Merge tag 'v2.1.2' into Buerklin-provider

# Conflicts:
#	.docker/symfony.conf
#	VERSION

config/packages/api_platform.yaml

@@ -32,10 +32,9 @@ api_platform:
 
     pagination_client_items_per_page: true # Allow clients to override the default items per page
 
-  keep_legacy_inflector: false
   # Need to be true, or some tests will fail
   use_symfony_listeners: true
 
   serializer:
     # Change this to false later, to remove the hydra prefix on the API
-    hydra_prefix: true
+    hydra_prefix: true

config/packages/csrf.yaml

@@ -0,0 +1,12 @@
+# Enable stateless CSRF protection for forms and logins/logouts
+framework:
+    form:
+        csrf_protection:
+            token_id: submit
+
+    csrf_protection:
+        check_header: true
+        stateless_token_ids:
+            - submit
+            - authenticate
+            - logout

config/packages/datatables.yaml

@@ -9,7 +9,8 @@ datatables:
     # Set options, as documented at https://datatables.net/reference/option/
     options:
         lengthMenu : [[10, 25, 50, 100], [10, 25, 50, 100]] # We add the "All" option, when part tables are generated
-        pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
+        #pageLength: '%partdb.table.default_page_size%'   # Set to -1 to disable pagination (i.e. show all rows) by default
+        pageLength: 50 #TODO
         dom: "  <'row' <'col mb-2 input-group flex-nowrap' B l > <'col-auto mb-2' < p >>>
                     <'card'
                         rt
@@ -17,7 +18,7 @@ datatables:
                     >
                 <'row' <'col mt-2 input-group flex-nowrap' B l > <'col-auto mt-2' < p >>>"
         pagingType: 'simple_numbers'
-        searching: true
+        searching: false
         stateSave: true
 
 

config/packages/doctrine.yaml

@@ -25,10 +25,6 @@ doctrine:
             tinyint:
                 class: App\Doctrine\Types\TinyIntType
 
-            # This was removed in doctrine/orm 4.0 but we need it for the WebauthnKey entity
-            array:
-                class: App\Doctrine\Types\ArrayType
-        
         schema_filter: ~^(?!internal)~
         # Only enable this when needed
         profiling_collect_backtrace: false
@@ -39,6 +35,8 @@ doctrine:
         report_fields_where_declared: true
         validate_xml_mapping: true
         naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
+        identity_generation_preferences:
+            Doctrine\DBAL\Platforms\PostgreSQLPlatform: identity
         auto_mapping: true
         controller_resolver:
             auto_mapping: true

config/packages/framework.yaml

@@ -1,9 +1,6 @@
 # see https://symfony.com/doc/current/reference/configuration/framework.html
 framework:
     secret: '%env(APP_SECRET)%'
-    csrf_protection: true
-    annotations: false
-    handle_all_throwables: true
 
     # We set this header by ourselves, so we can disable it here
     disallow_search_engine_index: false
@@ -30,8 +27,11 @@ framework:
 
     #esi: true
     #fragments: true
-    php_errors:
-        log: true
+
+
+    form: { csrf_protection: { token_id: 'submit' } }
+    csrf_protection:
+        stateless_token_ids: ['submit', 'authenticate', 'logout']
 
 when@test:
     framework:

config/packages/knpu_oauth2_client.yaml

@@ -6,8 +6,8 @@ knpu_oauth2_client:
             type: generic
             provider_class: '\League\OAuth2\Client\Provider\GenericProvider'
 
-            client_id: '%env(PROVIDER_DIGIKEY_CLIENT_ID)%'
-            client_secret: '%env(PROVIDER_DIGIKEY_SECRET)%'
+            client_id: '%env(settings:digikey:clientId)%'
+            client_secret: '%env(settings:digikey:secret)%'
 
             redirect_route: 'oauth_client_check'
             redirect_params: {name: 'ip_digikey_oauth'}
@@ -26,8 +26,8 @@ knpu_oauth2_client:
             type: generic
             provider_class: '\League\OAuth2\Client\Provider\GenericProvider'
 
-            client_id: '%env(PROVIDER_OCTOPART_CLIENT_ID)%'
-            client_secret: '%env(PROVIDER_OCTOPART_SECRET)%'
+            client_id: '%env(settings:octopart:clientId)%'
+            client_secret: '%env(settings:octopart:secret)%'
 
             redirect_route: 'oauth_client_check'
             redirect_params: { name: 'ip_octopart_oauth' }

config/packages/monolog.yaml

@@ -69,6 +69,7 @@ when@docker:
                 excluded_http_codes: [404, 405]
                 buffer_size: 50 # How many messages should be saved? Prevent memory leaks
                 include_stacktraces: true
+                channels: ["!deprecation"]
             nested:
                 type: stream
                 path: "php://stderr"

