symfony · nicolas-grekas · Jul 5, 2023 · Jul 4, 2023
diff --git a/.github/expected-missing-return-types.diff b/.github/expected-missing-return-types.diff
@@ -2389,10 +2389,10 @@ index cecce6c01b..f2e0c7fdf5 100644
      {
          parent::newLine($count);
 diff --git a/src/Symfony/Component/Console/Tests/EventListener/ErrorListenerTest.php b/src/Symfony/Component/Console/Tests/EventListener/ErrorListenerTest.php
-index 6ad89dc522..40020baee7 100644
+index 10bed7d031..e26109851f 100644
 --- a/src/Symfony/Component/Console/Tests/EventListener/ErrorListenerTest.php
 +++ b/src/Symfony/Component/Console/Tests/EventListener/ErrorListenerTest.php
-@@ -141,5 +141,5 @@ class NonStringInput extends Input
+@@ -128,5 +128,5 @@ class NonStringInput extends Input
      }
 
 -    public function parse()
@@ -9981,17 +9981,17 @@ index eabfe17bba..5a41823338 100644
      {
          throw new \BadMethodCallException('Cannot add attribute to NullToken.');
 diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorage.php b/src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorage.php
-index 0ec6b1cfb9..2e235a6069 100644
+index 8acc31bca2..25779a31b5 100644
 --- a/src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorage.php
 +++ b/src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorage.php
 @@ -41,5 +41,5 @@ class TokenStorage implements TokenStorageInterface, ResetInterface
       * @return void
       */
--    public function setToken(TokenInterface $token = null)
-+    public function setToken(TokenInterface $token = null): void
+-    public function setToken(?TokenInterface $token)
++    public function setToken(?TokenInterface $token): void
      {
-         if (1 > \func_num_args()) {
-@@ -64,5 +64,5 @@ class TokenStorage implements TokenStorageInterface, ResetInterface
+         if ($token) {
+@@ -60,5 +60,5 @@ class TokenStorage implements TokenStorageInterface, ResetInterface
       * @return void
       */
 -    public function reset()
@@ -10172,23 +10172,16 @@ index a493b00e79..377dcacc09 100644
      {
      }
 diff --git a/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php b/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php
-index e0aef90a14..651578d1f1 100644
+index 13441bc758..e2bc96ff48 100644
 --- a/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php
 +++ b/src/Symfony/Component/Security/Core/User/InMemoryUserProvider.php
-@@ -55,5 +55,5 @@ class InMemoryUserProvider implements UserProviderInterface
-      * @throws \LogicException
+@@ -53,5 +53,5 @@ class InMemoryUserProvider implements UserProviderInterface
+      * @return void
       */
 -    public function createUser(UserInterface $user)
 +    public function createUser(UserInterface $user): void
      {
          if (!$user instanceof InMemoryUser) {
-@@ -100,5 +100,5 @@ class InMemoryUserProvider implements UserProviderInterface
-      * @throws UserNotFoundException if user whose given username does not exist
-      */
--    private function getUser(string $username): UserInterface
-+    private function getUser(string $username): InMemoryUser
-     {
-         if (!isset($this->users[strtolower($username)])) {
 diff --git a/src/Symfony/Component/Security/Core/User/UserCheckerInterface.php b/src/Symfony/Component/Security/Core/User/UserCheckerInterface.php
 index 91f21c71d0..95e818392e 100644
 --- a/src/Symfony/Component/Security/Core/User/UserCheckerInterface.php

diff --git a/.github/patch-types.php b/.github/patch-types.php
@@ -24,6 +24,7 @@
             // no break;
         case false !== strpos($file, '/vendor/'):
         case false !== strpos($file, '/src/Symfony/Bridge/PhpUnit/'):
+        case false !== strpos($file, '/src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/ContainerAwareController.php'):
         case false !== strpos($file, '/src/Symfony/Bundle/FrameworkBundle/Tests/Fixtures/Validation/Article.php'):
         case false !== strpos($file, '/src/Symfony/Component/Cache/Tests/Fixtures/DriverWrapper.php'):
         case false !== strpos($file, '/src/Symfony/Component/Config/Tests/Fixtures/BadFileName.php'):

diff --git a/UPGRADE-6.4.md b/UPGRADE-6.4.md
@@ -1,6 +1,11 @@
 UPGRADE FROM 6.3 to 6.4
 =======================
 
+Cache
+-----
+
+ * `EarlyExpirationHandler` no longer implements `MessageHandlerInterface`, rely on `AsMessageHandler` instead
+
 DependencyInjection
 -------------------
 
