Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump symfony/security-bundle from 5.2.9 to 5.3.0 #142

Merged
merged 1 commit into from
Jun 9, 2021
Merged

Bump symfony/security-bundle from 5.2.9 to 5.3.0 #142

merged 1 commit into from
Jun 9, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 1, 2021
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps symfony/security-bundle from 5.2.9 to 5.3.0.

Release notes

Sourced from symfony/security-bundle's releases.

v5.3.0

Changelog (symfony/security-bundle@v5.3.0-RC1...v5.3.0)

  • bug #41376 Don't register deprecated listeners with authenticator manager enabled (chalasr)

v5.3.0-RC1

Changelog (symfony/security-bundle@v5.3.0-BETA4...v5.3.0-RC1)

  • feature #41175 Add support for parallel requests doing remember-me re-authentication (Seldaek)
  • feature #41247 Deprecate the old authentication mechanisms (chalasr)
  • bug #41269 Remove invalid unused service (chalasr)
  • bug #41139 Remove allows anonymous information in datacollector (ismail1432)
  • bug #41254 Fix handling secure: auto using the new RememberMeAuthenticator (chalasr)

v5.3.0-BETA4

Changelog (symfony/security-bundle@v5.3.0-BETA3...v5.3.0-BETA4)

  • bug #41164 fix debug:event-dispatcher and debug:firewall (nicolas-grekas)

v5.3.0-BETA3

Changelog (symfony/security-bundle@v5.3.0-BETA2...v5.3.0-BETA3)

  • bug #40902 Allow ips parameter in access_control to accept comma-separated string (edefimov)
Changelog

Sourced from symfony/security-bundle's changelog.

CHANGELOG

5.3

  • The authenticator system is no longer experimental
  • Login Link functionality is no longer experimental
  • Add required_badges firewall config option
  • [BC break] Add login_throttling.lock_factory setting defaulting to null (instead of lock.factory)
  • Add a login_throttling.interval (in security.firewalls) option to change the default throttling interval.
  • Add the debug:firewall command.
  • Deprecate UserPasswordEncoderCommand class and the corresponding user:encode-password command, use UserPasswordHashCommand and user:hash-password instead
  • Deprecate the security.encoder_factory.generic service, the security.encoder_factory and Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface aliases, use security.password_hasher_factory and Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface instead
  • Deprecate the security.user_password_encoder.generic service, the security.password_encoder and the Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface aliases, use security.user_password_hasher, security.password_hasher and Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface instead
  • Deprecate the public security.authorization_checker and security.token_storage services to private
  • Not setting the enable_authenticator_manager config option to true is deprecated
  • Deprecate the security.authentication.provider.* services, use the new authenticator system instead
  • Deprecate the security.authentication.listener.* services, use the new authenticator system instead
  • Deprecate the Guard component integration, use the new authenticator system instead

5.2.0

  • Added FirewallListenerFactoryInterface, which can be implemented by security factories to add firewall listeners
  • Added SortFirewallListenersPass to make the execution order of firewall listeners configurable by leveraging Symfony\Component\Security\Http\Firewall\FirewallListenerInterface
  • Added ability to use comma separated ip address list for security.access_control
  • [BC break] Removed EntryPointFactoryInterface, authenticators must now implement AuthenticationEntryPointInterface if they require autoregistration of a Security entry point.

5.1.0

  • Added XSD for configuration
  • Added security configuration for priority-based access decision strategy
  • Marked the AnonymousFactory, FormLoginFactory, FormLoginLdapFactory, GuardAuthenticationFactory, HttpBasicFactory, HttpBasicLdapFactory, JsonLoginFactory, JsonLoginLdapFactory, RememberMeFactory, RemoteUserFactory and X509Factory as @internal
  • Renamed method AbstractFactory#createEntryPoint() to AbstractFactory#createDefaultEntryPoint()

5.0.0

  • The switch_user.stateless firewall option has been removed.
  • Removed the ability to configure encoders using argon2i or bcrypt as algorithm, use auto instead
  • The simple_form and simple_preauth authentication listeners have been removed, use Guard instead.
  • The SimpleFormFactory and SimplePreAuthenticationFactory classes have been removed,

... (truncated)

Commits
  • c822d1c Merge branch '5.2' into 5.3
  • 642a43f Merge branch '4.4' into 5.2
  • 09fc284 Fix markdown
  • a4c9905 [SecurityBundle] Don't register deprecated listeners with authenticator manag...
  • 3b6e566 [Security][SecurityBundle] Fix deprecations triggered in tests
  • 32ada29 Merge branch '5.2' into 5.3
  • acf54bd Merge branch '4.4' into 5.2
  • 51babc8 doctrine/doctrine-bundle should not be a dep
  • 0b5f839 Merge branch '5.2' into 5.x
  • 58b648f feature #41175 [Security] [RememberMe] Add support for parallel requests doin...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 1, 2021
@dependabot dependabot bot requested a review from privrja June 1, 2021 05:37
@dependabot dependabot bot force-pushed the dependabot/composer/devel/symfony/security-bundle-5.3.0 branch 5 times, most recently from fd03b53 to 8c38fb9 Compare June 8, 2021 07:12
@dependabot dependabot bot force-pushed the dependabot/composer/devel/symfony/security-bundle-5.3.0 branch from 8c38fb9 to 523598a Compare June 9, 2021 07:28
@sonarcloud
Copy link

sonarcloud bot commented Jun 9, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@privrja privrja merged commit f006f75 into devel Jun 9, 2021
@dependabot dependabot bot deleted the dependabot/composer/devel/symfony/security-bundle-5.3.0 branch June 9, 2021 07:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@privrja privrja Awaiting requested review from privrja

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
1 participant
@privrja