FestinHegre/vendor/symfony/security-core/CHANGELOG.md

CHANGELOG
=========


7.0
---

 * Remove the `Security` class, use `Symfony\Bundle\SecurityBundle\Security` instead
 * Require explicit argument when calling `TokenStorage::setToken()`
 * Change argument `$lastUsed` of `TokenProviderInterface::updateToken()` to accept `DateTimeInterface`

6.4
---

 * Make `PersistentToken` immutable
 * Deprecate accepting only `DateTime` for `TokenProviderInterface::updateToken()`, use `DateTimeInterface` instead

6.3
---

 * Add `AttributesBasedUserProviderInterface` to allow `$attributes` optional argument on `loadUserByIdentifier`
 * Add `OidcUser` with OIDC support for `OidcUserInfoTokenHandler`

6.2
---

 * Deprecate the `Security` class, use `Symfony\Bundle\SecurityBundle\Security` instead
 * Change the signature of `TokenStorageInterface::setToken()` to `setToken(?TokenInterface $token)`
 * Deprecate calling `TokenStorage::setToken()` without arguments
 * Add a `ChainUserChecker` to allow calling multiple user checkers for a firewall

6.0
---

 * `TokenInterface` does not extend `Serializable` anymore
 * Remove all classes in the `Core\Encoder\`  sub-namespace, use the `PasswordHasher` component instead
 * Remove methods `getPassword()` and `getSalt()` from `UserInterface`, use `PasswordAuthenticatedUserInterface`
   or `LegacyPasswordAuthenticatedUserInterface` instead
* `AccessDecisionManager` requires the strategy to be passed as in instance of `AccessDecisionStrategyInterface`

5.4.21
------

 * [BC BREAK] `AccessDecisionStrategyTestCase::provideStrategyTests()` is now static

5.4
---

 * Add a `CacheableVoterInterface` for voters that vote only on identified attributes and subjects
 * Deprecate `AuthenticationEvents::AUTHENTICATION_FAILURE`, use the `LoginFailureEvent` instead
 * Deprecate `AnonymousToken`, as the related authenticator was deprecated in 5.3
 * Deprecate `Token::getCredentials()`, tokens should no longer contain credentials (as they represent authenticated sessions)
 * Deprecate returning `string|\Stringable` from `Token::getUser()` (it must return a `UserInterface`)
 * Deprecate `AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY` and `AuthenticatedVoter::IS_ANONYMOUS`,
   use `AuthenticatedVoter::IS_AUTHENTICATED_FULLY` or `AuthenticatedVoter::IS_AUTHENTICATED` instead.
 * Deprecate `AuthenticationTrustResolverInterface::isAnonymous()` and the `is_anonymous()` expression
   function as anonymous no longer exists in version 6, use the `isFullFledged()` or the new
   `isAuthenticated()` instead if you want to check if the request is (fully) authenticated.
 * Deprecate the `$authenticationManager` argument of the `AuthorizationChecker` constructor
 * Deprecate setting the `$alwaysAuthenticate` argument to `true` and not setting the
   `$exceptionOnNoToken` argument to `false` of `AuthorizationChecker`
 * Deprecate methods `TokenInterface::isAuthenticated()` and `setAuthenticated`,
   return null from "getUser()" instead when a token is not authenticated
 * Add `AccessDecisionStrategyInterface` to allow custom access decision strategies
 * Add access decision strategies `AffirmativeStrategy`, `ConsensusStrategy`, `PriorityStrategy`, `UnanimousStrategy`
 * Deprecate passing the strategy as string to `AccessDecisionManager`,
   pass an instance of `AccessDecisionStrategyInterface` instead
 * Flag `AccessDecisionManager` as `@final`

5.3
---

The CHANGELOG for version 5.3 and earlier can be found at https://github.com/symfony/symfony/blob/5.3/src/Symfony/Component/Security/CHANGELOG.md
Vendor 2024-09-26 17:26:04 +02:00			`CHANGELOG`
			`=========`


			`7.0`
			`---`

			* Remove the `Security` class, use `Symfony\Bundle\SecurityBundle\Security` instead
			* Require explicit argument when calling `TokenStorage::setToken()`
			* Change argument `$lastUsed` of `TokenProviderInterface::updateToken()` to accept `DateTimeInterface`

			`6.4`
			`---`

			* Make `PersistentToken` immutable
			* Deprecate accepting only `DateTime` for `TokenProviderInterface::updateToken()`, use `DateTimeInterface` instead

			`6.3`
			`---`

			* Add `AttributesBasedUserProviderInterface` to allow `$attributes` optional argument on `loadUserByIdentifier`
			* Add `OidcUser` with OIDC support for `OidcUserInfoTokenHandler`

			`6.2`
			`---`

			* Deprecate the `Security` class, use `Symfony\Bundle\SecurityBundle\Security` instead
			* Change the signature of `TokenStorageInterface::setToken()` to `setToken(?TokenInterface $token)`
			* Deprecate calling `TokenStorage::setToken()` without arguments
			* Add a `ChainUserChecker` to allow calling multiple user checkers for a firewall

			`6.0`
			`---`

			* `TokenInterface` does not extend `Serializable` anymore
			* Remove all classes in the `Core\Encoder\` sub-namespace, use the `PasswordHasher` component instead
			* Remove methods `getPassword()` and `getSalt()` from `UserInterface`, use `PasswordAuthenticatedUserInterface`
			or `LegacyPasswordAuthenticatedUserInterface` instead
			* `AccessDecisionManager` requires the strategy to be passed as in instance of `AccessDecisionStrategyInterface`

			`5.4.21`
			`------`

			* [BC BREAK] `AccessDecisionStrategyTestCase::provideStrategyTests()` is now static

			`5.4`
			`---`

			* Add a `CacheableVoterInterface` for voters that vote only on identified attributes and subjects
			* Deprecate `AuthenticationEvents::AUTHENTICATION_FAILURE`, use the `LoginFailureEvent` instead
			* Deprecate `AnonymousToken`, as the related authenticator was deprecated in 5.3
			* Deprecate `Token::getCredentials()`, tokens should no longer contain credentials (as they represent authenticated sessions)
			* Deprecate returning `string\|\Stringable` from `Token::getUser()` (it must return a `UserInterface`)
			* Deprecate `AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY` and `AuthenticatedVoter::IS_ANONYMOUS`,
			use `AuthenticatedVoter::IS_AUTHENTICATED_FULLY` or `AuthenticatedVoter::IS_AUTHENTICATED` instead.
			* Deprecate `AuthenticationTrustResolverInterface::isAnonymous()` and the `is_anonymous()` expression
			function as anonymous no longer exists in version 6, use the `isFullFledged()` or the new
			`isAuthenticated()` instead if you want to check if the request is (fully) authenticated.
			* Deprecate the `$authenticationManager` argument of the `AuthorizationChecker` constructor
			* Deprecate setting the `$alwaysAuthenticate` argument to `true` and not setting the
			`$exceptionOnNoToken` argument to `false` of `AuthorizationChecker`
			* Deprecate methods `TokenInterface::isAuthenticated()` and `setAuthenticated`,
			`return null from "getUser()" instead when a token is not authenticated`
			* Add `AccessDecisionStrategyInterface` to allow custom access decision strategies
			* Add access decision strategies `AffirmativeStrategy`, `ConsensusStrategy`, `PriorityStrategy`, `UnanimousStrategy`
			* Deprecate passing the strategy as string to `AccessDecisionManager`,
			pass an instance of `AccessDecisionStrategyInterface` instead
			* Flag `AccessDecisionManager` as `@final`

			`5.3`
			`---`

			`The CHANGELOG for version 5.3 and earlier can be found at https://github.com/symfony/symfony/blob/5.3/src/Symfony/Component/Security/CHANGELOG.md`