Contributed by
Ryan Weaver
in #36655.

Some Symfony components (e.g. Cache, Lock, Messenger, etc.) can store their contents in databases using Doctrine ORM. This requires some manual setup to work. For example, to store sessions in the database you must create the table that stores the information.

We're big fans of automation, so we decided to automate all this in Symfony 5.1. The idea is to implement some event subscribers that listen to advanced Doctrine events (e.g. Events::onSchemaCreateTable from Doctrine DBAL andToolEvents::postGenerateSchema from Doctrine ORM) and inject the SQL code required to create the database tables needed by each component.

These automatic database tables are generated only when you really need them. Consider for example the Messenger component. If you configure a Doctrine transport and run the make:migration command, the database is created. Otherwise, nothing will change in your database. The same happens when usingPdoAdapter from Cache component, PdoStore from Lock component, etc.

Symfony Docs will be updated soon to reflect this automation and simplify the setup required in some components.

This week, development activity focused on fixing some bugs and polishing some of the new features introduced in the upcoming Symfony 5.1 version, which will be released next week. Meanwhile, Symfony 3.4 and all the other versions were updated to add compatibility with PHP 8, which will be released at the end of the year.

Symfony development highlights

This week, 63 pull requests were merged (47 in code and 16 in docs) and 33 issues were closed (22 in code and 11 in docs). Excluding merges, 26 authors made 8,648 additions and 2,549 deletions. See details for code and docs.

3.4 changelog:

• 7ee33f9: [HttpKernel] fixed error logger when stderr is redirected to /dev/null
• 8e428ed: [PhpUnitBridge] fixed bad detection of unsilenced deprecations
• 42c7975: [Intl] bumped ICU to 67.1 version
• af0df4c: [HttpKernel] fixed that the Store would not save responses with the X-Content-Digest header present
• 5fc4d1b: [Validator] added missing translations of nn locale
• 4a0d5f1: [HttpKernel] prevent calling method_exists() with non-string values
• b202696: [Debug] undefined variables raise a warning in PHP 8
• 77a826c: [Config] removed implicit cast of ReflectionProperty to string
• 14ffc02: [Intl] fixed call to ReflectionProperty::getValue() for static properties
• 4e19168: [Debug] PHP 8 does not pass $context to error handlers
• e220e7c: [PropertyAccess] parse PHP 8 TypeErrors correctly
• 475a715: [DomCrawler] catch expected ValueError
• 42692d6: [Validator] catch expected ValueError
• fb91dc2: [VarDumper] ReflectionFunction::isDisabled() is deprecated
• 410b621: address deprecation of ReflectionType::getClass()
• 6e368f1: [Cache] accessing undefined constants raises an Error in PHP 8
• c4ac3c1: [VarDumper] fixed PHP 8 support

4.4 changelog:

• 638b200: [Security] unserialize $parentData if needed to avoid errors
• 2e46c63: [Security] fixed wrong roles comparison
• 6d7c696: [BrowserKit] raw body with custom Content-Type header
• a25e88b: [Cache, HttpClient] made method signatures compatible with their corresponding traits
• 6e368f1: [Cache] accessing undefined constants raises an Error in PHP 8
• 1a21a75: [OptionsResolver, Serializer] removed calls to deprecated ReflectionParameter::getClass()

5.0 changelog:

• f32c2c1: [ErrorHandler] apply PHP 8 fixes from Debug component

5.1 changelog:

• 87c6683: [HttpKernel] bring back the debug toolbar
• 754bba4: [DI] removed preload primitive types
• 0fd5b95: [Validator] allow passing a validator to Validation::createCallable()
• 8f6afdd: use ">=" for the "php" requirement in composer.json
• 3815b26: [Messenger] added suggestion for Amazon SQS transport and make check more readable
• a7c09ac: [Messenger] fixed check for allowed options in AwsSqs configuration
• 6314732: [Validator] made ExpressionLanguageSyntax validator usable with annotation
• a99a55f: [Form] don't add the inputmode attribute on fields whose type is the same
• c403789: [Security] removed "services" prototype node from "custom_authenticator"

Master changelog:

• e00017e: [Validator] deprecated the "allowEmptyString" option

Symfony CLI

Symfony CLI is a must-have tool when developing Symfony applications on your local machine. It includes theSymfony Local Server, the best way to run local Symfony applications. This week Symfony CLI released its new 4.15.0 version with the following changes:

• Add php-ext-install helper available during SymfonyCloud build stage
• Validate the configured PHP extensions availability before deploying
• php.ini is now used during the SymfonyCloud build stage
• Allow #admins as recipients for health.email integrations
• Improve suggestions when command name is not found
• Turn URLs into links in security:check
• Fix security:check does not respect output coloration
• Fix formatting issues on small screens
• Fix serving files like *.php.html

Newest issues and pull requests

• Run Symfony 3.4+ on PHP 8
• [Messenger] Add a catch-all routing rule
• ChoiceType Field should have a choice_translation_parameters option
• [HttpKernel][HttpClient] CachingHttpClient should be configurable as a private cache
• [Messenger] Consume batch of messages in bulk

They talked about us

• Build assets with Webpack Encore on Github Actions
• Basic Authentication and Registration Steps with Symfony Security Bundle (Symfony 5)
• How to Build an Automated Lone Worker System in PHP using Symfony Workflow & Twilio
• Serialize empty object as empty object instead of empty array with Symfony serializer
• Lightning-fast search using Symfony AlgoliaBundle
• Setting up Symfony with Imagine library and cloud storage (Amazon S3) efficiently, on top of Kubernetes
• Practical Guide — How to upgrade from Symfony 3.x to 5.0 ( or 4.x ) — Part 1
• Practical Guide — How to upgrade from Symfony 3.x to 5.0 ( or 4.x ) — Part 2
• How to use RabbitMQ with Symfony messenger
• Symfony. Subiendo archivos con Flysystem a S3
• Nuevo en Symfony 5.1: Mejoras en el componente Validator
• Nuevo en Symfony 5.1: Mejoras en los formularios
• Nuevo en Symfony 5.1: Mejoras en el componente HttpFoundation
• Nuevo en Symfony 5.1: Actualizaciones automáticas del esquema de base de datos
• Construire les assets avec Webpack Encore sur Github Actions
• Messenger Symfony : Responsabilité unique dans vos handlers
• Symfony Yerel Web Sunucusu
• Экспорт в Excel просто, быстро и красиво
• [EC-CUBE4(symfony)]createNamedBuilderでinput要素を配列で取得するChoiceTypeのformを作成(初心者向け)

Call to Action

• Follow Symfony on Twitter and retweet this article.
• Subscribe to the Symfony blog RSS and never miss a Symfony story again.

We are super excited to meet you at SymfonyCon Disneyland Paris 2020 from December 1st to 5th. We'll celebrate Symfony’s 15th anniversary at the international Symfony conference of the year.

Our Call for Papers and Call for Trainers are currently open, the deadline has been extended to June 8th, 2020. The entire event will be organized in English. If you didn’t submit yet your talk proposals or your workshop proposals (in English), submit them before it’s too late!

If you never spoke at a conference before, we do have a special mentorship program for speakers to help you with your talk (slides, rehearsal…). Remember that each selected speaker will get a free conference ticket, among other things!

