symfony
diff --git a/‎_build/redirection_map
Lines changed: 1 addition & 0 deletions b/‎_build/redirection_map
Lines changed: 1 addition & 0 deletions
diff --git a/‎components/serializer.rst
Lines changed: 2 additions & 3 deletions b/‎components/serializer.rst
Lines changed: 2 additions & 3 deletions
diff --git a/‎contributing/code/core_team.rst
Lines changed: 2 additions & 2 deletions b/‎contributing/code/core_team.rst
Lines changed: 2 additions & 2 deletions
diff --git a/‎contributing/code/security.rst
Lines changed: 2 additions & 2 deletions b/‎contributing/code/security.rst
Lines changed: 2 additions & 2 deletions
diff --git a/‎contributing/code/standards.rst
Lines changed: 6 additions & 1 deletion b/‎contributing/code/standards.rst
Lines changed: 6 additions & 1 deletion
diff --git a/‎controller.rst
Lines changed: 5 additions & 2 deletions b/‎controller.rst
Lines changed: 5 additions & 2 deletions
diff --git a/‎doctrine.rst
Lines changed: 5 additions & 5 deletions b/‎doctrine.rst
Lines changed: 5 additions & 5 deletions
diff --git a/‎form/dynamic_form_modification.rst
Lines changed: 23 additions & 30 deletions b/‎form/dynamic_form_modification.rst
Lines changed: 23 additions & 30 deletions
diff --git a/‎form/form_customization.rst
Lines changed: 2 additions & 2 deletions b/‎form/form_customization.rst
Lines changed: 2 additions & 2 deletions
diff --git a/‎frontend.rst
Lines changed: 1 addition & 0 deletions b/‎frontend.rst
Lines changed: 1 addition & 0 deletions
diff --git a/‎frontend/encore/url-loader.rst
Lines changed: 51 additions & 0 deletions b/‎frontend/encore/url-loader.rst
Lines changed: 51 additions & 0 deletions
diff --git a/‎http_cache/esi.rst
-2Lines changed: 2 additions & 2 deletions b/‎http_cache/esi.rst
-2Lines changed: 2 additions & 2 deletions
diff --git a/‎quick_tour/flex_recipes.rst
Lines changed: 1 addition & 1 deletion b/‎quick_tour/flex_recipes.rst
Lines changed: 1 addition & 1 deletion
diff --git a/‎reference/dic_tags.rst
Lines changed: 3 additions & 3 deletions b/‎reference/dic_tags.rst
Lines changed: 3 additions & 3 deletions
diff --git a/‎security/security_checker.rst
Lines changed: 7 additions & 0 deletions b/‎security/security_checker.rst
Lines changed: 7 additions & 0 deletions
diff --git a/‎session/proxy_examples.rst
Lines changed: 1 addition & 1 deletion b/‎session/proxy_examples.rst
Lines changed: 1 addition & 1 deletion
@@ -379,6 +379,7 @@
 /reference/configuration/assetic /frontend/assetic
 /security/target_path /security
 /security/csrf_in_login_form /security/csrf
+/service_container/service_locators /service_container/service_subscribers_locators
 /service_container/third_party /service_container
 /templating/templating_service /templates
 /testing/simulating_authentication /testing/http_authentication
 
@@ -872,9 +872,8 @@ Here, we set it to 2 for the ``$child`` property:
                 http://symfony.com/schema/dic/serializer-mapping/serializer-mapping-1.0.xsd"
         >
             <class name="Acme\MyObj">
-                <attribute name="foo">
-                    <max-depth>2</max-depth>
-                </attribute>
+                <attribute name="foo" max-depth="2" />
+            </class>
         </serializer>
 
 The metadata loader corresponding to the chosen format must be configured in
 
@@ -9,7 +9,7 @@ All the Symfony Core members are long-time contributors with solid technical
 expertise and they have demonstrated a strong commitment to drive the project
 forward.
 
-This document states the rules that govern the Symfony Core team. These rules
+This document states the rules that govern the Symfony core team. These rules
 are effective upon publication of this document and all Symfony Core members
 must adhere to said rules and protocol.
 
