Skip to content
This repository has been archived by the owner on Jan 8, 2020. It is now read-only.

Latest commit

 

History

History
3647 lines (3510 loc) · 270 KB

CHANGELOG.md

File metadata and controls

3647 lines (3510 loc) · 270 KB
Raw

CHANGELOG

3.0.0 (2016-06-28)

  • Read the migration documentation.
  • Read the recommended quick start
  • Marks the package as a Composer metapackage; this means the package itself will not be installed, only the requirements it defines.
  • Updates the minimum supported PHP version to 5.6.
  • Updates all components to latest versions, including v3 releases where present. Also adds the following components:
    • zend-mvc-console
    • zend-mvc-plugins
    • zend-mvc-form
    • zend-mvc-i18n
    • zend-json-server
    • zend-xml2json
    • zend-diactoros
    • zend-stratigility
    • zend-psr7bridge
    • zend-hydrator
    • zend-servicemanager-di
  • Removes all bin/* scripts.

2.5.3 (2016-01-27)

  • #7665 updates component version constraints from ~2.5.0 to ^2.5 to ensure the latest security updates are always installed.

2.5.2 (2015-08-03)

SECURITY UPDATES

  • ZF2015-06: ZendXml runs a heuristic detection for XML Entity Expansion and XML eXternal Entity vectors when under php-fpm, due to issues with threading in libxml preventing using that library's built-in mechanisms for disabling them. However, the heuristic was determined to be faulty when multibyte encodings are used for the XML. This release contains a patch to ensure that the heuristic will work with multibyte encodings.

    If you use Zend Framework components that utilize DOMDocument or SimpleXML (which includes Zend\XmlRpc, Zend\Soap, Zend\Feed, and several others), and deploy using php-fpm in production (or plan to), we recommend upgrading immediately.

2.5.1 (2015-06-04)

  • #7571 makes zend-ldap an optional dependency instead of a hard dependency, as zend-ldap has a hard requirement on ext-ldap, blocking installation for many users. If you use zend-ldap, you will need to call composer require zendframework/zend-ldap after upgrading to 2.5.1.

2.5.0 (2015-06-03)

2.4.2 (2015-05-11)

2.4.1 (2015-05-07)

SECURITY UPDATES

  • ZF2015-04: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes.

    If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.

2.4.0 (2015-03-31)

2.3.9 (2015-05-11)

  • #7506 resolves issues when UTF-8 values are used in Mail headers, particularly addresses.
  • #7507 ensures that array values can be used with cookies.
  • #7514 ensures that multipart MIME messages can be added to Zend\Mail\Message instances in such a way that they do not conflict with ZF2015-04.

2.3.8 (2015-05-07)

SECURITY UPDATES

  • ZF2015-04: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes.

    If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.

2.3.7 (2015-03-12)

2.3.6 (2015-03-12)

SECURITY UPDATES

  • ZF2015-03 Zend\Validator\Csrf was incorrectly testing null or improperly formatted token identifiers, allowing them to pass validation. This release provides patches to correct the behavior. If you use the validator, or the corresponding Zend\Form\Element\Csrf, we recommend upgrading immediately.

2.3.5 (2015-02-18)

SECURITY UPDATES

  • ZF2015-02: Zend\Db\Adapter\Platform\Postgresql was incorrectly using \\ to escape double quotes in identifiers and values, which could lead to SQL injection vectors. We have provided patches that use proper escaping. If you use Postgresql with Zend Framework 2, we recommend upgrading immediately.

2.3.4 (2015-01-14)

SECURITY UPDATES

  • ZF2015-01: Session validators were not run if set before session start. Essentially, the validators were writing to the $_SESSION superglobal before session start, which meant the data was overwritten once the session began. This meant on subsequent calls, the validators had no data to compare against, making the sessions automatically valid. We have provided patches to ensure that validators are run only after the session has begun, which will ensure they validate sessions correctly going forward. If you use Zend\Session validators, we recommend upgrading immediately.

2.3.3 (2014-09-17)

SECURITY UPDATES

  • ZF2014-05: Due to an issue that existed in PHP's LDAP extension, it is possible to perform an unauthenticated simple bind against a LDAP server by using a null byte for the password, regardless of whether or not the user normally requires a password. We have provided a patch in order to protect users of unpatched PHP versions (PHP 5.5 <= 5.5.11, PHP 5.4 <= 5.4.27, all versions of PHP 5.3 and below). If you use Zend\Ldap and are on an affected version of PHP, we recommend upgrading immediately.
  • ZF2014-06: A potential SQL injection vector existed when using a SQL Server adapter to manually quote values due to the fact that it was not escaping null bytes. Code was added to ensure null bytes are escaped, and thus mitigate the SQLi vector. We do not recommend manually quoting values, but if you do, and use the SQL Server adapter without PDO, we recommend upgrading immediately.

2.3.2 (2014-08-11)

2.3.1 (2014-04-15)

SECURITY UPDATES

  • ZF2014-03: Potential XSS vector in multiple view helpers due to inappropriate HTML attribute escaping. Many view helpers were using the escapeHtml() view helper in order to escape HTML attributes. This release patches them to use the escapeHtmlAttr() view helper in these situations. If you use form or navigation view helpers, or "HTML element" view helpers (such as gravatar(), htmlFlash(), htmlPage(), or htmlQuicktime()), we recommend upgrading immediately.

2.3.0 (2014-03-12)

2.2.10 (2015-02-18)

SECURITY UPDATES

  • ZF2015-02: Zend\Db\Adapter\Platform\Postgresql was incorrectly using \\ to escape double quotes in identifiers and values, which could lead to SQL injection vectors. We have provided patches that use proper escaping. If you use Postgresql with Zend Framework 2, we recommend upgrading immediately.

2.2.9 (2015-01-14)

SECURITY UPDATES

  • ZF2015-01: Session validators were not run if set before session start. Essentially, the validators were writing to the $_SESSION superglobal before session start, which meant the data was overwritten once the session began. This meant on subsequent calls, the validators had no data to compare against, making the sessions automatically valid. We have provided patches to ensure that validators are run only after the session has begun, which will ensure they validate sessions correctly going forward. If you use Zend\Session validators, we recommend upgrading immediately.

2.2.8 (2014-09-17)

SECURITY UPDATES

  • ZF2014-05: Due to an issue that existed in PHP's LDAP extension, it is possible to perform an unauthenticated simple bind against a LDAP server by using a null byte for the password, regardless of whether or not the user normally requires a password. We have provided a patch in order to protect users of unpatched PHP versions (PHP 5.5 <= 5.5.11, PHP 5.4 <= 5.4.27, all versions of PHP 5.3 and below). If you use Zend\Ldap and are on an affected version of PHP, we recommend upgrading immediately.
  • ZF2014-06: A potential SQL injection vector existed when using a SQL Server adapter to manually quote values due to the fact that it was not escaping null bytes. Code was added to ensure null bytes are escaped, and thus mitigate the SQLi vector. We do not recommend manually quoting values, but if you do, and use the SQL Server adapter without PDO, we recommend upgrading immediately.

2.2.7 (2014-04-15)

SECURITY UPDATES

  • ZF2014-03: Potential XSS vector in multiple view helpers due to inappropriate HTML attribute escaping. Many view helpers were using the escapeHtml() view helper in order to escape HTML attributes. This release patches them to use the escapeHtmlAttr() view helper in these situations. If you use form or navigation view helpers, or "HTML element" view helpers (such as gravatar(), htmlFlash(), htmlPage(), or htmlQuicktime()), we recommend upgrading immediately.

2.2.6 (2014-03-06)

SECURITY UPDATES

  • ZF2014-01: Potential XXE/XEE attacks using PHP functions: simplexml_load_*, DOMDocument::loadXML, and xml_parse. A new component, ZendXml, was introduced to mitigate XML eXternal Entity and XML Entity Expansion vectors that are present in older versions of libxml2 and/or PHP. Zend\Json\Json::fromXml() and Zend\XmlRpc's Response and Fault classes were potentially vulnerable to these attacks. If you use either of these components, we recommend upgrading immediately.

2.2.5 (2013-10-31)

SECURITY UPDATES

An issue with Zend\Http\PhpEnvironment\RemoteAddress was reported in #5374. Essentially, the class was not checking if $_SERVER['REMOTE_ADDR'] was one of the trusted proxies configured, and as a result, getIpAddressFromProxy() could return an untrusted IP address.

The class was updated to check if $_SERVER['REMOTE_ADDR'] is in the list of trusted proxies, and, if so, will return that value immediately before consulting the values in the X-Forwarded-For header.

If you use the RemoteAddr Zend\Session validator, and are configuring trusted proxies, we recommend updating to 2.2.5 or later immediately.

Potential Breakage

  • #5343 removed the DateTimeFormatter filter from DateTime form elements. This was done due to the fact that it led to unexpected behavior when non-date inputs were provided. However, since the DateTime element already incorporates a DateValidator that accepts a date format, validation can still work as expected.

2.2.4 (2013-08-26)

2.2.3 (2013-08-21):

2.2.2 (2013-07-24):

2.2.1 (2013-06-12):

2.2.0 (2013-05-15):

Potential Breakage

Zend\Validator was altered to remove the dependency on Zend\I18n by creating Segregated Interfaces. The practical upshot is that Zend\Validator\AbstractValidator no longer implements Zend\I18n\Translator\TranslatorAwareInterface, but rather Zend\Validator\Translator\TranslatorAwareInterface, which now typehints on Zend\Validator\Translator\TranslatorInterface instead of Zend\I18n\Translator\Translator. This means you cannot pass a Zend\I18n\Translator\Translator instance directly to a validator any longer.

