Bump symfony/symfony from 2.7.16 to 2.7.51

[dependabot[bot]]

Bumps symfony/symfony from 2.7.16 to 2.7.51.

Release notes

*Sourced from [symfony/symfony's releases](https://github.com/symfony/symfony/releases).* > ## v2.7.51 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.7.50...v2.7.51) > > * security #cve-2019-10910 [DI] Check service IDs are valid ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 ([@​stof](https://github.com/stof)) > * security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash ([@​pborreli](https://github.com/pborreli)) > * security #cve-2019-10913 [HttpFoundation] reject invalid method override ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#31144](https://github-redirect.dependabot.com/symfony/symfony/pull/31144) > [SECURITY] Security release > > ## v2.7.50 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.7.49...v2.7.50) > > * security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes ([@​xabbuh](https://github.com/xabbuh)) > * security #cve-2018-19789 [Form] Filter file uploads out of regular form types ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#29486](https://github-redirect.dependabot.com/symfony/symfony/pull/29486) > [SECURITY] Security release > > ## v2.7.49 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.7.48...v2.7.49) > > * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > > [PR] [symfony/symfony#28098](https://github-redirect.dependabot.com/symfony/symfony/pull/28098) > [SECURITY] Security release > > ## v2.7.48 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.7.47...v2.7.48) > > * bug [#27359](https://github-redirect.dependabot.com/symfony/symfony/issues/27359) [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization ([@​nicolas-grekas](https://github.com/nicolas-grekas)) > * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured > * security #cve-2018-11406 clear CSRF tokens when the user is logged out > * security #cve-2018-11385 Adding session strategy to ALL listeners to avoid *any* possible fixation > * security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode > > [PR] [symfony/symfony#27374](https://github-redirect.dependabot.com/symfony/symfony/pull/27374) > [EOM] End of maintenance release for branch 2.7 > [SECURITY] Security release > > ## v2.7.47 > **Changelog** (since https://github.com/symfony/symfony/compare/v2.7.46...v2.7.47) > > * bug [#26781](https://github-redirect.dependabot.com/symfony/symfony/issues/26781) [Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform() ([@​syastrebov](https://github.com/syastrebov)) > * bug [#27286](https://github-redirect.dependabot.com/symfony/symfony/issues/27286) [Translation] Add Occitan plural rule ([@​kylekatarnls](https://github.com/kylekatarnls)) > * bug [#27246](https://github-redirect.dependabot.com/symfony/symfony/issues/27246) Disallow invalid characters in session.name ([@​ostrolucky](https://github.com/ostrolucky)) > * bug [#24805](https://github-redirect.dependabot.com/symfony/symfony/issues/24805) [Security] Fix logout ([@​MatTheCat](https://github.com/MatTheCat)) > * bug [#27141](https://github-redirect.dependabot.com/symfony/symfony/issues/27141) [Process] Suppress warnings when open_basedir is non-empty ([@​cbj4074](https://github.com/cbj4074)) > ... (truncated)

