Symfony 5.4.28 has just been released.
Here is the list of the most important changes since 5.4.27:

• bug #51474 [Serializer] Fix wrong InvalidArgumentException thrown (@mtarld)
• bug #51473 [VarDumper] Fix managing collapse state in CliDumper (@nicolas-grekas)
• bug #51445 [Security] FormLoginAuthenticator: fail for non-string password (@dmaicher)
• bug #51424 [HttpFoundation] Fix base URI detection on IIS with UrlRewriteModule (@derrabus)
• bug #48840 [Validator] Dump Valid constraints on debug command (@macintoshplus)
• bug #51223 [Console] Fix linewraps in OutputFormatter (@maxbeckers)
• bug #51307 [DependencyInjection] fix dump xml with array/object/enum default value (@Jean-Beru)
• bug #51328 [Messenger] Always return bool from messenger amqp connection nack (@Danielss89)
• bug #51295 [Mailer] update Brevo SMTP host (@bastien-wink)
• bug #51301 [FrameworkBundle] add missing default-doctrine-dbal-provider cache pool attribute to XSD (@xabbuh)
• bug #51296 [Process] Fix silencing wait when using a sigchild-enabled binary (@nicolas-grekas)
• bug #51201 [Workflow] fix MermaidDumper when place contains special char (@lyrixx)
• bug #51061 [DoctrineBridge] Bugfix - Allow to remove LazyLoaded listeners by object (@VincentLanglet)

Want to upgrade to this new release? Because Symfony protects
backwards-compatibility very closely, this should be quite easy. Use
SymfonyInsight upgrade reports
to detect the code you will need to change in your project and
read our upgrade
documentation to learn more.
Want to be notified whenever a new Symfony release is published? Or when a
version is not maintained anymore? Or only when a security issue is fixed?
Consider subscribing to the Symfony Roadmap Notifications.

Sponsor the Symfony project.