Symfony 3.4.40
29 April 2020
Symfony version 3.4.40 is now available (security release).
Upgrading to Symfony 3.4.40
Symfony 3.4.40 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Symfony updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Symfony install to test the 3.4.40 upgrade prior to applying it live. Get started managing your Symfony installations with Installatron
What's New in Symfony 3.4.40
- bug #36566 [PhpUnitBridge] Use COMPOSE _BINARY env var if available (@fancyweb)
- bug #36560 [YAML] escape DEL(x7f) (@sdkawata)
- bug #36539 [PhpUnitBridge] fix compatibility with phpunit 9 (@garak)
- bug #36555 [Cache] skip APCu in chains when the backend is disabled (@nicolas-grekas)
- bug #36523 [Form] apply automatically step=1 for datetime-local input (@ottaviano)
- bug #36498 [Security/Core] fix escape for username in LdapBindAuthenticationProvider.php (@stoccc)
- bug #36506 [FrameworkBundle] Fix session.attribut _bag service definition (@fancyweb)
- bug #36490 [HttpFoundation] workaround PHP bug in the session module (@nicolas-grekas)
- bug #36483 [SecurityBundle] fix accepting env vars in remember-me configurations (@zek)
- bug #36343 [Form] Fixed handling groups sequence validation (@HeahDude)
- bug #36460 [Cache] Avoid memory leak in TraceableAdapter::reset() (@lyrixx)
- bug #36411 [Form] RepeatedType should always have inner types mapped (@biozshock)
- bug #36441 [DI] fix loading defaults when using the PHP-DSL (@nicolas-grekas)
- bug #36434 [HttpKernel] silence _NOTICE triggered since PHP 7.4 (@xabbuh)
- bug #36365 [Validator] Fixed default group for nested composite constraints (@HeahDude)
- bug #35591 [Validator] do not merge constraints within interfaces (@greedyivan)
- bug #36375 [Workflow] Use a strict comparison when retrieving raw marking in MarkingStore (@lyrixx)
- bug #36305 [PropertyInfo][ReflectionExtractor] Check the array mutator prefixes last when the property is singular (@fancyweb)
- bug #35656 [HttpFoundation] Fixed session migration with custom cookie lifetime (@Guite)
- bug #36315 [WebProfilerBundle] Support for Content Security Policy style-src-elem and script-src-elem in WebProfiler (@ampaze)
- bug #36286 [Validator] Allow URL-encoded special characters in basic auth part of URLs (@cweiske)
- bug #36332 [Serializer] Fix unitialized properties (from PHP 7.4.2) when serializing context for the cache key (@alanpoulain)
- bug #36239 [HttpKernel][LoggerDataCollector] Prevent keys collisions in the sanitized logs processing (@fancyweb)
- bug #36245 [Validator] Fixed calling getters before resolving groups (@HeahDude)
- bug #36252 [Security/Http] Allow setting cookie security settings for delet _cookies (@wouterj)
- bug #36261 [FrameworkBundle] revert to legacy wiring of the session when circular refs are detected (@nicolas-grekas)