Changelog

*Sourced from [symfony/symfony's changelog](https://github.com/symfony/symfony/blob/v2.7.51/CHANGELOG-2.7.md).* > * 2.7.51 (2019-04-17) > > * security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) > * security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine - CVE-2019-10909 (stof) > * security #cve-2019-10911 [Security] Add a separator in the remember me cookie hash (pborreli) > * security #cve-2019-10913 [HttpFoundation] reject invalid method override (nicolas-grekas) > > * 2.7.50 (2018-12-06) > > * security #cve-2018-19790 [Security\Http] detect bad redirect targets using backslashes (xabbuh) > * security #cve-2018-19789 [Form] Filter file uploads out of regular form types (nicolas-grekas) > > * 2.7.49 (2018-08-01) > > * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) > * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) > > * 2.7.48 (2018-05-25) > > * bug [#27359](https://github-redirect.dependabot.com/symfony/symfony/issues/27359) [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas-grekas) > * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured > * security #cve-2018-11406 clear CSRF tokens when the user is logged out > * security #cve-2018-11385 Adding session strategy to ALL listeners to avoid *any* possible fixation > * security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode > > * 2.7.47 (2018-05-21) > > * bug [#26781](https://github-redirect.dependabot.com/symfony/symfony/issues/26781) [Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform() (syastrebov) > * bug [#27286](https://github-redirect.dependabot.com/symfony/symfony/issues/27286) [Translation] Add Occitan plural rule (kylekatarnls) > * bug [#27246](https://github-redirect.dependabot.com/symfony/symfony/issues/27246) Disallow invalid characters in session.name (ostrolucky) > * bug [#24805](https://github-redirect.dependabot.com/symfony/symfony/issues/24805) [Security] Fix logout (MatTheCat) > * bug [#27141](https://github-redirect.dependabot.com/symfony/symfony/issues/27141) [Process] Suppress warnings when open_basedir is non-empty (cbj4074) > * bug [#27250](https://github-redirect.dependabot.com/symfony/symfony/issues/27250) [Session] limiting :key for GET_LOCK to 64 chars (oleg-andreyev) > * bug [#27237](https://github-redirect.dependabot.com/symfony/symfony/issues/27237) [Debug] Fix populating error_get_last() for handled silent errors (nicolas-grekas) > * bug [#27236](https://github-redirect.dependabot.com/symfony/symfony/issues/27236) [Filesystem] Fix usages of error_get_last() (nicolas-grekas) > * bug [#27152](https://github-redirect.dependabot.com/symfony/symfony/issues/27152) [HttpFoundation] use brace-style regex delimiters (xabbuh) > * feature [#24896](https://github-redirect.dependabot.com/symfony/symfony/issues/24896) Add CODE_OF_CONDUCT.md (egircys) > * bug [#27067](https://github-redirect.dependabot.com/symfony/symfony/issues/27067) [HttpFoundation] Fix setting session-related ini settings (e-moe) > > * 2.7.46 (2018-04-27) > > * bug [#26831](https://github-redirect.dependabot.com/symfony/symfony/issues/26831) [Bridge/Doctrine] count(): Parameter must be an array or an object that implements Countable (gpenverne) > * bug [#27044](https://github-redirect.dependabot.com/symfony/symfony/issues/27044) [Security] Skip user checks if not implementing UserInterface (chalasr) > * bug [#26910](https://github-redirect.dependabot.com/symfony/symfony/issues/26910) Use new PHP7.2 functions in hasColorSupport (johnstevenson) > * bug [#26999](https://github-redirect.dependabot.com/symfony/symfony/issues/26999) [VarDumper] Fix dumping of SplObjectStorage (corphi) > * bug [#26886](https://github-redirect.dependabot.com/symfony/symfony/issues/26886) Don't assume that file binary exists on *nix OS (teohhanhui) > * bug [#26643](https://github-redirect.dependabot.com/symfony/symfony/issues/26643) Fix that ESI/SSI processing can turn a "private" response "public" (mpdude) > * bug [#26932](https://github-redirect.dependabot.com/symfony/symfony/issues/26932) [Form] Fixed trimming choice values (HeahDude) > * bug [#26875](https://github-redirect.dependabot.com/symfony/symfony/issues/26875) [Console] Don't go past exact matches when autocompleting (nicolas-grekas) > * bug [#26823](https://github-redirect.dependabot.com/symfony/symfony/issues/26823) [Validator] Fix LazyLoadingMetadataFactory with PSR6Cache for non classname if tested values isn't existing class (Pascal Montoya, pmontoya) > ... (truncated)

Commits

- [`20f9c87`](https://github.com/symfony/symfony/commit/20f9c87a12a0749ad3a96da256b4d0f95aad4beb) Merge pull request [#31144](https://github-redirect.dependabot.com/symfony/symfony/issues/31144) from fabpot/release-2.7.51 - [`2636414`](https://github.com/symfony/symfony/commit/26364145236c55679af27d5972e4e9ebad83264a) updated VERSION for 2.7.51 - [`343865d`](https://github.com/symfony/symfony/commit/343865d84784e51edba88db4492c51e30ac791ac) updated CHANGELOG for 2.7.51 - [`789a34a`](https://github.com/symfony/symfony/commit/789a34ad76fd5bc00d6b1e91dcf12f5b982dc792) security #cve-2019-10910 [DI] Check service IDs are valid (nicolas-grekas) - [`783ef2f`](https://github.com/symfony/symfony/commit/783ef2fb1da7ac595e968f222a3b13863cee39cc) security #cve-2019-10909 [FrameworkBundle][Form] Fix XSS issues in the form t... - [`2681a5f`](https://github.com/symfony/symfony/commit/2681a5f4ba051cd29e75a329e345fd19e4ad1222) security #cve-2019-10911 [Security] Add a separator in the remember me cookie... - [`722efa1`](https://github.com/symfony/symfony/commit/722efa1f17e52103b118d1370a92e0ac5f61eef6) security #cve-2019-10913 [HttpFoundation] reject invalid method override (nic... - [`0848ce2`](https://github.com/symfony/symfony/commit/0848ce2c7f3c3ba6cece3f9457a96b176b05860c) Merge pull request [#29486](https://github-redirect.dependabot.com/symfony/symfony/issues/29486) from fabpot/release-2.7.50 - [`95222d6`](https://github.com/symfony/symfony/commit/95222d6f80a258c1a51da8bec2b488630b6b4db8) bumped version - [`161aa25`](https://github.com/symfony/symfony/commit/161aa25779dfee96343899cb4235d3fc9fe4789d) updated CHANGELOG for 2.7.50 - Additional commits viewable in [compare view](https://github.com/symfony/symfony/compare/v2.7.16...v2.7.51)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/calliopeinitiative/marca/network/alerts).

[dependabot[bot]]

Superseded by #340.