For this special conference, a Call for Trainers is also open. We’re looking for workshops in English related to Symfony and its ecosystem, not yet scheduled. If you’re an experienced trainer and are used to deliver workshops, send in your workshops proposals! As the Symfony ecosystem is wide and diverse, we’d like to offer more workshops to the community. The idea is to make sure every attendee can find the right knowledge to enhance his/her/their experience during the conference. Each selected trainer will receive a full package uncluding a free conference ticket.

You can submit several talk and workshop proposals, there are no limits! Share your knowledge with the Symfony community by organizing a training or by speaking on stage at the conference. Check out all the selection criteria and take part in our Call for Papers and Call for Trainers for SymfonyCon Disneyland Paris 2020 until June 8th, 2020.

If you're not yet registered to the conference, book your conference ticket now! The conference is at the end of the year and months away, but if you are not sure to join us due to the unprecedented Covid-19 situation, we've updated our refund policy regarding this special situation. Find out more and book your conference ticket or combo workshop and conference ticket now.

We can't wait to meet you there! By then, stay home and safe!

Symfony 5.1.0-RC2 has just been released. Here is a list of the most important changes:

• bug #36966 Fix extra SQL support in Doctrine migrations (@fabpot)
• bug #36960 [HttpClient] fix management of shorter-than-requested timeouts with AmpHttpClient (@nicolas-grekas)
• bug #36947 [Mime] Allow email message to have "To", "Cc", or "Bcc" header to be valid (@Ernest Hymel)
• bug #36943 [FrameworkBundle] Fix MicroKernelTrait for php 8 (@derrabus)
• bug #36938 Don't call metho _exists() with non-objects. (@derrabus)
• bug #36936 [FrameworkBundle] don't use abstract methods in MicroKernelTrait, their semantics changed in PHP 8 (@nicolas-grekas)
• bug #36935 [HttpClient] Adjust AmpResponse to the stricter trait handling in php 8 (@derrabus)
• bug #36914 Parse and render anonymous classes correctly on php 8 (@derrabus)
• bug #36921 [OptionsResolver][Serializer] Remove calls to deprecated ReflectionParameter::getClass() (@derrabus)
• feature #36918 [Security] Removed "services" prototype node from "custo _authenticator" (@wouterj)
• bug #36920 [VarDumper] fix PHP 8 support (@nicolas-grekas)
• bug #36917 [Cache] Accessing undefined constants raises an Error in php8 (@derrabus)
• bug #36891 Address deprecation of ReflectionType::getClass() (@derrabus)
• bug #36899 [VarDumper] ReflectionFunction::isDisabled() is deprecated (@derrabus)
• bug #36905 [Validator] Catch expected ValueError (@derrabus)
• bug #36915 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36908 [Cache][HttpClient] Made method signatures compatible with their corresponding traits (@derrabus)
• bug #36906 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36904 [PropertyAccess] Parse php 8 TypeErrors correctly (@derrabus)
• bug #36839 [BrowserKit] Raw body with custom Content-Type header (@azhurb)
• bug #36869 [Form] don't add the inputmode attribute on fields whose type is the same (@MatTheCat)
• feature #36886 [Validator] Make ExpressionLanguageSyntax validator usable with annotation (@jderusse)
• bug #36896 [Config] Removed implicit cast of ReflectionProperty to string (@derrabus)
• bug #35944 [Security/Core] Fix wrong roles comparison (@thlbaut)
• bug #36873 [Messenger] Fixed check for allowed options in AwsSqs configuration (@kroshilin)
• bug #36882 [PhpUnitBridge] fix installing under PHP >= 8 (@nicolas-grekas)
• bug #36859 [Validator] allow passing a validator to Validation::createCallable() (@nicolas-grekas)
• bug #36833 [HttpKernel] Fix that the Store would not save responses with the X-Content-Digest header present (@mpdude)
• bug #36867 [PhpUnitBridge] fix bad detection of unsilenced deprecations (@nicolas-grekas)
• bug #36862 [Security] Unserialize $parentData, if needed, to avoid errors (@rfaivre)
• bug #36855 [HttpKernel] Fix error logger when stderr is redirected to /dev/null (@fabpot)
• bug #36838 [HttpKernel] Bring back the debug toolbar (@derrabus)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Contributed by
Wouter De Jong
in #33558,#36570 and #36574.

Symfony 5.1 will include a new Security system as one of its biggest new features. After several months of planning, discussions and hard work, we could finish it on time for Symfony 5.1 as an experimental feature.

The main differences with respect to the previous system are:

1) Removed everything but Guards

In the new Security system, there's only one listener that passes the request to an authenticator manager provided by Symfony. That manager takes care of session management, storing the token, "Remember me" functionality, etc.

Everything is related to a single concept and interface: authenticators. This simplifies the internals of the Security component and makes everything easier to understand for developers.

2) Moved to an event-based system

The Security component didn't use Symfony events to extend all its features. The new system changes that and it's based on three events:

• CheckPassportEvent, this is the main event and checks the validity of the given credentials (a password, a certificate, a CSRF token, etc.)
• LoginSuccessEvent, dispatched when credentials are valid.
• LoginFailureEvent, dispatched when credentials are wrong.

That's all! Three simple events give you all the flexibility needed by your applications.

3) Next generation Guards

Security Guards were introduced in Symfony 2.8 via the GuardAuthenticatorInterface. The new Security system allows to simplify some Guard features and improves others. For starters, the checkCredentials() method is removed and the getCredentials() and getUser() methods have been merged into a method called authenticate().

This introduces a couple of new concepts:

• Passport, the authenticate() method returns a "security passport" that contains the user object and any credentials needed to authenticate it;
• Badges, the extra information needed by the passport.

Passports and badges are used by listeners of the CheckPassportEvent, which will validate and check the passport and all its badges. If all badges are resolved, the user is successfully authenticated

Here's a simplified example of the new system in action when used in a login form:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

useSymfony\Component\HttpFoundation\Request;useSymfony\Component\Security\Core\Exception\UsernameNotFoundException;useSymfony\Component\Security\Http\Authenticator\AuthenticatorInterface;useSymfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;useSymfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;useSymfony\Component\Security\Http\Authenticator\Passport\Passport;useSymfony\Component\Security\Http\Authenticator\Passport\PassportInterface;classFormAuthenticatorimplementsAuthenticatorInterface{// ...publicfunctionauthenticate(Request$request):PassportInterface{// find a user based on an "email" form field$user=$this->userRepository->findOneByEmail($request->get('email'));if(!$user){thrownewUsernameNotFoundException();}returnnewPassport($user,newPasswordCredentials($request->get('password')),[// and CSRF protection using a "csrf_token" fieldnewCsrfTokenBadge('loginform',$request->get('csrf_token'))// and add support for upgrading the password hashnewPasswordUpgradeBadge($request->get('password'),$this->userRepository)]);}}

The new Security system is disabled by default, but you can enable it as follows:

1
2
3
4

# config/packages/security.yamlsecurity:# ...enable_authenticator_manager:true

We'll revamp all Symfony Doc articles about security very soon to start using this new Security system. Meanwhile, you can read the following blog post:Meet the new Symfony Security: Authenticators published by Wouter De Jong, the main developer behind this new Security system. This article was completely based on Wouter's blog post.