However, we have included a new class, Zend\Mvc\I18n\Translator, that extends the i18n Translator class and implements the Validator TranslatorInterface. This class may be used as a drop-in replacement. In fact, by default, Zend\Validator\ValidatorPluginManager is now using the MvcTranslator service, which utilizes this new class, making the change seamless for most users.

The above change will only affect you if you were manually injecting a translator instance into your validators.

2.1.6 (06 Mar 2014):

SECURITY UPDATES

  • ZF2014-01: Potential XXE/XEE attacks using PHP functions: simplexml_load_*, DOMDocument::loadXML, and xml_parse. A new component, ZendXml, was introduced to mitigate XML eXternal Entity and XML Entity Expansion vectors that are present in older versions of libxml2 and/or PHP. Zend\Json\Json::fromXml() and Zend\XmlRpc's Response and Fault classes were potentially vulnerable to these attacks. If you use either of these components, we recommend upgrading immediately.

2.1.5 (17 Apr 2013):

  • 2536: Zend\Validate translations out of date (#2536)
  • 2898: ConstructedNavigationFactory does not inject components (#2898)
  • 3373: Collection in Form not binds values when form has no object and hydrator set (#3373)
  • 3534: ZF2 2.0.6 Authentication and postgres database (#3534)
  • 3626: Zend\Form\View\Helper\FormRow: labels are appended by default (#3626)
  • 3685: Problem on appending new identifier on EventManager (#3685)
  • 3695: Adapter name and sequence problems (#3695)
  • 3719: Zend\Db\Metadata\Source\AbstractSource Notice: Undefined index (#3719)
  • 3731: Console banners are all shown consecutively (#3731)
  • 3882: EventManager or Stdlib\CallbackHandler can't handle WeakRef enough. (#3882)
  • 3898: Zend\Navigation\Service\ConstructedNavigationFactory not inject dependences (router, action and etc) (#3898)
  • 3912: Ajustment SequenceFeature generic drivers (#3912)
  • 3934: Acl allow role access on all resources not honoured if added after resources (#3934)
  • 3983: Update BaseInputFilter (#3983)
  • 4002: Update DocBlockScanner (#4002)
  • 4013: Fix PHP Notice in Translator class (#4013)
  • 4014: update to FlashMessenger view helper to allow for classes on separator (#4014)
  • 4020: Add parent roles with traversable object (#4020)
  • 4026: Zend\Validator Test Suite Fix (#4026)
  • 4027: Move deprecation notice inside constructor of Query class (#4027)
  • 4035: [Router] non existent child route during assembly doesn't throw exception (#4035)
  • 4037: Remove unnecessary autoload.php from composer config. (#4037)
  • 4047: Update InArray.php (#4047)
  • 4049: removed unused cache test assets from test suite (#4049)
  • 4051: writeLine() with console is (literally) breaking when the string is "too long"? (#4051)
  • 4053: Implement better text domain merging support (#4053)
  • 4054: 2.1.4: Zend/Stdlib/composer.json requires "Zend/Stdlib/compatibility/autoload.php" (#4054)
  • 4055: Fix #4051 console::writeLine() (#4055)
  • 4061: Normalize console usage (#4061)
  • 4063: Resolved Issue #2898 (#4063)
  • 4064: Fixed issue with invalid @cover annotations, pointed to not existed class (#4064)
  • 4066: HttpControllerTestCase gives wrong messages for assertRedirect/assertNotRedirect (#4066)
  • 4070: Hotfix for issue #4069 (#4070)
  • 4074: fix typos (#4074)
  • 4075: Form\Collection: allow create new objects (#4075)
  • 4077: Fix Collection form element replacing bound objects with dummies upon form validation (#4077)
  • 4079: Some fixes for phpDoc in Zend\Mvc (#4079)
  • 4084: Introduce query parameter for Navigation\Page\Mvc (#4084)
  • 4085: Fix loading of a text domain from different sources, fixes issue #4045 (#4085)
  • 4089: Zend\Test - set the request's requestUri to the dispatched url (#4089)
  • 4095: Zend\Navigation\Page\Mvc::getHref does not use RouteMatch parameters (#4095)
  • 4102: simplify constant usage. FILEINFO_MIME_TYPE is available since PHP 5.3.0 (#4102)
  • 4103: FormDateTimeSelect - minutes delimiter always shown (#4103)
  • 4111: Updated translations (#4111)
  • 4117: [InputFilter] Allow specification of error message via Factory (#4117)
  • 4118: Fix name of variable used for capturing output when executing shell command (#4118)
  • 4119: Fix weird verbalization (#4119)
  • 4123: Fix#3373 (#4123)
  • 4129: Update to ServiceManager to provide more precise error messages (#4129)
  • 4133: Fix#4103 (#4133)
  • 4134: Zend\Mvc\Router\Console\Simple not compatible with older versions of pcre (and therefore CentOS) (#4134)
  • 4135: Update Czech validator messages (#4135)
  • 4138: Modified Router to use backwards compatible regex expression Issue: 4134 (#4138)
  • 4140: When displaying navigations three times last navigation has data of prev... (#4140)
  • 4143: Fixed issue #3626 (#4143)
  • 4144: feature / quoteTrustedValueList (#4144)
  • 4147: Reset stop-propagation flag when triggering event (#4147)
  • 4148: Filters priority setting when populating filters in inputfilter factory and not losing it when merging filter chains (#4148)
  • 4150: Hotfix - callable type introspection for method parameters (#4150)
  • 4152: Fixed some EMail Validation Strings - German (#4152)
  • 4153: [Feed] sync svn r24842 - Fix ZF-4491 (#4153)
  • 4154: Catch LogicException for Rewind and fix CP errors (#4154)
  • 4157: end autoload classmap generated file with EOL (#4157)
  • 4161: servicemanager is a requirement (#4161)
  • 4164: Fetch model from event parameter (#4164)
  • 4167: Console posix adapter writeLine() background color bleeding through to the next line. (#4167)
  • 4168: Fix #4167 - Console posix adapter writeLine() background color bleeding through to the next line. (#4168)
  • 4171: Fix BC break in 2.1.5dev - Revert to previous isRequired behavior for file upload inputs (#4171)
  • 4172: [Form] Remove after Add doesn't restore initial state (#4172)
  • 4180: Radio & Multicheckbox Problem with selected & disabled attributes (#4180)
  • 4182: Issue #3358 - Fix for console router not accepting controller word as part of a route (#4182)
  • 4183: Update Zend_Validate.php resource (#4183)
  • 4184: Updated Page\Mvc::getHref to grab correct controller name from routeMatch (#4184)
  • 4191: Zend\Stdlib\Hydrator\ClassMethods::hydrate() - support for __call() magic method (#4191)
  • 4198: fixed typo in french Zend_Validator_StringLength (#4198)
  • 4199: Issue #4172 - Fixed empty priority queue state (#4199)
  • 4201: Issue #4172 - Added tests for add/remove sequence in Zend\Form (#4201)
  • 4203: Allow an instance of Zend\Stdlib\AbstractOptions to set configuration properties of the same class (#4203)
  • 4207: Fixed default plural rule. (#4207)
  • 4210: Fixed failure when implementing custom rbac roles (#4210)
  • 4213: [Curl] setOptions should merge config items that can be arrays (#4213)
  • 4216: Require Zend\Config in Zend\Mvc (#4216)
  • 4224: Mail\Headers.php: Adjust regex for field name to RFC 5322 (#4224)
  • 4225: change variable naming (#4225)
  • 4226: ZF2 ACL full access (#4226)
  • 4227: Updated Zend_Captcha and Zend_Validate for catalan language (#4227)
  • 4232: Correct tests for group multicheckbox & radio attributes (#4232)
  • 4233: remove mistake doc for Zend\Http\PhpEnvironment\Request::detectBaseUrl() (#4233)
  • 4235: fixed setEventManager (#4235)
  • 4236: Update ProvidesEvents.php (#4236)
  • 4237: Update ModuleManager.php (#4237)
  • 4239: Remove annotation in Zend\Db\Adapter\AdapterAwareTrait (#4239)
  • 4240: A Better fix for #3912 (#4240)
  • 4241: Zend\Db\Metadata - remove quoting of known scalars, use quoteTrustedValue() for provided values (#4241)
  • 4242: fix Zend\Json doc and little typo (#4242)
  • 4243: remove if else for same return (#4243)
  • 4244: remove unused require_once __DIR__ . '/SplAutoloader.php'; (#4244)
  • 4246: replaced get_called_class() with get_class($this) in non-static context (#4246)

2.1.4 (13 Mar 2013):

