Symfony 5.2.2 has just been released. Here is a list of the most important changes:
bug #38900 [Serializer] Exclude non-initialized properties accessed with getters (@BoShurik) bug #39982 [SecurityBundle] Fix referencing aliases from RegisterEntryPointsPass (@chalasr) bug #39872 [Validator] propagate the object being validated to nested constraints (@xabbuh) bug #39887 [Translator] fix handling plural for floating numbers (@kylekatarnls) bug #39967 [Messenger] fix redis messenger options with dsn (@Kleinast) bug #39970 [Messenger] Fix transporting non-UTF8 payloads by encoding them using base 64 (@nicolas-grekas) bug #39956 [Uid] fix checking for valid UUIDs (@nicolas-grekas) bug #39951 [Form] check parent types for labe _format and translatio _domain (@xabbuh) bug #39911 [RateLimiter] Fix infinite values with NoLimiter (@YaFou) bug #39936 [Validator] Fix DebugCommand (@loic425) bug #39909 [PhpUnitBridge] Allow relative path to composer cache (@jderusse) bug #39944 [HttpKernel] Configure the ErrorHandler even when it is overriden (@nicolas-grekas) bug #39896 [PropertyInfo] Fix breaking change with has(arguments…) methods (@YaFou) bug #39932 [Console] [Command] Fix Closure code binding when it is a static anonymous function (@fancyweb) bug #39871 [Notifier] [OvhCloud] “Invalid signature” for message with slashes (@OneT0uch) bug #39900 [Uid] Unable to extend Uuid/Ulid and use fromString() (@OskarStark) bug #39880 [DoctrineBridge] Add username to UserNameNotFoundException (@qurben) bug #39633 [HttpFoundation] Drop int return type from parseFilesize() (@LukeTowers) bug #39889 [HttpClient] Add check for constant in Curl client (@pierredup) bug #39886 [HttpFoundation] Revert #38614 and add assert to avoid regressions (@BafS) bug #39873 [DependencyInjection] Fix container injection with TypedReference (@jderusse) bug #39858 Fix problem when SYMFON _PHPUNI _VERSION is empty string value (@alexander-schranz) bug #39861 [DependencyInjection] Skip deprecated definitions in CheckTypeDeclarationsPass (@chalasr) bug #39862 [Security] Replace message data in JSON security error response (@wouterj) bug #39859 [Security] Replace message data in JSON security error response (@wouterj) bug #39839 [Messenger] [AmazonSqs] Fix auto-setup for fifo queue (@starred-gijs) bug #39667 [DoctrineBridge] Take into account that indexBy=”perso _id” could be a db column name, for a referenced entity (@victormacko) bug #39799 [DoctrineBridge] Fix circular loop with EntityManager (@jderusse) bug #39821 [DependencyInjection] Don’t trigger notice for deprecated aliases pointing to deprecated definitions (@chalasr) bug #39816 [HttpFoundation] use atomic writes in MockFileSessionStorage (@nicolas-grekas) bug #39812 Make EmailMessage & SmsMessage transport nullable (@odolbeau) bug #39735 [Serializer] Rename normalize param (@VincentLanglet) bug #39797 Dont allow unserializing classes with a destructor (@jderusse) bug #39743 [Mailer] Fix missing BCC recipients in SES bridge (@jderusse) bug #39764 [Config] fix handling float-like key attribute values (@xabbuh) bug #39787 [Yaml] a colon followed by spaces exclusively separates mapping keys and values (@xabbuh) bug #39788 [Cache] fix possible collision when writing tmp file in filesystem adapter (@nicolas-grekas) bug #39796 Dont allow unserializing classes with a destructor - 5.2 (@jderusse) bug #39794 Dont allow unserializing classes with a destructor - 4.4 (@jderusse) bug #39795 Dont allow unserializing classes with a destructor - 5.1 (@jderusse) bug #39389 [Security] Move the handleAuthenticationSuccess logic outside try/catch block (@jderusse) bug #39747 [DependencyInjection] Support PHP 8 builtin types in CheckTypeDeclarationsPass (@derrabus) bug #39738 [VarDumper] fix mutating $GLOBALS while