Over the past weeks, we've published tens of articles about the most notablenew features of Symfony 5.1, which will be released in a few days. In these final articles of the series we'll showcase some minor but useful new features that will make your development work easier.

Added constants for command exit codes¶

Contributed by
Ivan
in #35478.

In Symfony 4.4 we changed console commands to require them toreturn their exit status code as an integer. In Symfony 5.1 we've added some constants for the most common exit codes (Command::SUCCESS andCommand::FAILURE) to make your code more readable:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

// src/Command/CreateUserCommand.phpnamespaceApp\Command;useSymfony\Component\Console\Command\Command;useSymfony\Component\Console\Input\InputInterface;useSymfony\Component\Console\Output\OutputInterface;classCreateUserCommandextendsCommand{protectedstatic$defaultName='app:create-user';// ...protectedfunctionexecute(InputInterface$input,OutputInterface$output){// ...// Beforereturn0;// AfterreturnCommand::SUCCESS;}}

YAML 1.2 octal notation¶

Contributed by
Christian Flothmann
in #34813.

In YAML 1.1 documents, 0 was the prefix used to define octal numbers (e.g.072). This notation is deprecated in YAML 1.2, which replaces 0 prefix by 0o (e.g. 0o72). That's why in Symfony 5.1 we've added support for YAML 1.2 notation and we've deprecated support for YAML 1.1 format.

Improved tempnam()¶

Contributed by
Jon Dufresne
in #33003.

The PHP tempnam() function creates a file with a unique name in the given directory. The tempnam() function provided by the Symfony Filesystem component provides the same features, but in Symfony 5.1 we improved it with a new optional argument that lets you add a suffix to the generated file name (e.g. to add a file extension to it):

1 2 3 4 5 6

useSymfony\Component\Filesystem\Filesystem;$fs=newFilesystem();$fs->tempnam('/tmp','report_');// '/tmp/report_Um3nlH'$fs->tempnam('/tmp','report_','.pdf');// '/tmp/report_Um3nlH.pdf'

Custom dictionaries for random strings¶

Contributed by
Saif
in #36471.

Symfony String component is the best way of working with strings in PHP applications. In Symfony 5.1 we've improved the feature that generates random alphanumeric strings so you can pass a custom dictionary of characters to be included in the generated string:

1 2 3

$random=ByteString::fromRandom(6);// 'g6UkL2'$randomPin=ByteString::fromRandom(4,'0123456789');// '7385'$randomKey=ByteString::fromRandom(1,'WASD');// 'S'

This article showcases some minor but useful new features added to Symfony 5.1 that will make your development work easier. This is also the last article in the New in Symfony 5.1 series, which contains 47 articles in total.

Allow to include the severity in ConstraintViolationList¶

Contributed by
Kévin Dunglas
in #35545.

Symfony Validator component allows to include a payload in constraint violations with the error severity and other data. In Symfony 5.1 we've improved the Serializer component to also allow adding a payload with data in theConstraintViolationList:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

useSymfony\Component\Serializer\Normalizer\ConstraintViolationListNormalizer;useSymfony\Component\Validator\Constraints\NotNull;useSymfony\Component\Validator\ConstraintViolation;useSymfony\Component\Validator\ConstraintViolationList;$constraint=newNotNull();$constraint->payload=['severity'=>'warning','someOtherField'=>'someValue'];$list=newConstraintViolationList([newConstraintViolation(/* ... */,$constraint),]);$result=$this->normalizer->normalize($list,null,[// pass an array of field names to add only those to the payload// pass NULL or TRUE to pass all fieldsConstraintViolationListNormalizer::PAYLOAD_FIELDS=>['severity']]);$payload=$result['violations'][0]['payload'];// $payload = ['severity' => 'warning'];

Mailer Log Handler¶

Contributed by
Alexander Borisov
in #33456.

In your Symfony applications, logging should be managed using dedicated tools or services. However, in some circumstances (e.g. while prototyping, when developing tiny apps, etc.) sending logs via email when an error happens may be a valid solution, all things considered.

That's why in Symfony 5.1 we added a new Monolog log handler which uses theMailer component to send the logs via email.

New Deprecation Contract¶

Contributed by
Nicolas Grekas
in #35526 and #35648.

Symfony Contracts are a set of abstractions extracted out of the Symfony components. In Symfony 5.1 we've started using a new contract related to deprecations. The only method provided by the contract is:

1	trigger_deprecation(string$package,string$version,string$message,...$args):void;

This will provide more meaningful and standardized deprecation messages in your applications, so we've updated Symfony's own code to use the new method:

1 2 3 4 5 6 7 8 9 10 11 12 13

// Before@trigger_error('Not setting the "framework.router.utf8" configuration option is deprecated since Symfony 5.1, it will default to "true" in Symfony 6.0.',E_USER_DEPRECATED);// Aftertrigger_deprecation('symfony/framework-bundle','5.1','Not setting the "framework.router.utf8" configuration option is deprecated, it will default to "true" in version 6.0.');

Dark Mode in Exception Pages¶

Contributed by
Javier Eguiluz
in #34924.

Adding support for "dark mode" or "dark themes" is increasingly popular in developer tools. We already implement that feature in symfony.com and the Symfony Profiler, but in Symfony 5.1 we also added support for dark mode in exception pages.

Check out the Pull Request #34924 to see some screenshots of this new design.

Symfony 3.4.41 has just been released. Here is a list of the most important changes:

• bug #36894 [Validator] never directly validate Existence (Required/Optional) constraints (@xabbuh)
• bug #37007 [Console] Fix QuestionHelper::disableStty() (@chalasr)
• bug #36865 [Form] validate subforms in all validation groups (@xabbuh)
• bug #36907 Fixes sprintf(): Too few arguments in form transformer (@pedrocasado)
• bug #37000 Add meaningful message when using ProcessHelper and Process is not installed (@l-vo)
• bug #36987 Handle fetch mode deprecation of DBAL 2.11. (@derrabus)
• bug #36974 [Security] Fixed handling of CSRF logout error (@wouterj)
• bug #36920 [VarDumper] fix PHP 8 support (@nicolas-grekas)
• bug #36917 [Cache] Accessing undefined constants raises an Error in php8 (@derrabus)
• bug #36891 Address deprecation of ReflectionType::getClass() (@derrabus)
• bug #36899 [VarDumper] ReflectionFunction::isDisabled() is deprecated (@derrabus)
• bug #36905 [Validator] Catch expected ValueError (@derrabus)
• bug #36906 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36904 [PropertyAccess] Parse php 8 TypeErrors correctly (@derrabus)
• bug #36896 [Config] Removed implicit cast of ReflectionProperty to string (@derrabus)
• bug #36882 [PhpUnitBridge] fix installing under PHP >= 8 (@nicolas-grekas)
• bug #36833 [HttpKernel] Fix that the Store would not save responses with the X-Content-Digest header present (@mpdude)
• bug #36867 [PhpUnitBridge] fix bad detection of unsilenced deprecations (@nicolas-grekas)
• bug #36855 [HttpKernel] Fix error logger when stderr is redirected to /dev/null (@fabpot)
• bug #36592 [BrowserKit] Allow Referer set by history to be overridden (@Slamdunk)
• bug #36794 [Serializer] fix issue with PHP 8 (@nicolas-grekas)
• bug #36743 [Yaml] Fix escaped quotes in quoted multi-line string (@ossinkine)
• bug #36569 [PhpUnitBridge] Mark parent class also covered in CoverageListener (@lyrixx)
• bug #36690 [Yaml] prevent notice for invalid octal numbers on PHP 7.4 (@xabbuh)
• bug #36497 [Filesystem] Handle paths on different drives (@crishoj)
• bug #36678 [WebProfiler] Do not add src-elem CSP directives if they do not exist (@ndench)
• bug #36501 [DX] Show the ParseException message in all YAML file loaders (@fancyweb)
• bug #36683 [Yaml] fix parse error when unindented collections contain a comment (@wdiesveld)
• bug #36672 [Validator] Skip validation when email is an empty object (@acrobat)
• bug #36673 [PhpUnitBridge] fix PHP 5.3 compat again (@nicolas-grekas)
• bug #36627 [Validator] fix lazy property usage. (@bendavies)
• bug #36625 [PhpUnitBridge] fix compat with PHP 5.3 (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Symfony 4.4.9 has just been released. Here is a list of the most important changes:

