Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[symfony/framework-bundle/7.2] Start with an empty APP_SECRET #1317

Merged
merged 1 commit into from
May 28, 2024

Conversation

nicolas-grekas
Copy link
Member

Q A
License MIT
Doc issue/PR -

Instead of #1314

Related to symfony/symfony#56985, symfony/symfony#56831 and symfony/symfony#56838

@symfony-recipes-bot symfony-recipes-bot enabled auto-merge (squash) May 22, 2024 16:13
Copy link

Thanks for the PR 😍

How to test these changes in your application

  1. Define the SYMFONY_ENDPOINT environment variable:

    # On Unix-like (BSD, Linux and macOS)
    export SYMFONY_ENDPOINT=https://raw.githubusercontent.com/symfony/recipes/flex/pull-1317/index.json
    # On Windows
    SET SYMFONY_ENDPOINT=https://raw.githubusercontent.com/symfony/recipes/flex/pull-1317/index.json
  2. Install the package(s) related to this recipe:

    composer req 'symfony/flex:^1.16'
    composer req 'symfony/framework-bundle:^7.2'
  3. Don't forget to unset the SYMFONY_ENDPOINT environment variable when done:

    # On Unix-like (BSD, Linux and macOS)
    unset SYMFONY_ENDPOINT
    # On Windows
    SET SYMFONY_ENDPOINT=

Diff between recipe versions

In order to help with the review stage, I'm in charge of computing the diff between the various versions of patched recipes.
I'm going keep this comment up to date with any updates of the attached patch.

symfony/framework-bundle

3.3 vs 3.4
diff --git a/symfony/framework-bundle/3.3/config/packages/framework.yaml b/symfony/framework-bundle/3.4/config/packages/framework.yaml
index d2b31bf..f532576 100644
--- a/symfony/framework-bundle/3.3/config/packages/framework.yaml
+++ b/symfony/framework-bundle/3.4/config/packages/framework.yaml
@@ -7,6 +7,7 @@ framework:
     # Remove or comment this section to explicitly disable session support.
     session:
         handler_id: null
+        cookie_samesite: lax
 
     #esi: true
     #fragments: true
3.4 vs 4.2
diff --git a/symfony/framework-bundle/3.4/config/bootstrap.php b/symfony/framework-bundle/4.2/config/bootstrap.php
index 2a47186..55560fb 100644
--- a/symfony/framework-bundle/3.4/config/bootstrap.php
+++ b/symfony/framework-bundle/4.2/config/bootstrap.php
@@ -13,38 +13,8 @@ if (!class_exists(Dotenv::class)) {
 if (is_array($env = @include dirname(__DIR__).'/.env.local.php') && (!isset($env['APP_ENV']) || ($_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? $env['APP_ENV']) === $env['APP_ENV'])) {
     (new Dotenv(false))->populate($env);
 } else {
-    $path = dirname(__DIR__).'/.env';
-    $dotenv = new Dotenv(false);
-
     // load all the .env files
-    if (method_exists($dotenv, 'loadEnv')) {
-        $dotenv->loadEnv($path);
-    } else {
-        // fallback code in case your Dotenv component is not 4.2 or higher (when loadEnv() was added)
-
-        if (file_exists($path) || !file_exists($p = "$path.dist")) {
-            $dotenv->load($path);
-        } else {
-            $dotenv->load($p);
-        }
-
-        if (null === $env = $_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? null) {
-            $dotenv->populate(array('APP_ENV' => $env = 'dev'));
-        }
-
-        if ('test' !== $env && file_exists($p = "$path.local")) {
-            $dotenv->load($p);
-            $env = $_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? $env;
-        }
-
-        if (file_exists($p = "$path.$env")) {
-            $dotenv->load($p);
-        }
-
-        if (file_exists($p = "$path.$env.local")) {
-            $dotenv->load($p);
-        }
-    }
+    (new Dotenv(false))->loadEnv(dirname(__DIR__).'/.env');
 }
 
 $_SERVER += $_ENV;
diff --git a/symfony/framework-bundle/3.4/config/packages/framework.yaml b/symfony/framework-bundle/4.2/config/packages/framework.yaml
index f532576..cad7f78 100644
--- a/symfony/framework-bundle/3.4/config/packages/framework.yaml
+++ b/symfony/framework-bundle/4.2/config/packages/framework.yaml
@@ -1,3 +1,4 @@
+# see https://symfony.com/doc/current/reference/configuration/framework.html
 framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
@@ -7,6 +8,7 @@ framework:
     # Remove or comment this section to explicitly disable session support.
     session:
         handler_id: null
+        cookie_secure: auto
         cookie_samesite: lax
 
     #esi: true
diff --git a/symfony/framework-bundle/3.4/config/services.yaml b/symfony/framework-bundle/4.2/config/services.yaml
index 07d653c..99d51bd 100644
--- a/symfony/framework-bundle/3.4/config/services.yaml
+++ b/symfony/framework-bundle/4.2/config/services.yaml
@@ -10,15 +10,12 @@ services:
     _defaults:
         autowire: true      # Automatically injects dependencies in your services.
         autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
-        public: false       # Allows optimizing the container by removing unused services; this also means
-                            # fetching services directly from the container via $container->get() won't work.
-                            # The best practice is to be explicit about your dependencies anyway.
 
