This week, the upcoming Symfony 6.1 version deprecated the $defaultName property in Console commands and added a new cache:pool:invalidate-tags command to ease the management of cache pools. Meanwhile, we discussed about bumping PHP to 8.1 in Symfony 6.1. Lastly, we announced the first speakers of SymfonyLive Paris 2022 and the Call for Papers for the international Symfony conferences.
Symfony development highlights
This week, 30 pull requests were merged (22 i
First selected talks at SymfonyLive Paris 2022, discover the first talks scheduled at the French conference on April 7-8 2022.
Nous sommes très heureux d’annoncer les premiers talks et speakers sélectionnés pour la conférence francophone SymfonyLive Paris 2022. Retrouvez-nous les 7 et 8 avril 2022 à la Cité Internationale Universitaire de Paris pour deux journées de conférence sur Symfony et son écosystème.
Nous souhaitons remercier toutes les personn
We’re super excited with the upcoming conferences of 2022!
Currently, the Call for Papers for SymfonyWorld Online 2022 Summer Edition and SymfonyCon Disneyland Paris 2022 are both open. You can submit your talk and workshop proposals in English for both conferences:
Call for Papers for SymfonyWorld Online 2022 Summer Edition ends on February 14th 2022. Talks should last for 35 minutes, Q&A included. Each selected speaker will get a free conference ticket and a
This week, the upcoming Symfony 6.1 version added context builders to simplify the creation of serialization contexts. In addition, SymfonyCon announced that it's coming back as a physical conference at Disneyland Paris later this year (November 15-18, 2022).
Symfony development highlights
This week, 41 pull requests were merged (29 in code and 12 in docs) and 39 issues were closed (34 in code and 5 in docs). Excluding merges, 30 authors made 16,259 additions a
Affected versions
Twig >2.0.0,3.0.0, https://symfony.com/blog/twig-security-release-disallow-non-closures-in-the-sort-filter?utm_source=Symfony%20Blog%20Feed&utm_medium=feed
The SymfonyCon Disneyland Paris was initially scheduled in 2020, then postponed to 2021. But at that time, we didn't have enough visibility to organize it properly with the Covid circumstances. We finally decided to cancel it instead of postponing it again without any guarantee to be able to organize it.
This year is different: we are super excited to announce the organization of the international Symfony conference as initially planned at Disneyland Par
Affected versions Symfony 5.3.14, 5.4.3, and 6.0.3 versions of the Symfony Framework Bundle is affected by this security issue. The issue has been fixed in Symfony 5.3.15, 5.4.4, and 6.0.4.
Description The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled wi
This week, Symfony 4.4.37, 5.3.14, 5.4.3 and 6.0.3 maintenance versions were released. In addition, a potential security vulnerability related to CSRF tokens in forms was found and fixed in security releases for all maintained versions.
Symfony development highlights
This week, 45 pull requests were merged (37 in code and 8 in docs) and 44 issues were closed (35 in code and 9 in docs). Excluding merges, 36 authors made 1,509 additions and 272 deletions. See det
Description The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded,
Symfony 5.3.15 has just been released. Here is the list of the most important changes since 5.3.14: security #cve-2022-xxxx [FrameworkBundle] Enable CSRF in FORM by default (@jderusse) Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more. Want to be