• bug #37008 [Security] Fixed AbstractToken::hasUserChanged() (@wouterj)
• bug #36894 [Validator] never directly validate Existence (Required/Optional) constraints (@xabbuh)
• bug #37007 [Console] Fix QuestionHelper::disableStty() (@chalasr)
• bug #36865 [Form] validate subforms in all validation groups (@xabbuh)
• bug #36907 Fixes sprintf(): Too few arguments in form transformer (@pedrocasado)
• bug #36868 [Validator] Use Mime component to determine mime type for file validator (@pierredup)
• bug #37000 Add meaningful message when using ProcessHelper and Process is not installed (@l-vo)
• bug #36995 [TwigBridge] fix fallback html-to-txt body converter (@nicolas-grekas)
• bug #36993 [ErrorHandler] fix setting $trace to null in FatalError (@nicolas-grekas)
• bug #36987 Handle fetch mode deprecation of DBAL 2.11. (@derrabus)
• bug #36974 [Security] Fixed handling of CSRF logout error (@wouterj)
• bug #36947 [Mime] Allow email message to have "To", "Cc", or "Bcc" header to be valid (@Ernest Hymel)
• bug #36914 Parse and render anonymous classes correctly on php 8 (@derrabus)
• bug #36921 [OptionsResolver][Serializer] Remove calls to deprecated ReflectionParameter::getClass() (@derrabus)
• bug #36920 [VarDumper] fix PHP 8 support (@nicolas-grekas)
• bug #36917 [Cache] Accessing undefined constants raises an Error in php8 (@derrabus)
• bug #36891 Address deprecation of ReflectionType::getClass() (@derrabus)
• bug #36899 [VarDumper] ReflectionFunction::isDisabled() is deprecated (@derrabus)
• bug #36905 [Validator] Catch expected ValueError (@derrabus)
• bug #36915 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36908 [Cache][HttpClient] Made method signatures compatible with their corresponding traits (@derrabus)
• bug #36906 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36904 [PropertyAccess] Parse php 8 TypeErrors correctly (@derrabus)
• bug #36839 [BrowserKit] Raw body with custom Content-Type header (@azhurb)
• bug #36896 [Config] Removed implicit cast of ReflectionProperty to string (@derrabus)
• bug #35944 [Security/Core] Fix wrong roles comparison (@thlbaut)
• bug #36882 [PhpUnitBridge] fix installing under PHP >= 8 (@nicolas-grekas)
• bug #36833 [HttpKernel] Fix that the Store would not save responses with the X-Content-Digest header present (@mpdude)
• bug #36867 [PhpUnitBridge] fix bad detection of unsilenced deprecations (@nicolas-grekas)
• bug #36862 [Security] Unserialize $parentData, if needed, to avoid errors (@rfaivre)
• bug #36855 [HttpKernel] Fix error logger when stderr is redirected to /dev/null (@fabpot)
• bug #36838 [HttpKernel] Bring back the debug toolbar (@derrabus)
• bug #36592 [BrowserKit] Allow Referer set by history to be overridden (@Slamdunk)
• bug #36823 [HttpClient] fix PHP warning + accept status code >= 600 (@nicolas-grekas)
• bug #36824 [Security/Core] fix compat of NativePasswordEncoder with pre-PHP74 values of PASSWOR _ consts (@nicolas-grekas)
• bug #36811 [DependencyInjection] Fix register event listeners compiler pass (@X-Coder264)
• bug #36789 Change priority of KernelEvents::RESPONSE subscriber (@marcw)
• bug #36794 [Serializer] fix issue with PHP 8 (@nicolas-grekas)
• bug #36786 [WebProfiler] Remove 'none' when appending CSP tokens (@ndench)
• bug #36743 [Yaml] Fix escaped quotes in quoted multi-line string (@ossinkine)
• bug #36777 [TwigBundle] FormExtension does not have a constructor anymore since sf 4.0 (@Tobion)
• bug #36716 [Mime] handle passing custom mime types as string (@mcneely)
• bug #36747 Queue name is a required parameter (@theravel)
• bug #36751 [Mime] fix bad method call on EmailAddressContains (@Kocal)
• bug #36696 [Console] don't check tty on stdin, it breaks with "data lost during stream conversion" (@nicolas-grekas)
• bug #36569 [PhpUnitBridge] Mark parent class also covered in CoverageListener (@lyrixx)
• bug #36690 [Yaml] prevent notice for invalid octal numbers on PHP 7.4 (@xabbuh)
• bug #36590 [Console] Default hidden question to 1 attempt for non-tty session (@ostrolucky)
• bug #36497 [Filesystem] Handle paths on different drives (@crishoj)
• bug #36678 [WebProfiler] Do not add src-elem CSP directives if they do not exist (@ndench)
• bug #36501 [DX] Show the ParseException message in all YAML file loaders (@fancyweb)
• bug #36683 [Yaml] fix parse error when unindented collections contain a comment (@wdiesveld)
• bug #36672 [Validator] Skip validation when email is an empty object (@acrobat)
• bug #36673 [PhpUnitBridge] fix PHP 5.3 compat again (@nicolas-grekas)
• bug #36505 [Translation] Fix for translation:update command updating ICU messages (@artemoliynyk)
• bug #36627 [Validator] fix lazy property usage. (@bendavies)
• bug #36601 [Serializer] do not transform empty Traversable to Array (@soyuka)
• bug #36606 [Cache] Fixed not supported Redis eviction policies (@SerheyDolgushev)
• bug #36625 [PhpUnitBridge] fix compat with PHP 5.3 (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Symfony 5.0.9 has just been released. Here is a list of the most important changes:

• bug #37008 [Security] Fixed AbstractToken::hasUserChanged() (@wouterj)
• bug #36894 [Validator] never directly validate Existence (Required/Optional) constraints (@xabbuh)
• bug #37007 [Console] Fix QuestionHelper::disableStty() (@chalasr)
• bug #36865 [Form] validate subforms in all validation groups (@xabbuh)
• bug #36907 Fixes sprintf(): Too few arguments in form transformer (@pedrocasado)
• bug #36868 [Validator] Use Mime component to determine mime type for file validator (@pierredup)
• bug #37000 Add meaningful message when using ProcessHelper and Process is not installed (@l-vo)
• bug #36995 [TwigBridge] fix fallback html-to-txt body converter (@nicolas-grekas)
• bug #36993 [ErrorHandler] fix setting $trace to null in FatalError (@nicolas-grekas)
• bug #36987 Handle fetch mode deprecation of DBAL 2.11. (@derrabus)
• bug #36974 [Security] Fixed handling of CSRF logout error (@wouterj)
• bug #36947 [Mime] Allow email message to have "To", "Cc", or "Bcc" header to be valid (@Ernest Hymel)
• bug #36914 Parse and render anonymous classes correctly on php 8 (@derrabus)
• bug #36921 [OptionsResolver][Serializer] Remove calls to deprecated ReflectionParameter::getClass() (@derrabus)
• bug #36920 [VarDumper] fix PHP 8 support (@nicolas-grekas)
• bug #36917 [Cache] Accessing undefined constants raises an Error in php8 (@derrabus)
• bug #36891 Address deprecation of ReflectionType::getClass() (@derrabus)
• bug #36899 [VarDumper] ReflectionFunction::isDisabled() is deprecated (@derrabus)
• bug #36905 [Validator] Catch expected ValueError (@derrabus)
• bug #36915 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36908 [Cache][HttpClient] Made method signatures compatible with their corresponding traits (@derrabus)
• bug #36906 [DomCrawler] Catch expected ValueError (@derrabus)
• bug #36904 [PropertyAccess] Parse php 8 TypeErrors correctly (@derrabus)
• bug #36839 [BrowserKit] Raw body with custom Content-Type header (@azhurb)
• bug #36896 [Config] Removed implicit cast of ReflectionProperty to string (@derrabus)
• bug #35944 [Security/Core] Fix wrong roles comparison (@thlbaut)
• bug #36882 [PhpUnitBridge] fix installing under PHP >= 8 (@nicolas-grekas)
• bug #36833 [HttpKernel] Fix that the Store would not save responses with the X-Content-Digest header present (@mpdude)
• bug #36867 [PhpUnitBridge] fix bad detection of unsilenced deprecations (@nicolas-grekas)
• bug #36862 [Security] Unserialize $parentData, if needed, to avoid errors (@rfaivre)
• bug #36855 [HttpKernel] Fix error logger when stderr is redirected to /dev/null (@fabpot)
• bug #36838 [HttpKernel] Bring back the debug toolbar (@derrabus)
• bug #36592 [BrowserKit] Allow Referer set by history to be overridden (@Slamdunk)
• bug #36823 [HttpClient] fix PHP warning + accept status code >= 600 (@nicolas-grekas)
• bug #36824 [Security/Core] fix compat of NativePasswordEncoder with pre-PHP74 values of PASSWOR _ consts (@nicolas-grekas)
• bug #36811 [DependencyInjection] Fix register event listeners compiler pass (@X-Coder264)
• bug #36789 Change priority of KernelEvents::RESPONSE subscriber (@marcw)
• bug #36794 [Serializer] fix issue with PHP 8 (@nicolas-grekas)
• bug #36786 [WebProfiler] Remove 'none' when appending CSP tokens (@ndench)
• bug #36743 [Yaml] Fix escaped quotes in quoted multi-line string (@ossinkine)
• bug #36777 [TwigBundle] FormExtension does not have a constructor anymore since sf 4.0 (@Tobion)
• bug #36716 [Mime] handle passing custom mime types as string (@mcneely)
• bug #36747 Queue name is a required parameter (@theravel)
• bug #36751 [Mime] fix bad method call on EmailAddressContains (@Kocal)
• bug #36696 [Console] don't check tty on stdin, it breaks with "data lost during stream conversion" (@nicolas-grekas)
• bug #36569 [PhpUnitBridge] Mark parent class also covered in CoverageListener (@lyrixx)
• bug #36690 [Yaml] prevent notice for invalid octal numbers on PHP 7.4 (@xabbuh)
• bug #36590 [Console] Default hidden question to 1 attempt for non-tty session (@ostrolucky)
• bug #36497 [Filesystem] Handle paths on different drives (@crishoj)
• bug #36678 [WebProfiler] Do not add src-elem CSP directives if they do not exist (@ndench)
• bug #36501 [DX] Show the ParseException message in all YAML file loaders (@fancyweb)
• bug #36683 [Yaml] fix parse error when unindented collections contain a comment (@wdiesveld)
• bug #36672 [Validator] Skip validation when email is an empty object (@acrobat)
• bug #36673 [PhpUnitBridge] fix PHP 5.3 compat again (@nicolas-grekas)
• bug #36505 [Translation] Fix for translation:update command updating ICU messages (@artemoliynyk)
• bug #36627 [Validator] fix lazy property usage. (@bendavies)
• bug #36601 [Serializer] do not transform empty Traversable to Array (@soyuka)
• bug #36606 [Cache] Fixed not supported Redis eviction policies (@SerheyDolgushev)
• bug #36625 [PhpUnitBridge] fix compat with PHP 5.3 (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Symfony 5.1.0 has just been released. Here is a list of the most important changes:

• bug #37009 [Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint (@xabbuh)
• bug #37008 [Security] Fixed AbstractToken::hasUserChanged() (@wouterj)
• bug #36894 [Validator] never directly validate Existence (Required/Optional) constraints (@xabbuh)
• bug #37007 [Console] Fix QuestionHelper::disableStty() (@chalasr)
• bug #36865 [Form] validate subforms in all validation groups (@xabbuh)
• bug #36907 Fixes sprintf(): Too few arguments in form transformer (@pedrocasado)
• bug #36868 [Validator] Use Mime component to determine mime type for file validator (@pierredup)
• bug #37000 Add meaningful message when using ProcessHelper and Process is not installed (@l-vo)
• bug #36990 [Messenger] Change the default notify timeout value for PostgreSQL (@fabpot)
• bug #36995 [TwigBridge] fix fallback html-to-txt body converter (@nicolas-grekas)
• bug #36993 [ErrorHandler] fix setting $trace to null in FatalError (@nicolas-grekas)
• bug #36987 Handle fetch mode deprecation of DBAL 2.11. (@derrabus)
• bug #36984 [SecurityBundle] Fixed version constraint on security-core and security-guard (@wouterj)
• bug #36974 [Security] Fixed handling of CSRF logout error (@wouterj)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.

Symfony 5.1.0 has just been released. As for any other Symfony minor release, our backward compatibility promise applies and this means that you should be able to upgrade easily without changing anything in your code.