@@ -14,6 +19,11 @@ DoctrineBridge
  * Deprecate `DoctrineDataCollector::addLogger()`, use a `DebugDataHolder` instead
  * Deprecate `ContainerAwareLoader`, use dependency injection in your fixtures instead
 
+ErrorHandler
+------------
+
+ * `FlattenExceptionNormalizer` no longer implements `ContextAwareNormalizerInterface`
+
 Form
 ----
 
@@ -24,3 +34,13 @@ HttpFoundation
 --------------
 
  * Make `HeaderBag::getDate()`, `Response::getDate()`, `getExpires()` and `getLastModified()` return a `DateTimeImmutable`
+
+HttpKernel
+----------
+
+ * `BundleInterface` no longer extends `ContainerAwareInterface`
+
+Security
+--------
+
+ * `UserValueResolver` no longer implements `ArgumentValueResolverInterface`
diff --git a/UPGRADE-7.0.md b/UPGRADE-7.0.md
@@ -4,6 +4,7 @@ UPGRADE FROM 6.4 to 7.0
 Symfony 6.4 and Symfony 7.0 will be released simultaneously at the end of November 2023. According to the Symfony
 release process, both versions will have the same features, but Symfony 7.0 won't include any deprecated features.
 To upgrade, make sure to resolve all deprecation notices.
+Read more about this in the [Symfony documentation](https://symfony.com/doc/current/setup/upgrade_major.html).
 
 Cache
 -----
@@ -14,6 +15,32 @@ Console
 -------
 
  * Remove `Command::$defaultName` and `Command::$defaultDescription`, use the `AsCommand` attribute instead
+
+   *Before*
+   ```php
+   use Symfony\Component\Console\Command\Command;
+
+   class CreateUserCommand extends Command
+   {
+       protected static $defaultName = 'app:create-user';
+       protected static $defaultDescription = 'Creates users';
+
+       // ...
+   }
+   ```
+
+   *After*
+   ```php
+   use Symfony\Component\Console\Attribute\AsCommand;
+   use Symfony\Component\Console\Command\Command;
+
+   #[AsCommand(name: 'app:create-user', description: 'Creates users')]
+   class CreateUserCommand extends Command
+   {
+       // ...
+   }
+   ```
+
  * Passing null to `*Command::setApplication()`, `*FormatterStyle::setForeground/setBackground()`, `Helper::setHelpSet()`, `Input*::setDefault()` and `Question::setAutocompleterCallback/setValidator()` must be done explicitly
  * Remove `StringInput::REGEX_STRING`
  * Add method `__toString()` to `InputInterface`
@@ -45,6 +72,11 @@ DoctrineBridge
  * DoctrineBridge now requires `doctrine/event-manager:^2`
  * Add parameter `$isSameDatabase` to `DoctrineTokenProvider::configureSchema()`
 
+ExpressionLanguage
+------------------
+
+ * The `in` and `not in` operators now use strict comparison
+
 Filesystem
 ----------
 
@@ -68,21 +100,38 @@ HttpFoundation
  * Remove `Request::getContentType()`, use `Request::getContentTypeFormat()` instead
  * Throw an `InvalidArgumentException` when calling `Request::create()` with a malformed URI
 
+HttpClient
+----------
+
+ * Remove implementing `Http\Message\RequestFactory` from `HttplugClient`
+
 HttpKernel
 ----------
 
  * Add argument `$reflector` to `ArgumentResolverInterface::getArguments()` and `ArgumentMetadataFactoryInterface::createArgumentMetadata()`
+ * Remove `ArgumentValueResolverInterface`, use `ValueResolverInterface` instead
+ * Remove `StreamedResponseListener`
+ * Remove `AbstractSurrogate::$phpEscapeMap`
+ * Remove `HttpKernelInterface::MASTER_REQUEST`
+ * Remove `terminate_on_cache_hit` option from `HttpCache`
 
 Lock
 ----
 
  * Add parameter `$isSameDatabase` to `DoctrineDbalStore::configureSchema()`
+ * Remove the `gcProbablity` (notice the typo) option, use `gcProbability` instead
 
 Messenger
 ---------
 
  * Add parameter `$isSameDatabase` to `DoctrineTransport::configureSchema()`
 
+Mime
+----
+
+ * Remove `Email::attachPart()` method, use `Email::addPart()` instead
+ * Parameter `$body` is now required (at least null) in `Message::setBody()`
+
 PropertyAccess
 --------------
 