     # makes classes in src/ available to be used as services
     # this creates a service per class whose id is the fully-qualified class name
     App\:
         resource: '../src/*'
-        exclude: '../src/{DependencyInjection,Entity,Migrations,Tests,Kernel.php}'
+        exclude: '../src/{DependencyInjection,Entity,Kernel.php}'
 
     # controllers are imported separately to make sure services can be injected
     # as action arguments even if you don't extend any base controller class
diff --git a/symfony/framework-bundle/3.4/manifest.json b/symfony/framework-bundle/4.2/manifest.json
index aa0150e..101b2aa 100644
--- a/symfony/framework-bundle/3.4/manifest.json
+++ b/symfony/framework-bundle/4.2/manifest.json
@@ -14,13 +14,14 @@
     "env": {
         "APP_ENV": "dev",
         "APP_SECRET": "%generate(secret)%",
-        "#TRUSTED_PROXIES": "127.0.0.1,127.0.0.2",
+        "#TRUSTED_PROXIES": "127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16",
         "#TRUSTED_HOSTS": "'^(localhost|example\\.com)$'"
     },
     "gitignore": [
         "/.env.local",
         "/.env.local.php",
         "/.env.*.local",
+        "/%CONFIG_DIR%/secrets/prod/prod.decrypt.private.php",
         "/%PUBLIC_DIR%/bundles/",
         "/%VAR_DIR%/",
         "/vendor/"
diff --git a/symfony/framework-bundle/3.4/post-install.txt b/symfony/framework-bundle/4.2/post-install.txt
index 944aa06..12f3669 100644
--- a/symfony/framework-bundle/3.4/post-install.txt
+++ b/symfony/framework-bundle/4.2/post-install.txt
@@ -1,7 +1,6 @@
   * Run your application:
     1. Go to the project directory
     2. Create your code repository with the git init command
-    3. Download the Symfony CLI at https://symfony.com/download to install a development web server,
-       or run composer require server --dev for a minimalist one
+    3. Download the Symfony CLI at https://symfony.com/download to install a development web server
 
   * Read the documentation at https://symfony.com/doc
diff --git a/symfony/framework-bundle/3.4/src/Kernel.php b/symfony/framework-bundle/4.2/src/Kernel.php
index 68b7a56..1cd0572 100644
--- a/symfony/framework-bundle/3.4/src/Kernel.php
+++ b/symfony/framework-bundle/4.2/src/Kernel.php
@@ -13,19 +13,9 @@ class Kernel extends BaseKernel
 {
     use MicroKernelTrait;
 
-    const CONFIG_EXTS = '.{php,xml,yaml,yml}';
+    private const CONFIG_EXTS = '.{php,xml,yaml,yml}';
 
-    public function getCacheDir()
-    {
-        return $this->getProjectDir().'/var/cache/'.$this->environment;
-    }
-
-    public function getLogDir()
-    {
-        return $this->getProjectDir().'/var/log';
-    }
-
-    public function registerBundles()
+    public function registerBundles(): iterable
     {
         $contents = require $this->getProjectDir().'/config/bundles.php';
         foreach ($contents as $class => $envs) {
@@ -35,13 +25,16 @@ class Kernel extends BaseKernel
         }
     }
 
-    protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader)
+    public function getProjectDir(): string
+    {
+        return \dirname(__DIR__);
+    }
+
+    protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader): void
     {
         $container->addResource(new FileResource($this->getProjectDir().'/config/bundles.php'));
-        // Feel free to remove the "container.autowiring.strict_mode" parameter
-        // if you are using symfony/dependency-injection 4.0+ as it's the default behavior
-        $container->setParameter('container.autowiring.strict_mode', true);
-        $container->setParameter('container.dumper.inline_class_loader', true);
+        $container->setParameter('container.dumper.inline_class_loader', \PHP_VERSION_ID < 70400 || $this->debug);
+        $container->setParameter('container.dumper.inline_factories', true);
         $confDir = $this->getProjectDir().'/config';
 
