Symfony 6.1.3 released

Symfony 6.1.3 has just been released. Here is the list of the most important changes since 6.1.2:

  • bug #47069 [Security] Allow redirect after login to absolute URLs (@Tim Ward)
  • bug #47073 [HttpKernel] Fix non-scalar check in surrogate fragment renderer (@aschempp)
  • bug #46849 [HtmlSanitizer] Allow null for sanitizer option allowed_link_hosts and allowed_media_hosts (@plfort)
  • bug #47104 [Serializer] Fix wrong needsNormalization in TraceableEncoder (@ostrolucky)
  • bug #47003 [Cache] Ensured that redis adapter can use multiple redis sentinel hosts (@warslett)
  • bug #43329 [Serializer] Respect default context in DateTimeNormalizer::denormalize (@hultberg)
  • bug #47070 [Messenger] Fix function name in TriggerSql on postgresql bridge to support table name with schema (@zimny9932)
  • bug #47086 Workaround disabled "var_dump" (@nicolas-grekas)
  • bug #40828 [BrowserKit] Merge fields and files recursively if they are multidimensional array (@januszmk)
  • bug #47010 [String] Fix width method in AbstractUnicodeString (@TBoileau)
  • bug #47048 [Serializer] Fix XmlEncoder encoding attribute false (@alamirault)
  • bug #46957 [HttpFoundation] Fix \Stringable support in InputBag::get() (@chalasr)
  • bug #47022 [Console] get full command path for command in search path (@remicollet)
  • bug #47000 [ErrorHandler] Fix return type patching for list and class-string pseudo types (@derrabus)
  • bug #43998 [HttpKernel] [HttpCache] Don't throw on 304 Not Modified (@aleho)
  • bug #46792 [Bridge] Corrects bug in test listener trait (@magikid)
  • bug #46985 [DoctrineBridge] Avoid calling AbstractPlatform::hasNativeGuidType() (@derrabus)
  • bug #46958 [Serializer] Ignore getter with required parameters (Fix #46592) (@astepin)
  • bug #46981 [Mime] quote address names if they contain parentheses (@xabbuh)
  • bug #46960 [FrameworkBundle] Fail gracefully when forms use disabled CSRF (@HeahDude)
  • bug #46973 [DependencyInjection] Fail gracefully when attempting to autowire composite types (@derrabus)
  • bug #45884 [Serializer] Fix inconsistent behaviour of nullable objects in key/value arrays (@phramz)
  • bug #46963 [Mime] Fix inline parts when added via attachPart() (@fabpot)
  • bug #46968 [PropertyInfo] Make sure nested composite types do not crash ReflectionExtractor (@derrabus)
  • bug #46931 Flush backend output buffer after closing. (@bradjones1)
  • bug #46947 [Serializer] Prevent that bad Ignore method annotations lead to incorrect results (@astepin)
  • bug #46948 [Validator] : Fix "PHP Warning: Undefined array key 1" in NotCompromisedPasswordValidator (@KevinVanSonsbeek)
  • bug #46905 [BrowserKit] fix sending request to paths containing multiple slashes (@xabbuh)
  • bug #46244 [Validator] Fix traverse option on Valid constraint when used as Attribute (@tobias-93)
  • bug #42033 [HttpFoundation] Fix deleteFileAfterSend on client abortion (@nerg4l)
  • bug #46941 [Messenger] Fix calls to deprecated DBAL methods (@derrabus)
  • bug #46863 [Mime] Fix invalid DKIM signature with multiple parts (@BrokenSourceCode)
  • bug #46808 [HttpFoundation] Fix TypeError on null $_SESSION in NativeSessionStorage::save() (@chalasr)
  • bug #46811 [DoctrineBridge] Fix comment for type on Query::setValue (middlewares) (@l-vo)
  • bug #46790 [HttpFoundation] Prevent PHP Warning: Session ID is too long or contains illegal characters (@BrokenSourceCode)
  • bug #46700 [HttpClient] Prevent "Fatal error" in data collector (@fmata)
  • bug #46800 Spaces in system temp folder path cause deprecation errors in php 8 (@demeritcowboy)
  • bug #46797 [Messenger] Ceil waiting time when multiplier is a float on retry (@WissameMekhilef)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

            <hr style="margin-bottom: 5px" />
            <div style="font-size: 90%">
                <a href="https://symfony.com/sponsor">Sponsor</a> the Symfony project.
            </div>

https://symfony.com/blog/symfony-6-1-3-released?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

Établi 3y | 29 juil. 2022 à 17:20:09


Connectez-vous pour ajouter un commentaire

Autres messages de ce groupe

Back on the inspiring SymfonyCon Vienna 2024!

We were absolutely thrilled to gather with the incredible Symfony community for the first time in Vienna, Austria, from December 5th to 6th, surrounded by the warm and festive atmosphere of the

31 janv. 2025 à 12:30:18 | Symfony
SymfonyLive Paris 2025 : Reveal of workshop topics!

SymfonyLive Paris 2025, conference in French language only, will take place from March 27 to 28! The schedule is currently being revealed as we go along. More details are available here.

💻

30 janv. 2025 à 08:50:03 | Symfony
Get Symfony news on your favorite social network

Symfony has been active on X, Mastodon, and Bluesky for some time, but until recently, not all platforms received equal attention. Since Twitter (now X) was our first social network, all blog posts we

29 janv. 2025 à 14:20:10 | Symfony
SymfonyLive Berlin 2025: Demystify the magic of the Container

SymfonyLive Berlin 2025, conference held in English, will take place from April 1 to 4! The schedule is being revealed gradually. More details are available here.

As we are now unveiling th

29 janv. 2025 à 14:20:10 | Symfony
Twig CVE-2025-24374: Missing output escaping for the null coalesce operator

Affected versions

Twig versions >=3.16.0,<3.19.0 are affected by this security issue.

The issue has been fixed in Twig 3.19.0.

Description

When using the null coalesce operator (??), output esc

29 janv. 2025 à 09:40:06 | Symfony
Symfony 6.4.18 released

Symfony 6.4.18 has just been released. Here is the list of the most important changes since 6.4.17:

bug #58889 [Serializer] Handle default context in Serializer (@Valmonzo)

bug #59631 [HttpClient

29 janv. 2025 à 09:40:05 | Symfony
Symfony 7.1.11 released

Symfony 7.1.11 has just been released. Here is the list of the most important changes since 7.1.10:

bug #58889 [Serializer] Handle default context in Serializer (@Valmonzo)

bug #59631 [HttpClient

29 janv. 2025 à 09:40:05 | Symfony