- Deprecated
RemoteJsonManifestVersionStrategy
, useJsonManifestVersionStrategy
instead
- Deprecate
Helper::strlen()
, useHelper::width()
instead. - Deprecate
Helper::strlenWithoutDecoration()
, useHelper::removeDecoration()
instead.
- Deprecate
UserLoaderInterface::loadUserByUsername()
in favor ofUserLoaderInterface::loadUserByIdentifier()
- Remove
UuidV*Generator
classes
- Deprecated the
parents()
method, useancestors()
instead
- Changed
$forms
parameter type of theDataMapperInterface::mapDataToForms()
method fromiterable
to\Traversable
- Changed
$forms
parameter type of theDataMapperInterface::mapFormsToData()
method fromiterable
to\Traversable
- Deprecated passing an array as the second argument of the
DataMapper::mapDataToForms()
method, pass\Traversable
instead - Deprecated passing an array as the first argument of the
DataMapper::mapFormsToData()
method, pass\Traversable
instead - Deprecated passing an array as the second argument of the
CheckboxListMapper::mapDataToForms()
method, pass\Traversable
instead - Deprecated passing an array as the first argument of the
CheckboxListMapper::mapFormsToData()
method, pass\Traversable
instead - Deprecated passing an array as the second argument of the
RadioListMapper::mapDataToForms()
method, pass\Traversable
instead - Deprecated passing an array as the first argument of the
RadioListMapper::mapFormsToData()
method, pass\Traversable
instead - Dependency on
symfony/intl
was removed. Installsymfony/intl
if you are usingLocaleType
,CountryType
,CurrencyType
,LanguageType
orTimezoneType
- Deprecate the
session.storage
alias andsession.storage.*
services, use thesession.storage.factory
alias andsession.storage.factory.*
services instead - Deprecate the
framework.session.storage_id
configuration option, use theframework.session.storage_factory_id
configuration option instead - Deprecate the
session
service and theSessionInterface
alias, use the\Symfony\Component\HttpFoundation\Request::getSession()
or the new\Symfony\Component\HttpFoundation\RequestStack::getSession()
methods instead - Deprecate the
KernelTestCase::$container
property, useKernelTestCase::getContainer()
instead - Rename the container parameter
profiler_listener.only_master_requests
toprofiler_listener.only_main_requests
- Deprecate registering workflow services as public
- Deprecate option
--xliff-version
of thetranslation:update
command, use e.g.--format=xlf20
instead - Deprecate option
--output-format
of thetranslation:update
command, use e.g.--format=xlf20
instead
- Deprecate the
NamespacedAttributeBag
class - Deprecate the
RequestStack::getMasterRequest()
method and addgetMainRequest()
as replacement
- Deprecate
ArgumentInterface
- Deprecate
ArgumentMetadata::getAttribute()
, usegetAttributes()
instead - Mark the class
Symfony\Component\HttpKernel\EventListener\DebugHandlersListener
as internal - Deprecate returning a
ContainerBuilder
fromKernelInterface::registerContainerConfiguration()
- Deprecate
HttpKernelInterface::MASTER_REQUEST
and addHttpKernelInterface::MAIN_REQUEST
as replacement - Deprecate
KernelEvent::isMasterRequest()
and addisMainRequest()
as replacement
- Deprecated the
prefetch_count
parameter in the AMQP bridge, it has no effect and will be removed in Symfony 6.0 - Deprecated the use of TLS option for Redis Bridge, use
rediss://127.0.0.1
instead ofredis://127.0.0.1?tls=1
- Remove the internal annotation from the
getHeaderBody()
andgetHeaderParameter()
methods of theHeaders
class.
- Changed the return type of
AbstractTransportFactory::getEndpoint()
from?string
tostring
- Changed the signature of
Dsn::__construct()
to accept a singlestring $dsn
argument - Removed the
Dsn::fromString()
method
- Deprecated the
SetUpTearDownTrait
trait, use original methods with "void" return typehint
- Deprecate passing a boolean as the second argument of
PropertyAccessor::__construct()
, pass a combination of bitwise flags instead.