         $loader->load($confDir.'/{packages}/*'.self::CONFIG_EXTS, 'glob');
@@ -50,7 +43,7 @@ class Kernel extends BaseKernel
         $loader->load($confDir.'/{services}_'.$this->environment.self::CONFIG_EXTS, 'glob');
     }
 
-    protected function configureRoutes(RouteCollectionBuilder $routes)
+    protected function configureRoutes(RouteCollectionBuilder $routes): void
     {
         $confDir = $this->getProjectDir().'/config';
 
4.2 vs 4.4
diff --git a/symfony/framework-bundle/4.4/config/preload.php b/symfony/framework-bundle/4.4/config/preload.php
new file mode 100644
index 0000000..064bdcd
--- /dev/null
+++ b/symfony/framework-bundle/4.4/config/preload.php
@@ -0,0 +1,9 @@
+<?php
+
+if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
+    require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
+}
+
+if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
+    require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
+}
diff --git a/symfony/framework-bundle/4.4/config/routes/dev/framework.yaml b/symfony/framework-bundle/4.4/config/routes/dev/framework.yaml
new file mode 100644
index 0000000..bcbbf13
--- /dev/null
+++ b/symfony/framework-bundle/4.4/config/routes/dev/framework.yaml
@@ -0,0 +1,3 @@
+_errors:
+    resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
+    prefix: /_error
diff --git a/symfony/framework-bundle/4.2/config/services.yaml b/symfony/framework-bundle/4.4/config/services.yaml
index 99d51bd..9557caa 100644
--- a/symfony/framework-bundle/4.2/config/services.yaml
+++ b/symfony/framework-bundle/4.4/config/services.yaml
@@ -14,13 +14,16 @@ services:
     # makes classes in src/ available to be used as services
     # this creates a service per class whose id is the fully-qualified class name
     App\:
-        resource: '../src/*'
-        exclude: '../src/{DependencyInjection,Entity,Kernel.php}'
+        resource: '../src/'
+        exclude:
+            - '../src/DependencyInjection/'
+            - '../src/Entity/'
+            - '../src/Kernel.php'
 
     # controllers are imported separately to make sure services can be injected
     # as action arguments even if you don't extend any base controller class
     App\Controller\:
-        resource: '../src/Controller'
+        resource: '../src/Controller/'
         tags: ['controller.service_arguments']
 
     # add more service definitions when explicit configuration is needed
diff --git a/symfony/framework-bundle/4.2/public/index.php b/symfony/framework-bundle/4.4/public/index.php
index 929197c..d0b6e02 100644
--- a/symfony/framework-bundle/4.2/public/index.php
+++ b/symfony/framework-bundle/4.4/public/index.php
@@ -1,7 +1,7 @@
 <?php
 
 use App\Kernel;
-use Symfony\Component\Debug\Debug;
+use Symfony\Component\ErrorHandler\Debug;
 use Symfony\Component\HttpFoundation\Request;
 
 require dirname(__DIR__).'/config/bootstrap.php';
4.4 vs 5.1
diff --git a/symfony/framework-bundle/4.4/config/bootstrap.php b/symfony/framework-bundle/4.4/config/bootstrap.php
deleted file mode 100644
index 55560fb..0000000
--- a/symfony/framework-bundle/4.4/config/bootstrap.php
+++ /dev/null
@@ -1,23 +0,0 @@
-<?php
-
-use Symfony\Component\Dotenv\Dotenv;
-
-require dirname(__DIR__).'/vendor/autoload.php';
-
-if (!class_exists(Dotenv::class)) {
-    throw new LogicException('Please run "composer require symfony/dotenv" to load the ".env" files configuring the application.');
-}
-
-// Load cached env vars if the .env.local.php file exists
-// Run "composer dump-env prod" to create it (requires symfony/flex >=1.2)
-if (is_array($env = @include dirname(__DIR__).'/.env.local.php') && (!isset($env['APP_ENV']) || ($_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? $env['APP_ENV']) === $env['APP_ENV'])) {
-    (new Dotenv(false))->populate($env);
-} else {
-    // load all the .env files
-    (new Dotenv(false))->loadEnv(dirname(__DIR__).'/.env');
-}
-
-$_SERVER += $_ENV;
-$_SERVER['APP_ENV'] = $_ENV['APP_ENV'] = ($_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? null) ?: 'dev';
-$_SERVER['APP_DEBUG'] = $_SERVER['APP_DEBUG'] ?? $_ENV['APP_DEBUG'] ?? 'prod' !== $_SERVER['APP_ENV'];
-$_SERVER['APP_DEBUG'] = $_ENV['APP_DEBUG'] = (int) $_SERVER['APP_DEBUG'] || filter_var($_SERVER['APP_DEBUG'], FILTER_VALIDATE_BOOLEAN) ? '1' : '0';
diff --git a/symfony/framework-bundle/4.4/config/preload.php b/symfony/framework-bundle/5.1/config/preload.php
index 064bdcd..5ebcdb2 100644
--- a/symfony/framework-bundle/4.4/config/preload.php
+++ b/symfony/framework-bundle/5.1/config/preload.php
@@ -1,9 +1,5 @@
 <?php
 