@@ -121,7 +121,7 @@ Active Core Members
 Former Core Members
 ~~~~~~~~~~~~~~~~~~~
 
-They are no longer part of the Core Team, but we are very grateful for all their
+They are no longer part of the core team, but we are very grateful for all their
 Symfony contributions:
 
 * **Bernhard Schussek** (`webmozart`_);
 
@@ -11,13 +11,13 @@ Reporting a Security Issue
 If you think that you have found a security issue in Symfony, don't use the
 bug tracker and don't publish it publicly. Instead, all security issues must
 be sent to **security [at] symfony.com**. Emails sent to this address are
-forwarded to the Symfony core-team private mailing-list.
+forwarded to the Symfony core team private mailing-list.
 
 Resolving Process
 -----------------
 
 For each report, we first try to confirm the vulnerability. When it is
-confirmed, the core-team works on a solution following these steps:
+confirmed, the core team works on a solution following these steps:
 
 #. Send an acknowledgement to the reporter;
 #. Work on a patch;
 
@@ -260,7 +260,12 @@ Documentation
 * The ``@package`` and ``@subpackage`` annotations are not used;
 
 * Don't inline PHPDoc blocks, even when they contain just one tag (e.g. don't
-  put ``/** {@inheritdoc} */`` in a single line).
+  put ``/** {@inheritdoc} */`` in a single line);
+
+* When adding a new class or when making significant changes to an existing class,
+  an ``@author`` tag with personal contact information may be added, or expanded.
+  Please note it is possible to have the personal contact information updated or
+  removed per request to the doc:`core team </contributing/code/core_team>`.
 
 License
 ~~~~~~~
 
@@ -343,9 +343,12 @@ method is just a shortcut to create a special
 :class:`Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException`
 object, which ultimately triggers a 404 HTTP response inside Symfony.
 
-Of course, you can throw any ``Exception`` class in your controller: Symfony will
-automatically return a 500 HTTP response code::
+If you throw an exception that extends or is an instance of
+:class:`Symfony\\Component\\HttpKernel\\Exception\\HttpException`, Symfony will
+use the appropriate HTTP status code. Otherwise, the response will have a 500
+HTTP status code::
 
+    // this exception ultimately generates a 500 status error
     throw new \Exception('Something went wrong!');
 
 In every case, an error page is shown to the end user and a full debug
 
@@ -335,7 +335,7 @@ and save it!
 
             $product = new Product();
             $product->setName('Keyboard');
-            $product->setPrice(19.99);
+            $product->setPrice(1999);
             $product->setDescription('Ergonomic and stylish!');
 
             // tell Doctrine you want to (eventually) save the Product (no queries yet)
@@ -441,7 +441,7 @@ Once you have a repository object, you have many helper methods::
     // or find by name and price
     $product = $repository->findOneBy([
         'name' => 'Keyboard',
-        'price' => 19.99,
+        'price' => 1999,
     ]);
 
     // look for multiple Product objects matching the name, ordered by price
@@ -624,7 +624,7 @@ This uses Doctrine's `Query Builder`_: a very powerful and user-friendly way to
 write custom queries. Now, you can call this method on the repository::
 
     // from inside a controller
-    $minPrice = 10;
+    $minPrice = 1000;
 
     $products = $this->getDoctrine()
         ->getRepository(Product::class)
@@ -654,7 +654,7 @@ In addition to the query builder, you can also query with `Doctrine Query Langua
             FROM App\Entity\Product p
             WHERE p.price > :price
             ORDER BY p.price ASC'
-        )->setParameter('price', 10);
+        )->setParameter('price', 1000);
 
         // returns an array of Product objects
         return $query->execute();
@@ -675,7 +675,7 @@ Or directly with SQL if you need to::
             ORDER BY p.price ASC
             ';
         $stmt = $conn->prepare($sql);
-        $stmt->execute(['price' => 10]);
+        $stmt->execute(['price' => 1000]);
 
         // returns an array of arrays (i.e. a raw data set)
         return $stmt->fetchAll();
 
@@ -212,7 +212,6 @@ Using an event listener, your form might look like this::
     use Symfony\Component\Form\FormBuilderInterface;
     use Symfony\Component\Form\FormEvents;
     use Symfony\Component\Form\FormEvent;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
     use Symfony\Component\Form\Extension\Core\Type\TextType;
     use Symfony\Component\Form\Extension\Core\Type\TextareaType;
 
@@ -231,33 +230,31 @@ Using an event listener, your form might look like this::
     }
 
 The problem is now to get the current user and create a choice field that
-contains only this user's friends.
+contains only this user's friends. This can be done injecting the ``Security``
+service into the form type so you can get the current user object::
 
-Luckily it is pretty easy to inject a service inside of the form. This can be
-done in the constructor::
+    use Symfony\Component\Security\Core\Security;
 
-    private $tokenStorage;
+    private $security;
 
-    public function __construct(TokenStorageInterface $tokenStorage)
+    public function __construct(Security $security)
     {
-        $this->tokenStorage = $tokenStorage;
+        $this->security = $security;
     }
 
 .. note::
 
-    You might wonder, now that you have access to the User (through the token
-    storage), why not just use it directly in ``buildForm()`` and omit the
-    event listener? This is because doing so in the ``buildForm()`` method
-    would result in the whole form type being modified and not just this
-    one form instance. This may not usually be a problem, but technically
-    a single form type could be used on a single request to create many forms
-    or fields.
+    You might wonder, now that you have access to the ``User`` object, why not
+    just use it directly in ``buildForm()`` and omit the event listener? This is
+    because doing so in the ``buildForm()`` method would result in the whole
+    form type being modified and not just this one form instance. This may not
+    usually be a problem, but technically a single form type could be used on a
+    single request to create many forms or fields.
 