  • ZF2013-01: Query route (http://framework.zend.com/security/ZF2013-01)
  • ZF2013-02: RNG support (http://framework.zend.com/security/ZF2013-02)
  • ZF2013-03: DB platform quoting (http://framework.zend.com/security/ZF2013-03)
  • 2752: Zend_Json_Server to accept null parameters (#2752)
  • 3696: Zend\Json\Server\Server should allow parameters with NULL values (#3696)
  • 3767: Allow NULL parameter values in Zend/Json/Server (#3767)
  • 3827: Fix mismatches between the PHPDoc and the method signatures (#3827)
  • 3840: allow a null page in pages array, to compensate for ZF issue #3823 (#3840)
  • 3842: Hotfix/zend test improve console usage (#3842)
  • 3849: Check if values are set in Zend\Db\Sql\Insert.php for prepared statement (#3849)
  • 3867: FileGenerator::setUses() MUST can take arguments from FileGenerator::getUses() (#3867)
  • 3868: ClassGenerator::fromReflection not generate class properties (#3868)
  • 3869: Remove BC break in Identical validator (#3869)
  • 3871: The method delete on the RowGateway now returns the affected rows (#3871)
  • 3873: Fixes an issue when binding a model to a form collection element (#3873)
  • 3885: Hotfix/add tests console adapter (#3885)
  • 3886: Add tests console prompt (#3886)
  • 3888: DefinitionList hasMethod fix (#3888)
  • 3907: Add tests console request response (#3907)
  • 3916: Fix PUT HTTP method usage with params (#3916)
  • 3917: Clean the Console abstract adapter (#3917)
  • 3921: [+BUGFIX] Fixed column names bug Zend\Db\Sql\Select (#3921)
  • 3925: Added view and validator dependency (#3925)
  • 3936: Improve the remove of SendResponseListener (#3936)
  • 3946: Adding config to openssl_pkey_export() (#3946)
  • 3947: fix exception %s passed variable of 'A service by the name or alias %s' should be $name (#3947)
  • 3948: Bug/merging translator textdomains (#3948)
  • 3950: Fix zero value in argument (#3950)
  • 3957: [Hotfix] Fixed incorrect PDO_Oci platform recognition (#3957)
  • 3960: Update toString() to use late static binding for encoding methods (#3960)
  • 3964: Fix fluent interface (#3964)
  • 3966: Better polyfill support for Stdlib and Session (#3966)
  • 3968: fixed Exception\InvalidArgumentException messages in Zend\Log (#3968)
  • 3971: SessionArrayStorage doesn't preserve _REQUEST_ACCESS_TIME (#3971)
  • 3973: Documentation improvement Zend\View\Stream (#3973)
  • 3980: change HOST_DNS_OR_IPV4_OR_IPV6 to 0x13 for $validHostTypes (#3980)
  • 3981: Improve exception messages (#3981)
  • 3982: Fix \Zend\Soap\AutoDiscover constructor (#3982)
  • 3984: Update ArrayStack.php (#3984)
  • 3987: Fix ChromePhp logger interface and debug level (#3987)
  • 3988: Fix & Unit test for preparestatement notices (#3988)
  • 3991: Hotfix/3858 - findHelper problem in Navigation Helper (#3991)
  • 3993: SessionArrayStorage Request Access Time and Storage Initialization (#3993)
  • 3997: Allow https on scheme without a hostname (#3997)
  • 4001: Fix ViewFeedStrategyFactory comment (#4001)
  • 4005: Hotfix/case sensitive console (#4005)
  • 4007: Pass ClassGenerator instance instead of boolean (#4007)
  • 4009: Minor if to else if improvement (#4009)
  • 4010: Hotfix/zend test with console route (#4010)

2.1.3 (21 Feb 2013):

  • 3714: Zend\Stdlib\ArrayObject::offsetExists() returning by reference (#3714)
  • 3855: Fix #3852 (#3855)
  • 3856: Simple route case insensitive (#3856)

2.1.2 (20 Feb 2013):

  • 3085: create controller via Zend\Mvc\Controller\ControllerManager (#3085)
  • 3469: ConnectionInterface docblock is wrong or implementation is wrong.. (#3469)
  • 3506: [WIP] [#3113] Fix spelling in error validation messages (#3506)
  • 3636: If route has child routes and in URL has arbitrary query like "?lang=de" it does not work (#3636)
  • 3652: Query parameter ?action=somevalue will get 404 error (#3652)
  • 3683: Fix to make sure NotEmpty validator is not already set (#3683)
  • 3691: Fix for GitHub issue 3469 (#3691)
  • 3698: Openssl error string (#3698)
  • 3699: Certain servers may not set a whitespace after a colon (Set-Cookie: header) (#3699)
  • 3701: Synced pt_BR\Zend_Validate.php with en\Zend_Validate.php (#3701)
  • 3702: added new file: resources\languages\pt_BR\Zend_Captcha.php (#3702)
  • 3703: [WIP] Adding parallel testing ANT build configuration and related files (#3703)
  • 3705: Recent composer.json update of stdlib package (#3705)
  • 3706: clear joins and create without columns (#3706)
  • 3707: quoteIdentifier problem in sequence (#3707)
  • 3708: Filter\File\RenameUpload: wrap move_uploaded_file to be easly mocked (#3708)
  • 3712: Fix for URIs with a query string not matching (#3712)
  • 3713: Session Container Mismatch & Version Compare fixes for 5.3.3 (#3713)
  • 3715: [#3705] Fix autoload.files setting in composer.json (#3715)
  • 3716: Added the Zend\Form decepence in composer.json for Zend\Mvc (#3716)
  • 3721: Created README.md files for each component (#3721)
  • 3722: [Form] [DateTimeSelect] Filter, manager, and view helper fixes (#3722)
  • 3725: Use built-in php constants (#3725)
  • 3729: Zend\Barcode (Fixes #2862) (#3729)
  • 3732: Fix for #2531 - Multiplie navigation don't work (#3732)
  • 3733: Fix/select where (#3733)
  • 3735: [Form] [FormElementManager] don't overwrite form factory if already set (#3735)
  • 3742: Object+hydrator element annotation fix (#3742)
  • 3743: [#3739 & #3740] Using version-compare in accept header handler params. (#3743)
  • 3746: Fix bugs for some locales! (#3746)
  • 3757: Fixed a bug where mail messages were malformed when using the Sendmail (#3757)
  • 3764: Validator File MimeType (IsImage & IsCompressed) (#3764)
  • 3771: Zend\File\Transfer\Adapter\Http on receive : error "File was not found" in ZF 2.1 (#3771)
  • 3778: [#3711] Fix regression in query string matching (#3778)
  • 3782: [WIP] Zend\Di\Di::get() with call parameters ignored shared instances. (#3782)
  • 3783: Provide branch-alias entries for each component composer.json (#3783)
  • 3785: Zend\Db\Sql\Literal Fix when % is used in string (#3785)
  • 3786: Inject shared event manager in initializer (#3786)
  • 3789: Update library/Zend/Mail/Header/AbstractAddressList.php (#3789)
  • 3793: Resolved Issue: #3748 - offsetGet and __get should do a direct proxy to $_SESSION (#3793)
  • 3794: Implement query and fragment assembling into the HTTP router itself (#3794)
  • 3797: remove @category, @package, and @subpackage docblocks (#3797)
  • 3798: Remove extra semicolons (#3798)
  • 3803: Fix identical validator (#3803)
  • 3806: Remove obsolete catch statement (#3806)
  • 3807: Resolve undefined classes in phpDoc (#3807)
  • 3808: Add missing @return annotations (#3808)
  • 3813: Bug fix for GlobIterator extending service (#3813)
  • 3817: Add failing tests for Simple console route (#3817)
  • 3819: Allow form element filter to convert a string to array (#3819)
  • 3828: Cannot validate form when keys of collection in data are non consecutive (#3828)
  • 3831: Non-matching argument type for ArrayObject (#3831)
  • 3832: Zend\Db\Sql\Predicate\Predicate->literal() does not work with integer 0 as $expressionParameters (#3832)
  • 3836: Zend\Db\Sql\Predicate\Predicate Fix for literal() usage (#3836)
  • 3837: Fix for legacy Transfer usage of File Validators (#3837)
  • 3838: Stdlib\ArrayObject & Zend\Session\Container Compatibility with ArrayObject (#3838)
  • 3839: Fixes #2477 - Implemented optional subdomains using regex (#3839)

2.1.1 (06 Feb 2013):

  • 2510: Zend\Session\Container does not allow modification by reference (#2510)
  • 2899: Can't inherit abstract function Zend\Console\Prompt\PromptInterface::show() (#2899)
  • 3455: Added DISTINCT on Zend\Db\Sql\Select (#3455)
  • 3456: Connection creation added in Pgsql.php createStatement method (#3456)
  • 3608: Fix validate data contains arrays as values (#3608)
  • 3610: Form: rely on specific setter (#3610)
  • 3618: Fix bug when $indent have some string (#3618)
  • 3622: Updated Changelog with BC notes for 2.1 and 2.0.7 (#3622)
  • 3623: Authentication using DbTable Adapter doesn't work for 2.1.0 (#3623)
  • 3625: Missing instance/object for parameter route upgrading to 2.1.* (#3625)
  • 3627: Making relative links in Markdown files (#3627)
  • 3629: Zend\Db\Select using alias in joins can results in wrong SQL (#3629)
  • 3638: Fixed method that removed part from parts in Mime\Message (#3638)
  • 3639: Session Metadata and SessionArrayStorage requestaccesstime fixes. (#3639)
  • 3640: [#3625] Do not query abstract factories for registered invokables (#3640)
  • 3641: Zend\Db\Sql\Select Fix for #3629 (#3641)
  • 3645: Exception on destructing the SMTP Transport instance (#3645)
  • 3648: Ensure run() always returns Application instance (#3648)
  • 3649: Created script to aggregate return status (#3649)
  • 3650: InjectControllerDependencies initializer overriding an previously defined EventManager (#3650)
  • 3651: Hotfix/3650 (#3651)
  • 3656: Zend\Validator\Db\AbstractDb.php and mysqli (#3656)
  • 3658: Zend\Validator\Db\AbstractDb.php and mysqli (issue: 3656) (#3658)
  • 3661: ZF HTTP Status Code overwritten (#3661)
  • 3662: Remove double injection in Plugin Controller Manager (#3662)
  • 3663: Remove useless shared in ServiceManager (#3663)
  • 3671: Hotfix/restful head identifier (#3671)
  • 3673: Add translations for Zend\Validator\File\UploadFile (#3673)
  • 3679: remove '' character from Traversable (#3679)
  • 3680: Zend\Validator\Db Hotfix (supersedes #3658) (#3680)
  • 3681: [#2899] Remove redundant method declaration (#3681)
  • 3682: Zend\Db\Sql\Select Quantifier (DISTINCT, ALL, + Expression) support - supersedes #3455 (#3682)
  • 3684: Remove the conditional class declaration of ArrayObject (#3684)
  • 3687: fix invalid docblock (#3687)
  • 3689: [#3684] Polyfill support for version-dependent classes (#3689)
  • 3690: oracle transaction support (#3690)
  • 3692: Hotfix/db parametercontainer mixed use (#3692)

