6.3.7 (2021-04-04)

Overview of merged pull requests

TASK: Automatically update psalm baseline after merge 

Followup for #1960 adjusted to our GH actions builds. Needs to check the pushing, as that probably doesn’t work as expected yet.

Packages: Flow github

BUGFIX: Anonymize authorization header in rendered request headers 

This prevents credential information leakage into logs and generally when using RequestInformationHelper to render request headers. Using Headers class directly will still disclose Authorization header values though, so take care if you use that.

Related to #2360

Packages: Flow

BUGFIX: Allow Doctrine object manager to appear as different class names 

The Doctrine object manager used to be Doctrine\Common but got moved to Doctrine\Persistence. Both are intrefaces.

Doctrine provides a compatibility layer implemented as class_alias().

There are situations where legacy code calls for Doctrine\Common, the PHP feature of class_alias mapps to Doctrine\Persistence and Flow does not know about it.

Packages: Flow

BUGFIX: Allow non-standard status codes in redirects 

Redirecting from controllers using redirectToUri allows the developer to set the status code to be used. However the actual status code returned to the client was always 303.

Changing the order so that statusCode is being handled after redirectUri fixes the issue.

Packages: Flow

TASK: Avoid opening database connection if nothing to persist 

Also, this avoids calling calculateChangeset() twice for requests that only want allowed objects to be persisted.

Resolves: #1893
Packages: Flow

TASK: Exclude breaking 1.8.0 guzzle/psr7 version 

This is a workaround for https://github.com/guzzle/psr7/pull/401 - 🤞 it will be fixed with 1.8.1

Packages: Factories Flow github

TASK: Mark all migrations as applied after behat setup 

See https://github.com/neos/neos-development-collection/pull/3311#issuecomment-803560353

Note that the Flow migrations somehow weren’t affected for some reason, but still this is the correct way to go about a doctrine:create (and mabye that command should itself mark all migrations applied).

Packages: github

BUGFIX: Outdated class name in @covers annotation 

This fixes running tests with code coverage.

Packages: Flow

BUGFIX: Ignore ProxyClass in code coverage of phpunit 

Add the @codeCoverageIgnore annotation to proxy class to ignore it in the coverage report.

Packages: Flow

Apply fixes from StyleCI 

This pull request applies code style fixes from an analysis carried out by StyleCI.

—

For more information, click here.

Packages: Flow

Apply fixes from StyleCI 

This pull request applies code style fixes from an analysis carried out by StyleCI.

—

For more information, click here.

Packages: Flow

BUGFIX: WithAddedHeader does not overwrite existing header 

Previously the PSR-7 forward compatibility method withAddedHeader() would overwrite existing headers and was hence the same as withHeader(). This change fixes that by correctly setting the $overwrite argument in the delegate method.

See https://github.com/neos/flow-development-collection/pull/2361#discussion_r588867079

BUGFIX: Fix ResourceTypeConverter for “data” import 

Fix the ResourceTypeConverter so that you can also import resources via base64.

What I did If one wanted to convert a base64 file via “data”, this did not work.

How I did it I changed the default value from “resource” to “null” so that the condition fits again.

How to verify it Convert a resource based on an array with “data” and “filename”.

Packages: Flow

BUGFIX: Authentication tests don’t depend on test running within a second 

This prevents the tests from failing occasionally because the test starts directly before the current second switches.

Packages: Flow

TASK: Add memcache extension to pass psalm checks 

Packages: Eel Flow github

BUGFIX: Check for valid session identifier before accessing the cache 

Currently it is possible to change the cookie value of Neos_Flow_Session (TYPO3_Flow_Session) to an invalid cache identifier. This leads to an InvalidArgumentException and an error code 500. This pull requests checks the validity of the session identifier before attempting to access the metaDataCache.

Retargeted follow-up to #1132 Thanks @Torsten85 and sorry for being late with accepting this

Packages: Flow

BUGFIX: Don’t validate transient properties during persistence 

See https://github.com/neos/flow-development-collection/pull/1538#issuecomment-524485959

A better version of #1734 that will really only ignore transient properties during persistence validation and nowhere else.

Packages: Flow

Apply fixes from StyleCI 

This pull request applies code style fixes from an analysis carried out by StyleCI.

—

For more information, click here.

Packages: Flow

TASK: Make sure Testing/Settings is overwritten in build 

See https://github.com/neos/flow-development-collection/runs/2041837140?check_suite_focus=true

Packages: Flow github

BUGFIX: `Array.filter` fails with empty callback 

According to the documentation and method signature the callback argument in the Array.filter Eel method is optional.

Also the underlying php function array_filter supports beeing called without a callback. In which case it filters empty values which is really handy in places. However due to the passed flag ARRAY_FILTER_USE_BOTH this leads to an error.

The code adjusts the call to array_filter to only pass callback and ARRAY_FILTER_USE_BOTH if the filter is not null and adds a testcase for an empty filter.

Resolves: #2401 2401
Packages: Flow

Apply fixes from StyleCI 

This pull request applies code style fixes from an analysis carried out by StyleCI.

—

For more information, click here.

Packages: Flow