v6.4.0-BETA3
版本发布时间: 2023-11-10 22:31:37
symfony/symfony最新发布版本:v7.2.1(2024-12-11 20:15:22)
Changelog (https://github.com/symfony/symfony/compare/v6.4.0-BETA2...v6.4.0-BETA3)
- bug #51666 [RateLimiter] CompoundLimiter was accepting requests even when some limiters already consumed all tokens (@10n)
- bug #52524 [AssetMapper] Only download a CSS file if it is explicitly advertised (@weaverryan)
- bug #52523 [AssetMapper] avoid caching MappedAsset inside JavaScript Import (@weaverryan)
- bug #52519 [AssetMapper] If assets are served from a subdirectory or CDN, also adjust importmap keys (@weaverryan)
- bug #52508 [AssetMapper] Fix jsdelivr import parsing with no imported value (@weaverryan)
- security #cve-2023-46734 [TwigBridge] Ensure CodeExtension's filters properly escape their input (@nicolas-grekas, @GromNaN)
- security #cve-2023-46735 [Webhook] Remove user-submitted type from HTTP response (@nicolas-grekas)
- security #cve-2023-46733 [Security] Fix possible session fixation when only the token changes (@RobertMe)
- bug #52514 [FrameworkBundle] Don't reference SYMFONY_IDE env var in non-debug mode (@nicolas-grekas)
- bug #52506 [SecurityBundle] wire the secret for Symfony 6.4 compatibility (@xabbuh)
- bug #52496 [VarDumper] Accept mixed key on
DsPairStub
(@marc-mabe) - bug #52502 [Config] Prefixing
FileExistenceResource::__toString()
to avoid conflict withFileResource
(@weaverryan) - bug #52491 [String] Method toByteString conversion using iconv is unreachable (@Vincentv92)
- bug #52488 [HttpKernel] Fix PHP deprecation (@nicolas-grekas)
- bug #52469 Check whether secrets are empty and mark them all as sensitive (@nicolas-grekas)
- feature #52471 [HttpKernel] Add
ControllerResolver::allowControllers()
to define which callables are legit controllers when the_check_controller_is_allowed
request attribute is set (@nicolas-grekas) - bug #52476 [Messenger] fix compatibility with Doctrine DBAL 4 (@xabbuh)
- bug #52434 [Console][FrameworkBundle] Fix missing
profile
option for console commands (@keulinho) - bug #52474 [HttpFoundation] ensure string type with mbstring func overloading enabled (@xabbuh)
- bug #52472 [HttpClient][WebProfilerBundle] Do not generate cURL command when files are uploaded (@MatTheCat)
- bug #52457 [Cache][HttpFoundation][Lock] Fix empty username/password for PDO PostgreSQL (@HypeMC)
- bug #52443 [Yaml] Fix uid binary parsing (@mRoca)
- feature #52449 [TwigBridge] Mark CodeExtension as
@internal
(@fabpot) - bug #52429 [HttpClient] Replace
escapeshellarg
to prevent overpassingARG_MAX
(@alexandre-daubois) - bug #52442 Disable the "Copy as cURL" button when the debug info are disabled (@stof)
- bug #52444 Remove full DSNs from exception messages (@nicolas-grekas)
- feature #52336 [HttpFoundation][Lock] Makes MongoDB adapters usable with
ext-mongodb
only (@GromNaN) - bug #52428 [HttpKernel] Preventing error 500 when function putenv is disabled (@ShaiMagal)
- bug #52427 [Console][Process] do not let context classes extend the message classes (@xabbuh)
- bug #52408 [Yaml] Fix block scalar array parsing (@NickSdot)
- bug #52132 [Console] Fix horizontal table top border is incorrectly rendered (@OskarStark)
- bug #52368 [AssetMapper] Fixing bug where JSCompiler used non-absolute importmap entry path (@weaverryan)
- bug #52367 [Uid] Fix UuidV7 collisions within the same ms (@nicolas-grekas)
- bug #52287 [FrameworkBundle] Fix deprecation layer for "enable_annotations" in validation and serializer configuration (@lyrixx)
- bug #52222 [MonologBridge] Fix support for monolog 3.0 (@louismariegaborit)
[PR] https://github.com/symfony/symfony/pull/52538 [SECURITY] Security release