Bump symfony/symfony from 3.3.16 to 3.4.26

[dependabot]

Bumps symfony/symfony from 3.3.16 to 3.4.26.

Release notes

Sourced from symfony/symfony's releases.

v3.4.26

Changelog (since symfony/symfony@v3.4.25...v3.4.26)

• bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (@​vermeirentony)
• bug #31142 Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)" (@​chalasr)
• security #cve-2019-10910 [DI] Check service IDs are valid (@​nicolas-grekas)
• security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (@​stof)
• security #cve-2019-10912 [Cache][PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (@​nicolas-grekas)
• security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (@​pborreli)
• security #cve-2019-10913 [HttpFoundation] reject invalid method override (@​nicolas-grekas)

[PR] symfony/symfony#31146
[SECURITY] Security release

v3.4.25

Changelog (since symfony/symfony@v3.4.24...v3.4.25)

• bug #29944 [DI] Overriding services autowired by name under _defaults bind not working (@​przemyslaw-bogusz, @​renanbr)
• bug #31076 [HttpKernel] Fixed LoggerDataCollector crashing on empty file (@​althaus)
• bug #31071 property normalizer should also pass format and context to isAllowedAttribute (@​dbu)
• bug #31059 Show more accurate message in profiler when missing stopwatch (@​linaori)
• bug #30423 [Security] Rework firewall's access denied rule (@​dimabory)
• bug #31012 [Process] Fix missing $extraDirs when open_basedir returns (@​arsonik)
• bug #30907 [Serializer] Respect ignored attributes in cache key of normalizer (@​dbu)
• bug #30085 Fix TestRunner compatibility to PhpUnit 8 (@​alexander-schranz)
• bug #30977 [serializer] prevent mixup in normalizer of the object to populate (@​dbu)
• bug #30976 [Debug] Fixed error handling when an error is already handled when another error is already handled (5) (@​lyrixx)
• bug #30979 Fix the configurability of CoreExtension deps in standalone usage (@​stof)
• bug #30918 [Cache] fix using ProxyAdapter inside TagAwareAdapter (@​dmaicher)
• bug #30961 [Form] fix translating file validation error message (@​xabbuh)
• bug #30951 Handle case where no translations were found (@​greg0ire)
• bug #29800 [Validator] Only traverse arrays that are cascaded into (@​corphi)
• bug #30921 [Translator] Warm up the translations cache in dev (@​tgalopin)
• bug #30922 [TwigBridge] fix horizontal spacing of inlined Bootstrap forms (@​xabbuh)
• bug #30895 [Form] turn failed file uploads into form errors (@​xabbuh)
• bug #30919 [Translator] Fix wrong dump for PO files (@​deguif)
• bug #30889 [DependencyInjection] Fix a wrong error when using a factory (@​Simperfit)
• bug #30879 [Form] Php doc fixes and cs + optimizations (@​Jules Pietri)
• bug #30883 [Console] Fix stty not reset when aborting in QuestionHelper::autocomplete() (@​Simperfit)
• bug #30878 [Console] Fix inconsistent result for choice questions in non-interactive mode (@​chalasr)

[PR] symfony/symfony#31123

v3.4.24

Changelog (since symfony/symfony@v3.4.23...v3.4.24)

• bug #30660 [Bridge][Twig] DebugCommand - fix escaping and filter (@​SpacePossum)
• bug #30720 Fix getSetMethodNormalizer to correctly ignore the attributes specified in "ignored_attributes" (@​Emmanuel BORGES)
• bug #30749 [Serializer] Added check of constuctor modifiers to AbstractNormalizer (@​NekaKawaii)
• bug #30776 [Routing] Fix routes annotation loading with glob pattern (@​snoob)

... (truncated)

Changelog

Sourced from symfony/symfony's changelog.