@@ -107,17 +156,83 @@ Security
 SecurityBundle
 --------------
 
- * Enabling SecurityBundle and not configuring it is not allowed
+ * Enabling SecurityBundle and not configuring it is not allowed, either remove the bundle or configure at least one firewall
 
 Serializer
 ----------
 
  * Add method `getSupportedTypes()` to `DenormalizerInterface` and `NormalizerInterface`
  * Remove denormalization support for `AbstractUid` in `UidNormalizer`, use one of `AbstractUid` child class instead
  * Denormalizing to an abstract class in `UidNormalizer` now throws an `\Error`
- * Remove `ContextAwareDenormalizerInterface`, use `DenormalizerInterface` instead
- * Remove `ContextAwareNormalizerInterface`, use `NormalizerInterface` instead
+ * Remove `ContextAwareDenormalizerInterface` and `ContextAwareNormalizerInterface`, use `DenormalizerInterface` and `NormalizerInterface` instead
+
+   *Before*
+   ```php
+   use Symfony\Component\Serializer\Normalizer\ContextAwareNormalizerInterface;
+
+   class TopicNormalizer implements ContextAwareNormalizerInterface
+   {
+       public function normalize($topic, string $format = null, array $context = [])
+       {
+       }
+   }
+   ```
+
+   *After*
+   ```php
+   use Symfony\Component\Serializer\Normalizer\NormalizerInterface;
+
+   class TopicNormalizer implements NormalizerInterface
+   {
+       public function normalize($topic, string $format = null, array $context = [])
+       {
+       }
+   }
+   ```
  * Remove `CacheableSupportsMethodInterface`, use `NormalizerInterface` and `DenormalizerInterface` instead
+
+   *Before*
+   ```php
+   use Symfony\Component\Serializer\Normalizer\NormalizerInterface;
+   use Symfony\Component\Serializer\Normalizer\CacheableSupportsMethodInterface;
+
+   class TopicNormalizer implements NormalizerInterface, CacheableSupportsMethodInterface
+   {
+       public function supportsNormalization($data, string $format = null, array $context = []): bool
+       {
+           return $data instanceof Topic;
+       }
+
+       public function hasCacheableSupportsMethod(): bool
+       {
+           return true;
+       }
+
+       // ...
+   }
+   ```
+
+   *After*
+   ```php
+   use Symfony\Component\Serializer\Normalizer\NormalizerInterface;
+
+   class TopicNormalizer implements NormalizerInterface
+   {
+       public function supportsNormalization($data, string $format = null, array $context = []): bool
+       {
+           return $data instanceof Topic;
+       }
+
+       public function getSupportedTypes(?string $format): array
+       {
+           return [
+               Topic::class => true,
+           ];
+       }
+
+       // ...
+   }
+   ```
  * First argument of `AttributeMetadata::setSerializedName()` is now required
  * Add argument `$context` to `NormalizerInterface::supportsNormalization()` and `DenormalizerInterface::supportsDenormalization()`
 
@@ -127,6 +242,9 @@ Validator
  * Add methods `getConstraint()`, `getCause()` and `__toString()` to `ConstraintViolationInterface`
  * Add method `__toString()` to `ConstraintViolationListInterface`
  * Add method `disableTranslation()` to `ConstraintViolationBuilderInterface`
+ * Remove static property `$errorNames` from all constraints, use const `ERROR_NAMES` instead
+ * Remove `VALIDATION_MODE_LOOSE` from `Email` constraint, use `VALIDATION_MODE_HTML5` instead
+ * Remove constraint `ExpressionLanguageSyntax`, use `ExpressionSyntax` instead
 
 VarDumper
 ---------

diff --git a/src/Symfony/Bridge/Doctrine/Tests/Middleware/Debug/MiddlewareTest.php b/src/Symfony/Bridge/Doctrine/Tests/Middleware/Debug/MiddlewareTest.php
@@ -275,5 +275,7 @@ public function testWithoutStopwatch(callable $sqlMethod, callable $endTransacti
         $this->conn->beginTransaction();
         $sqlMethod($this->conn, 'SELECT * FROM products');
         $endTransactionMethod($this->conn);
+
+        $this->addToAssertionCount(1);
     }
 }
diff --git a/src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntity.php b/src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntity.php
@@ -39,11 +39,6 @@ class UniqueEntity extends Constraint
     public $errorPath;
     public $ignoreNull = true;
 
