#
f2be6e73 |
| 11-Jun-2018 |
Nikita Popov |
Update data tables for Unicode 11
|
#
3cbf594d |
| 09-Jun-2018 |
Christoph M. Becker |
Deprecate image2wbmp() According to https://wiki.php.net/rfc/image2wbmp, we deprecate `image2wbmp()`, rename the `$threshold` parameter to `$foreground`, and remove superfluous code.
|
#
e147eb24 |
| 02-Jun-2018 |
Anatol Belski |
[ci skip] Add UPGRADING note
|
#
c70468b8 |
| 28-May-2018 |
Nikita Popov |
Add note about heredoc BC break
|
#
cc98b880 |
| 26-May-2018 |
Nikita Popov |
UPGRADING tweaks Fix a typo and clarify that Reflection changes only affect string export. No API relevant return values are changed. [ci skip]
|
#
95c9d9d2 |
| 25-May-2018 |
Nikita Popov |
Add some upgrading notes for mbstring
|
#
e788708e |
| 17-May-2018 |
Anatol Belski |
[ci skip] Add upgrading note
|
#
1f474272 |
| 09-May-2018 |
Jakub Zelenka |
Update NEWS and UPGRADING for openssl_pkey_derive
|
#
48873572 |
| 15-Sep-2017 |
Thomas Punt |
Implement flexible heredoc/nowdoc syntax RFC: https://wiki.php.net/rfc/flexible_heredoc_nowdoc_syntaxes * The ending label no longer has to be followed by a semicolon or newli
Implement flexible heredoc/nowdoc syntax RFC: https://wiki.php.net/rfc/flexible_heredoc_nowdoc_syntaxes * The ending label no longer has to be followed by a semicolon or newline. Any non-label character is fine. * The ending label may be indented. The indentation will be stripped from all lines in the heredoc/nowdoc string. Lexing of heredoc strings performs a scan-ahead to determine the indentation of the ending label, so that the correct amount of indentation can be removed when calculting the semantic values for use by the parser. This makes the implementation quite a bit more complicated than we would like :/
show more ...
|
#
c8c0bb11 |
| 12-Apr-2018 |
Christoph M. Becker |
[ci skip] Update UPGRADING Cf. ce1d69a1f6dcf15d43029301059c25e5bc09a577 and fef879a2d63899ed25f39b4581c16682afdd0a8f, respectively. Patch provided by Gabriel Caruso.
|
#
39301abb |
| 06-Apr-2018 |
Anatol Belski |
Expose functionality for NFKC_Casefold normalization
|
#
36014ad2 |
| 06-Apr-2018 |
Anatol Belski |
Replace the deprecated API by the newer one available with ICU 56+
|
#
a9ab5d47 |
| 04-Apr-2018 |
Christoph M. Becker |
[ci skip] Update UPGRADING 5c5bd3033997583887bd990e54c68adb2934bbdb removed support for `--with-libmbfl`.
|
#
033907b9 |
| 29-Aug-2017 |
Tim Bazuin |
Add support for rl_completion_suppress_append and rl_completion_append_character These options are only available with libreadline.
|
#
f7f48643 |
| 07-Jan-2018 |
timurib |
Remove redundant warning in array_push() and array_unshift() Cf. https://github.com/php/php-src/pull/3011.
|
#
aed1e358 |
| 11-Mar-2018 |
Christoph M. Becker |
Implement #51368: php_filter_float does not allow custom thousand separators A set of hard-coded thousand separator characters (presently, `',.`) is somewhat limited (users may prefer ot
Implement #51368: php_filter_float does not allow custom thousand separators A set of hard-coded thousand separator characters (presently, `',.`) is somewhat limited (users may prefer other separators, such as spaces or underscores), as well as somewhat too liberal (arbitrary combinations of different thousand separators are presently possible). Therefore we introduce a `thousand` option analogous to `decimal`, which allows to define the desired thousand separators as non-empty string, defaulting to `',.`. While we easily could support empty strings here as well, that would not make much sense, since this behavior can more easily be accomplished by not setting the `FILTER_FLAG_ALLOW_THOUSAND` flag in the first place.
show more ...
|
#
aca0f7e2 |
| 23-Mar-2018 |
Paul Crovella |
[ci skip] Add normalizer_get_raw_decomposition to UPGRADING
|
#
d0ee2a82 |
| 19-Jan-2018 |
Gabriel Caruso |
Add is_countable function RFC: https://wiki.php.net/rfc/is-countable
|
#
1cb3c150 |
| 06-Mar-2018 |
Jonathan Torres |
Fix typo in upgrade notes
|
#
47699a24 |
| 03-Feb-2018 |
Nikita Popov |
Bump libcurl requirement to 7.15.5 The existence of the following functions is now guaranteed: * curl_escape() * curl_unescape() * curl_multi_setopt() libcurl 7.15.5
Bump libcurl requirement to 7.15.5 The existence of the following functions is now guaranteed: * curl_escape() * curl_unescape() * curl_multi_setopt() libcurl 7.15.5 has been released 11.5 years ago and is available even in RHEL 5.
show more ...
|
#
85021a39 |
| 06-Dec-2017 |
Benjamin Morel |
Add CURLOPT_REQUEST_TARGET constant
|
#
b2a1199d |
| 12-Jan-2018 |
Anatol Belski |
[ci skip] Fix typos
|
#
d857703b |
| 12-Jan-2018 |
Anatol Belski |
[ci skip] Update UPGRADING
|
#
45db77ed |
| 11-Jan-2018 |
Anatol Belski |
Revert "Add possibility to lower timer resolution" This reverts commit c3717d9aecbe65cb2e5778a24a91e9eaf638639e. The final mitigation of the consequences with spectre should be
Revert "Add possibility to lower timer resolution" This reverts commit c3717d9aecbe65cb2e5778a24a91e9eaf638639e. The final mitigation of the consequences with spectre should be discussed more also with the regard to the happenings on the developments. Right now a preliminary mitigation might be wrong or suboptimal, thus reverting this.
show more ...
|
#
c3717d9a |
| 10-Jan-2018 |
Anatol Belski |
Add possibility to lower timer resolution The recently discovered security flaw Spectre requires a high resolution timer. To the today's knowledge, PHP can't be used to create an attack
Add possibility to lower timer resolution The recently discovered security flaw Spectre requires a high resolution timer. To the today's knowledge, PHP can't be used to create an attack for this flaw. Still some concerns were raised, that there might be impact in shared hosting environments. This patch adds a possibility to reduce the timer resolution by an ini setting, thus giving administrators full control. Especially, as the flaw was also demonstrated by an abuse of the JS engine in a browser, Firefox reduced several time sources to 20us. Any programming language, that doesn't compile to JIT, won't be able to produce an attack vector for Meltdown and Spectre, at least by todays knowledge. There are also other factors that say that the security concern on the hrtime feature is to the big part not justified, still we aim JIT in the future. Thus, adding a possibility to control the timer resolution is a good and small enough tradeoff for safety and future.
show more ...
|