 Customizing the Form Type
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Now that you have all the basics in place you can take advantage of the ``TokenStorageInterface``
-and fill in the listener logic::
+Now that you have all the basics in place you can complete the listener logic::
 
     // src/Form/Type/FriendMessageFormType.php
 
@@ -266,16 +263,16 @@ and fill in the listener logic::
     use Symfony\Bridge\Doctrine\Form\Type\EntityType;
     use Symfony\Component\Form\Extension\Core\Type\TextType;
     use Symfony\Component\Form\Extension\Core\Type\TextareaType;
-    use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+    use Symfony\Component\Security\Core\Security;
     // ...
 
     class FriendMessageFormType extends AbstractType
     {
-        private $tokenStorage;
+        private $security;
 
-        public function __construct(TokenStorageInterface $tokenStorage)
+        public function __construct(Security $security)
         {
-            $this->tokenStorage = $tokenStorage;
+            $this->security = $security;
         }
 
         public function buildForm(FormBuilderInterface $builder, array $options)
@@ -286,7 +283,7 @@ and fill in the listener logic::
             ;
 
             // grab the user, do a quick sanity check that one exists
-            $user = $this->tokenStorage->getToken()->getUser();
+            $user = $this->security->getUser();
             if (!$user) {
                 throw new \LogicException(
                     'The FriendMessageFormType cannot be used without an authenticated user!'
@@ -301,13 +298,12 @@ and fill in the listener logic::
                     $formOptions = array(
                         'class'         => User::class,
                         'choice_label'  => 'fullName',
-                        'query_builder' => function (EntityRepository $er) use ($user) {
+                        'query_builder' => function (EntityRepository $userRepository) use ($user) {
                             // build a custom query
-                            // return $er->createQueryBuilder('u')->addOrderBy('fullName', 'DESC');
+                            // return $userRepository->createQueryBuilder('u')->addOrderBy('fullName', 'DESC');
 
                             // or call a method on your repository that returns the query builder
-                            // the $er is an instance of your UserRepository
-                            // return $er->createOrderByFullNameQueryBuilder();
+                            // return $userRepository->createOrderByFullNameQueryBuilder();
                         },
                     );
 
@@ -331,11 +327,8 @@ Using the Form
 
 If you're using :ref:`autowire <services-autowire>` and
 :ref:`autoconfigure <services-autoconfigure>`, your form is ready to be used!
-
-.. tip::
-
-    If you're not using autowire and autoconfigure, see :doc:`/form/form_dependencies`
-    for how to register your form type as a service.
+Otherwise, see :doc:`/form/form_dependencies` to learn how to register your form
+type as a service.
 
 In a controller, create the form like normal::
 
 
@@ -382,7 +382,7 @@ You can also apply a form theme to a specific child of your form:
 
 .. code-block:: html+twig
 
-    {% form_theme form.child 'form/fields.html.twig' %}
+    {% form_theme form.a_child_form 'form/fields.html.twig' %}
 
 This is useful when you want to have a custom theme for a nested form that's
 different than the one of your main form. Just specify both your themes:
@@ -391,7 +391,7 @@ different than the one of your main form. Just specify both your themes:
 
     {% form_theme form 'form/fields.html.twig' %}
 
-    {% form_theme form.child 'form/fields_child.html.twig' %}
+    {% form_theme form.a_child_form 'form/fields_child.html.twig' %}
 
 Form Theming in PHP
 -------------------
 
@@ -53,6 +53,7 @@ Optimizing
 * :doc:`Versioning (and the manifest.json file) </frontend/encore/versioning>`
 * :doc:`Using A CDN </frontend/encore/cdn>`
 * :doc:`Creating a "Shared" entry for re-used modules </frontend/encore/shared-entry>`
+* :doc:`/frontend/encore/url-loader`
 
 Guides
 ......
 
