April 21, 2019 Javier Eguiluz

This week, Symfony 2.7.51, 2.8.50, 3.4.26, 4.1.12 and 4.2.7 versions were released to address some security issues. Meanwhile, the upcoming Symfony 4.3 version added a native password hasher which chooses the best hashing algorithm automatically.

Symfony development highlights

This week, 44 pull requests were merged (33 in code and 11 in docs) and 52 issues were closed (40 in code and 12 in docs). Excluding merges, 24 authors made 6,899 additions and 1,910 deletions. See details for code and docs.

3.4 changelog:

81d11c3: [Form] workaround for \DateInterval::createFromDateString

84ee311: [HttpFoundation] reject invalid method override

0a4ed67: [Security] added a separator in the remember me cookie hash

d77e445: [Cache, PHPUnit Bridge] prevent destructors with side-effects from being unserialized

4585a41: [FrameworkBundle, Form] fixed XSS issues in the form theme of the PHP templating engine

47cd029: [DependencyInjection] check service IDs are valid

1311324: [HttpFoundation] made MimeTypeExtensionGuesser case insensitive

f458e5b: [Validator] updated the Tagalog translation

4.2 changelog:

c009e60: [HttpKernel] fixed get session when the request stack is empty

74a18bc: [FrameworkBundle] decorated the ValidatorBuilder's translator with LegacyTranslatorProxy

2d2ff38: [Routing] fixed trailing slash redirection with non-greedy trailing vars

cc497a5: [FrameworkBundle] called method with Translator component only

243b257: [Routing] fixed matching trailing vars with defaults

Master changelog:

238f844: [Serializer] use name converter when normalizing constraint violation list

e683dfa: [Messenger] removed base64_encode & used addslashes

7cf96a4: [Form] show all option normalizers on debug:form command

a59fe66: [VarDumper] added caster for WeakReference instances of PHP 7.4

89ec311: [Security] added NativePasswordEncoder

d9bcfc3: [PhpUnit Bridge] treat undefined env var as strict mode

823d375: [Security] deprecated BCryptPasswordEncoder in favor of NativePasswordEncoder

Newest issues and pull requests

They talked about us

Upcoming Symfony Events

Call to Action