254
A simple but powerful API for processing & compiling assets built around Webpack
Events
[Validator] Remove `bjeavons/zxcvbn-php` in favor of a builtin solution
Feels like a common requirement would be to use fields on your user object as restricted words. Any way we can make that easier?
Yes is it. I usually have it in a form with constraints where the list is passed through an option. But when it is set as an attribute, I do not see how to refer to the user fields.
[flex] Symfony 3.x and 4.x removed from Flex endpoint. "extra.symfony.require" has no effect.
I've just fixed it.
[flex] Symfony 3.x and 4.x removed from Flex endpoint. "extra.symfony.require" has no effect.
Hello,
we were trying to update our Composer dependencies of our Symfony 4.4 project this morning and realized, that various Symfony components got updated to their Symfony 5.x version.
After some digging, we found out, that the typical Restricting packages listed in "symfony/symfony" to "4.4.*" message wasn't displayed any longer. And after digging into the Flex plugin's code, we found the link to the main flex json: https://raw.githubusercontent.com/symfony/recipes/flex/main/index.json
This lead us to this repo, where we found out, that yesterday, the index.json was updated. See: https://github.com/symfony/recipes/commit/4058a63c6a0b75a617f8d1ec0a1d89ff9a49281f
All Symfony 3.x and 4.x splits where removed, which makes composer fallback to the highest version possible.
This can easily be reproduced by calling composer create-project symfony/skeleton:"4.4.*" my_project_directory: The created project uses a variety of Symfony 5.x components, although its composer.json restricts them to 4.4.*.
This makes composer up unusable without manually restricting every Symfony component to 4.4.*.
Can someone help? How is this file generated?
Update Flex endpoint
fabpot push symfony/recipes
Update versions.json
[Validator] Remove `bjeavons/zxcvbn-php` in favor of a builtin solution
Feels like a common requirement would be to use fields on your user object as restricted words. Any way we can make that easier?
Update Flex endpoint
fabpot push symfony/recipes
Update versions.json
[Validator] Revert "feature #49789 New `PasswordStrength` constraint (Spomky)"
This reverts commit c37540613922ec64cc8ff0e0a4ad21bd6b4ddb74, reversing changes made to 497e9666de46420299e2732cf2e97451b2792bf0.
| Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | - | License | MIT | Doc PR | -
The dev dependency added in #49789 looks problematic: https://github.com/bjeavons/zxcvbn-php has no commit in 2 years, ignored vulnerability reports + unmerged php compatibility fixes. Worse, the JS project it's based on didn't make any change in 6 years, has ignored security reports as well and seems to be officially abandoned (https://github.com/dropbox/zxcvbn/issues/290, https://github.com/dropbox/zxcvbn/issues/295).
I propose to revert this change for now, then revisit the topic as soon as possible. Also some core members argued that this feature could be better handled on the frontend i.e. rewritten as a UX component or a cookbook example. Either way, if we want to do re-add this, we would need to fork and update the abandoned package. And if it's frontend, we need to find a maintained alternative.
[Cache] Fix storing binary keys when using pgsql
[Cache] Fix storing binary keys when using pgsql
| Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #49748 | License | MIT | Doc PR | -
fabpot push symfony/symfony
[Cache] Fix storing binary keys when using pgsql
bug #49848 [Cache] Fix storing binary keys when using pgsql (nicolas-grekas)
This PR was merged into the 5.4 branch.
Discussion
[Cache] Fix storing binary keys when using pgsql
| Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #49748 | License | MIT | Doc PR | -
Commits
be88fd00f8 [Cache] Fix storing binary keys when using pgsql
[Cache] Fix storing binary keys when using pgsql
Thank you @nicolas-grekas.
