6.3.12 (2021-08-25)

Overview of merged pull requests

BUGFIX: Add missing method to Generic\PersistenceManager

With https://github.com/neos/flow-development-collection/pull/2448 the method throwExceptionIfObjectIsNotAllowed() was removed, but the Generic\PersistenceManager was not adjusted. This fixes that in the simplest possible way…

  • Packages: Flow

BUGFIX: Bring back RenderingContext view argument, pin Fluid version

With typo3fluid/fluid 2.7.0 the $view constructor argument to RenderingContext is gone, but we support lower versions, thus things break.

This brings back the argument in our code and pins Fluid to < 2.7.0 for Flow below 7.2.0.

See https://github.com/neos/flow-development-collection/issues/2541 See https://github.com/TYPO3/Fluid/pull/548

  • Packages: FluidAdaptor

TASK: Fix PhpUnit deprecation warnings

The new SessionlessTestToken class is needed to replace the mocking of two interfaces (TokenInterface and SessionlessTokeInterface) in one call.

  • Packages: Flow

TASK: Fix Psalm issues

null

  • Packages: Flow FluidAdaptor

TASK: Require fixed composer/composer packages

This makes sure the required composer/composer dependency is not affected by CVE-2021-29472

https://github.com/composer/composer/security/advisories/GHSA-h5h8-pc6h-jvvx

  • Packages: Flow

BUGFIX: Extract doctrine EventListener functionality from PersistenceManager

With the changes in #2423 the PersistenceManager was registered as a Doctrine EventListener. Hence, when building the EntityManager, the PersistenceManager got instanciated with a completely new non-lazy EntityManager. This caused errors when trying to persist entities, as they were not known to that instance of the EntityManager. This change extracts the EventListener behaviour from the PersistenceManager.

  • Packages: Flow

BUGFIX: Avoid using the same widget id after session timeout

If a session times out and the user starts a new one the AjaxWidgetContextHolder assigned ids starting from 0 to each widget id, which might conflict with already generated pages, which had a different widget generating this id.

Now each ajax widget gets an uuid, avoiding such type of collisions.

BUGFIX: Do not run before and afterControllerInvocation signals in compile time

Together with Flow 6.x the Cli commands have been seperated from the Http ActionControllers.

Before these slots have been guaranteed to be executed during runtime only. This patch restores that behavior. There will be another commit against master, which introduces new 4 new signals, so in future you can even use compile time slots.

  • Fixes: #2528
  • Packages: Flow

BUGFIX: Return first existing annotation, not “current” one

In some cases this error comes up:

Trying to get property ‘lazy’ of non-object in ConfigurationBuilder

The reason for the error is the fact that the current() call does not return the existing annotation instance. The array pointer seems to point somewhere else. Using reset() instead of current solves the issue.

Using reset() does not really alter the (promised) behaviour of the method, so it is used instead.

  • Fixes: #2532
  • Packages: Flow

BUGFIX: Keep authorization checks disabled if an exception is swallowed

When code is wrapped in a Security\Context::withoutAuthorizationChecks() call and exceptions are caught, authorization checks are no longer disabled in the outer closure leading to exceptions like ` The security Context cannot be initialized yet `

This change fixes this by resetting the authorizationChecksDisabled to the previous value in a finally block.

BUGFIX: Allow null for source in translation helper

This fixes a bug that was introduced with PR #2476

Before it was possible to set the filename to null:

` I18n.translate('foo', null, [], null, 'Foo.Bar') `

but without this fix, you have to set the source to Main

` I18n.translate('foo', null, [], 'Main', 'Foo.Bar') `

  • Packages: Flow

Apply fixes from StyleCI

This pull request applies code style fixes from an analysis carried out by StyleCI.

For more information, click here.

  • Packages: Flow