Bump symfony/http-foundation from 4.1.2 to 4.4.49

[dependabot]

Bumps symfony/http-foundation from 4.1.2 to 4.4.49.

Release notes

Sourced from symfony/http-foundation's releases.

v4.4.49

Changelog (symfony/http-foundation@v4.4.48...v4.4.49)

• bug #48112 Compare cookie with null value as empty string in ResponseCookieValueSame (fancyweb)
• bug #48050 Check IPv6 is valid before comparing it (PhilETaylor)

v4.4.48

Changelog (symfony/http-foundation@v4.4.47...v4.4.48)

• no significant changes

v4.4.47

Changelog (symfony/http-foundation@v4.4.46...v4.4.47)

• bug #47746 Fix BinaryFileResponse content type detection logic (X-Coder264)

v4.4.46

Changelog (symfony/http-foundation@v4.4.45...v4.4.46)

• bug #47516 Prevent BinaryFileResponse::prepare from adding content type if no content is sent (naitsirch)
• bug #47530 Always return strings from accept headers (ausi)
• bug #47434 move flushing outside of Response::closeOutputBuffers (nicolas-grekas)

v4.4.45

Changelog (symfony/http-foundation@v4.4.44...v4.4.45)

• bug #47130 Fix invalid ID not regenerated with native PHP file sessions (BrokenSourceCode)

v4.4.44

Changelog (symfony/http-foundation@v4.4.43...v4.4.44)

• bug #46931 Flush backend output buffer after closing. (bradjones1)
• bug #42033 Fix deleteFileAfterSend on client abortion (nerg4l)
• bug #46790 Prevent PHP Warning: Session ID is too long or contains illegal characters (BrokenSourceCode)
• bug #46808 Fix TypeError on null $_SESSION in NativeSessionStorage::save() (chalasr)

v4.4.43

Changelog (symfony/http-foundation@v4.4.42...v4.4.43)

• bug #46678 Update "[Session] Overwrite invalid session id" to only validate when files session storage is used (alexpott)
• bug #46676 Extend type guessing on enum fields (Gigino Chianese)

v4.4.42

Changelog (symfony/http-foundation@v4.4.41...v4.4.42)

• bug #46249 Regenerate invalid session id (peter17)

v4.4.41

Changelog (symfony/http-foundation@v4.4.40...v4.4.41)

... (truncated)

Changelog

Sourced from symfony/http-foundation's changelog.

CHANGELOG

6.2

• The HTTP cache store uses the xxh128 algorithm
• Deprecate calling JsonResponse::setCallback(), Response::setExpires/setLastModified/setEtag(), MockArraySessionStorage/NativeSessionStorage::setMetadataBag(), NativeSessionStorage::setSaveHandler() without arguments
• Add request matchers under the Symfony\Component\HttpFoundation\RequestMatcher namespace
• Deprecate RequestMatcher in favor of ChainRequestMatcher
• Deprecate Symfony\Component\HttpFoundation\ExpressionRequestMatcher in favor of Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher

6.1

• Add stale while revalidate and stale if error cache header
• Allow dynamic session "ttl" when using a remote storage
• Deprecate Request::getContentType(), use Request::getContentTypeFormat() instead

6.0

• Remove the NamespacedAttributeBag class
• Removed Response::create(), JsonResponse::create(), RedirectResponse::create(), StreamedResponse::create() and BinaryFileResponse::create() methods (use __construct() instead)
• Not passing a Closure together with FILTER_CALLBACK to ParameterBag::filter() throws an \InvalidArgumentException; wrap your filter in a closure instead
• Not passing a Closure together with FILTER_CALLBACK to InputBag::filter() throws an \InvalidArgumentException; wrap your filter in a closure instead
• Removed the Request::HEADER_X_FORWARDED_ALL constant, use either Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO or Request::HEADER_X_FORWARDED_AWS_ELB or Request::HEADER_X_FORWARDED_TRAEFIKconstants instead
• Rename RequestStack::getMasterRequest() to getMainRequest()
• Not passing FILTER_REQUIRE_ARRAY or FILTER_FORCE_ARRAY flags to InputBag::filter() when filtering an array will throw BadRequestException
• Removed the Request::HEADER_X_FORWARDED_ALL constant
• Retrieving non-scalar values using InputBag::get() will throw BadRequestException (use InputBad::all() instead to retrieve an array)
• Passing non-scalar default value as the second argument InputBag::get() will throw \InvalidArgumentException
• Passing non-scalar, non-array value as the second argument InputBag::set() will throw \InvalidArgumentException
• Passing null as $requestIp to IpUtils::__checkIp(), IpUtils::__checkIp4() or IpUtils::__checkIp6() is not supported anymore.

5.4

• Deprecate passing null as $requestIp to IpUtils::__checkIp(), IpUtils::__checkIp4() or IpUtils::__checkIp6(), pass an empty string instead.
• Add the litespeed_finish_request method to work with Litespeed
• Deprecate upload_progress.* and url_rewriter.tags session options
• Allow setting session options via DSN

5.3

• Add the SessionFactory, NativeSessionStorageFactory, PhpBridgeSessionStorageFactory and MockFileSessionStorageFactory classes
• Calling Request::getSession() when there is no available session throws a SessionNotFoundException

... (truncated)

Commits

• 191413c [HttpFoundation] Compare cookie with null value as empty string in ResponseCo...
• 773aca6 [HttpFoundation] Check IPv6 is valid before comparing it
• cd4f478 [HttpFoundation] Fix session tests
• 7eea76a skip a test if the mime type detection feature will not work
• 9aeb286 Fix BinaryFileResponse content type detection logic
• 7acdc97 [HttpFoundation] Prevent BinaryFileResponse::prepare from adding content type...
• 935f796 [HttpFoundation] Always return strings from accept headers
• 518e21d [HttpFoundation] move flushing outside of Response::closeOutputBuffers
• b2f2e3c [HttpFoundation] Fix tests on PHP 8.2 (bis)
• 32589ae [HttpFoundation] Fix tests on PHP 8.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.