- Deprecated the
Type::getCollectionKeyType()
andType::getCollectionValueType()
methods, useType::getCollectionKeyTypes()
andType::getCollectionValueTypes()
instead
- Deprecate creating instances of the
Route
annotation class by passing an array of parameters, use named arguments instead
-
Deprecate using
UsageTrackingTokenStorage
with tracking enabled without a main request. Use the untracked token storage (service ID:security.untracked_token_storage
) instead, or disable usage tracking completely usingUsageTrackingTokenStorage::disableUsageTracking()
. -
[BC BREAK] Remove method
checkIfCompletelyResolved()
fromPassportInterface
, checking that passport badges are resolved is up toAuthenticatorManager
-
Deprecate class
User
, useInMemoryUser
or your own implementation instead. If you are using theisAccountNonLocked()
,isAccountNonExpired()
orisCredentialsNonExpired()
method, consider re-implementing them in your own user class, as they are not part of theInMemoryUser
API -
Deprecate class
UserChecker
, useInMemoryUserChecker
or your own implementation instead -
[BC break] Remove support for passing a
UserInterface
implementation toPassport
, use theUserBadge
instead. -
Deprecate
UserInterface::getPassword()
If yourgetPassword()
method does not returnnull
(i.e. you are using password-based authentication), you should implementPasswordAuthenticatedUserInterface
.Before:
use Symfony\Component\Security\Core\User\UserInterface; class User implements UserInterface { // ... public function getPassword() { return $this->password; } }
After:
use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface; class User implements UserInterface, PasswordAuthenticatedUserInterface { // ... public function getPassword(): ?string { return $this->password; } }
-
Deprecate
UserInterface::getSalt()
If yourgetSalt()
method does not returnnull
(i.e. you are using password-based authentication with an old password hash algorithm that requires user-provided salts), implementLegacyPasswordAuthenticatedUserInterface
.Before:
use Symfony\Component\Security\Core\User\UserInterface; class User implements UserInterface { // ... public function getPassword() { return $this->password; } public function getSalt() { return $this->salt; } }
After:
use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\LegacyPasswordAuthenticatedUserInterface; class User implements UserInterface, LegacyPasswordAuthenticatedUserInterface { // ... public function getPassword(): ?string { return $this->password; } public function getSalt(): ?string { return $this->salt; } }
-
Deprecate
UserInterface::getUsername()
in favor ofUserInterface::getUserIdentifier()
-
Deprecate
TokenInterface::getUsername()
in favor ofTokenInterface::getUserIdentifier()
-
Deprecate
UserProviderInterface::loadUserByUsername()
in favor ofUserProviderInterface::loadUserByIdentifier()
-
Deprecate
UsernameNotFoundException
in favor ofUserNotFoundException
andgetUsername()
/setUsername()
in favor ofgetUserIdentifier()
/setUserIdentifier()
-
Deprecate
PersistentTokenInterface::getUsername()
in favor ofPersistentTokenInterface::getUserIdentifier()
-
Deprecate calling
PasswordUpgraderInterface::upgradePassword()
with aUserInterface
instance that does not implementPasswordAuthenticatedUserInterface
-
Deprecate calling methods
hashPassword()
,isPasswordValid()
andneedsRehash()
onUserPasswordHasherInterface
with aUserInterface
instance that does not implementPasswordAuthenticatedUserInterface
-
Deprecate all classes in the
Core\Encoder\
sub-namespace, use thePasswordHasher
component instead -
Deprecated voters that do not return a valid decision when calling the
vote
method -
[BC break] Add optional array argument
$badges
toUserAuthenticatorInterface::authenticateUser()
-
Deprecate
AuthenticationManagerInterface
,AuthenticationProviderManager
,AnonymousAuthenticationProvider
,AuthenticationProviderInterface
,DaoAuthenticationProvider
,LdapBindAuthenticationProvider
,PreAuthenticatedAuthenticationProvider
,RememberMeAuthenticationProvider
,UserAuthenticationProvider
andAuthenticationFailureEvent
from security-core, use the new authenticator system instead -
Deprecate
AbstractAuthenticationListener
,AbstractPreAuthenticatedListener
,AnonymousAuthenticationListener
,BasicAuthenticationListener
,RememberMeListener
,RemoteUserAuthenticationListener
,UsernamePasswordFormAuthenticationListener
,UsernamePasswordJsonAuthenticationListener
andX509AuthenticationListener
from security-http, use the new authenticator system instead -
Deprecate the Guard component, use the new authenticator system instead
- [BC break] Add
login_throttling.lock_factory
setting defaulting tonull
. Set this option tolock.factory
if you need precise login rate limiting with synchronous requests. - Deprecate
UserPasswordEncoderCommand
class and the correspondinguser:encode-password
command, useUserPasswordHashCommand
anduser:hash-password
instead - Deprecate the
security.encoder_factory.generic
service, thesecurity.encoder_factory
andSymfony\Component\Security\Core\Encoder\EncoderFactoryInterface
aliases, usesecurity.password_hasher_factory
andSymfony\Component\PasswordHasher\Hasher\PasswordHasherFactoryInterface
instead - Deprecate the
security.user_password_encoder.generic
service, thesecurity.password_encoder
and theSymfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface
aliases, usesecurity.user_password_hasher
,security.password_hasher
andSymfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface
instead - Deprecate the public
security.authorization_checker
andsecurity.token_storage
services to private - Not setting the
enable_authenticator_manager
config option totrue
is deprecated - Deprecate the
security.authentication.provider.*
services, use the new authenticator system instead - Deprecate the
security.authentication.listener.*
services, use the new authenticator system instead - Deprecate the Guard component integration, use the new authenticator system instead
- Deprecate
ArrayDenormalizer::setSerializer()
, callsetDenormalizer()
instead - Deprecate creating instances of the annotation classes by passing an array of parameters, use named arguments instead
- Replaced
UuidV1::getTime()
,UuidV6::getTime()
andUlid::getTime()
byUuidV1::getDateTime()
,UuidV6::getDateTime()
andUlid::getDateTime()
- Deprecate
InvalidTokenConfigurationException