cloning it (@nicolas-grekas) bug #39746 [DependencyInjection] Fix InvalidParameterTypeException for function parameters (@derrabus) bug #39681 [HttpFoundation] parse cookie values containing the equal sign (@xabbuh) bug #39716 [DependencyInjection] do not break when loading schemas from network paths on Windows (@xabbuh) bug #39703 [Finder] apply the sort callback on the whole search result (@xabbuh) bug #39717 [TwigBridge] Remove full head content in HTML to text converter (@pupaxxo) bug #39672 [FrameworkBundle] Fix UidNormalizer priority (@fancyweb) bug #39649 [Validator] propagate groups to nested constraints (@xabbuh) bug #39708 [WebProfilerBundle] take query and request parameters into account when matching routes (@xabbuh) bug #39692 [FrameworkBundle] Dump abstract arguments (@jderusse) bug #39683 [Yaml] keep trailing newlines when dumping multi-line strings (@xabbuh) bug #39670 [Form] disable error bubbling by default when inheri _data is configured (@xabbuh) bug #39686 [Lock] Fix config merging in lock (@jderusse) bug #39668 [Yaml] do not dump extra trailing newlines for multiline blocks (@xabbuh) bug #39674 [Messenger] fix postgres transport when the retry table is the same (@lyrixx) bug #39653 [Form] fix passing null $pattern to IntlDateFormatter (@nicolas-grekas) bug #39637 [Security] Fix event propagation for AuthenticationTokenCreatedEvent when globally registered (@scheb) bug #39647 [Validator] Update Isin message to match the translation files (@derrabus) bug #39598 [Messenger] Fix stopwach usage if it has been reset (@lyrixx) bug #39636 [Uid] Handle ValueErrors triggered by ext-uuid on PHP 8 (@derrabus) bug #39631 [VarDumper] Fix display of nullable union return types (@derrabus) bug #39629 [VarDumper] fixed displaying “mixed” as “?mixed” (@nicolas-grekas) bug #39597 [Mailer] Handle failure when sending DATA (@jderusse) bug #39621 [Security] Fix event propagation for globally registered security events (@scheb) bug #39603 [TwigBridge] allow null values in form helpers (@xabbuh) bug #39610 [ProxyManagerBridge] fix PHP notice, switch to “friendsofphp/proxy-manager-lts” (@nicolas-grekas) bug #39584 [Security] Add RememberMe Badge to LoginLinkAuthenticator (@jderusse) bug #39586 Supports empty path for slack DSN (@odolbeau)
Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. Use SymfonyInsight upgrade reports to detect the code you will need to change in your project and read our upgrade documentation to learn more. Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.
Sponsor the Symfony project.http://feedproxy.google.com/~r/symfony/blog/~3/QTH1njwYOpY/symfony-5-2-2-released
Melden Sie sich an, um einen Kommentar hinzuzufügen
Andere Beiträge in dieser Gruppe
Contributed by Mathias Arlaud in
Affected versions
Symfony UX symfony/ux-live-component and symfony/ux-twig-component versions <2.25.1 are affected by this security issue.
The issue has been fixed in the 2.25.1 version of these
Symfony has been reducing the need for configuration in applications for several years now. Thanks to PHP attributes, you can now configure most things alongside the relevant code, removing the need f
This week, development activity focused on polishing Symfony 7.3 ahead of its final release in two weeks. We also continued publishing articles highlighting the new features of Symfony 7.3 and shared
SymfonyOnline June 2025 is almost here, starting in a few weeks on:
June 10-11: Workshop days. June 12-13: Online conference days in English. All talks will be available for replay as soon as
Symfony 7.3 introduces several enhancements to the DependencyInjection component that simplify service configuration, make autoconfiguration more flexible, and enable environment-specific aliasing.
S
Contributed by Nicolas Grekas in