• 3.4.26 (2019-04-17)

• bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (vermeirentony)

• bug #31142 Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)" (chalasr)

• security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas)

• security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof)

• security #cve-2019-10912 [Cache][PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas)

• security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli)

• security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas)

• 3.4.25 (2019-04-16)

• bug #29944 [DI] Overriding services autowired by name under _defaults bind not working (przemyslaw-bogusz, renanbr)

• bug #31076 [HttpKernel] Fixed LoggerDataCollector crashing on empty file (althaus)

• bug #31071 property normalizer should also pass format and context to isAllowedAttribute (dbu)

• bug #31059 Show more accurate message in profiler when missing stopwatch (linaori)

• bug #30423 [Security] Rework firewall's access denied rule (dimabory)

• bug #31012 [Process] Fix missing $extraDirs when open_basedir returns (arsonik)

• bug #30907 [Serializer] Respect ignored attributes in cache key of normalizer (dbu)

• bug #30085 Fix TestRunner compatibility to PhpUnit 8 (alexander-schranz)

• bug #30977 [serializer] prevent mixup in normalizer of the object to populate (dbu)

• bug #30976 [Debug] Fixed error handling when an error is already handled when another error is already handled (5) (lyrixx)

• bug #30979 Fix the configurability of CoreExtension deps in standalone usage (stof)

• bug #30918 [Cache] fix using ProxyAdapter inside TagAwareAdapter (dmaicher)

• bug #30961 [Form] fix translating file validation error message (xabbuh)

• bug #30951 Handle case where no translations were found (greg0ire)

• bug #29800 [Validator] Only traverse arrays that are cascaded into (corphi)

• bug #30921 [Translator] Warm up the translations cache in dev (tgalopin)

• bug #30922 [TwigBridge] fix horizontal spacing of inlined Bootstrap forms (xabbuh)

• bug #30895 [Form] turn failed file uploads into form errors (xabbuh)

• bug #30919 [Translator] Fix wrong dump for PO files (deguif)

• bug #30889 [DependencyInjection] Fix a wrong error when using a factory (Simperfit)

• bug #30879 [Form] Php doc fixes and cs + optimizations (Jules Pietri)

• bug #30883 [Console] Fix stty not reset when aborting in QuestionHelper::autocomplete() (Simperfit)

• bug #30878 [Console] Fix inconsistent result for choice questions in non-interactive mode (chalasr)

• 3.4.24 (2019-04-02)

• bug #30660 [Bridge][Twig] DebugCommand - fix escaping and filter (SpacePossum)

• bug #30720 Fix getSetMethodNormalizer to correctly ignore the attributes specified in "ignored_attributes" (Emmanuel BORGES)

• bug #30749 [Serializer] Added check of constuctor modifiers to AbstractNormalizer (NekaKawaii)

• bug #30776 [Routing] Fix routes annotation loading with glob pattern (snoob)

• bug #30773 [DependencyInjection] Fix hardcoded hotPathTagName (jderusse)

• bug #30737 [Validator] Improve constraint default option check (vudaltsov)

• bug #30736 [Validator] Fix annotation default for @​Count and @​Length (vudaltsov)

• bug #30620 [FrameworkBundle][HttpFoundation] make session service resettable (dmaicher)

• bug #30640 [Phpunit] fixed support for PHP 5.3 (fabpot)

• bug #30595 Do not validate child constraints if form has no validation groups (maryo)

• bug #30479 Check if Client exists when test.client does not exist, to provide clearer exception message (SerkanYildiz)

• feature #30584 [Intl] Add compile binary (ro0NL)

... (truncated)

Commits

• 1b89e7b Merge pull request #31146 from fabpot/release-3.4.26
• ef3b684 updated VERSION for 3.4.26
• 35741bd updated CHANGELOG for 3.4.26
• 82f003e minor #31132 [VarDumper][Ldap] relax some locally failing tests (nicolas-grekas)
• f458e5b minor #31128 [Validator] Added the missing translations for the Tagalog ("tl"...
• 1311324 bug #31084 [HttpFoundation] Make MimeTypeExtensionGuesser case insensitive (v...
• 55a21fb bug #31142 Revert "bug #30423 [Security] Rework firewall's access denied rule...
• 70166f0 Merge remote-tracking branch 'origin/3.4' into 3.4
• a288a74 minor #31137 [FrameworkBundle] minor: remove a typo from changelog (Simperfit)
• cd77f6f Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.