During the last couple of months, we've blogged about the great 5.1 new features. I highly recommend you to read the 47 articles about Symfony 5.1 as they contain the major changes for this new version:

• Added support for typed properties in PropertyInfo: In Symfony 5.1, the PropertyInfo component can extract information from the new typed properties introduced in PHP 7.4.
• Autowire public typed properties: In Symfony 5.1, public properties typed with classes related to services are autowired automatically, which is equivalent to the traditional setter injection.
• The "safe" HTTP Preference: Symfony 5.1 supports the "safe" HTTP preference defined in RFC 8674.
• Single command applications: In Symfony 5.1, creating single command console applications will be easier thanks to the new SingleCommandApplication class.
• Reusable sets of constraints: In Symfony 5.1 you can define reusable sets of constraints and you can also apply constraints sequentially to stop the validation as soon as one validation fails.
• Route annotations priority: In Symfony 5.1, routes defined as annotations can include a priority option to better control the URL matching without having to reorder the controller actions.
• Simpler security attributes: In Symfony 5.1, security attributes will be easier to use and a new IS_IMPERSONATOR attribute will simplify how to detect impersonating users.
• Improved UriSigner: In Symfony 5.1 we've improved the UriSigner service to make it autowireable and easier to use.
• Hostname Validator: Symfony 5.1 includes a new validator to check that a given value is valid as a hostname.
• Workflow improvements: In Symfony 5.1, the Workflow component has been improved to allow disable announce events, check if a workflow exists and explain blocked transitions.
• Simpler login in tests: Symfony 5.1 adds a new loginUser() method to simplify testing protected resources.
• Uid component: Symfony 5.1 will include a new component called Uid which generates UUIDs and ULIDs and provides some utilities for them.
• Translation improvements: Symfony 5.1 adds new features related to translations to configure the enabled locales, to improve the translation debug command, to support name attributes in Xliff2 and to allow translating each language into its own language.
• Form theme improvements: Symfony 5.1 adds a new form theme for Foundation 6, improves the translation of Bootstrap custom forms and allows to customize collection entries.
• Improved route configuration: In Symfony 5.1, configuring redirections and rendering templates from route configuration will be much simpler.
• Routing improvements: In Symfony 5.1, routes can be stateless, route conditions can include env vars and the request context is easier to configure.
• String improvements: In Symfony 5.1, the String component uses the Stringable interface from PHP 8, improves methods such as truncate() and adds useful methods such as containsAny() and reverse().
• Portable HTTP/2 implementation: In Symfony 5.1, the HttpClient component can use HTTP/2 without installing the cURL library thanks to the amp/http-client PHP package.
• Configurable PHP Preloading: In Symfony 5.1, you can configure PHP preloading by using some dependency injection tags to define which classes should be preloaded and which ones should not.
• Cursor control: Symfony 5.1 introduces new utilities to control the cursor in console commands.
• Simpler logout customization: In Symfony 5.1, logout customization will be much easier to implement thanks to a new LogoutEvent.
• Remote asset manifest: In Symfony 5.1, the asset manifest file can be stored in remote servers, which is ideal when using CDNs.
• Different hosts per locale: In Symfony 5.1, routes can define different hosts for each locale, which is useful to create fully internationalized URLs.
• Simpler service decoration: In Symfony 5.1, it's much easier to refer to the original service when using service decoration.
• Abstract service arguments: In Symfony 5.1, services can define abstract arguments whose values are calculated at runtime.
• Improved Microkernel: In Symfony 5.1 we've improved MicroKernelTrait to allow using the Kernel as a registry of autowired controllers and service factories.
• Stack decorators: Symfony 5.1 introduces a new syntax to stack decorators, providing a simpler alternative to classic middleware.
• New and Improved Integrations: Symfony 5.1 adds new integrations with third-party technologies and services in the Lock, Cache, Mailer, Messenger and Notifier components.
• URI Resolver: In Symfony 5.1, the DomCrawler component provides a new utility to resolve relative links into absolute URLs.
• Serializer improvements: Symfony 5.1 improves the serializer with a new @Ignore annotation, an unwrapping denormalizer, support for stdClass and scalar denormalization.
• Async AWS Support: Symfony 5.1 will use Async AWS, a modern alternative to the official Amazon AWS SDK for PHP, in components like Mailer and Messenger.
• Simpler Request Context: Symfony 5.1 allows to configure the entire request context using a single config parameter called "default_uri".
• ExpressionLanguage validator: In Symfony 5.1 you can validate the syntax of your ExpressionLanguage expressions without parsing or evaluating them.
• Server-side request forgery protection: Symfony 5.1 improves the HttpClient component to provide out-of-the-box protection against SSRF (Server-side request forgery).
• Deprecate public services into private services: In Symfony 5.1, you can turn public services into private services while keeping the backward compatibility of your code.
• Deprecated the Inflector component: In Symfony 5.1, the Inflector component has been deprecated and its logic has been moved into the String component.
• AtLeastOneOf validator: Symfony 5.1 adds a new AtLeastOneOf validator to check that a given value satisfies at least one of the given constraints.
• Access decision based on voter priority: Symfony 5.1 adds a new access decision strategy called "priority" which uses the decision from the highest priority security voter.
• OptionsResolver improvements: In Symfony 5.1, the OptionsResolver component has introduced an optional fluent interface to configure options and a way to provide extra debug information per option.
• Validator improvements: Symfony 5.1 validator adds support for three-letter country and language codes, adds an option to check that the collection items is divisible by a certain number and allows to define validation callables.
• Form improvements: Symfony 5.1 improves forms to validate HTML5 colors, allow rounding percent values, display HTML contents in labels, simplify timezone management, provide better defaults for inputmode option and other improvements in choice types.
• HttpFoundation improvements: Symfony 5.1 adds a new InputBag class, adds support for encrypting session data, adds more cache-control directives and allows to build cookie objects more easily.
• Automatic schema updates: Symfony 5.1 automates the creation of the database tables required by some components to store their contents (Messenger, Lock, Cache, etc.)
• Updated Security System: Symfony 5.1 includes a new Security system which simplifies the existing security features while giving developers more flexibility in a much more approachable way.
• Misc. improvements (Part 1): Some of the minor new features included in Symfony 5.1 will make your work easier, such as using constants for command exit codes, a better tempnam() function and customized random strings.
• Misc. improvements (Part 2): Symfony 5.1 will include a stand-alone YAML linter command, a better RoundRobin mailer transport, a separate log channel for deprecations and support for tags/metadata in mailers.
• Misc. improvements (Part 3): Symfony 5.1 will allow to include the severity in ConstraintViolationList, will add a new mailer log handler and a new deprecation contract, and will enable "dark mode" in exception pages.

This week Symfony 5.1 was released. This major version contains hundreds of tweaks and improvements and tens of nice new features. Symfony also released its 3.4.41, 4.4.9 and 5.0.9 maintenance versions. In addition, this week we published the 700th issue of "A Week of Symfony". Thanks for reading us every week for more than 13 years, making it one of the longest-running blog series in the entire software industry.

Symfony development highlights

3.4 changelog:

• ce61bb0: [Security] fixed handling of CSRF logout error
• e1e314d: handle fetch mode deprecation of DBAL 2.11
• b7cd22c: [Console] added meaningful message when using ProcessHelper and Process is not installed
• a3c460f: [Form] updated Hungarian translations
• 8861ee1, 03cad5a: [Validator] updated Czech translation
• 2e8ae40: [Form] validated subforms in all validation groups
• ca66e6c: [PropertyAccess] fixed TypeError parsing again
• 8e40814: [Console] fixed QuestionHelper::disableStty()
• 84081ad: [Validator] never directly validate Existence (Required/Optional) constraints

4.4 changelog:

• b524e04: [Mime] allowed email message to have "To"
• 0d2bc7b: [ErrorHandler] fixed setting $trace to null in FatalError
• 96d2d19: [TwigBridge] fixed fallback html-to-txt body converter
• 5e0e9a8: [Validator] used Mime component to determine mime type for file validator
• bdb01db: [Security] fixed AbstractToken::hasUserChanged()

5.1 changelog:

• 3693875: [FrameworkBundle] fixed MicroKernelTrait for php 8
• 4739835: [HttpClient] fixed management of shorter-than-requested timeouts with AmpHttpClient
• 7f6934c: [Doctrine] fixed extra SQL support in Doctrine migrations
• 2ff26b7: [Messenger] changed the default notify timeout value for PostgreSQL
• af444f8: [Validator] use "allowedVariables" to configure the ExpressionLanguageSyntax constraint

Newest issues and pull requests

• [Messenger] Provide a safe single handler strategy
• [HttpClient] CachingHttpClient defeats concurrency
• [DependencyInjection] dump xml container definition without debug enabled
• Route controller linter

They talked about us

• Moving a Symfony app using Doctrine ORM from PostgreSQL to MySQL
• [Angular + Symfony] A quick website setup
• Symfony 5 confirmation email without FosUserBundle
• Securing your Symfony forms with Google reCAPTCHA v2
• The Bulletproof Event Naming For Symfony Event Dispatcher
• Configuring API Platform resources by following DDD principles
• Nuevo en Symfony 5.1: Nuevo sistema de seguridad

Call to Action

• Follow Symfony on Twitter and retweet this article.
• Subscribe to the Symfony blog RSS and never miss a Symfony story again.

The Symfony and Twig certifications are available online since October 2018, read our blog post announcement to find out more about the Symfony certification online availability. We’ve moved from physical exam centers to online certification to enable much more people to take the Symfony 3 and 4 or Twig certification exams. We're very pleased to announce that the Symfony 5 certification is now available. Plus, we have a new certification provider based in Europe which offers more advantages to people taking the certification exam.

Now it’s faster and easier than ever to take the exam, buy your certification voucher and take it from your own home or office. As long as you have a computer, a web cam and a stable Internet connection, you can take it. You can take the following certification exams: Symfony 3, 4 or 5; or Twig.

Take the exam:

• wherever you live in the world. There are no more restrictions regarding the country where you live which prevent you from taking the exam from home.
• 30 minutes after your certification voucher purchase. No need to wait 48 hours to schedule your exam. If you are ready, you can buy your certification voucher and take the exam 30 minutes after your purchase. Your voucher is available for a year after from your purchase date.
• up to 30 minutes late after your certification appointment. If you are late to your appointment, you can still take the exam, if you are late by more than 30 minutes, your appointment will be canceled and you won't be able to re-schedule it.
• or re-schedule the exam as many times as you want until the end of its expiration date.
• and be notified right after your exam if you succeeded or not. In case you fail, you will receive a few minutes after your exam an email informing you that you did not succeed. In case you passed the exam, you'll get notified 48 hours later. It's the time we need to review your exam and make sure you took it without any help. So if you don't receive an email just after your exam, it's probably a good sign!

We are moving forward with the certification! We wanted to enable everyone to take any exam no matter where you are in the world and get rid of the country exceptions. Having a European provider for the certification is also a very good thing to make sure that the GDPR rules are respected. Thanks to our new provider, we guarantee you that your data is safe and stored in compliance with all GDPR rules.

How do the certification exams work? Any Symfony certification lasts 90 minutes and includes 75 questions divided into 15 topics. Check here the exam topics of all the Symfony certification exams. The Twig certification lasts 60 minutes and includes 45 questions divided into 8 topics. Find here all the exam topics of the Twig certification exam.

Both certifications, the Symfony one and the Twig one, do not include any written answers or lines of code to write. You have 3 types of questions : True / False, Single answer or Multiple choice. It's an automatic test. Don't forget to test and check your camera and network connection before starting!

To book your online certification exam, follow these steps:

1- Buy your certification voucher for Symfony 3, 4 or 5 version or for Twig and receive it immediately in your mailbox (as a unique code)

2- Create your candidate account or log in to your existing account

3- Activate your voucher to schedule an exam appointment

4- Take the exam online in your own home or office and get your result immediately!

We are proud to count hundreds of certified Symfony and Twig developers in our community and we’d like to congratulate again all the certified Symfony and Twig developers! You want to become a Symfony or a Twig certified developer?

We're pleased to offer you a special discount on all our certifications, get 20% off your certification voucher purchase using the code CERTIF_2020 until June 12th 2020 (Midnight Paris time). Book your certification voucher at the unique price of 200€ (VAT excl.) instead of 250 € (VAT excl.) for Symfony and 119,2€ (VAT excl.) instead of 149€ (VAT excl.) for Twig. Your certification is available for one year after your purchase date, if you need some time to get ready before taking the certification exam.

Show the world your Symfony or Twig expertise, take the certification! If you have any questions regarding the Symfony and Twig certification exams, please read our FAQ section where you’ll find more detailed information.

Good luck!

This week, Symfony introduced the Symfony 5 certification exam and other important improvements for the certification program. Meanwhile, development activity focused on fixing the bugs reported since the recent release of Symfony 5.1.

Symfony development highlights

3.4 changelog:

• 400ab7c: [PhpUnitBridge] fixed undefined index when output of "composer show" cannot be parsed
• 3e0330f: [Form] properly cascade validation to child forms

4.4 changelog:

• a2f4342: [Serializer] take into account the context when preserving empty array objects
• 950ff7e: [WebProfilerBundle] moved ajax clear event listener initialization on loadToolbar
• fe61dd5: [HttpClient] throw JsonException instead of TransportException on empty response in Response::toArray()

5.1 changelog:

• 1696f56: [FrameworkBundle] fixed enabled_locales behavior
• e5b5d9e: [Security] fixed PUBLIC_ACCESS in authenticated sessions
• ab3772a: [ExpressionLanguage] reset the internal state when the parser is finished
• 706ff58: [DoctrineBridge] register event listeners depending on the installed packages
• 2a9edfa: [FrameworkBundle] fixed extension Serializer issue
• d341254: [SecurityBundle] only register CSRF protection listener if CSRF is available
• 773b4ef: [Messenger] fixed invalid char in SQS Headers
• e778ea6: [DependencyInjection] improved missing package/version deprecation

Master changelog:

• ac00dcd: [String] use base58 by default in ByteString::fromRandom()
• b25168f: replaced some file_exists() by is_dir() or is_file()

Newest issues and pull requests

• [RFC] [Translator] Add resource priorities
• [Translation] Xliff name attribute as the key
• [Cache] Add a StopwatchAdapter
• Global Configuration of CSRF Token Names

They talked about us

• Build assets with Webpack Encore and Gitlab CI
• Understanding your Symfony app with Prometheus
• Inlining critical CSS for Symfony apps
• Developing A Symfony Project With Docker on Mac Os
• Reasons To Use Symfony Framework For Your Project
• Symfony 5 Contact Form with Mailer and Mime component(MailerInterface)
• @inject or @required will Get You Any Services Fast
• Se publica Symfony 5.1
• Ya está disponible la certificación de Symfony 5
• Construire les assets avec Webpack Encore et Gitlab CI
• PHP: Symfony 5.1 kann mit Typed Properties umgehen

Call to Action

• Follow Symfony on Twitter and retweet this article.
• Subscribe to the Symfony blog RSS and never miss a Symfony story again.

Last day of Call for Papers and Call for Trainers for SymfonyCon Disneyland Paris 2020. Both are open until today, June 8th, 2020. The entire event will be organized in English. If you didn’t submit yet your talk proposals or your workshop proposals (in English), submit them before it’s too late!

We'll select the first speakers and trainers next week, send in your proposals today to be in the first selection. We'll select more speakers and trainers in the coming weeks, so if you are still working on your talk or workshop proposal, you can submit it later.

If you never spoke at a conference before, we do have a special mentorship program for speakers to help you with your talk (slides, rehearsal…). Remember that each selected speaker will get a free conference ticket, among other things!

For this special conference, we've also opened a Call for Trainers. We’re looking for workshops in English related to Symfony and its ecosystem, not yet scheduled. If you’re an experienced trainer and are used to deliver workshops, send in your workshops proposals! As the Symfony ecosystem is wide and diverse, we’d like to offer more workshops to the community. The idea is to make sure every attendee can find the right knowledge to enhance their experience during the conference. Each selected trainer will receive a full package including a free conference ticket.

You can submit several talk and workshop proposals, there are no limits! Share your knowledge with the Symfony community by submitting a training or by speaking on stage at the conference. Check out all the selection criteria and take part in our Call for Papers and Call for Trainers for SymfonyCon Disneyland Paris 2020 until tonight.

Join us at the conference, book your ticket now! The SymfonyCon Disneyland Paris 2020 is at the end of the year and months away. As the world is currently recovering from the Covid-19 epidemic, we are very confident that we'll be able to organize the conference in Disneyland. But in the event that we are not able to maintain it or if you are not sure to join us due to the unprecedented Covid-19 situation, we've updated our refund policy regarding this special situation. Find out more and book your conference ticket or combo workshop and conference ticket now.

We can't wait to meet you there! By then, stay home and safe!

Due to the unprecedent Covid-19 situation which spread accross the entire world over the past few months, we have taken the hard but necessary decision to cancel SymfonyLive Warsaw 2020 and SymfonyLive Berlin 2020.

As both conferences are getting closer, we have to face the fact that we don't have the minimum required registered attendees to maintain both of them. Since the beginning of the Covid-19 crisis, ticket sales stopped completely. We're very far from our expectactions regarding the number of registrations. As it appears that this trend will not change in the next week, we cannot take the risk to jeopardize the financial and economic situation of the conferences.

Organizing events is difficult. We need to pay the venue and many contractors before getting people registered and confirmed sponsorships. Over the past months, we all felt the economic difficulties from the Covid-19 crisis and unfortunately it's probably just the beginning. As of today, we only have a few people registered to both conferences and a few signed sponsors. We are forced to admit that it won't be enough to maintain the conferences in Warsaw and Berlin. We are now trying to talk with the venues to limit the cost of the cancellations.

We have decided to focus all our efforts to organize the SymfonyCon event in Disneyland Paris, from December 1st to 5th, 2020. As this conference is the biggest conference we have ever organized in 15 years, we need to make sure it will be break even. We will be back next year with our regular local events.

Regarding the SymfonyLive Paris 2020 which has been postponed to September 23-24, this conference was about to take place when the French lockdown took place on March 17th 2020 (the initial conferences dates were on March 26-27 2020). Meaning that we are almost already sold-out and have many confirmed sponsors, which enable us to make sure this conference will be a success.

We’d like to thank all the already registered attendees and sponsors for their support at SymfonyLive Warsaw 2020 and SymfonyLive Berlin 2020. We’ll refund all registered attendees to both conferences. We are looking forward for better times to be able to organize both conferences back in Warsaw and Berlin, hopefully next year. If you have any questions, don’t hesitate to contact us via our Support page.

We hope to meet you again either this year at SymfonyCon Disneyland Paris 2020 or next year at one of our local conferences.

Stay safe!

Last week, we were extremely pleased to announce that the Symfony 5 certification has been finally released. Now it’s faster and easier than ever to take the exam, buy your certification voucher and take it from your own home or office 30 minutes after your purchase or re-schedule the exam as many times as you want until the end of its expiration date. As long as you have a computer, a web cam and a stable Internet connection, you can take the certification. You can take the following certification exams: Symfony 3, 4 or 5; or Twig.

Plus, we have a new certification provider based in Europe which offers more advantages to people taking the certification exam and guarantees that the GDPR rules are respected. Indeed, there are no more restrictions regarding the country where you live which prevent you from taking the exam from home.

For this great occasion, we're pleased to offer you a special discount on all our certifications: get 20% off any certification voucher purchase using the code CERTIF_2020 until June 12th 2020 (Midnight, Paris time). Book your certification voucher at the unique price of 200€ (VAT excl.) instead of 250 € (VAT excl.) for Symfony and 119,2€ (VAT excl.) instead of 149€ (VAT excl.) for Twig. Your certification is available for one year after your purchase date, if you need some time to get ready before taking the certification exam.

Buy now your certification voucher and take the exam when you're ready, even next year! Today is the last day to enjoy our discount!

To book your online certification exam, follow these steps:

1- Buy your certification voucher for Symfony 3, 4 or 5 version or for Twig and receive it immediately in your mailbox (as a unique code)

2- Create your candidate account or log in to your existing account

3- Activate your voucher to schedule an exam appointment

4- Take the exam online in your own home or office and get your result immediately!

Offer your Symfony or Twig expertise a recognition, take the certification exam! If you have any questions regarding the Symfony and Twig certification exams, please read our FAQ section where you’ll find more detailed information.

Good luck to all of you!

Symfony 3.4.42 has just been released. Here is a list of the most important changes:

• bug #37103 [Form] switch the context when validating nested forms (@xabbuh)
• bug #37182 [HttpKernel] Fix regression where Store does not return response body correctly (@mpdude)
• bug #36913 [FrameworkBundle] fix type annotation on ControllerTrait::addFlash() (@ThomasLandauer)
• bug #37169 [Cache] fix forward compatibility with Doctrine DBAL 3 (@xabbuh)
• bug #37085 [Form] properly cascade validation to child forms (@xabbuh)
• bug #37095 [PhpUnitBridge] Fix undefined index when output of "composer show" cannot be parsed (@nicolas-grekas)
• bug #37092 [PhpUnitBridge] fix undefined var on version 3.4 (@nicolas-grekas)

Want to upgrade to this new release? Because Symfony protects backwards-compatibility very closely, this should be quite easy. UseSymfonyInsight upgrade reports to detect the code you will need to change in your project andread our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.