Releases · ray-di/Ray.WebFormModule

18 May 15:42

koriym

1.0.1

300ebc9

1.0.1 Latest

Latest

Added

Ray\WebFormModule\WebFormModule — module class whose name matches the
package and namespace. Use this in new code.

Deprecated

Ray\WebFormModule\AuraInputModule is now a thin subclass of
WebFormModule kept for backwards compatibility. Existing applications
that install new AuraInputModule() continue to work without changes,
but should migrate to new WebFormModule().

Assets 2

18 May 07:46

koriym

1.0.0

70b8ad5

1.0.0

Changed

Minimum PHP version raised to 8.0.
BC break: Migrated from Doctrine Annotations to PHP 8 Attributes. All
validation metadata (@FormValidation, @InputValidation, @VndError) is
now expressed with #[FormValidation], #[InputValidation], #[VndError].
BC break: CSRF protection for validation methods is now declared with
the separate #[CsrfProtection] attribute. The previous antiCsrf=true
boolean option on @FormValidation has been removed. CSRF checks are now
opt-in: methods without #[CsrfProtection] perform no CSRF verification
even if the form has an AntiCsrf object set.

Before:
```
/**
 * @FormValidation(form="contactForm", antiCsrf=true)
 */
public function createAction() {}
```
After:
```
#[FormValidation(form: 'contactForm')]
#[CsrfProtection]
public function createAction() {}
```
BC break: AuraInputInterceptor, InputValidationInterceptor and
VndErrorHandler no longer accept a Doctrine\Common\Annotations\Reader
in their constructors. Validation attributes are read directly via
ReflectionMethod::getAttributes().
BC break: FormInterface::input() and FormInterface::error() now declare
parameter and return types (string $input, : string respectively).
Implementations must update their signatures.
BC break: ValidationException::__construct() now declares parameter
types (string $message, int $code, Throwable|null $e,
FormValidationError|null $error). The $error property is now typed as
FormValidationError|null via constructor property promotion.
Added property type declarations and return types across the codebase to
align with PHP 8 typing.
Bumped dependencies: ray/di ^2.16, ray/aop ^2.14,
phpunit/phpunit ^9.5.

Fixed

Exception\RuntimeException now correctly extends \RuntimeException
instead of \LogicException.
AntiCsrf::isValid() uses strict comparison for the CSRF token.
Eliminated PHP 8.4 deprecation warnings for implicit nullable parameters in
ValidationException::__construct() and VndErrorHandler::makeVndError().

Added

GitHub Actions workflows for tests and coding standards.
CHANGELOG.md.
#[CsrfProtection] attribute for composing CSRF checks with form/input
validation attributes.