WDT: Only load “Sfjs” if it is not present already (@weaverryan)
• bug #41147 [Inflector][String] wrong plural form of words ending by “pectus” (@makraz)
• bug #41160 [HttpClient] Don’t prepare the request in ScopingHttpClient (@nicolas-grekas)
• bug #40763 Fix/Rewrite .gitignore regex builder (@mvorisek)
• bug #40917 [Config][DependencyInjection] Uniformize trailing slash handling (@dunglas)
• bug #40699 [PropertyInfo] Make ReflectionExtractor correctly extract nullability (@shiftby)
• bug #40874 [PropertyInfo] fix attribute namespace with recursive traits (@soullivaneuh)
• bug #41099 [Cache] Check if phpredis version is compatible with stream parameter (@nicolassing)
• bug #41072 [VarExporter] Add support of PHP enumerations (@alexandre-daubois)
• bug #41105 [Inflector][String] Fixed singularize edges > edge (@ruudk)
• bug #41075 [ErrorHandler] Skip “same vendor” @method deprecations for Symfonyclasses unless symfony/symfony is being tested (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.