-if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
-    require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
-}
-
 if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
     require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
 }
diff --git a/symfony/framework-bundle/4.4/public/index.php b/symfony/framework-bundle/5.1/public/index.php
index d0b6e02..097baa3 100644
--- a/symfony/framework-bundle/4.4/public/index.php
+++ b/symfony/framework-bundle/5.1/public/index.php
@@ -1,10 +1,13 @@
 <?php
 
 use App\Kernel;
+use Symfony\Component\Dotenv\Dotenv;
 use Symfony\Component\ErrorHandler\Debug;
 use Symfony\Component\HttpFoundation\Request;
 
-require dirname(__DIR__).'/config/bootstrap.php';
+require dirname(__DIR__).'/vendor/autoload.php';
+
+(new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
 
 if ($_SERVER['APP_DEBUG']) {
     umask(0000);
diff --git a/symfony/framework-bundle/4.4/src/Kernel.php b/symfony/framework-bundle/5.1/src/Kernel.php
index 1cd0572..655e796 100644
--- a/symfony/framework-bundle/4.4/src/Kernel.php
+++ b/symfony/framework-bundle/5.1/src/Kernel.php
@@ -3,52 +3,36 @@
 namespace App;
 
 use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait;
-use Symfony\Component\Config\Loader\LoaderInterface;
-use Symfony\Component\Config\Resource\FileResource;
-use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
 use Symfony\Component\HttpKernel\Kernel as BaseKernel;
-use Symfony\Component\Routing\RouteCollectionBuilder;
+use Symfony\Component\Routing\Loader\Configurator\RoutingConfigurator;
 
 class Kernel extends BaseKernel
 {
     use MicroKernelTrait;
 
-    private const CONFIG_EXTS = '.{php,xml,yaml,yml}';
-
-    public function registerBundles(): iterable
+    protected function configureContainer(ContainerConfigurator $container): void
     {
-        $contents = require $this->getProjectDir().'/config/bundles.php';
-        foreach ($contents as $class => $envs) {
-            if ($envs[$this->environment] ?? $envs['all'] ?? false) {
-                yield new $class();
-            }
+        $container->import('../config/{packages}/*.yaml');
+        $container->import('../config/{packages}/'.$this->environment.'/*.yaml');
+
+        if (is_file(\dirname(__DIR__).'/config/services.yaml')) {
+            $container->import('../config/services.yaml');
+            $container->import('../config/{services}_'.$this->environment.'.yaml');
+        } elseif (is_file($path = \dirname(__DIR__).'/config/services.php')) {
+            (require $path)($container->withPath($path), $this);
         }
     }
 
-    public function getProjectDir(): string
+    protected function configureRoutes(RoutingConfigurator $routes): void
     {
-        return \dirname(__DIR__);
-    }
+        $routes->import('../config/{routes}/'.$this->environment.'/*.yaml');
+        $routes->import('../config/{routes}/*.yaml');
 
