Bump symfony/symfony from 2.8.0 to 2.8.50

[dependabot[bot]]

Bumps symfony/symfony from 2.8.0 to 2.8.50.

Release notes

*Sourced from [symfony/symfony's releases](https://github.com/symfony/symfony/releases).* > ## v2.8.50 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.49...v2.8.50) > > * security #cve-2019-10910 [DI] Check service IDs are valid ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine ([@​stof](https://github.com/stof)) > * security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash ([@​pborreli](https://github.com/pborreli)) > * security #cve-2019-10913 [HttpFoundation] reject invalid method override ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#31145](https://github-redirect.dependabot.com/symfony/symfony/pull/31145) > [SECURITY] Security release > > ## v2.8.49 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.48...v2.8.49) > > * security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes ([@​xabbuh](https://github.com/xabbuh)) > * security #cve-2018-19789 [Form] Filter file uploads out of regular form types ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#29487](https://github-redirect.dependabot.com/symfony/symfony/pull/29487) > [SECURITY] Security release > > ## v2.8.48 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.47...v2.8.48) > > * bug [#28917](https://github-redirect.dependabot.com/symfony/symfony/issues/28917) [DoctrineBridge] catch errors while converting to db values in data collector ([@​alekitto](https://github.com/alekitto)) > * bug [#27314](https://github-redirect.dependabot.com/symfony/symfony/issues/27314) [DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider ([@​PF4Public](https://github.com/PF4Public)) > * bug [#29308](https://github-redirect.dependabot.com/symfony/symfony/issues/29308) [Translation] Use XLIFF source rather than resname when there's no target ([@​thewilkybarkid](https://github.com/thewilkybarkid)) > * bug [#26244](https://github-redirect.dependabot.com/symfony/symfony/issues/26244) [BrowserKit] fixed BC Break for HTTP_HOST header ([@​brizzz](https://github.com/brizzz)) > * bug [#28147](https://github-redirect.dependabot.com/symfony/symfony/issues/28147) [DomCrawler] exclude fields inside "template" tags ([@​Gorjunov](https://github.com/Gorjunov)) > * bug [#29271](https://github-redirect.dependabot.com/symfony/symfony/issues/29271) [HttpFoundation] Fix trailing space for mime-type with parameters ([@​Sascha](https://github.com/Sascha) Dens) > * bug [#29223](https://github-redirect.dependabot.com/symfony/symfony/issues/29223) [Validator] Added the missing constraints instance checks ([@​thomasbisignani](https://github.com/thomasbisignani)) > * bug [#29182](https://github-redirect.dependabot.com/symfony/symfony/issues/29182) [Form] Fixed empty data for compound date types ([@​HeahDude](https://github.com/HeahDude)) > * bug [#29185](https://github-redirect.dependabot.com/symfony/symfony/issues/29185) [Form] Fixed keeping hash of equal \DateTimeInterface on submit ([@​HeahDude](https://github.com/HeahDude)) > * bug [#28731](https://github-redirect.dependabot.com/symfony/symfony/issues/28731) [Form] invalidate forms on transformation failures ([@​xabbuh](https://github.com/xabbuh)) > * bug [#29152](https://github-redirect.dependabot.com/symfony/symfony/issues/29152) [Config] Unset key during normalization ([@​ro0NL](https://github.com/ro0NL)) > * bug [#29057](https://github-redirect.dependabot.com/symfony/symfony/issues/29057) [HttpFoundation] replace any preexisting Content-Type headers ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#29333](https://github-redirect.dependabot.com/symfony/symfony/pull/29333) > > ## v2.8.47 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.8.46...v2.8.47) > > * bug [#29020](https://github-redirect.dependabot.com/symfony/symfony/issues/29020) Fix ini_get() for boolean values ([@​deguif](https://github.com/deguif)) > * bug [#28861](https://github-redirect.dependabot.com/symfony/symfony/issues/28861) [DependencyInjection] Skip empty proxy code ([@​olvlvl](https://github.com/olvlvl)) > * bug [#28801](https://github-redirect.dependabot.com/symfony/symfony/issues/28801) Convert InsufficientAuthenticationException to HttpException with 401 status code ([@​vincentchalamon](https://github.com/vincentchalamon)) > * bug [#28840](https://github-redirect.dependabot.com/symfony/symfony/issues/28840) add missing double-quotes to extra_fields output message ([@​danielkay](https://github.com/danielkay)) > * bug [#28712](https://github-redirect.dependabot.com/symfony/symfony/issues/28712) [Form] reverse transform RFC 3339 formatted dates ([@​xabbuh](https://github.com/xabbuh)) > * bug [#28813](https://github-redirect.dependabot.com/symfony/symfony/issues/28813) Fix for race condition in console output stream write ([@​rudolfratusinski](https://github.com/rudolfratusinski)) > * bug [#27772](https://github-redirect.dependabot.com/symfony/symfony/issues/27772) [Console] Fixes multiselect choice question defaults in non-interactive mode ([@​veewee](https://github.com/veewee)) > * bug [#28689](https://github-redirect.dependabot.com/symfony/symfony/issues/28689) [Process] fix locking of pipe files on Windows ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > ... (truncated)