2.1.0 (29 Jan 2013):

  • 2378: ZF2-417 Form Annotation Hydrator options support (#2378)
  • 2390: Expose formally protected method in ConfigListener (#2390)
  • 2405: [WIP] Feature/accepted model controller plugin (#2405)
  • 2424: Decorator plugin manager was pointing to an inexistent class (#2424)
  • 2428: Form develop/allow date time (#2428)
  • 2430: [2.1] Added the scrypt key derivation algorithm in Zend\Crypt (#2430)
  • 2439: [2.1] Form File Upload refactor (#2439)
  • 2486: The Upload validator might be broken (#2486)
  • 2506: Throwing exception in template (and/or layout) doesnt fails gracefully (#2506)
  • 2524: Throws exception when trying to generate bcrypt (#2524)
  • 2537: Create a NotIn predicate (#2537)
  • 2616: Initial ZF2 RBAC Component (#2616)
  • 2629: JsonStrategy should set response charset (#2629)
  • 2647: Fix/bcrypt: added the set/get BackwardCompatibility (#2647)
  • 2668: Implement XCache storage adapter (fixes #2581) (#2668)
  • 2671: Added fluent inteface to prepend and set method. Zend\View\Container\AbstractContainer (#2671)
  • 2725: Feature/logger factory (#2725)
  • 2726: Zend\Validator\Explode does not handle NULL (#2726)
  • 2727: Added ability to add additional information to the logs via processors. (#2727)
  • 2772: Adding cookie route. Going to open PR for comments. (#2772)
  • 2815: Fix fro GitHub issue 2600 (Cannot check if a table is read only) (#2815)
  • 2819: Support for ListenerAggregates in SharedEventManager (#2819)
  • 2820: Form plugin manager (#2820)
  • 2863: Handle postgres sequences (#2863)
  • 2876: memcached changes (#2876)
  • 2884: Allow select object to pass on select->join (#2884)
  • 2888: Bugfix dateformat helper (#2888)
  • 2918: \Zend\Mime\Mime::LINEEND causes problems with some SMTP-Servers (#2918)
  • 2945: SOAP 1.2 support for WSDL generation (#2945)
  • 2947: Add DateTimeSelect element to form (#2947)
  • 2950: Abstract row gatewayset from array (#2950)
  • 2968: Zend\Feed\Reader\Extension\Atom\Entry::getAuthors and Feed::getAuthors should return Collection\Author (#2968)
  • 2973: Zend\Db\Sql : Create NotIn predicate (#2973)
  • 2977: Method signature of merge() in Zend\Config\Config prevents mocking (#2977)
  • 2988: Cache: Added storage adapter using a session container (#2988)
  • 2990: Added note of new xcache storage adapter (#2990)
  • 3010: [2.1][File Uploads] Multi-File input filtering and FilePRG plugin update (#3010)
  • 3011: Response Json Client (#3011)
  • 3016: [develop] PRG Plugin fixes: Incorrect use of session hops expiration (#3016)
  • 3019: [2.1][develop] PRG Plugins fix (#3019)
  • 3055: Zend Validators complain of array to string conversion for nested array values that do not pass validation when using E_NOTICE (#3055)
  • 3058: [2.1][File Upload] Session Progress fixes (#3058)
  • 3059: [2.1] Add reference to ChromePhp LoggerWriter in WriterPluginManager (#3059)
  • 3069: Hotfix/xcache empty namespace (#3069)
  • 3073: Documentation and code mismatch (#3073)
  • 3084: Basic support for aggregates in SharedEventManager according to feedback... (#3084)
  • 3086: Updated constructors to accept options array according to AbstractWriter... (#3086)
  • 3088: Zend\Permissions\Rbac roles should inherit parent permissions, not child permissions (#3088)
  • 3093: Feature/cookies refactor (#3093)
  • 3105: RFC Send Response Workflow (#3105)
  • 3110: Stdlib\StringUtils (#3110)
  • 3140: Tests for Zend\Cache\Storage\Adapter\MemcachedResourceManager (#3140)
  • 3195: Date element formats not respected in validators. (#3195)
  • 3199: [2.1][FileUploads] FileInput AJAX Post fix (#3199)
  • 3212: Cache: Now an empty namespace means disabling namespace support (#3212)
  • 3215: Check $exception type before throw (#3215)
  • 3219: Fix hook in plugin manager (#3219)
  • 3224: Zend\Db\Sql\Select::getSqlString(Zend\Db\Adapter\Platform\Mysql) doesn't work properly with limit param (#3224)
  • 3243: [2.1] Added the support of Apache's passwords (#3243)
  • 3246: [2.1][File Upload] Change file upload filtering to preserve the $_FILES array (#3246)
  • 3247: Fix zend test with the new sendresponselistener (#3247)
  • 3257: Support nested error handler (#3257)
  • 3259: [2.1][File Upload] RenameUpload filter rewrite w/option to use uploaded 'name' (#3259)
  • 3263: correcting ConsoleResponseSender's __invoke (#3263)
  • 3276: DateElement now support a string (#3276)
  • 3283: fix Undefined function DocBlockReflection::factory error (#3283)
  • 3287: Added missing constructor parameter (#3287)
  • 3308: Update library/Zend/Validator/File/MimeType.php (#3308)
  • 3314: add ContentTransferEncoding Headers (#3314)
  • 3316: Update library/Zend/Mvc/ResponseSender/ConsoleResponseSender.php (#3316)
  • 3334: [2.1][develop] Added missing Exception namespace to Sha1 validator (#3334)
  • 3339: Xterm's 256 colors integration for Console. (#3339)
  • 3343: add SimpleStreamResponseSender + Tests (#3343)
  • 3349: Provide support for more HTTP methods in the AbstractRestfulController (#3349)
  • 3350: Add little more fun to console (#3350)
  • 3357: Add default prototype tags in reflection (#3357)
  • 3359: Added filter possibility (#3359)
  • 3363: Fix minor doc block errors (#3363)
  • 3365: Fix trailing spaces CS error causing all travis builds to fail (#3365)
  • 3366: Zend\Log\Logger::registerErrorHandler() should accept a parameter to set the return value of the error_handler callback (#3366)
  • 3370: [2.1] File PRG plugin issue when merging POST data with nested keys (#3370)
  • 3376: Remove use of deprecated /e-modifier of preg_replace (#3376)
  • 3377: removed test failing since PHP>=5.4 (#3377)
  • 3378: Improve code generators consistency (#3378)
  • 3385: render view one last time in case exception thrown from inside view (#3385)
  • 3389: FileExtension validor error in Form context (#3389)
  • 3392: Development branch of AbstractRestfulController->processPostData() doesn't handle Content-Type application/x-www-form-urlencoded correctly (#3392)
  • 3404: Provide default $_SESSION array superglobal proxy storage adapter (#3404)
  • 3405: fix dispatcher to catch legitimate exceptions (#3405)
  • 3414: Zend\Mvc\Controller\AbstractRestfulController: various fixes to Json handling (#3414)
  • 3418: [2.1] Additional code comments for FileInput (#3418)
  • 3420: Authentication Validator (#3420)
  • 3421: Allow to set arbitrary status code for Exception strategy (#3421)
  • 3426: Zend\Form\View\Helper\FormSelect (#3426)
  • 3427: Zend\ModuleManager\Feature\ProvidesDependencyModulesInterface (#3427)
  • 3440: [#3376] Better fix (#3440)
  • 3442: Better content-type negotiation (#3442)
  • 3446: Zend\Form\Captcha setOptions don't follow interface contract (#3446)
  • 3450: [Session][Auth] Since the recent BC changes to Sessions, Zend\Authentication\Storage\Session does not work (#3450)
  • 3454: ACL permissions are not correctly inherited. (#3454)
  • 3458: Session data is empty in Session SaveHandler's write function (#3458)
  • 3461: fix for #3458 (#3461)
  • 3470: Session not working in current development? (#3470)
  • 3479: Fixed #3454. (#3479)
  • 3482: Feature/rest delete replace collection (#3482)
  • 3483: [#2629] Add charset to Content-Type header (#3483)
  • 3485: Zend\Db Oracle Driver (#3485)
  • 3491: Update library/Zend/Code/Generator/PropertyGenerator.php (#3491)
  • 3493: [Log] fixes #3366: Now Logger::registerErrorHandler() accepts continue (#3493)
  • 3494: [2.1] Zend\Filter\Word* no longer extends Zend\Filter\PregReplace (#3494)
  • 3495: [2.1] Added Zend\Stdlib\StringUtils::hasPcreUnicodeSupport() (#3495)
  • 3496: [2.1] fixed tons of missing/wrong use statements (#3496)
  • 3498: add method to Zend\Http\Response\Stream (#3498)
  • 3499: removed "self" typehints in Zend\Config and Zend\Mvc (#3499)
  • 3501: Exception while createing RuntimeException in Pdo Connection class (#3501)
  • 3507: hasAcl dosn't cheks $defaultAcl Member Variable (#3507)
  • 3508: Removed all @category, @package, and @subpackage annotations (#3508)
  • 3509: Zend\Form\View\Helper\FormSelect (#3509)
  • 3510: FilePRG: replace array_merge with ArrayUtils::merge (#3510)
  • 3511: Revert PR #3088 as discussed in #3265. (#3511)
  • 3519: Allow to pull route manager from sl (#3519)
  • 3523: Components dependent on Zend\Stdlib but it's not marked in composer.json (#3523)
  • 3531: [2.1] Fix variable Name and Resource on Oracle Driver Test (#3531)
  • 3532: Add legend translation support into formCollection view helper (#3532)
  • 3538: ElementPrepareAwareInterface should use FormInterface (#3538)
  • 3541: \Zend\Filter\Encrypt and \Zend\Filter\Decrypt not working together? (#3541)
  • 3543: Hotfix: Undeprecate PhpEnvironement Response methods (#3543)
  • 3545: Removing service initializer as of #3537 (#3545)
  • 3546: Add RoleInterface (#3546)
  • 3555: [2.1] [Forms] [Bug] Factory instantiates Elements directly but should be using the FormElementManager (#3555)
  • 3556: fix for #3555 (#3556)
  • 3557: [2.1] Fixes for FilePRG when using nested form elements (#3557)
  • 3559: Feature/translate flash message (#3559)
  • 3561: Zend\Mail SMTP Fix Connection Handling (#3561)
  • 3566: Flash Messenger fixes for PHP < 5.4, and fix for default namespacing (#3566)
  • 3567: Zend\Db: Adapter construction features + IbmDb2 & Oracle Platform features (#3567)
  • 3572: Allow to add serializers through config (#3572)
  • 3576: BC Break in Controller Loader, controllers no more present in controller loader. (#3576)
  • 3583: [2.1] Fixed an issue on salt check in Apache Password (#3583)
  • 3584: Zend\Db Fix for #3290 (#3584)
  • 3585: [2.1] Added the Apache htpasswd support for HTTP Authentication (#3585)
  • 3586: Zend\Db Fix for #2563 (#3586)
  • 3587: Zend\Db Fix/Feature for #3294 (#3587)
  • 3597: Zend\Db\TableGateway hotfix for MasterSlaveFeature (#3597)
  • 3598: Feature Zend\Db\Adapter\Profiler (#3598)
  • 3599: [WIP] Zend\Db\Sql Literal Objects (#3599)
  • 3600: Fixed the unit test for Zend\Filter\File\Encrypt and Decrypt (#3600)
  • 3605: Restore Zend\File\Transfer (#3605)
  • 3606: Zend\Db\Sql\Select Add Support For SubSelect in Join Table - #2881 & #2884 (#3606)

