- The controller method "KunstmaanMediaBundle_media_bulk_upload_submit" is now POST only. This call now also requires a mandatory header called "x-upload-token". The content of this header should be a csrf token generated by the Symfony csrf service using the name "bulk-upload-media". This header is an added security layer to avoid unintended and malicious uploads.
- Validator\Constraints\Media and Validator\Constraints\HasGuessableExtension have had their error constant values changed from integer to string uuid's because integers have been deprecated by Symfony.
- Using the deleteAction method from the UsersController is deprecated since KunstmaanUserManagementBundle 5.6 and will be replaced by the method deleteFormAction in KunstmaanUserManagementBundle 6.0. Use the correct method instead. The new action is POST only and will have correct csrf protection.
- Validator\Constraints\PasswordRestrictions have had their error constant values changed from integer to string uuid's because integers have been deprecated by Symfony.