This is the Backend application of the Covid-19 Project for DR Congo, a project initiated and supported by Congolese developers community around the world to help with the fight against coronavirus.
Other
5
stars
19
forks
source link
build(deps): bump symfony/security-bundle from 5.0.7 to 5.1.11 #102
Added FirewallListenerFactoryInterface, which can be implemented by security factories to add firewall listeners
Added SortFirewallListenersPass to make the execution order of firewall listeners configurable by
leveraging Symfony\Component\Security\Http\Firewall\FirewallListenerInterface
Added ability to use comma separated ip address list for security.access_control
[BC break] Removed EntryPointFactoryInterface, authenticators must now implement AuthenticationEntryPointInterface if
they require autoregistration of a Security entry point.
5.1.0
Added XSD for configuration
Added security configuration for priority-based access decision strategy
Marked the AnonymousFactory, FormLoginFactory, FormLoginLdapFactory, GuardAuthenticationFactory, HttpBasicFactory, HttpBasicLdapFactory, JsonLoginFactory, JsonLoginLdapFactory, RememberMeFactory, RemoteUserFactory and X509Factory as @internal
Renamed method AbstractFactory#createEntryPoint() to AbstractFactory#createDefaultEntryPoint()
5.0.0
The switch_user.stateless firewall option has been removed.
Removed the ability to configure encoders using argon2i or bcrypt as algorithm, use auto instead
The simple_form and simple_preauth authentication listeners have been removed,
use Guard instead.
The SimpleFormFactory and SimplePreAuthenticationFactory classes have been removed,
use Guard instead.
Removed LogoutUrlHelper and SecurityHelper templating helpers, use Twig instead
Removed the logout_on_user_change firewall option
Removed the threads encoder option
Removed the security.authentication.trust_resolver.anonymous_class parameter
Removed the security.authentication.trust_resolver.rememberme_class parameter
Removed the security.user.provider.in_memory.user service.
4.4.0
Added anonymous: lazy mode to firewalls to make them (not) start the session as late as possible
Added migrate_from option to encoders configuration.
Added new argon2id encoder, undeprecated the bcrypt and argon2i ones (using auto is still recommended by default.)
Deprecated the usage of "query_string" without a "search_dn" and a "search_password" config key in Ldap factories.
Marked the SecurityDataCollector class as @final.
4.3.0
Added new encoder types: auto (recommended), native and sodium
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.
You can always request more updates by clicking Bump now in your Dependabot dashboard.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps symfony/security-bundle from 5.0.7 to 5.1.11.
Release notes
Sourced from symfony/security-bundle's releases.
... (truncated)
Changelog
Sourced from symfony/security-bundle's changelog.
... (truncated)
Commits
911f6b5Merge branch '4.4' into 5.1b2cd6eaUse createMock() and use import instead of FQCNd4fee17Changed private static array-properties to const static properties newly intr...a35ccc7Merge branch '4.4' into 5.1fbe6552Remove wrong test00e94cfMerge branch '4.4' into 5.12b392ecbug symfony/symfony#39878 [doctrine-bridge] Add username to UserNameNotFoundE...d24f5d0Merge branch '4.4' into 5.15731e5a[travis] use PHP 8.0 to patch return types and run deps=low7143c52Merge branch '4.4' into 5.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.
You can always request more updates by clicking
Bump nowin your Dependabot dashboard.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)