@@ -0,0 +1,51 @@
+Inlining files in CSS with Webpack URL Loader
+=============================================
+
+A simple technique to improve the performance of web applications is to reduce
+the number of HTTP requests inlining small files as base64 encoded URLs in the
+generated CSS files.
+
+Webpack Encore provides this feature via Webpack's `URL Loader`_ plugin, but
+it's disabled by default. First, add the URL loader to your project:
+
+.. code-block:: terminal
+
+    $ yarn add --dev url-loader
+
+Then enable it in your ``webpack.config.js``:
+
+.. code-block:: javascript
+
+    // webpack.config.js
+    // ...
+
+    Encore
+        // ...
+        .configureUrlLoader({
+            fonts: { limit: 4096 },
+            images: { limit: 4096 }
+        })
+    ;
+
+The ``limit`` option defines the maximum size in bytes of the inlined files. In
+the previous example, font and image files having a size below or equal to 4 KB
+will be inlined and the rest of files will be processed as usual.
+
+You can also use all the other options supported by the `URL Loader`_. If you
+want to disable this loader for either images or fonts, remove the corresponding
+key from the object that is passed to the ``configureUrlLoader()`` method:
+
+.. code-block:: javascript
+
+    // webpack.config.js
+    // ...
+
+    Encore
+        // ...
+        .configureUrlLoader({
+            // 'fonts' is not defined, so only images will be inlined
+            images: { limit: 4096 }
+        })
+    ;
+
+.. _`URL loader`: https://github.com/webpack-contrib/url-loader
@@ -127,7 +127,7 @@ matter), Symfony uses the standard ``render`` helper to configure ESI tags:
         {# templates/static/about.html.twig #}
 
         {# you can use a controller reference #}
-        {{ render_esi(controller('App\Controller\NewsController::latest', { 'maxPerPage': 5 })) }}
+        {{ render_esi(controller('App\\Controller\\NewsController::latest', { 'maxPerPage': 5 })) }}
 
         {# ... or a URL #}
         {{ render_esi(url('latest_news', { 'maxPerPage': 5 })) }}
@@ -139,7 +139,7 @@ matter), Symfony uses the standard ``render`` helper to configure ESI tags:
         <!-- you can use a controller reference -->
         <?php echo $view['actions']->render(
             new Symfony\Component\HttpKernel\Controller\ControllerReference(
-                'App\Controller\NewsController::latest',
+                'App\\Controller\\NewsController::latest',
                 array('maxPerPage' => 5)
             ),
             array('strategy' => 'esi')
 
@@ -213,7 +213,7 @@ rich API for a ``product`` table? Create a ``Product`` entity and give it the
         private $name;
 
         /**
-         * @ORM\Column(type="string")
+         * @ORM\Column(type="int")
          */
         private $price;
 
 
@@ -1098,7 +1098,7 @@ also have to be added as regular services:
     .. code-block:: yaml
 
         services:
-            Twig_Extensions_Extension_Intl:
+            Twig\Extensions\IntlExtension:
                 tags: [twig.extension]
 
     .. code-block:: xml
@@ -1110,7 +1110,7 @@ also have to be added as regular services:
                 http://symfony.com/schema/dic/services/services-1.0.xsd">
 
             <services>
-                <service id="Twig_Extensions_Extension_Intl">
+                <service id="Twig\Extensions\IntlExtension">
                     <tag name="twig.extension" />
                 </service>
             </services>
@@ -1119,7 +1119,7 @@ also have to be added as regular services:
     .. code-block:: php
 
         $container
-            ->register('Twig_Extensions_Extension_Intl')
+            ->register('Twig\Extensions\IntlExtension')
             ->addTag('twig.extension')
         ;
 
 
@@ -32,4 +32,11 @@ FriendsOfPHP organization.
     any of your dependencies is affected by a known security vulnerability.
     Therefore, you can easily integrate it in your build process.
 
+.. tip::
+
+    The security checker is also available as an independent console application
+    and distributed as a PHAR file so you can use it in any PHP application.
+    Check out the `Security Checker repository`_ for more details.
+
 .. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories
+.. _`Security Checker repository`: https://github.com/sensiolabs/security-checker
@@ -134,7 +134,7 @@ can intercept the session before it is written::
 
         private function getUser()
         {
-            if (!$token = $tokenStorage->getToken()) {
+            if (!$token = $this->tokenStorage->getToken()) {
                 return;
             }
Original file line number	Diff line number	Diff line change
`@@ -134,7 +134,7 @@ can intercept the session before it is written::`
`134`	`134`
`135`	`135`	`private function getUser()`
`136`	`136`	`{`
`137`		`- if (!$token = $tokenStorage->getToken()) {`
	`137`	`+ if (!$token = $this->tokenStorage->getToken()) {`
`138`	`138`	`return;`
`139`	`139`	`}`
`140`	`140`