config/packages/nelmio_security.yaml

@@ -69,9 +69,3 @@ nelmio_security:
                 - 'data:'
             block-all-mixed-content: true # defaults to false, blocks HTTP content over HTTPS transport
             # upgrade-insecure-requests: true # defaults to false, upgrades HTTP requests to HTTPS transport
-
-when@dev:
-    # disables the Content-Security-Policy header
-    nelmio_security:
-        csp:
-            enabled: false

config/packages/property_info.yaml

@@ -0,0 +1,3 @@
+framework:
+    property_info:
+        with_constructor_extractor: true

config/packages/routing.yaml

@@ -1,7 +1,5 @@
 framework:
     router:
-        utf8: true
-
         # Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
         # See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
         default_uri: '%env(DEFAULT_URI)%'

config/packages/security.yaml

@@ -13,7 +13,7 @@ security:
 
     firewalls:
         dev:
-            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            pattern: ^/(_(profiler|wdt)|css|images|js|\.well-known)/
             security: false
         main:
             provider: app_user_provider

config/packages/settings.yaml

@@ -0,0 +1,15 @@
+jbtronics_settings:
+  default_storage_adapter: Jbtronics\SettingsBundle\Storage\ORMStorageAdapter
+
+  cache:
+    default_cacheable: true
+
+  orm_storage:
+    default_entity_class: App\Entity\SettingsEntry
+
+
+# Disable caching for development environment
+when@dev:
+  jbtronics_settings:
+    cache:
+      default_cacheable: false

config/packages/swap.yaml

@@ -5,6 +5,12 @@ florianv_swap:
 
   providers:
     european_central_bank: ~                      # European Central Bank (only works for EUR base currency)
-    fixer:                                        # Fixer.io (needs an API key)
-      access_key: "%env(FIXER_API_KEY)%"
-    #exchange_rates_api: ~
+    central_bank_of_czech_republic: ~
+    central_bank_of_republic_turkey: ~
+    national_bank_of_romania: ~
+
+    fixer: # Fixer.io (needs an API key)
+        access_key: "%env(string:settings:exchange_rate:fixerApiKey)%"
+
+    frankfurter: ~
+    fawazahmed_currency_api: ~

config/packages/translation.yaml

@@ -1,11 +1,10 @@
 framework:
-    default_locale: '%partdb.locale%'
+    default_locale: 'en'
     # Just enable the locales we need for performance reasons.
     enabled_locale: '%partdb.locale_menu%'
     translator:
         default_path: '%kernel.project_dir%/translations'
         fallbacks:
-            - '%partdb.locale%'
             - 'en'
         providers:
     #            crowdin:

config/packages/twig.yaml

@@ -6,16 +6,12 @@ twig:
         '%kernel.project_dir%/assets/css': css
 
     globals:
-        partdb_title: '%partdb.title%'
-        default_currency: '%partdb.default_currency%'
-        global_theme: '%partdb.global_theme%'
         allow_email_pw_reset: '%partdb.users.email_pw_reset%'
         locale_menu: '%partdb.locale_menu%'
         attachment_manager: '@App\Services\Attachments\AttachmentManager'
         label_profile_dropdown_helper: '@App\Services\LabelSystem\LabelProfileDropdownHelper'
         error_page_admin_email: '%partdb.error_pages.admin_email%'
         error_page_show_help: '%partdb.error_pages.show_help%'
-        sidebar_items: '%partdb.sidebar.items%'
         sidebar_tree_updater: '@App\Services\Trees\SidebarTreeUpdater'
         avatar_helper: '@App\Services\UserSystem\UserAvatarHelper'
         available_themes: '%partdb.available_themes%'

config/packages/uid.yaml

@@ -1,4 +0,0 @@
-framework:
-    uid:
-        default_uuid_version: 7
-        time_based_uuid_version: 7

config/packages/ux_turbo.yaml

@@ -0,0 +1,4 @@
+# Enable stateless CSRF protection for forms and logins/logouts
+framework:
+    csrf_protection:
+        check_header: true

config/packages/validator.yaml

@@ -1,7 +1,5 @@
 framework:
     validation:
-        email_validation_mode: html5
-
         # Enables validator auto-mapping support.
         # For instance, basic validation constraints will be inferred from Doctrine's metadata.
         #auto_mapping:

config/packages/web_profiler.yaml

@@ -1,17 +1,14 @@
 when@dev:
     web_profiler:
-        toolbar: true
-        intercept_redirects: false
+        toolbar:
+            ajax_replace: true
 
     framework:
         profiler:
-            only_exceptions: false
             collect_serializer_data: true
 
 when@test:
-    web_profiler:
-        toolbar: false
-        intercept_redirects: false
-
     framework:
-        profiler: { collect: false }
+        profiler:
+            collect: false
+            collect_serializer_data: true