
Description The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled. In a recent change in the way the configuration is loaded,

Symfony 5.3.15 has just been released. Here is the list of the most important changes since 5.3.14: security #cve-2022-xxxx [FrameworkBundle] Enable CSRF in FORM by default (@jderusse) Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more. Want to be

Symfony 5.4.4 has just been released. Here is the list of the most important changes since 5.4.3: security #cve-2022-xxxx [FrameworkBundle] Enable CSRF in FORM by default (@jderusse) Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more. Want to be no

Symfony 6.0.4 has just been released. Here is the list of the most important changes since 6.0.3: security #cve-2022-xxxx [FrameworkBundle] Enable CSRF in FORM by default (@jderusse) Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more. Want to be no

Symfony 6.0.3 has just been released. Here is the list of the most important changes since 6.0.2: bug #45193 [FrameworkBundle] Fix missing arguments when a serialization default context is bound (@ArnoudThibaut) bug #44997 [Runtime] Fix --env and --no-debug with dotenv_overload (@fancyweb) bug #45188 [Dotenv] Fix bootEnv() override with .env.local.php when the env key already exists (@fancyweb) bug #45095 [Finder] Fix finding VCS re-included files in excluded dir

Symfony 5.4.3 has just been released. Here is the list of the most important changes since 5.4.2: bug #45193 [FrameworkBundle] Fix missing arguments when a serialization default context is bound (@ArnoudThibaut) bug #44997 [Runtime] Fix --env and --no-debug with dotenv_overload (@fancyweb) bug #45188 [Dotenv] Fix bootEnv() override with .env.local.php when the env key already exists (@fancyweb) bug #45095 [Finder] Fix finding VCS re-included files in excluded dir

Symfony 4.4.37 has just been released. Here is the list of the most important changes since 4.4.36: bug #44939 [Form] UrlType should not add protocol to emails (@GromNaN) bug #43149 Silence warnings during tty detection (@neclimdul) bug #45181 [Console] Fix PHP 8.1 deprecation in ChoiceQuestion (@BrokenSourceCode) bug #45140 [Yaml] Making the parser stateless (@mamazu) bug #45103 [Process] Avoid calling fclose on an already closed resource (@Seldaek) bug #45088 [

Symfony 5.3.14 has just been released. Here is the list of the most important changes since 5.3.13: bug #44860 [Validator] Fix Choice constraint with associative choices array (@derrabus) bug #44939 [Form] UrlType should not add protocol to emails (@GromNaN) bug #43149 Silence warnings during tty detection (@neclimdul) bug #45154 [Serializer] Fix AbstractObjectNormalizer not considering pseudo type false (@Thomas Nunninger) bug #45185 [Notifier] Fix encoding of m

This was a very intense week for Symfony: first we introduced the new Symfony 6 certification exam, then we announced a new and better way to start Symfony projects and finally, we updated Symfony Flex to provide [fast, smart Flex recipe upgrades](https://symfony.com/blog/fast-smart-flex-recipe-upgrades-with-recipes-update

The Call for Papers for SymfonyLive Paris 2022 is open for a few more days, submit now your talk proposals in French until January 24th 2022.
Et si en 2022, vous deveniez speaker de la conférence francophone de Symfony ? Le Call for Papers du SymfonyLive Paris 2022 est encore ouvert pendant quelques jours( ! Vous n'avez pas envoyé vos propositions de sujet pour les journées de conférence du SymfonyLive Paris 2022 des 7 et 8 avril ? Il vous reste 4 jour