Potential Breakage

Includes a fix to the classes Zend\Filter\Encrypt and Zend\Filter\Decrypt which may pose a small break for end-users. Each requires an encryption key be passed to either the constructor or the setKey() method now; this was done to improve the security of each class.

Zend\Session includes a new Zend\Session\Storage\SessionArrayStorage class, which acts as a direct proxy to the $_SESSION superglobal. The SessionManager class now uses this new storage class by default, in order to fix an error that occurs when directly manipulating nested arrays of $_SESSION in third-party code. For most users, the change will be seamless. Those affected will be those (a) directly accessing the storage instance, and (b) using object notation to access session members:

$foo = null;
/** @var $storage Zend\Session\Storage\SessionStorage */
if (isset($storage->foo)) {
    $foo = $storage->foo;
}

If you are using array notation, as in the following example, your code remains forwards compatible:

$foo = null;

/** @var $storage Zend\Session\Storage\SessionStorage */
if (isset($storage['foo'])) {
    $foo = $storage['foo'];
}

If you are not working directly with the storage instance, you will be unaffected.

For those affected, the following courses of action are possible:

  • Update your code to replace object property notation with array notation, OR
  • Initialize and register a Zend\Session\Storage\SessionStorage object explicitly with the session manager instance.

2.0.8 (13 Mar 2013):

2.0.7 (29 Jan 2013):

  • 1992: [2.1] Adding simple Zend/I18n/Loader/Tmx (#1992)
  • 2024: Add HydratingResultSet::toEntityArray() (#2024)
  • 2031: [2.1] Added MongoDB session save handler (#2031)
  • 2080: [2.1] Added a ChromePhp logger (#2080)
  • 2086: [2.1] Module class map cache (#2086)
  • 2100: [2.1] refresh() method in Redirect plugin (#2100)
  • 2105: [2.1] Feature/unidecoder (#2105)
  • 2106: [2.1] Class annotation scanner (#2106)
  • 2125: [2.1] Add hydrator wildcard and new hydrator strategy (#2125)
  • 2129: [2.1] Feature/overrideable di factories (#2129)
  • 2152: [2.1] [WIP] adding basic table view helper (#2152)
  • 2175: [2.1] Add DateSelect and MonthSelect elements (#2175)
  • 2189: [2.1] Added msgpack serializer (#2189)
  • 2190: [2.1] [WIP] Zend\I18n\Filter\SlugUrl - Made a filter to convert text to slugs (#2190)
  • 2208: [2.1] Update library/Zend/View/Helper/HeadScript.php (#2208)
  • 2212: [2.1] Feature/uri normalize filter (#2212)
  • 2225: Zend\Db\Sql : Create NotIn predicate (#2225)
  • 2232: [2.1] Load Messages from other than file (#2232)
  • 2271: [2.1] Ported FingersCrossed handler from monolog to ZF2 (#2271)
  • 2288: Allow to create empty option in Select (#2288)
  • 2305: Add support for prev and next link relationships (#2305)
  • 2315: Add MVC service factories for Filters and Validators (#2315)
  • 2316: Add paginator factory & adapter plugin manager (#2316)
  • 2333: Restore mail message from string (#2333)
  • 2339: ZF2-530 Implement PropertyScanner (#2339)
  • 2343: Create Zend Server Monitor Event (#2343)
  • 2367: Convert abstract classes that are only offering static methods (#2367)
  • 2374: Modified Acl/Navigation to be extendable (#2374)
  • 2381: Method Select::from can accept instance of Select as subselect (#2381)
  • 2389: Add plural view helper (#2389)
  • 2396: Rbac component for ZF2 (#2396)
  • 2399: Feature/unidecoder new (#2399)
  • 2411: Allow to specify custom pattern for date (#2411)
  • 2414: Added a new validator to check if input is instance of certain class (#2414)
  • 2415: Add plural helper to I18n (#2415)
  • 2417: Allow to render template separately (#2417)
  • 2648: AbstractPluginManager should not respond to... (#2648)
  • 2650: Add view helper and controller plugin to pull the current identity from ... (#2650)
  • 2670: quoteIdentifier() & quoteIdentifierChain() bug (#2670)
  • 2702: Added addUse method in ClassGenerator (#2702)
  • 2704: Functionality/writer plugin manager (#2704)
  • 2706: Feature ini adapter translate (#2706)
  • 2718: Chain authentication storage (#2718)
  • 2774: Fixes #2745 (generate proper query strings). (#2774)
  • 2783: Added methods to allow access to the routes of the SimpleRouteStack. (#2783)
  • 2794: Feature test phpunit lib (#2794)
  • 2801: Improve Zend\Code\Scanner\TokenArrayScanner (#2801)
  • 2807: Add buffer handling to HydratingResultSet (#2807)
  • 2809: Allow Zend\Db\Sql\TableIdentifier in Zend\Db\Sql\Insert, Update & Delete (#2809)
  • 2812: Catch exceptions thrown during rendering (#2812)
  • 2821: Added loadModule.post event to loadModule(). (#2821)
  • 2822: Added the ability for FirePhp to understand 'extras' passed to \Zend\Log (#2822)
  • 2841: Allow to remove attribute in form element (#2841)
  • 2844: [Server] & [Soap] Typos and docblocks (#2844)
  • 2848: fixing extract behavior of Zend\Form\Element\Collection and added ability to use own fieldset helper within FormCollection-helper (#2848)
  • 2855: add a view event (#2855)
  • 2868: [WIP][Server] Rewrite Reflection API to reuse code from Zend\Code\Reflection API (#2868)
  • 2870: [Code] Add support for @throws, multiple types and typed arrays (#2870)
  • 2875: [InputFilter] Adding hasUnknown and getUnknown methods to detect and get unknown inputs (#2875)
  • 2919: Select::where should accept PredicateInterface (#2919)
  • 2927: Add a bunch of traits to ZF2 (#2927)
  • 2931: Cache: Now an empty namespace means disabling namespace support (#2931)
  • 2953: [WIP] #2743 fix docblock @category/@package/@subpackage (#2953)
  • 2989: Decouple Zend\Db\Sql from concrete Zend\Db\Adapter implementations (#2989)
  • 2995: service proxies / lazy services (#2995)
  • 3017: Fixing the problem with order and \Zend\Db\Sql\Expression (#3017)
  • 3028: Added Json support for POST and PUT operations in restful controller. (#3028)
  • 3056: Add pattern & storage cache factory (#3056)
  • 3057: Pull zend filter compress snappy (#3057)
  • 3078: Allow NodeList to be accessed via array like syntax. (#3078)
  • 3081: Fix for Collection extract method updates targetElement object (#3081)
  • 3106: Added template map generator (#3106)
  • 3189: Added xterm's 256 colors (#3189)
  • 3200: Added ValidatorChain::attach() and ValidatorChain::attachByName() to keep consistent with FilterChain (#3200)
  • 3202: Added NTLM authentication support to Zend\Soap\Client\DotNet. (#3202)
  • 3218: Zend-Form: Allow Input Filter Preference Over Element Defaults (#3218)
  • 3230: Add Zend\Stdlib\Hydrator\Strategy\ClosureStrategy (#3230)
  • 3241: Reflection parameter type check (#3241)
  • 3260: Zend/Di, retriving same shared instance for different extra parameters (#3260)
  • 3261: Fix sendmail key (#3261)
  • 3262: Allows several translation files for same domain / locale (#3262)
  • 3269: A fix for issue #3195. Date formats are now used during validation. (#3269)
  • 3272: Support for internationalized .IT domain names (#3272)
  • 3273: Parse docblock indented with tabs (#3273)
  • 3285: Fixed wrong return usage and added @throws docblock (#3285)
  • 3286: remove else in already return early (#3286)
  • 3288: Removed unused variable (#3288)
  • 3292: Added Zend Monitor custom event support (#3292)
  • 3295: Proposing removal of subscription record upon unsubscribe (#3295)
  • 3296: Hotfix #3046 - set /dev/urandom as entropy file for Session (#3296)
  • 3298: Add PROPFIND Method to Zend/HTTP/Request (#3298)
  • 3300: Zend\Config - Fix count after merge (#3300)
  • 3302: Fixed #3282 (#3302)
  • 3303: Fix indentation, add trailing ',' to last element in array (#3303)
  • 3304: Missed the Zend\Text dependency for Zend\Mvc in composer.json (#3304)
  • 3307: Fix an issue with inheritance of placeholder registry (#3307)
  • 3313: Fix buffering getTotalSpace (#3313)
  • 3317: Fixed FileGenerator::setUse() to ignore already added uses. (#3317)
  • 3318: Fixed FileGenerator::setUses() to allow passing in array of strings. (#3318)
  • 3320: Change @copyright Year : 2012 with 2013 (#3320)
  • 3321: remove relative link in CONTRIBUTING.md (#3321)
  • 3322: remove copy variable for no reason (#3322)
  • 3324: enhance strlen to improve performance (#3324)
  • 3326: Minor loop improvements (#3326)
  • 3327: Fix indentation (#3327)
  • 3328: pass on the configured format to the DateValidator instead of hardcoding it (#3328)
  • 3329: Fixed DefinitionList::hasMethod() (#3329)
  • 3331: no chaining in form class' bind method (#3331)
  • 3333: Fixed Zend/Mvc/Router/Http/Segment (#3333)
  • 3340: Add root namespace character (#3340)
  • 3342: change boolean to bool for consistency (#3342)
  • 3345: Update library/Zend/Form/View/Helper/FormRow.php (#3345)
  • 3352: ClassMethods hydrator and wrong method definition (#3352)
  • 3355: Fix for GitHub issue 2511 (#3355)
  • 3356: ZF session validators (#3356)
  • 3362: Use CamelCase for naming (#3362)
  • 3369: Removed unused variable in Zend\Json\Decoder.php (#3369)
  • 3386: Adding attributes for a lightweight export (#3386)
  • 3393: [Router] no need to correct ~ in the path encoding (#3393)
  • 3396: change minimal verson of PHPUnit (#3396)
  • 3403: [ZF-8825] Lower-case lookup for "authorization" header (#3403)
  • 3409: Fix for broken handling of Zend\ServiceManager\ServiceManager::shareByDefault = false (Issue #3408) (#3409)
  • 3410: [composer] Sync replace package list (#3410)
  • 3415: Remove import of Zend root namespace (#3415)
  • 3423: Issue #3348 fix (#3423)
  • 3425: German Resources Zend_Validate.php updated. (#3425)
  • 3429: Add __destruct to SessionManager (#3429)
  • 3430: SessionManager: Throw exception when attempting to setId after the session has been started (#3430)
  • 3437: Feature/datetime factory format (#3437)
  • 3438: Add @method tags to the AbstractController (#3438)
  • 3439: Individual shared setting does not override the shareByDefault setting of the ServiceManager (#3439)
  • 3443: Adding logic to check module dependencies at module loading time (#3443)
  • 3445: Update library/Zend/Validator/Hostname.php (#3445)
  • 3452: Hotfix/session mutability (#3452)
  • 3473: remove surplus call deep namespace (#3473)
  • 3477: The display_exceptions config-option is not passed to 404 views. (#3477)
  • 3480: [Validator][#2538] hostname validator overwrite (#3480)
  • 3484: [#3055] Remove array to string conversion notice (#3484)
  • 3486: [#3073] Define filter() in Decompress filter (#3486)
  • 3487: [#3446] Allow generic traversable configuration to Captcha element (#3487)
  • 3492: Hotfix/random crypt test fail (#3492)
  • 3502: Features/port supermessenger (#3502)
  • 3513: Fixed bug in acl introduced by acca10b6abe74b3ab51890d5cbe0ab8da4fdf7e0 (#3513)
  • 3520: Replace all is_null($value) calls with null === $value (#3520)
  • 3527: Explode validator: allow any value type to be validated (#3527)
  • 3530: The hasACL and hasRole don't check their default member variables (#3530)
  • 3550: Fix for the issue #3541 - salt size for Encrypt/Decrypt Filter (#3550)
  • 3562: Fix: Calling count() results in infinite loop (#3562)
  • 3563: Zend\Db: Fix for #3523 changeset - composer.json and stdlib (#3563)
  • 3571: Correctly parse empty Subject header (#3571)
  • 3575: Fix name of plugin referred to in exception message (#3575)
  • 3579: Some minor fixes in \Zend\View\Helper\HeadScript() class (#3579)
  • 3593: \Zend\Json\Server Fix _getDefaultParams if request-params are an associative array (#3593)
  • 3594: Added contstructor to suppressfilter (#3594)
  • 3601: Update Travis to start running tests on PHP 5.5 (#3601)
  • 3604: fixed Zend\Log\Logger::registerErrorHandler() doesn't log previous exceptions (#3604)

Potential Breakage

Includes a fix to the classes Zend\Filter\Encrypt and Zend\Filter\Decrypt which may pose a small break for end-users. Each requires an encryption key be passed to either the constructor or the setKey() method now; this was done to improve the security of each class.

2.0.6 (19 Dec 2012):

  • 2885: Zend\Db\TableGateway\AbstractTableGateway won't work with Sqlsrv db adapter (#2885)
  • 2922: Fix #2902 (#2922)
  • 2961: Revert PR #2943 for 5.3.3 fix (#2961)
  • 2962: Allow Accept-Encoding header to be set explicitly by http request (#2962)
  • 3033: Fix error checking on Zend\Http\Client\Adapter\Socket->write(). (#3033)
  • 3040: remove unused 'use DOMXPath' and property $count and $xpath (#3040)
  • 3043: improve conditional : reduce file size (#3043)
  • 3044: Extending Zend\Mvc\Router\Http\Segment causes error (#3044)
  • 3047: Fix Zend\Console\Getopt::getUsageMessage() (#3047)
  • 3049: Hotfix/issue #3033 (#3049)
  • 3050: Fix : The annotation @\Zend\Form\Annotation\AllowEmpty declared on does not accept any values (#3050)
  • 3052: Fixed #3051 (#3052)
  • 3061: changed it back 'consist' => the 'must' should be applied to all parts of the sentence (#3061)
  • 3063: hotfix: change sha382 to sha384 in Zend\Crypt\Key\Derivation\SaltedS2k (#3063)
  • 3070: Fix default value unavailable exception for in-build php classes (#3070)
  • 3074: Hotfix/issue #2451 (#3074)
  • 3091: console exception strategy displays previous exception message (#3091)
  • 3114: Fixed Client to allow also empty passwords in HTTP Authentication. (#3114)
  • 3125: #2607 - Fixing how headers are accessed (#3125)
  • 3126: Fix for GitHub issue 2605 (#3126)
  • 3127: fix cs: add space after casting (#3127)
  • 3130: Obey PSR-2 (#3130)
  • 3144: Zend\Form\View\Helper\Captcha\AbstractWord input and hidden attributes (#3144)
  • 3148: Fixing obsolete method of checking headers, made it use the new method. (#3148)
  • 3149: Zf2634 - Adding missing method Client::encodeAuthHeader (#3149)
  • 3151: Rename variable to what it probably should be (#3151)
  • 3155: strip duplicated semicolon (#3155)
  • 3156: fix typos in docblocks (#3156)
  • 3162: Allow Forms to have an InputFilterSpecification (#3162)
  • 3163: Added support of driver_options to Mysqli DB Driver (#3163)
  • 3164: Cast $step to float in \Zend\Validator\Step (#3164)
  • 3166: [#2678] Sqlsrv driver incorrectly throwing exception when $sqlOrResource... (#3166)
  • 3167: Fix #3161 by checking if the server port already exists in the host (#3167)
  • 3169: Fixing issue #3036 (#3169)
  • 3170: Fixing issue #2554 (#3170)
  • 3171: hotfix : add '$argName' as 'argument %s' in sprintf ( at 1st parameter ) (#3171)
  • 3178: Maintain priority flag when cloning a Fieldset (#3178)
  • 3184: fix misspelled getCacheStorge() (#3184)
  • 3186: Dispatching to a good controller but wrong action triggers a Fatal Error (#3186)
  • 3187: Fixing ansiColorMap by removing extra m's showed in the console (#3187)
  • 3194: Write clean new line for writeLine method (no background color) (#3194)
  • 3197: Fix spelling error (#3197)
  • 3201: Session storage set save path (#3201)
  • 3204: [wip] Zend\Http\Client makes 2 requests to url if setStream(true) is called (#3204)
  • 3207: dead code clean up. (#3207)
  • 3208: Zend\Mime\Part: Added EOL paramter to getEncodedStream() (#3208)
  • 3213: [#3173] Incorrect creating instance Zend/Code/Generator/ClassGenerator.php by fromArray (#3213)
  • 3214: Fix passing of tags to constructor of docblock generator class (#3214)
  • 3217: Cache: Optimized Filesystem::setItem with locking enabled by writing the... (#3217)
  • 3220: [2.0] Log Writer support for MongoClient driver class (#3220)
  • 3226: Licence is not accessable via web (#3226)
  • 3229: fixed bug in DefinitionList::hasMethod() (#3229)
  • 3234: Removed old Form TODO since all items are complete (#3234)
  • 3236: Issue #3222 - Added suport for multi-level nested ini config variables (#3236)
  • 3237: [BUG] Service Manager Not Shared Duplicate new Instance with multiple Abstract Factories (#3237)
  • 3238: Added French translation for captcha (#3238)
  • 3250: Issue #2912 - Fix for LicenseTag generation (#3250)
  • 3252: subject prepend text in options for Log\Writer\Mail (#3252)
  • 3254: Better capabilities surrounding console notFoundAction (#3254)

2.0.5 (29 Nov 2012):

  • 3004: Zend\Db unit tests fail with code coverage enabled (#3004)
  • 3039: combine double if into single conditional (#3039)
  • 3042: fix typo 'consist of' should be 'consists of' in singular (#3042)
  • 3045: Reduced the #calls of rawurlencode() using a cache mechanism (#3045)
  • 3048: Applying quickfix for #3004 (#3048)
  • 3095: Process X-Forwarded-For header in correct order (#3095)

2.0.4 (20 Nov 2012):

  • 2808: Add serializer better inheritance and extension (#2808)
  • 2813: Add test on canonical name with the ServiceManager (#2813)
  • 2832: bugfix: The helper DateFormat does not cache correctly when a pattern is set. (#2832)
  • 2837: Add empty option before empty check (#2837)
  • 2843: change self:: with static:: in call-ing static property/method (#2843)
  • 2857: Unnecessary path assembly on return in Zend\Mvc\Router\Http\TreeRouteStack->assemble() line 236 (#2857)
  • 2867: Enable view sub-directories when using ModuleRouteListener (#2867)
  • 2872: Resolve naming conflicts in foreach statements (#2872)
  • 2878: Fix : change self:: with static:: in call-ing static property/method() in other components ( all ) (#2878)
  • 2879: remove unused const in Zend\Barcode\Barcode.php (#2879)
  • 2896: Constraints in Zend\Db\Metadata\Source\AbstractSource::getTable not initalised (#2896)
  • 2907: Fixed proxy adapter keys being incorrectly set due Zend\Http\Client (#2907)
  • 2909: Change format of Form element DateTime and DateTimeLocal (#2909)
  • 2921: Added Chinese translations for zf2 validate/captcha resources (#2921)
  • 2924: small speed-up of Zend\EventManager\EventManager::triggerListeners() (#2924)
  • 2929: SetCookie::getFieldValue() always uses urlencode() for cookie values, even in case they are already encoded (#2929)
  • 2930: Add minor test coverage to MvcEvent (#2930)
  • 2932: Sessions: SessionConfig does not allow setting non-directory save path (#2932)
  • 2937: preserve matched route name within route match instance while forwarding... (#2937)
  • 2940: change 'Cloud\Decorator\Tag' to 'Cloud\Decorator\AbstractTag' (#2940)
  • 2941: Logical operator fix : 'or' change to '||' and 'and' change to '&&' (#2941)
  • 2952: Various Zend\Mvc\Router\Http routers turn + into a space in path segments (#2952)
  • 2957: Make Partial proxy to view render function (#2957)
  • 2971: Zend\Http\Cookie undefined self::CONTEXT_REQUEST (#2971)
  • 2976: Fix for #2541 (#2976)
  • 2981: Controller action HttpResponse is not used by SendResponseListener (#2981)
  • 2983: replaced all calls to $this->xpath with $this->getXpath() to always have... (#2983)
  • 2986: Add class to file missing a class (fixes #2789) (#2986)
  • 2987: fixed Zend\Session\Container::exchangeArray (#2987)
  • 2994: Fixes #2993 - Add missing asterisk to method docblock (#2994)
  • 2997: Fixing abstract factory instantiation time (#2997)
  • 2999: Fix for GitHub issue 2579 (#2999)
  • 3002: update master's resources/ja Zend_Validate.php message (#3002)
  • 3003: Adding tests for #2593 (#3003)
  • 3006: Hotfix for #2497 (#3006)
  • 3007: Fix for issue 3001 Zend\Db\Sql\Predicate\Between fails with min and max ... (#3007)
  • 3008: Hotfix for #2482 (#3008)
  • 3009: Hotfix for #2451 (#3009)
  • 3013: Solved Issue 2857 (#3013)
  • 3025: Removing the separator between the hidden and the visible inputs. As the... (#3025)
  • 3027: Reduced #calls of plugin() in PhpRenderer using a cache mechanism (#3027)
  • 3029: Fixed the pre-commit script, missed the fix command (#3029)
  • 3030: Mark module as loaded before trigginer EVENT_LOAD_MODULE (#3030)
  • 3031: Zend\Db\Sql Fix for Insert's Merge and Set capabilities with simlar keys (#3031)

2.0.3 (17 Oct 2012):

  • 2244: Fix for issue ZF2-503 (#2244)
  • 2318: Allow to remove decimals in CurrencyFormat (#2318)
  • 2363: Hotfix db features with eventfeature (#2363)
  • 2380: ZF2-482 Attempt to fix the buffer. Also added extra unit tests. (#2380)
  • 2392: Update library/Zend/Db/Adapter/Platform/Mysql.php (#2392)
  • 2395: Fix for http://framework.zend.com/issues/browse/ZF2-571 (#2395)
  • 2397: Memcached option merge issuse (#2397)
  • 2402: Adding missing dependencies (#2402)
  • 2404: Fix to comments (#2404)
  • 2416: Fix expressionParamIndex for AbstractSql (#2416)
  • 2420: Zend\Db\Sql\Select: Fixed issue with join expression named parameters overlapping. (#2420)
  • 2421: Update library/Zend/Http/Header/SetCookie.php (#2421)
  • 2422: fix add 2 space after @param in Zend\Loader (#2422)
  • 2423: ManagerInterface must be interface, remove 'interface' description (#2423)
  • 2425: Use built-in Travis composer (#2425)
  • 2426: Remove need of setter in ClassMethods hydrator (#2426)
  • 2432: Prevent space before end of tag with HTML5 doctype (#2432)
  • 2433: fix for setJsonpCallback not called when recieved JsonModel + test (#2433)
  • 2434: added phpdoc in Zend\Db (#2434)
  • 2437: Hotfix/console 404 reporting (#2437)
  • 2438: Improved previous fix for ZF2-558. (#2438)
  • 2440: Turkish Translations for Captcha and Validate (#2440)
  • 2441: Allow form collection to have any helper (#2441)
  • 2516: limit(20) -> generates LIMIT '20' and throws an IllegalQueryException (#2516)
  • 2545: getSqlStringForSqlObject() returns an invalid SQL statement with LIMIT and OFFSET clauses (#2545)
  • 2595: Pgsql adapater has codes related to MySQL (#2595)
  • 2613: Prevent password to be rendered if form validation fails (#2613)
  • 2617: Fixed Zend\Validator\Iban class name (#2617)
  • 2619: Form enctype fix when File elements are within a collection (#2619)
  • 2620: InputFilter/Input when merging was not using raw value (#2620)
  • 2622: Added ability to specify port (#2622)
  • 2624: Form's default input filters added multiple times (#2624)
  • 2630: fix relative link ( remove the relative links ) in README.md (#2630)
  • 2631: Update library/Zend/Loader/AutoloaderFactory.php (#2631)
  • 2633: fix redundance errors "The input does not appear to be a valid date" show twice (#2633)
  • 2635: Fix potential issue with Sitemap test (#2635)
  • 2636: add isset checks around timeout and maxredirects (#2636)
  • 2641: hotfix : formRow() element error multi-checkbox and radio renderError not shown (#2641)
  • 2642: Fix Travis build for CS issue (#2642)
  • 2643: fix for setJsonpCallback not called when recieved JsonModel + test (#2643)
  • 2644: Add fluidity to the prepare() function for a form (#2644)
  • 2652: Zucchi/filter tweaks (#2652)
  • 2665: pdftest fix (#2665)
  • 2666: fixed url change (#2666)
  • 2667: Possible fix for rartests (#2667)
  • 2669: skip whem gmp is loaded (#2669)
  • 2673: Input fallback value option (#2673)
  • 2676: mysqli::close() never called (#2676)
  • 2677: added phpdoc to Zend\Stdlib (#2677)
  • 2678: Zend\Db\Adapter\Sqlsrv\Sqlsrv never calls Statement\initialize() (fix within) (#2678)
  • 2679: Zend/Log/Logger.php using incorrect php errorLevel (#2679)
  • 2680: Cache: fixed bug on getTotalSpace of filesystem and dba adapter (#2680)
  • 2681: Cache/Dba: fixed notices on tearDown db4 tests (#2681)
  • 2682: Replace 'Configuration' with 'Config' when retrieving configuration (#2682)
  • 2683: Hotfix: Allow items from Abstract Factories to have setShared() called (#2683)
  • 2685: Remove unused Uses (#2685)
  • 2686: Adding code to allow EventManager trigger listeners using wildcard identifier (#2686)
  • 2687: Hotfix/db sql nested expressions (#2687)
  • 2688: Hotfix/tablegateway event feature (#2688)
  • 2689: Hotfix/composer phpunit (#2689)
  • 2690: Use RFC-3339 full-date format (Y-m-d) in Date element (#2690)
  • 2691: join on conditions don't accept alternatives to columns (#2691)
  • 2693: Update library/Zend/Db/Adapter/Driver/Mysqli/Connection.php (#2693)
  • 2694: Bring fluid interface to Feed Writer (#2694)
  • 2698: fix typo in # should be :: in exception (#2698)
  • 2699: fix elseif in javascript Upload Demo (#2699)
  • 2700: fix cs in casting variable (#2700)
  • 2705: Fix french translation (#2705)
  • 2707: Improved error message when ServiceManager does not find an invokable class (#2707)
  • 2710: #2461 - correcting the url encoding of path segments (#2710)
  • 2711: Fix/demos ProgressBar/ZendForm.php : Object of class Zend\Form\Form could not be converted to string (#2711)
  • 2712: fix cs casting variable for (array) (#2712)
  • 2713: Update library/Zend/Mvc/Service/ViewHelperManagerFactory.php (#2713)
  • 2714: Don't add separator if not prefixing columns (#2714)
  • 2717: Extends when it can : Validator\DateStep extends Validator\Date to reduce code redundancy (#2717)
  • 2719: Fixing the Cache Storage Factory Adapter Factory (#2719)
  • 2728: Bad Regex for Content Type header (#2728)
  • 2731: Reset the Order part when resetting Select (#2731)
  • 2732: Removed references to Mysqli in Zend\Db\Adapter\Driver\Pgsql (#2732)
  • 2733: fix @package Zend_Validate should be Zend_Validator (#2733)
  • 2734: fix i18n @package and @subpackage value (#2734)
  • 2736: fix captcha helper test. (#2736)
  • 2737: Issue #2728 - Bad Regex for Content Type header (#2737)
  • 2738: fix link 'quickstart' to version 2.0 (#2738)
  • 2739: remove '@subpackage' because Zend\Math is not in subpackage (#2739)
  • 2742: remove () in echo-ing (#2742)
  • 2749: Fix for #2678 (Zend\Db's Sqlsrv Driver) (#2749)
  • 2750: Adds the ability to instanciate by factory to AbstractPluginManager (#2750)
  • 2754: add the support to register module paths over namespace (#2754)
  • 2755: remove Zend\Mvc\Controller\PluginBroker from aliases in "$defaultServiceConfig" (#2755)
  • 2759: Fix Zend\Code\Scanner\TokenArrayScanner (#2759)
  • 2764: Fixed Zend\Math\Rand::getString() to pass the parameter $strong to ::getBytes() (#2764)
  • 2765: Csrf: always use dedicated setter (#2765)
  • 2766: Session\Storage: always preserve REQUEST_ACCESS_TIME (#2766)
  • 2768: Zend\Validator dependency is missed in Zend\Cache composer.json (#2768)
  • 2769: change valueToLDAP to valueToLdap and valueFromLDAP to valueFromLdap (#2769)
  • 2770: Memcached (#2770)
  • 2775: Zend\Db\Sql: Fix for Mysql quoting during limit and offset (#2775)
  • 2776: Allow whitespace in Iban (#2776)
  • 2777: Fix issue when PREG_BAD_UTF8__OFFSET_ERROR is defined but Unicode support is not enabled on PCRE (#2777)
  • 2778: Undefined Index fix in ViewHelperManagerFactory (#2778)
  • 2779: Allow forms that have been added as fieldsets to bind values to bound ob... (#2779)
  • 2782: Issue 2781 (#2782)

2.0.2 (21 Sep 2012):

  • 2383: Changed unreserved char definition in Zend\Uri (ZF2-533) and added shell escaping to the test runner (#2383)
  • 2393: Trying to solve issue ZF2-558 (#2393)
  • 2398: Segment route: add fix for optional groups within optional groups (#2398)
  • 2400: Use 'Router' in http env and 'HttpRouter' in cli (#2400)
  • 2401: Better precision for userland fmod algorithm (#2401)

2.0.1 (20 Sep 2012):

  • 2285: Seed RouteMatch params as long as params is set. This permits setting an empty array. (#2285)
  • 2286: prepareNotFoundViewModel listner - eventResult as ViewModel if set (#2286)
  • 2290: $label only when filled (#2290)
  • 2292: Allow (int)0 in coomments count in entry feed (#2292)
  • 2295: force to check className parameters (#2295)
  • 2296: mini-fix in controller plugin manager (#2296)
  • 2297: fixed phpdoc in Zend\Mvc\ApplicationInterface (#2297)
  • 2298: Update to Date element use statements to make it clearer which DateTime (#2298)
  • 2300: FormRow translate label fix (#ZF2-516) (#2300)
  • 2302: Notifications now to #zftalk.dev (#2302)
  • 2306: Fix several cs (#2306)
  • 2307: Removed comment about non existent Zend_Tool (#2307)
  • 2308: Fix pluginmanager get method error (#2308)
  • 2309: Add consistency with event name (#2309)
  • 2310: Update library/Zend/Db/Sql/Select.php (#2310)
  • 2311: Version update (#2311)
  • 2312: Validator Translations (#2312)
  • 2313: ZF2-336: Zend\Form adds enctype attribute as multipart/form-data (#2313)
  • 2317: Make Fieldset constructor consistent with parent Element class (#2317)
  • 2321: ZF2-534 Zend\Log\Writer\Syslog prevents setting application name (#2321)
  • 2322: Jump to cache-storing instead of returning (#2322)
  • 2323: Conditional statements improved(minor changes). (#2323)
  • 2324: Fix for ZF2-517: Zend\Mail\Header\GenericHeader fails to parse empty header (#2324)
  • 2328: Wrong __clone method (#2328)
  • 2331: added validation support for optgroups (#2331)
  • 2332: README-GIT update with optional pre-commit hook (#2332)
  • 2334: Mail\Message::getSubject() should return value the way it was set (#2334)
  • 2335: ZF2-511 Updated refactored names and other fixes (#2335)
  • 2336: ZF-546 Remove duplicate check for time (#2336)
  • 2337: ZF2-539 Input type of image should not have attribute value (#2337)
  • 2338: ZF2-543: removed linked but not implemented cache adapters (#2338)
  • 2341: Updated Zend_Validate.php pt_BR translation to 25.Jul.2011 EN Revision (#2341)
  • 2342: ZF2-549 Zend\Log\Formatter\ErrorHandler does not handle complex events (#2342)
  • 2346: updated Page\Mvc::isActive to check if the controller param was tinkered (#2346)
  • 2349: Zend\Feed Added unittests for more code coverage (#2349)
  • 2350: Bug in Zend\ModuleManager\Listener\LocatorRegistrationListener (#2350)
  • 2351: ModuleManagerInterface is never used (#2351)
  • 2352: Hotfix for AbstractDb and Csrf Validators (#2352)
  • 2354: Update library/Zend/Feed/Writer/AbstractFeed.php (#2354)
  • 2355: Allow setting CsrfValidatorOptions in constructor (#2355)
  • 2356: Update library/Zend/Http/Cookies.php (#2356)
  • 2357: Update library/Zend/Barcode/Object/AbstractObject.php (#2357)
  • 2358: Update library/Zend/ServiceManager/AbstractPluginManager.php (#2358)
  • 2359: Update library/Zend/Server/Method/Parameter.php (#2359)
  • 2361: Zend\Form Added extra unit tests and some code improvements (#2361)
  • 2364: Remove unused use statements (#2364)
  • 2365: Resolve undefined classes and constants (#2365)
  • 2366: fixed typo in Zend\View\HelperPluginManager (#2366)
  • 2370: Error handling in AbstractWriter::write using Zend\Stdlib\ErrorHandler (#2370)
  • 2372: Update library/Zend/ServiceManager/Config.php (#2372)
  • 2375: zend-inputfilter already requires (#2375)
  • 2376: Activate the new GitHub feature: Contributing Guidelines (#2376)
  • 2377: Update library/Zend/Mvc/Controller/AbstractController.php (#2377)
  • 2379: Typo in property name in Zend/Db/Metadata/Object/AbstractTableObject.php (#2379)
  • 2382: PHPDoc params in AbstractTableGateway.php (#2382)
  • 2384: Replace Router with Http router in url view helper (#2384)
  • 2387: Replace PHP internal fmod function because it gives false negatives (#2387)
  • 2388: Proposed fix for ZF2-569 validating float with trailing 0's (10.0, 10.10) (#2388)
  • 2391: clone in Filter\FilterChain (#2391)
  • Security fix: a number of classes were not using the Escaper component in order to perform URL, HTML, and/or HTML attribute escaping. Please see http://framework.zend.com/security/advisory/ZF2012-03 for more details.