Changelog

*Sourced from [symfony/symfony's changelog](https://github.com/symfony/symfony/blob/v2.8.50/CHANGELOG-2.8.md).* > * 2.8.50 (2019-04-17) > > * security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) > * security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine (stof) > * security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effects from being unserialized (nicolas-grekas) > * security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) > * security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) > > * 2.8.49 (2018-12-06) > > * security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes (xabbuh) > * security #cve-2018-19789 [Form] Filter file uploads out of regular form types (nicolas-grekas) > > * 2.8.48 (2018-11-26) > > * bug [#28917](https://github-redirect.dependabot.com/symfony/symfony/issues/28917) [DoctrineBridge] catch errors while converting to db values in data collector (alekitto) > * bug [#27314](https://github-redirect.dependabot.com/symfony/symfony/issues/27314) [DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider (PF4Public) > * bug [#29308](https://github-redirect.dependabot.com/symfony/symfony/issues/29308) [Translation] Use XLIFF source rather than resname when there's no target (thewilkybarkid) > * bug [#26244](https://github-redirect.dependabot.com/symfony/symfony/issues/26244) [BrowserKit] fixed BC Break for HTTP_HOST header (brizzz) > * bug [#28147](https://github-redirect.dependabot.com/symfony/symfony/issues/28147) [DomCrawler] exclude fields inside "template" tags (Gorjunov) > * bug [#29271](https://github-redirect.dependabot.com/symfony/symfony/issues/29271) [HttpFoundation] Fix trailing space for mime-type with parameters (Sascha Dens) > * bug [#29223](https://github-redirect.dependabot.com/symfony/symfony/issues/29223) [Validator] Added the missing constraints instance checks (thomasbisignani) > * bug [#29182](https://github-redirect.dependabot.com/symfony/symfony/issues/29182) [Form] Fixed empty data for compound date types (HeahDude) > * bug [#29185](https://github-redirect.dependabot.com/symfony/symfony/issues/29185) [Form] Fixed keeping hash of equal \DateTimeInterface on submit (HeahDude) > * bug [#28731](https://github-redirect.dependabot.com/symfony/symfony/issues/28731) [Form] invalidate forms on transformation failures (xabbuh) > * bug [#29152](https://github-redirect.dependabot.com/symfony/symfony/issues/29152) [Config] Unset key during normalization (ro0NL) > * bug [#29057](https://github-redirect.dependabot.com/symfony/symfony/issues/29057) [HttpFoundation] replace any preexisting Content-Type headers (nicolas-grekas) > > * 2.8.47 (2018-11-03) > > * bug [#29020](https://github-redirect.dependabot.com/symfony/symfony/issues/29020) Fix ini_get() for boolean values (deguif) > * bug [#28861](https://github-redirect.dependabot.com/symfony/symfony/issues/28861) [DependencyInjection] Skip empty proxy code (olvlvl) > * bug [#28801](https://github-redirect.dependabot.com/symfony/symfony/issues/28801) Convert InsufficientAuthenticationException to HttpException with 401 status code (vincentchalamon) > * bug [#28840](https://github-redirect.dependabot.com/symfony/symfony/issues/28840) add missing double-quotes to extra_fields output message (danielkay) > * bug [#28712](https://github-redirect.dependabot.com/symfony/symfony/issues/28712) [Form] reverse transform RFC 3339 formatted dates (xabbuh) > * bug [#28813](https://github-redirect.dependabot.com/symfony/symfony/issues/28813) Fix for race condition in console output stream write (rudolfratusinski) > * bug [#27772](https://github-redirect.dependabot.com/symfony/symfony/issues/27772) [Console] Fixes multiselect choice question defaults in non-interactive mode (veewee) > * bug [#28689](https://github-redirect.dependabot.com/symfony/symfony/issues/28689) [Process] fix locking of pipe files on Windows (nicolas-grekas) > * bug [#28704](https://github-redirect.dependabot.com/symfony/symfony/issues/28704) [Form] fix multi-digit seconds fraction handling (xabbuh) > * bug [#28648](https://github-redirect.dependabot.com/symfony/symfony/issues/28648) [PHPUnitBridge] Fix ClockMock microtime() format (acasademont) > > * 2.8.46 (2018-09-30) > > * bug [#28376](https://github-redirect.dependabot.com/symfony/symfony/issues/28376) [TwigBundle] Fixed caching of templates in src/Resources//views on cache warmup (yceruto) > * bug [#28565](https://github-redirect.dependabot.com/symfony/symfony/issues/28565) [HttpFoundation][Security] forward locale and format to subrequests (nicolas-grekas) > * bug [#28545](https://github-redirect.dependabot.com/symfony/symfony/issues/28545) [Console] Send the right exit code to console.terminate listeners (mpdude) > * bug [#28466](https://github-redirect.dependabot.com/symfony/symfony/issues/28466) [Form] fail reverse transforming invalid RFC 3339 dates (xabbuh) > * bug [#28540](https://github-redirect.dependabot.com/symfony/symfony/issues/28540) [Intl] parse numbers terminated with decimal separator (xabbuh) > * bug [#28548](https://github-redirect.dependabot.com/symfony/symfony/issues/28548) [Console] Fixed boxed table style with colspan (ro0NL) > * bug [#28433](https://github-redirect.dependabot.com/symfony/symfony/issues/28433) [HttpFoundation] Allow reuse of Session between requests if ID did not change (tgalopin) > ... (truncated)

