Feed items

warning: Declaration of views_handler_argument::init(&$view, &$options) should be compatible with views_handler::init(&$view, $options) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_argument.inc on line 48.
warning: Declaration of views_handler_filter_boolean_operator::value_validate(&$form, &$form_state) should be compatible with views_handler_filter::value_validate($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/handlers/views_handler_filter_boolean_operator.inc on line 111.
warning: Declaration of views_plugin_row_node_view::options_form(&$form, &$form_state) should be compatible with views_plugin_row::options_form($form, &$form_state) in /home/clients/ru/domains/development4web.com/html/sites/all/modules/views/modules/node/views_plugin_row_node_view.inc on line 35.

New in Symfony 7.2: Redesigned TypeInfo Component

Contributed by
Mathias Arlaud

Herd Executable Support and Pest 3 Mutation Testing in PhpStorm 2024.3

Register now for Sentry Launch Week!

Hide and safeguard emails from bots with the Muddle Laravel package

New in Symfony 7.2: New Command Options

In Symfony 7.2, we've improved many existing commands with new options and features.

A seasoned developer's guide to learning Meteor.js

IntroductionWhen creating real-time apps such as chats or dashboards, we usually consider Node.js and its many frameworks. In this tutorial, I’ll show you the most productive to create real-time apps with Zod and TypeScript.Most of you might think I’ll talk about a new JavaScript framework, but if you have been around the JavaScript community long enough, you may have heard of Meteor.js.

Symfony 7.2.0-RC1 released

Symfony 7.2.0-RC1 has just been released.
Here is the list of the most important changes since 7.2.0-BETA2:

CVE-2024-51996: Authentication Bypass via persisted RememberMe cookie

Affected versions

Symfony versions >=5.3, <5.4.47; >=6, <6.4.15; >=7, <7.1.8 of the Symfony Security-Http component are affected by this security issue.

The issue has been fixed in Symfony 5.4.47, 6.4.15, and 7.1.8.

Description

When consuming a persisted remember-me cookie, Symfony does not check if the username persisted in the database matches the username attached with the cookie, leading to authentication bypass.

Resolution

The PersistentRememberMeHandler class now ensures the submitted username is the cookie owner.

Update for CVE-2024-50342: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient

The patch released last week for CVE-2024-50342 was incomplete. New versions have just been released to address it.

Sponsor the Symfony project.

Symfony 7.1.8 released

Symfony 7.1.8 has just been released.
Here is the list of the most important changes since 7.1.7:

AddToAny

Feed items