Symfony News

Symfony 5.1.0 released

Symfony 5.1.0 has just been released. Here is a list of the most important changes:

• bug #37009 [Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint (@xabbuh)
• bug #37008 [Security] Fixed AbstractToken::hasUserChanged() (@wouterj)
• bug #36894 [Validator] never directly validate Existence (Required/Optional) constraints (@xabbuh)
• bug #37007 [Console] Fix QuestionHelper::disableStty() (@chalasr)
• bug #36865 [Form] validate subforms in all validation groups (@xabbuh)
• bug #36907 Fixes sprintf(): Too few arguments in form transformer (@pedrocasado)
• bug #36868 [Validator] Use Mime component to determine mime type for file validator (@pierredup)
• bug #37000 Add meaningful message when using ProcessHelper and Process is not installed (@l-vo)
• bug #36990 [Messenger] Change the default notify timeout value for PostgreSQL (@fabpot)
• bug #36995 [TwigBridge] fix fallback html-to-txt body converter (@nicolas-grekas)
• bug #36993 [ErrorHandler] fix setting $trace to null in FatalError (@nicolas-grekas)
• bug #36987 Handle fetch mode deprecation of DBAL 2.11. (@derrabus)
• bug #36984 [SecurityBundle] Fixed version constraint on security-core and security-guard (@wouterj)
• bug #36974 [Security] Fixed handling of CSRF logout error (@wouterj)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.