-    protected function configureContainer(ContainerBuilder $container, LoaderInterface $loader): void
-    {
-        $container->addResource(new FileResource($this->getProjectDir().'/config/bundles.php'));
-        $container->setParameter('container.dumper.inline_class_loader', \PHP_VERSION_ID < 70400 || $this->debug);
-        $container->setParameter('container.dumper.inline_factories', true);
-        $confDir = $this->getProjectDir().'/config';
-
-        $loader->load($confDir.'/{packages}/*'.self::CONFIG_EXTS, 'glob');
-        $loader->load($confDir.'/{packages}/'.$this->environment.'/*'.self::CONFIG_EXTS, 'glob');
-        $loader->load($confDir.'/{services}'.self::CONFIG_EXTS, 'glob');
-        $loader->load($confDir.'/{services}_'.$this->environment.self::CONFIG_EXTS, 'glob');
-    }
-
-    protected function configureRoutes(RouteCollectionBuilder $routes): void
-    {
-        $confDir = $this->getProjectDir().'/config';
-
-        $routes->import($confDir.'/{routes}/'.$this->environment.'/*'.self::CONFIG_EXTS, '/', 'glob');
-        $routes->import($confDir.'/{routes}/*'.self::CONFIG_EXTS, '/', 'glob');
-        $routes->import($confDir.'/{routes}'.self::CONFIG_EXTS, '/', 'glob');
+        if (is_file(\dirname(__DIR__).'/config/routes.yaml')) {
+            $routes->import('../config/routes.yaml');
+        } elseif (is_file($path = \dirname(__DIR__).'/config/routes.php')) {
+            (require $path)($routes->withPath($path), $this);
+        }
     }
 }
5.1 vs 5.2
diff --git a/symfony/framework-bundle/5.1/manifest.json b/symfony/framework-bundle/5.2/manifest.json
index 101b2aa..17fa50a 100644
--- a/symfony/framework-bundle/5.1/manifest.json
+++ b/symfony/framework-bundle/5.2/manifest.json
@@ -13,9 +13,7 @@
     },
     "env": {
         "APP_ENV": "dev",
-        "APP_SECRET": "%generate(secret)%",
-        "#TRUSTED_PROXIES": "127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16",
-        "#TRUSTED_HOSTS": "'^(localhost|example\\.com)$'"
+        "APP_SECRET": "%generate(secret)%"
     },
     "gitignore": [
         "/.env.local",
diff --git a/symfony/framework-bundle/5.1/public/index.php b/symfony/framework-bundle/5.2/public/index.php
index 097baa3..3bcee0b 100644
--- a/symfony/framework-bundle/5.1/public/index.php
+++ b/symfony/framework-bundle/5.2/public/index.php
@@ -15,14 +15,6 @@ if ($_SERVER['APP_DEBUG']) {
     Debug::enable();
 }
 
-if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) {
-    Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO);
-}
-
-if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) {
-    Request::setTrustedHosts([$trustedHosts]);
-}
-
 $kernel = new Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']);
 $request = Request::createFromGlobals();
 $response = $kernel->handle($request);
5.2 vs 5.3
diff --git a/symfony/framework-bundle/5.2/config/packages/framework.yaml b/symfony/framework-bundle/5.3/config/packages/framework.yaml
index cad7f78..7853e9e 100644
--- a/symfony/framework-bundle/5.2/config/packages/framework.yaml
+++ b/symfony/framework-bundle/5.3/config/packages/framework.yaml
@@ -2,7 +2,7 @@
 framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
-    #http_method_override: true
+    http_method_override: false
 
     # Enables session support. Note that the session will ONLY be started if you read or write from it.
     # Remove or comment this section to explicitly disable session support.
@@ -10,8 +10,15 @@ framework:
         handler_id: null
         cookie_secure: auto
         cookie_samesite: lax
+        storage_factory_id: session.storage.factory.native
 
     #esi: true
     #fragments: true
     php_errors:
         log: true
+
+when@test:
+    framework:
+        test: true
+        session:
+            storage_factory_id: session.storage.factory.mock_file
diff --git a/symfony/framework-bundle/5.2/config/packages/test/framework.yaml b/symfony/framework-bundle/5.2/config/packages/test/framework.yaml
deleted file mode 100644
index d051c84..0000000
--- a/symfony/framework-bundle/5.2/config/packages/test/framework.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-framework:
-    test: true
-    session:
-        storage_id: session.storage.mock_file
diff --git a/symfony/framework-bundle/5.2/config/routes/dev/framework.yaml b/symfony/framework-bundle/5.2/config/routes/dev/framework.yaml
deleted file mode 100644
index bcbbf13..0000000
--- a/symfony/framework-bundle/5.2/config/routes/dev/framework.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-_errors:
-    resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
-    prefix: /_error
diff --git a/symfony/framework-bundle/5.3/config/routes/framework.yaml b/symfony/framework-bundle/5.3/config/routes/framework.yaml
new file mode 100644
index 0000000..0fc74bb
--- /dev/null
+++ b/symfony/framework-bundle/5.3/config/routes/framework.yaml
@@ -0,0 +1,4 @@
+when@dev:
+    _errors:
+        resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
+        prefix: /_error
diff --git a/symfony/framework-bundle/5.2/config/services.yaml b/symfony/framework-bundle/5.3/config/services.yaml
index 9557caa..2d6a76f 100644
--- a/symfony/framework-bundle/5.2/config/services.yaml
+++ b/symfony/framework-bundle/5.3/config/services.yaml
@@ -2,7 +2,7 @@
 # Files in the packages/ subdirectory configure your dependencies.
 
