tag:github.com,2008:https://github.com/symfony/security-http/releases 2025-05-02T09:21:13Z tag:github.com,2008:Repository/12924727/v7.3.0-BETA1 2025-05-02T09:31:17Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.2.6...v7.3.0-BETA1"><tt>v7.2.6...v7.3.0-BETA1</tt></a>)</p> <ul> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2934489250" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/60007" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/60007/hovercard" href="https://github.com/symfony/symfony/pull/60007">symfony/symfony#60007</a> [Security] Add methods param in IsCsrfTokenValid attribute (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Oviglo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Oviglo">@Oviglo</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2297420194" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/54932" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/54932/hovercard" href="https://github.com/symfony/symfony/pull/54932">symfony/symfony#54932</a> [Security][SecurityBundle] OIDC discovery (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vincentchalamon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vincentchalamon">@vincentchalamon</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1669454501" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/50027" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/50027/hovercard" href="https://github.com/symfony/symfony/pull/50027">symfony/symfony#50027</a> [Security] OAuth2 Introspection Endpoint (RFC7662) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Spomky/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Spomky">@Spomky</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2860965992" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59805" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59805/hovercard" href="https://github.com/symfony/symfony/pull/59805">symfony/symfony#59805</a> [Security] Improve DX of recent additions (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2729322776" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59150" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59150/hovercard" href="https://github.com/symfony/symfony/pull/59150">symfony/symfony#59150</a> [Security] Allow using a callable with <code>#[IsGranted]</code> (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alexandre-daubois/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alexandre-daubois">@alexandre-daubois</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2851534879" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59771" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59771/hovercard" href="https://github.com/symfony/symfony/pull/59771">symfony/symfony#59771</a> [Security] Add ability for voters to explain their vote (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2799595541" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59562" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59562/hovercard" href="https://github.com/symfony/symfony/pull/59562">symfony/symfony#59562</a> [Security] Support hashing the hashed password using crc32c when putting the user in the session (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1911424860" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/51744" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/51744/hovercard" href="https://github.com/symfony/symfony/pull/51744">symfony/symfony#51744</a> [Security] Add a normalization step for the user-identifier in firewalls (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Spomky/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Spomky">@Spomky</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2828155264" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59682" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59682/hovercard" href="https://github.com/symfony/symfony/pull/59682">symfony/symfony#59682</a> [Security] Deprecate UserInterface &amp; TokenInterface's <code>eraseCredentials()</code> (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/chalasr/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/chalasr">@chalasr</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2532801495" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/58300" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/58300/hovercard" href="https://github.com/symfony/symfony/pull/58300">symfony/symfony#58300</a> [Security][SecurityBundle] Show user account status errors (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/core23/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/core23">@core23</a>)</li> <li>feature <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2406937406" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/57721" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/57721/hovercard" href="https://github.com/symfony/symfony/pull/57721">symfony/symfony#57721</a> [Security][SecurityBundle] Add encryption support to OIDC tokens (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Spomky/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Spomky">@Spomky</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.2.6 2025-05-02T09:14:53Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.2.5...v7.2.6"><tt>v7.2.5...v7.2.6</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2976389766" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/60166" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/60166/hovercard" href="https://github.com/symfony/symfony/pull/60166">symfony/symfony#60166</a> [Security] fix(security): fix OIDC user identifier (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vincentchalamon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vincentchalamon">@vincentchalamon</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v6.4.21 2025-05-02T09:09:28Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v6.4.20...v6.4.21"><tt>v6.4.20...v6.4.21</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2976389766" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/60166" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/60166/hovercard" href="https://github.com/symfony/symfony/pull/60166">symfony/symfony#60166</a> [Security] fix(security): fix OIDC user identifier (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vincentchalamon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vincentchalamon">@vincentchalamon</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.2.4 2025-02-26T11:07:14Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.2.3...v7.2.4"><tt>v7.2.3...v7.2.4</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2816552126" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59640" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59640/hovercard" href="https://github.com/symfony/symfony/pull/59640">symfony/symfony#59640</a> [Security] Return null instead of empty username to fix deprecation notice (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/phasdev/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/phasdev">@phasdev</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v6.4.19 2025-02-26T11:02:00Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v6.4.18...v6.4.19"><tt>v6.4.18...v6.4.19</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2816552126" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59640" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59640/hovercard" href="https://github.com/symfony/symfony/pull/59640">symfony/symfony#59640</a> [Security] Return null instead of empty username to fix deprecation notice (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/phasdev/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/phasdev">@phasdev</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.2.3 2025-01-29T07:47:36Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.2.2...v7.2.3"><tt>v7.2.2...v7.2.3</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2806270629" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59590" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59590/hovercard" href="https://github.com/symfony/symfony/pull/59590">symfony/symfony#59590</a> [Security] Throw an explicit error when refreshing a token with a null user (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alexandre-daubois/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alexandre-daubois">@alexandre-daubois</a>)</li> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2766398044" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59347" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59347/hovercard" href="https://github.com/symfony/symfony/pull/59347">symfony/symfony#59347</a> [Security] Fix triggering session tracking from ContextListener (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.1.11 2025-01-29T07:39:09Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.1.10...v7.1.11"><tt>v7.1.10...v7.1.11</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2806270629" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59590" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59590/hovercard" href="https://github.com/symfony/symfony/pull/59590">symfony/symfony#59590</a> [Security] Throw an explicit error when refreshing a token with a null user (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alexandre-daubois/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alexandre-daubois">@alexandre-daubois</a>)</li> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2766398044" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59347" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59347/hovercard" href="https://github.com/symfony/symfony/pull/59347">symfony/symfony#59347</a> [Security] Fix triggering session tracking from ContextListener (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v6.4.18 2025-01-29T07:34:04Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v6.4.17...v6.4.18"><tt>v6.4.17...v6.4.18</tt></a>)</p> <ul> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2806270629" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59590" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59590/hovercard" href="https://github.com/symfony/symfony/pull/59590">symfony/symfony#59590</a> [Security] Throw an explicit error when refreshing a token with a null user (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alexandre-daubois/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alexandre-daubois">@alexandre-daubois</a>)</li> <li>bug <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2766398044" data-permission-text="Title is private" data-url="https://github.com/symfony/symfony/issues/59347" data-hovercard-type="pull_request" data-hovercard-url="/symfony/symfony/pull/59347/hovercard" href="https://github.com/symfony/symfony/pull/59347">symfony/symfony#59347</a> [Security] Fix triggering session tracking from ContextListener (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nicolas-grekas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nicolas-grekas">@nicolas-grekas</a>)</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.1.10 2024-12-31T15:00:24Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.1.9...v7.1.10"><tt>v7.1.9...v7.1.10</tt></a>)</p> <ul> <li>no significant changes</li> </ul> fabpot tag:github.com,2008:Repository/12924727/v7.2.1 2024-12-11T12:16:26Z <p><strong>Changelog</strong> (<a class="commit-link" href="https://github.com/symfony/security-http/compare/v7.2.0...v7.2.1"><tt>v7.2.0...v7.2.1</tt></a>)</p> <ul> <li>no significant changes</li> </ul> fabpot