-    /**
-     * @deprecated since Symfony 6.1, use const ERROR_NAMES instead
-     */
-    protected static $errorNames = self::ERROR_NAMES;
-
     /**
      * @param array|string      $fields     The combination of fields that must contain unique values or a set of options
      * @param bool|array|string $ignoreNull The combination of fields that ignore null values

diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -95,7 +95,6 @@
 use Symfony\Component\HttpKernel\CacheWarmer\CacheWarmerInterface;
 use Symfony\Component\HttpKernel\Controller\ArgumentResolver\BackedEnumValueResolver;
 use Symfony\Component\HttpKernel\Controller\ArgumentResolver\UidValueResolver;
-use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;
 use Symfony\Component\HttpKernel\Controller\ValueResolverInterface;
 use Symfony\Component\HttpKernel\DataCollector\DataCollectorInterface;
 use Symfony\Component\HttpKernel\DependencyInjection\Extension;
@@ -596,8 +595,6 @@ public function load(array $configs, ContainerBuilder $container): void
             ->addTag('container.service_locator');
         $container->registerForAutoconfiguration(ServiceSubscriberInterface::class)
             ->addTag('container.service_subscriber');
-        $container->registerForAutoconfiguration(ArgumentValueResolverInterface::class)
-            ->addTag('controller.argument_value_resolver');
         $container->registerForAutoconfiguration(ValueResolverInterface::class)
             ->addTag('controller.argument_value_resolver');
         $container->registerForAutoconfiguration(AbstractController::class)

@@ -5,6 +5,12 @@ CHANGELOG
 ---
 
  * Enabling SecurityBundle and not configuring it is not allowed
+ * Remove configuration options `enable_authenticator_manager` and `csrf_token_generator`
+
+6.4
+---
+
+ * Deprecate `Security::ACCESS_DENIED_ERROR`, `AUTHENTICATION_ERROR` and `LAST_USERNAME` constants, use the ones on `SecurityRequestAttributes` instead
 
 6.3
 ---

@@ -65,7 +65,6 @@ public function getConfigTreeBuilder(): TreeBuilder
                 ->end()
                 ->booleanNode('hide_user_not_found')->defaultTrue()->end()
                 ->booleanNode('erase_credentials')->defaultTrue()->end()
-                ->booleanNode('enable_authenticator_manager')->setDeprecated('symfony/security-bundle', '6.2', 'The "%node%" option at "%path%" is deprecated.')->defaultTrue()->end()
                 ->arrayNode('access_decision_manager')
                     ->addDefaultsIfNotSet()
                     ->children()
@@ -216,14 +215,6 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
             ->arrayNode('logout')
                 ->treatTrueLike([])
                 ->canBeUnset()
-                ->beforeNormalization()
-                    ->ifTrue(fn ($v): bool => isset($v['csrf_token_generator']) && !isset($v['csrf_token_manager']))
-                    ->then(function (array $v): array {
-                        $v['csrf_token_manager'] = $v['csrf_token_generator'];
-
-                        return $v;
-                    })
-                ->end()
                 ->beforeNormalization()
                     ->ifTrue(fn ($v): bool => \is_array($v) && (isset($v['csrf_token_manager']) xor isset($v['enable_csrf'])))
                     ->then(function (array $v): array {
@@ -240,13 +231,6 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
                     ->booleanNode('enable_csrf')->defaultNull()->end()
                     ->scalarNode('csrf_token_id')->defaultValue('logout')->end()
                     ->scalarNode('csrf_parameter')->defaultValue('_csrf_token')->end()
-                    ->scalarNode('csrf_token_generator')
-                        ->setDeprecated(
-                            'symfony/security-bundle',
-                            '6.3',
-                            'The "%node%" option is deprecated. Use "csrf_token_manager" instead.'
-                        )
-                    ->end()
                     ->scalarNode('csrf_token_manager')->end()
                     ->scalarNode('path')->defaultValue('/logout')->end()
                     ->scalarNode('target')->defaultValue('/')->end()
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,6 +5,12 @@ CHANGELOG @@
     ---
      * Enabling SecurityBundle and not configuring it is not allowed
+     * Remove configuration options `enable_authenticator_manager` and `csrf_token_generator`
+.4
+    ---
+     * Deprecate `Security::ACCESS_DENIED_ERROR`, `AUTHENTICATION_ERROR` and `LAST_USERNAME` constants, use the ones on `SecurityRequestAttributes` instead
 .3
     ---
@@ Expand Down @@