 # Put parameters here that don't need to change on each machine where the app is deployed
-# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
+# https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration
 parameters:
 
 services:
@@ -20,11 +20,5 @@ services:
             - '../src/Entity/'
             - '../src/Kernel.php'
 
-    # controllers are imported separately to make sure services can be injected
-    # as action arguments even if you don't extend any base controller class
-    App\Controller\:
-        resource: '../src/Controller/'
-        tags: ['controller.service_arguments']
-
     # add more service definitions when explicit configuration is needed
     # please note that last definitions always *replace* previous ones
diff --git a/symfony/framework-bundle/5.2/public/index.php b/symfony/framework-bundle/5.3/public/index.php
index 3bcee0b..9982c21 100644
--- a/symfony/framework-bundle/5.2/public/index.php
+++ b/symfony/framework-bundle/5.3/public/index.php
@@ -1,22 +1,9 @@
 <?php
 
 use App\Kernel;
-use Symfony\Component\Dotenv\Dotenv;
-use Symfony\Component\ErrorHandler\Debug;
-use Symfony\Component\HttpFoundation\Request;
 
-require dirname(__DIR__).'/vendor/autoload.php';
+require_once dirname(__DIR__).'/vendor/autoload_runtime.php';
 
-(new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
-
-if ($_SERVER['APP_DEBUG']) {
-    umask(0000);
-
-    Debug::enable();
-}
-
-$kernel = new Kernel($_SERVER['APP_ENV'], (bool) $_SERVER['APP_DEBUG']);
-$request = Request::createFromGlobals();
-$response = $kernel->handle($request);
-$response->send();
-$kernel->terminate($request, $response);
+return function (array $context) {
+    return new Kernel($context['APP_ENV'], (bool) $context['APP_DEBUG']);
+};
diff --git a/symfony/framework-bundle/5.2/src/Kernel.php b/symfony/framework-bundle/5.3/src/Kernel.php
index 655e796..8e96873 100644
--- a/symfony/framework-bundle/5.2/src/Kernel.php
+++ b/symfony/framework-bundle/5.3/src/Kernel.php
@@ -19,8 +19,8 @@ class Kernel extends BaseKernel
         if (is_file(\dirname(__DIR__).'/config/services.yaml')) {
             $container->import('../config/services.yaml');
             $container->import('../config/{services}_'.$this->environment.'.yaml');
-        } elseif (is_file($path = \dirname(__DIR__).'/config/services.php')) {
-            (require $path)($container->withPath($path), $this);
+        } else {
+            $container->import('../config/{services}.php');
         }
     }
 
@@ -31,8 +31,8 @@ class Kernel extends BaseKernel
 
         if (is_file(\dirname(__DIR__).'/config/routes.yaml')) {
             $routes->import('../config/routes.yaml');
-        } elseif (is_file($path = \dirname(__DIR__).'/config/routes.php')) {
-            (require $path)($routes->withPath($path), $this);
+        } else {
+            $routes->import('../config/{routes}.php');
         }
     }
 }
5.3 vs 5.4
diff --git a/symfony/framework-bundle/5.3/src/Kernel.php b/symfony/framework-bundle/5.4/src/Kernel.php
index 8e96873..779cd1f 100644
--- a/symfony/framework-bundle/5.3/src/Kernel.php
+++ b/symfony/framework-bundle/5.4/src/Kernel.php
@@ -3,36 +3,9 @@
 namespace App;
 
 use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait;
-use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
 use Symfony\Component\HttpKernel\Kernel as BaseKernel;
-use Symfony\Component\Routing\Loader\Configurator\RoutingConfigurator;
 
 class Kernel extends BaseKernel
 {
     use MicroKernelTrait;
-
-    protected function configureContainer(ContainerConfigurator $container): void
-    {
-        $container->import('../config/{packages}/*.yaml');
-        $container->import('../config/{packages}/'.$this->environment.'/*.yaml');
-
-        if (is_file(\dirname(__DIR__).'/config/services.yaml')) {
-            $container->import('../config/services.yaml');
-            $container->import('../config/{services}_'.$this->environment.'.yaml');
-        } else {
-            $container->import('../config/{services}.php');
-        }
-    }
-
-    protected function configureRoutes(RoutingConfigurator $routes): void
-    {
-        $routes->import('../config/{routes}/'.$this->environment.'/*.yaml');
-        $routes->import('../config/{routes}/*.yaml');
-
-        if (is_file(\dirname(__DIR__).'/config/routes.yaml')) {
-            $routes->import('../config/routes.yaml');
-        } else {
-            $routes->import('../config/{routes}.php');
-        }
-    }
 }
5.4 vs 6.2
diff --git a/symfony/framework-bundle/5.4/config/packages/framework.yaml b/symfony/framework-bundle/6.2/config/packages/framework.yaml
index 7853e9e..6d85c29 100644
--- a/symfony/framework-bundle/5.4/config/packages/framework.yaml
+++ b/symfony/framework-bundle/6.2/config/packages/framework.yaml
@@ -3,6 +3,7 @@ framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
     http_method_override: false
+    handle_all_throwables: true
 
