#
0d836a39 |
| 04-Aug-2020 |
Nikita Popov |
Revert "Prepare for PHP 8.1" This reverts commit 1ab4d0e6b7abb67d5a01ce3327bf973772271fb2. This reverts commit a359635cb1a4df8b5137a506c88c4cb102acac0e.
|
#
a359635c |
| 04-Aug-2020 |
Gabriel Caruso |
Prepare for PHP 8.1
|
#
71bfa534 |
| 03-Aug-2020 |
Máté Kocsis |
Add upgrading note for the resource to object migration in ext/sockets
|
#
e2b46874 |
| 03-Aug-2020 |
Theodore Brown |
Minor grammar/consistency fixes in upgrade guide [ci skip]
|
#
e0fa48f6 |
| 16-Jul-2020 |
Dik Takken |
Deprecate libxml_disable_entity_loader() This method was used to protect code against XXE processing attacks. Since PHP now requires libxml >= 2.9.0 external entity loading no longer
Deprecate libxml_disable_entity_loader() This method was used to protect code against XXE processing attacks. Since PHP now requires libxml >= 2.9.0 external entity loading no longer needs to be disabled to prevent these attacks. It is disabled by default. Also, the method has an unwanted side effect that causes a lot of confusion: Parsing XML data from resources like files is no longer possible. Closes GH-5867.
show more ...
|
#
691a09f2 |
| 16-Jul-2020 |
Dik Takken |
Bump libxml version requirement 2.7.6 => 2.9.0 Since libxml version 2.9.0 external entity loading is disabled by default. Bumping the version requirement means that XML processing in PHP
Bump libxml version requirement 2.7.6 => 2.9.0 Since libxml version 2.9.0 external entity loading is disabled by default. Bumping the version requirement means that XML processing in PHP is no longer vulnerable to XXE processing attacks by default.
show more ...
|
#
44c7128f |
| 01-Aug-2020 |
Jakub Zelenka |
FPM: Add pm.status_listen option This option allows getting status from different endpoint (e.g. port or UDS file) which is useful for getting status when all children are busy with
FPM: Add pm.status_listen option This option allows getting status from different endpoint (e.g. port or UDS file) which is useful for getting status when all children are busy with serving long running requests. Internally a new shared pool with ondemand process manager is used. It means that the status requests have reserved resources and should not be blocked by other requests.
show more ...
|
#
0c238ede |
| 07-Jul-2020 |
Tyson Andre |
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.p
[RFC] Only unserialize Phar metadata when getMetadata() is called In other words, don't automatically unserialize when the magic phar:// stream wrappers are used. RFC: https://wiki.php.net/rfc/phar_stop_autoloading_metadata Also, change the signature from `getMetadata()` to `getMetadata(array $unserialize_options = [])`. Start throwing earlier if setMetadata() is called and serialization threw. See https://externals.io/message/110856 and https://bugs.php.net/bug.php?id=76774 This was refactored to add a phar_metadata_tracker for the following reasons: - The way to properly copy a zval was previously implicit and undocumented (e.g. is it a pointer to a raw string or an actual value) - Avoid unnecessary serialization and unserialization in the most common case - If a metadata value is serialized once while saving a new/modified phar file, this allows reusing the same serialized string. - Have as few ways to copy/clone/lazily parse metadata (etc.) as possible, so that code changes can be limited to only a few places in the future. - Performance is hopefully not a concern - copying a string should be faster than unserializing a value, and metadata should be rare in most cases. Remove unnecessary skip in a test(Compression's unused) Add additional assertions about usage of persistent phars Improve robustness of `Phar*->setMetadata()` - Add sanity checks for edge cases freeing metadata, when destructors or serializers modify the phar recursively. - Typical use cases of php have phar.readonly=1 and would not be affected. Closes GH-5855
show more ...
|
#
f9f769d4 |
| 11-Jun-2020 |
Rowan Tommins |
Make http stream wrapper advertise HTTP/1.1 by default In practice, we always act as an HTTP/1.1 client, for compatibility with servers which ignore protocol version. Sending the version
Make http stream wrapper advertise HTTP/1.1 by default In practice, we always act as an HTTP/1.1 client, for compatibility with servers which ignore protocol version. Sending the version in the request will avoid problems with servers which don't ignore it. HTTP/1.0 can still be forced using a stream context option. Closes GH-5899.
show more ...
|
#
c48b745f |
| 03-Aug-2020 |
Nikita Popov |
Promote "undefined array key" notice to warning This implements the last remaining part of the https://wiki.php.net/rfc/engine_warnings RFC. Closes GH-5927.