Commits

- [`2ef4e09`](https://github.com/symfony/symfony/commit/2ef4e09343bdbdee0a7968f58b8ec594ce0aa47d) Merge pull request [#31145](https://github-redirect.dependabot.com/symfony/symfony/issues/31145) from fabpot/release-2.8.50 - [`9fc1016`](https://github.com/symfony/symfony/commit/9fc1016a6cdd2de5246809a13a6c0dcfef1ac8f4) updated VERSION for 2.8.50 - [`266b07f`](https://github.com/symfony/symfony/commit/266b07f8130a38931ceb5726a0c28af9b3557db2) updated CHANGELOG for 2.8.50 - [`3876c75`](https://github.com/symfony/symfony/commit/3876c75f858d5d82e2c309698d21af2f1d721afb) security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - [`41e9ec3`](https://github.com/symfony/symfony/commit/41e9ec3e04e824dbf218dda3bf6dcf7689d6d33c) security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form t... - [`63eda69`](https://github.com/symfony/symfony/commit/63eda69c32da713ab7ff5521f20fdc113880094a) security #cve-2019-10912 [PHPUnit Bridge] Prevent destructors with side-effec... - [`938b21a`](https://github.com/symfony/symfony/commit/938b21a72e847fe4fdb762299a1b761c89bba56e) security #cve-2019-10911 [Security] Add a separator in the remember me cookie... - [`e88a631`](https://github.com/symfony/symfony/commit/e88a63114a6c9c63eac2773210098d955753ece4) security #cve-2019-10913 [HttpFoundation] reject invalid method override (nic... - [`f8ac64c`](https://github.com/symfony/symfony/commit/f8ac64c075a36bedd0de43192d9601c20b99716e) Merge pull request [#29487](https://github-redirect.dependabot.com/symfony/symfony/issues/29487) from fabpot/release-2.8.49 - [`adeee13`](https://github.com/symfony/symfony/commit/adeee139cfa80087f1a9bff3967c818d8e502cea) bumped version - Additional commits viewable in [compare view](https://github.com/symfony/symfony/compare/v2.8.0...v2.8.50)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/afup/barometre/network/alerts).

[dependabot[bot]]

Superseded by #326.