     # Enables session support. Note that the session will ONLY be started if you read or write from it.
     # Remove or comment this section to explicitly disable session support.
6.2 vs 6.4
diff --git a/symfony/framework-bundle/6.2/config/packages/framework.yaml b/symfony/framework-bundle/6.4/config/packages/framework.yaml
index 6d85c29..980ee45 100644
--- a/symfony/framework-bundle/6.2/config/packages/framework.yaml
+++ b/symfony/framework-bundle/6.4/config/packages/framework.yaml
@@ -2,6 +2,7 @@
 framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
+    annotations: false
     http_method_override: false
     handle_all_throwables: true
 
@@ -11,7 +12,6 @@ framework:
         handler_id: null
         cookie_secure: auto
         cookie_samesite: lax
-        storage_factory_id: session.storage.factory.native
 
     #esi: true
     #fragments: true
6.4 vs 7.0
diff --git a/symfony/framework-bundle/6.4/config/packages/framework.yaml b/symfony/framework-bundle/7.0/config/packages/framework.yaml
index 980ee45..877eb25 100644
--- a/symfony/framework-bundle/6.4/config/packages/framework.yaml
+++ b/symfony/framework-bundle/7.0/config/packages/framework.yaml
@@ -2,21 +2,12 @@
 framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
-    annotations: false
-    http_method_override: false
-    handle_all_throwables: true
 
-    # Enables session support. Note that the session will ONLY be started if you read or write from it.
-    # Remove or comment this section to explicitly disable session support.
-    session:
-        handler_id: null
-        cookie_secure: auto
-        cookie_samesite: lax
+    # Note that the session will be started ONLY if you read or write from it.
+    session: true
 
     #esi: true
     #fragments: true
-    php_errors:
-        log: true
 
 when@test:
     framework:
7.0 vs 7.2
diff --git a/symfony/framework-bundle/7.0/manifest.json b/symfony/framework-bundle/7.2/manifest.json
index 17fa50a..d466ccd 100644
--- a/symfony/framework-bundle/7.0/manifest.json
+++ b/symfony/framework-bundle/7.2/manifest.json
@@ -13,7 +13,7 @@
     },
     "env": {
         "APP_ENV": "dev",
-        "APP_SECRET": "%generate(secret)%"
+        "APP_SECRET": ""
     },
     "gitignore": [
         "/.env.local",

@javiereguiluz
Copy link
Member

After merging this, what would change for the user experience of creating new Symfony apps? Thanks

@nicolas-grekas
Copy link
Member Author

Check symfony/symfony#56985, it should answer that. Let me know if not completly.

@nicolas-grekas
Copy link
Member Author

PR ready for merge @symfony/mergers

@symfony-recipes-bot symfony-recipes-bot merged commit e0cf960 into main May 28, 2024
1 of 2 checks passed
@symfony-recipes-bot symfony-recipes-bot deleted the no-secret branch May 28, 2024 15:35
nicolas-grekas added a commit to symfony/symfony that referenced this pull request Jun 29, 2024
…ng (yceruto)

This PR was merged into the 7.2 branch.

Discussion
----------

[FrameworkBundle] Lazy `kernel.secret` parameter resolving

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Issues        | -
| License       | MIT

#56985 and symfony/recipes#1317 following up

The goal of this PR is to fix the current compiler-errors about a missing `kernel.secret` parameter when it's not set at all. Thus, improving the first-time experience with minimalistic apps.

Commits
-------

0284011 Lazy kernel.secret parameter resolving
symfony-splitter pushed a commit to symfony/security-bundle that referenced this pull request Jun 29, 2024
…ng (yceruto)

This PR was merged into the 7.2 branch.

Discussion
----------

[FrameworkBundle] Lazy `kernel.secret` parameter resolving

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Issues        | -
| License       | MIT

symfony/symfony#56985 and symfony/recipes#1317 following up

The goal of this PR is to fix the current compiler-errors about a missing `kernel.secret` parameter when it's not set at all. Thus, improving the first-time experience with minimalistic apps.

Commits
-------

0284011717 Lazy kernel.secret parameter resolving
symfony-splitter pushed a commit to symfony/framework-bundle that referenced this pull request Jun 29, 2024
…ng (yceruto)

This PR was merged into the 7.2 branch.

Discussion
----------

[FrameworkBundle] Lazy `kernel.secret` parameter resolving

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Issues        | -
| License       | MIT

symfony/symfony#56985 and symfony/recipes#1317 following up

The goal of this PR is to fix the current compiler-errors about a missing `kernel.secret` parameter when it's not set at all. Thus, improving the first-time experience with minimalistic apps.