|
#
a6e3ce4f |
| 26-Jul-2020 |
Gregor Harlan |
datetime: new format "p", same as "P" but returning "Z" for UTC
|
#
853eb837 |
| 02-Aug-2020 |
Levi Morrison |
Default assert.exception to 1
|
Revision tags: php-7.4.6RC1, php-7.3.18RC1, php-7.2.30, php-7.4.5, php-7.3.17, php-7.4.5RC1, php-7.3.17RC1, php-7.3.18, php-7.4.4, php-7.2.29, php-7.3.16, php-7.4.4RC1, php-7.3.16RC1, php-7.4.3, php-7.2.28, php-7.3.15RC1, php-7.4.3RC1, php-7.3.15, php-7.2.27, php-7.4.2, php-7.3.14, php-7.3.14RC1, php-7.4.2RC1, php-7.4.1, php-7.2.26, php-7.3.13, php-7.4.1RC1, php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3, php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1 |
|
#
e3d06fc7 |
| 31-May-2019 |
Gabriel Caruso |
Ensure correct signatures for magic methods
|
#
650801ce |
| 01-Aug-2020 |
Tyson Andre |
[skip ci] Fix grammar/typo nits in docs The PHP error message says "well-formed", not "well formed" Fixes GH-5920
|
#
9f44eca6 |
| 01-Aug-2020 |
Máté Kocsis |
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
|
#
97f10fc3 |
| 18-Jul-2020 |
Tyson Andre |
Allow overriding completion in `auto_prepend_file` Currently, it's possible to override `php -a`s completion functionality to provide an alternative to the C implementation, with `re
Allow overriding completion in `auto_prepend_file` Currently, it's possible to override `php -a`s completion functionality to provide an alternative to the C implementation, with `readline_completion_function()`. However, that surprisingly gets overridden when called from `auto_prepend_file`, because those scripts get run before the interactive shell is started. I believe that not overriding it would be more consistent with what happens when you override the completion function **after** the interactive shell. CLI is the only built-in API that uses this (See discussion in GH-5872). I believe MINIT and RINIT will only run once when invoked with `php -a`. Add documentation about the architecture of how php uses readline/libedit Closes GH-5872
show more ...
|
#
d92229d8 |
| 06-Apr-2020 |
Nikita Popov |
Implement named parameters From an engine perspective, named parameters mainly add three concepts: * The SEND_* opcodes now accept a CONST op2, which is the argument nam
Implement named parameters From an engine perspective, named parameters mainly add three concepts: * The SEND_* opcodes now accept a CONST op2, which is the argument name. For now, it is looked up by linear scan and runtime cached. * This may leave UNDEF arguments on the stack. To avoid having to deal with them in other places, a CHECK_UNDEF_ARGS opcode is used to either replace them with defaults, or error. * For variadic functions, EX(extra_named_params) are collected and need to be freed based on ZEND_CALL_HAS_EXTRA_NAMED_PARAMS. RFC: https://wiki.php.net/rfc/named_params Closes GH-5357.
show more ...
|
#
e8c4ae83 |
| 29-Jul-2020 |
Theodore Brown |
Improve wording and spelling consistency in UPGRADING [ci skip]
|
#
b2248789 |
| 29-Jul-2020 |
George Peter Banyard |
Implement 'Saner Numeric Strings' RFC: RFC: https://wiki.php.net/rfc/saner-numeric-strings This removes the -1 allow_error mode from is_numeric_string functions and replaces it by
Implement 'Saner Numeric Strings' RFC: RFC: https://wiki.php.net/rfc/saner-numeric-strings This removes the -1 allow_error mode from is_numeric_string functions and replaces it by a trailing boolean out argument to preserve BC in a couple of places. Most of the changes can be resumed to "numeric" strings which emitted a E_NOTICE now emit a E_WARNING and "numeric" strings which emitted a E_WARNING now throw a TypeError. This mostly affects: - String offsets - Arithmetic operations - Bitwise operations Closes GH-5762
show more ...
|
#
470d1696 |
| 02-Jul-2020 |
Theodore Brown |
Implement Shorter Attribute Syntax RFC: https://wiki.php.net/rfc/shorter_attribute_syntax Closes GH-5796. Co-authored-by: Martin Schröder <m.schroeder2007@gmail.com>
|
#
85d4b560 |
| 27-Jul-2020 |
Tyson Andre |
[skip ci] Add zend.exception_string_param_max_len to UPGRADING For GH-5769 (mentioned in 07db64156e180c30daa5ab5d41ed72f9bba77e6d)
|
#
d65d3f52 |
| 24-Jul-2020 |
Nikita Popov |
Fix bug #79108 Don't expose references in debug_backtrace() or exception traces. This is regardless of whether the argument is by-reference or not. As a side-effect of this chan
Fix bug #79108 Don't expose references in debug_backtrace() or exception traces. This is regardless of whether the argument is by-reference or not. As a side-effect of this change, exception traces may now acquire the interior value of a reference, which may be unexpected for some internal functions. This is what necessitated the change in the spl_array sort implementation.
show more ...
|
#
7eec281b |
| 24-Jul-2020 |
Nikita Popov |
Avoid UNKNOWN default in PDO::query()
|
#
0a5b7c81 |
| 24-Jul-2020 |
Nikita Popov |
Make nested ternary without parentheses a compile error This was deprecated in PHP 7.4.
|
#
9bf11983 |
| 24-May-2020 |
Ilija Tovilo |
Implement nullsafe ?-> operator RFC: https://wiki.php.net/rfc/nullsafe_operator Closes GH-5619. Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
|