Bump symfony/http-foundation from 3.4.47 to 5.4.17

[dependabot]

Bumps symfony/http-foundation from 3.4.47 to 5.4.17.

Release notes

Sourced from symfony/http-foundation's releases.

v5.4.17

Changelog (symfony/http-foundation@v5.4.16...v5.4.17)

• bug #48635 Use relative timestamps with MemcachedSessionHandler (tvlooy)
• bug #48628 Fix dumping array cookies (nicolas-grekas)
• bug #48421 IPv4-mapped IPv6 addresses incorrectly rejected (bonroyage)

v5.4.16

Changelog (symfony/http-foundation@v5.4.15...v5.4.16)

• bug #48112 Compare cookie with null value as empty string in ResponseCookieValueSame (fancyweb)
• bug #48050 Check IPv6 is valid before comparing it (PhilETaylor)

v5.4.15

Changelog (symfony/http-foundation@v5.4.14...v5.4.15)

• no significant changes

v5.4.14

Changelog (symfony/http-foundation@v5.4.13...v5.4.14)

• bug #47746 Fix BinaryFileResponse content type detection logic (X-Coder264)

v5.4.13

Changelog (symfony/http-foundation@v5.4.12...v5.4.13)

• bug #47516 Prevent BinaryFileResponse::prepare from adding content type if no content is sent (naitsirch)
• bug #47530 Always return strings from accept headers (ausi)
• bug #47434 move flushing outside of Response::closeOutputBuffers (nicolas-grekas)

v5.4.12

Changelog (symfony/http-foundation@v5.4.11...v5.4.12)

• bug #47283 Prevent accepted rate limits with no remaining token to be preferred over denied ones (MatTheCat)
• bug #47273 Do not send Set-Cookie header twice for deleted session cookie (X-Coder264)
• bug #47130 Fix invalid ID not regenerated with native PHP file sessions (BrokenSourceCode)

v5.4.11

Changelog (symfony/http-foundation@v5.4.10...v5.4.11)

• bug #46931 Flush backend output buffer after closing. (bradjones1)
• bug #42033 Fix deleteFileAfterSend on client abortion (nerg4l)
• bug #46790 Prevent PHP Warning: Session ID is too long or contains illegal characters (BrokenSourceCode)
• bug #46808 Fix TypeError on null $_SESSION in NativeSessionStorage::save() (chalasr)

v5.4.10

Changelog (symfony/http-foundation@v5.4.9...v5.4.10)

• bug #46678 Update "[Session] Overwrite invalid session id" to only validate when files session storage is used (alexpott)
• bug #46676 Extend type guessing on enum fields (Gigino Chianese)

... (truncated)

Changelog

Sourced from symfony/http-foundation's changelog.

CHANGELOG

6.2

• The HTTP cache store uses the xxh128 algorithm
• Deprecate calling JsonResponse::setCallback(), Response::setExpires/setLastModified/setEtag(), MockArraySessionStorage/NativeSessionStorage::setMetadataBag(), NativeSessionStorage::setSaveHandler() without arguments
• Add request matchers under the Symfony\Component\HttpFoundation\RequestMatcher namespace
• Deprecate RequestMatcher in favor of ChainRequestMatcher
• Deprecate Symfony\Component\HttpFoundation\ExpressionRequestMatcher in favor of Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher

6.1

• Add stale while revalidate and stale if error cache header
• Allow dynamic session "ttl" when using a remote storage
• Deprecate Request::getContentType(), use Request::getContentTypeFormat() instead

6.0

• Remove the NamespacedAttributeBag class
• Removed Response::create(), JsonResponse::create(), RedirectResponse::create(), StreamedResponse::create() and BinaryFileResponse::create() methods (use __construct() instead)
• Not passing a Closure together with FILTER_CALLBACK to ParameterBag::filter() throws an \InvalidArgumentException; wrap your filter in a closure instead
• Not passing a Closure together with FILTER_CALLBACK to InputBag::filter() throws an \InvalidArgumentException; wrap your filter in a closure instead
• Removed the Request::HEADER_X_FORWARDED_ALL constant, use either Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO or Request::HEADER_X_FORWARDED_AWS_ELB or Request::HEADER_X_FORWARDED_TRAEFIKconstants instead
• Rename RequestStack::getMasterRequest() to getMainRequest()
• Not passing FILTER_REQUIRE_ARRAY or FILTER_FORCE_ARRAY flags to InputBag::filter() when filtering an array will throw BadRequestException
• Removed the Request::HEADER_X_FORWARDED_ALL constant
• Retrieving non-scalar values using InputBag::get() will throw BadRequestException (use InputBad::all() instead to retrieve an array)
• Passing non-scalar default value as the second argument InputBag::get() will throw \InvalidArgumentException
• Passing non-scalar, non-array value as the second argument InputBag::set() will throw \InvalidArgumentException
• Passing null as $requestIp to IpUtils::__checkIp(), IpUtils::__checkIp4() or IpUtils::__checkIp6() is not supported anymore.

5.4

• Deprecate passing null as $requestIp to IpUtils::__checkIp(), IpUtils::__checkIp4() or IpUtils::__checkIp6(), pass an empty string instead.
• Add the litespeed_finish_request method to work with Litespeed
• Deprecate upload_progress.* and url_rewriter.tags session options
• Allow setting session options via DSN

5.3

• Add the SessionFactory, NativeSessionStorageFactory, PhpBridgeSessionStorageFactory and MockFileSessionStorageFactory classes
• Calling Request::getSession() when there is no available session throws a SessionNotFoundException

... (truncated)

Commits

• b64a0e2 Use relative timestamps
• eec2141 [HttpFoundation] Fix dumping array cookies
• 1120e76 bug #48421 [HttpFoundation] IPv4-mapped IPv6 addresses incorrectly rejected (...
• d7ea993 [HttpFoundation] IPv4-mapped IPv6 addresses incorrectly rejected
• 94dc879 chore: fix typo 'do' verb
• 5032c58 Merge branch '4.4' into 5.4
• 191413c [HttpFoundation] Compare cookie with null value as empty string in ResponseCo...
• 2f6cfae Merge branch '4.4' into 5.4
• 773aca6 [HttpFoundation] Check IPv6 is valid before comparing it
• 75bd663 Merge branch '4.4' into 5.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #1245.