Commits
-------

0284011717 Lazy kernel.secret parameter resolving
fabpot added a commit to symfony/symfony that referenced this pull request Sep 19, 2024
…tainer non-empty parameters (yceruto)

This PR was merged into the 7.2 branch.

Discussion
----------

[DependencyInjection][FrameworkBundle] Introducing container non-empty parameters

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Issues        | -
| License       | MIT

This new iteration (following up #57462, #56985 and symfony/recipes#1317) is about to improve the DX when we're dealing with optional parameters (this is the case for `kernel.secret` now and likely others out there) .

Nicolas regarding your comment on #57462 (comment), I tried, but after some tests I realized that the impact of deprecating the `kernel.secret` is huge and, in some cases, counterproductive, as we used to reference that parameter in many configurations, see https://github.com/search?q=language%3APHP+%25kernel.secret%25+&type=code&p=3, which is currently a convenient way to share a config value.

So I gave this new concept for container parameters a try. Basically, a non-empty parameter is one that must exist and cannot be [empty](https://www.php.net/manual/en/function.empty.php). It's evaluated when the `ParameterBag::get()` method is invoked.

Additionally, we can now connect the parameter with its source by passing a custom error message with details on how to proceed if it fails, thus improving the DX.

This is what we can achieve with this feature:
```php
$container = new ContainerBuilder();

if (isset($config['secret'])) {
    $container->setParameter('app.secret', $config['secret']);
}

// NEW
$container->nonEmptyParameter('app.secret', 'Did you forget to configure the "app.secret" option?');

$container->register('security_service', 'SecurityService')
    ->setArguments([new Parameter('app.secret')])
    ->setPublic(true)
;
```
when the `security_service` is initiated/used, the `app.secret` parameter will be evaluated based on the non-empty conditions. If it's missing or empty, a helpful exception message will be thrown.

Before (case when it's missing):
```
You have requested a non-existent parameter "app.secret".
```
After:
```
You have requested a non-existent parameter "app.secret". Did you forget to configure the "app.secret" option?
```

This would also address our concern about third-party services depending on the `kernel.secret` parameter when `APP_SECRET` is empty (and the `secrets` option is disabled). In that case, even if they are not checking for empty secret value in their own, it'll fail.

Commits
-------

98156f7 Introducing container non-empty parameters
symfony-splitter pushed a commit to symfony/framework-bundle that referenced this pull request Sep 19, 2024
…tainer non-empty parameters (yceruto)

This PR was merged into the 7.2 branch.

Discussion
----------

[DependencyInjection][FrameworkBundle] Introducing container non-empty parameters

| Q             | A
| ------------- | ---
| Branch?       | 7.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Issues        | -
| License       | MIT

This new iteration (following up symfony/symfony#57462, symfony/symfony#56985 and symfony/recipes#1317) is about to improve the DX when we're dealing with optional parameters (this is the case for `kernel.secret` now and likely others out there) .

Nicolas regarding your comment on symfony/symfony#57462 (comment), I tried, but after some tests I realized that the impact of deprecating the `kernel.secret` is huge and, in some cases, counterproductive, as we used to reference that parameter in many configurations, see https://github.com/search?q=language%3APHP+%25kernel.secret%25+&type=code&p=3, which is currently a convenient way to share a config value.

So I gave this new concept for container parameters a try. Basically, a non-empty parameter is one that must exist and cannot be [empty](https://www.php.net/manual/en/function.empty.php). It's evaluated when the `ParameterBag::get()` method is invoked.

Additionally, we can now connect the parameter with its source by passing a custom error message with details on how to proceed if it fails, thus improving the DX.

This is what we can achieve with this feature:
```php
$container = new ContainerBuilder();

if (isset($config['secret'])) {
    $container->setParameter('app.secret', $config['secret']);
}

// NEW
$container->nonEmptyParameter('app.secret', 'Did you forget to configure the "app.secret" option?');

$container->register('security_service', 'SecurityService')
    ->setArguments([new Parameter('app.secret')])
    ->setPublic(true)
;
```
when the `security_service` is initiated/used, the `app.secret` parameter will be evaluated based on the non-empty conditions. If it's missing or empty, a helpful exception message will be thrown.

Before (case when it's missing):
```
You have requested a non-existent parameter "app.secret".
```
After:
```
You have requested a non-existent parameter "app.secret". Did you forget to configure the "app.secret" option?
```

This would also address our concern about third-party services depending on the `kernel.secret` parameter when `APP_SECRET` is empty (and the `secrets` option is disabled). In that case, even if they are not checking for empty secret value in their own, it'll fail.

Commits
-------

98156f7d64 Introducing container non-empty parameters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants