Javier Eguiluz
Javier Eguiluz
| Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | -...
Symfony published a security issue in the UX autocomplete field: https://symfony.com/blog/cve-2023-41336-symfony-ux-autocomplete-prevent-injection-of-invalid-entity-ids-for-autocomplete-fields That Symfony field was originally inspired by our autocomplete field: https://github.com/EasyCorp/EasyAdminBundle/blob/4.x/src/Form/EventListener/CrudAutocompleteSubscriber.php I'm checking the patch (https://github.com/symfony/ux/commit/55a716bc47947ff8b9bfda8395762f4d5be8a6ba) but I'm struggling...
In #17783 we're revamping Serializer docs. This meta-issue lists all serializer-related issues that are still pending. That way we can quickly check them and see if we've already fixed them...
This was implemented in #49513 in Symfony 6.3 but apparently we didn't document it. See #18087 for the full discussion about this.
This bundle uses `sha256` as the default hashing algorithm for signed cookies: https://github.com/nelmio/NelmioSecurityBundle/blob/93f80092dce178e77876c2ef4224e74f18c385c7/src/DependencyInjection/Configuration.php#L255 This might be no longer safe enough: https://en.wikipedia.org/wiki/SHA-2#Comparison_of_SHA_functions Maybe we can move to sha3-256 or higher, which...
| Q | A | ------------- | --- | Bug fix? | no | New feature? | no | Issues | - | License | MIT The docs contained some...
If your live components are localized as explained in https://symfony.com/bundles/ux-live-component/current/index.html#installation: ```yaml # config/routes/ux_live_component.yaml live_component: resource: '@LiveComponentBundle/config/routes.php' prefix: /{_locale}/_components ``` You can't use the test helper (https://symfony.com/bundles/ux-live-component/current/index.html#test-helper) because you'll see this...
[AssetMapper](https://symfony.com/doc/current/frontend/asset_mapper.html) is great and [upgrading web apps to AssetMapper](https://symfony.com/blog/upgrading-symfony-websites-to-assetmapper) is also great and not too complex. But, managing bundle's web assets with AssetMapper is not possible at the moment. To...
### Symfony version(s) affected 7.1 ### Description We're trying to document #51884 but we're having some problems when trying to understand this code: https://github.com/garak/symfony/blob/881174157bc4a57863280d9033b416101725acb2/src/Symfony/Component/Form/Extension/Core/Type/MoneyType.php#L91-L93 None of us understands it ......
Fixes #19756. @lyrixx if you can, please review this. Thanks!