Merge branch '2.8' into 3.4

* 2.8:
  Tweak wording in Upgrading a Patch Version
  Reword the explanation about HTTP exceptions
  added documentation for author tag management
  be more clear about child form to be themed
  fix FormError access in Twig template
  Be consistent how we write "core team"
  Added a note about using the security checker independently
  Use "children" property instead of "child"
  Update web_server_configuration.rst
  Updated a Twig example

Author: javiereguiluz

contributing/code/core_team.rst

@@ -9,7 +9,7 @@ All the Symfony Core members are long-time contributors with solid technical
 expertise and they have demonstrated a strong commitment to drive the project
 forward.
 
-This document states the rules that govern the Symfony Core team. These rules
+This document states the rules that govern the Symfony core team. These rules
 are effective upon publication of this document and all Symfony Core members
 must adhere to said rules and protocol.
 
@@ -121,7 +121,7 @@ Active Core Members
 Former Core Members
 ~~~~~~~~~~~~~~~~~~~
 
-They are no longer part of the Core Team, but we are very grateful for all their
+They are no longer part of the core team, but we are very grateful for all their
 Symfony contributions:
 
 * **Bernhard Schussek** (`webmozart`_);

contributing/code/security.rst

@@ -11,13 +11,13 @@ Reporting a Security Issue
 If you think that you have found a security issue in Symfony, don't use the
 bug tracker and don't publish it publicly. Instead, all security issues must
 be sent to **security [at] symfony.com**. Emails sent to this address are
-forwarded to the Symfony core-team private mailing-list.
+forwarded to the Symfony core team private mailing-list.
 
 Resolving Process
 -----------------
 
 For each report, we first try to confirm the vulnerability. When it is
-confirmed, the core-team works on a solution following these steps:
+confirmed, the core team works on a solution following these steps:
 
 #. Send an acknowledgement to the reporter;
 #. Work on a patch;

contributing/code/standards.rst

@@ -260,7 +260,12 @@ Documentation
 * The ``@package`` and ``@subpackage`` annotations are not used;
 
 * Don't inline PHPDoc blocks, even when they contain just one tag (e.g. don't
-  put ``/** {@inheritdoc} */`` in a single line).
+  put ``/** {@inheritdoc} */`` in a single line);
+
+* When adding a new class or when making significant changes to an existing class,
+  an ``@author`` tag with personal contact information may be added, or expanded.
+  Please note it is possible to have the personal contact information updated or
+  removed per request to the doc:`core team </contributing/code/core_team>`.
 
 License
 ~~~~~~~

controller.rst

@@ -409,9 +409,12 @@ method is just a shortcut to create a special
 :class:`Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException`
 object, which ultimately triggers a 404 HTTP response inside Symfony.
 
-Of course, you're free to throw any ``Exception`` class in your controller -
-Symfony will automatically return a 500 HTTP response code::
+If you throw an exception that extends or is an instance of
+:class:`Symfony\\Component\\HttpKernel\\Exception\\HttpException`, Symfony will
+use the appropriate HTTP status code. Otherwise, the response will have a 500
+HTTP status code::
 
+    // this exception ultimately generates a 500 status error
     throw new \Exception('Something went wrong!');
 
 In every case, an error page is shown to the end user and a full debug

form/form_customization.rst

@@ -385,7 +385,7 @@ You can also apply a form theme to a specific child of your form:
 
 .. code-block:: html+twig
 
-    {% form_theme form.child 'form/fields.html.twig' %}
+    {% form_theme form.a_child_form 'form/fields.html.twig' %}
 
 This is useful when you want to have a custom theme for a nested form that's
 different than the one of your main form. Just specify both your themes:
@@ -394,7 +394,7 @@ different than the one of your main form. Just specify both your themes:
 
     {% form_theme form 'form/fields.html.twig' %}
 
-    {% form_theme form.child 'form/fields_child.html.twig' %}
+    {% form_theme form.a_child_form 'form/fields_child.html.twig' %}
 
 Form Theming in PHP
 -------------------

security/security_checker.rst

@@ -29,5 +29,12 @@ FriendsOfPHP organization.
     To enable the ``security:check`` command, make sure the
     `SensioDistributionBundle`_ is installed and enabled in your application.
 
+.. tip::
+
+    The security checker is also available as an independent console application
+    and distributed as a PHAR file so you can use it in any PHP application.
+    Check out the `Security Checker repository`_ for more details.
+
 .. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories
 .. _`SensioDistributionBundle`: https://github.com/sensiolabs/SensioDistributionBundle
+.. _`Security Checker repository`: https://github.com/sensiolabs/security-checker

setup/upgrade_patch.rst

@@ -21,6 +21,7 @@ update.
 .. tip::
 
     It is recommended to update to a new patch version as soon as possible, as
-    important bugs and security leaks may be fixed in these new releases.
+    important bugs and security vulnerabilities may be fixed in these new
+    releases.
 
 .. include:: /setup/_update_all_packages.rst.inc

setup/web_server_configuration.rst

@@ -153,7 +153,7 @@ listen on. Each pool can also be run under a different UID and GID:
     group = www-data
 
     ; use a unix domain socket
-    listen = /var/run/php7.1-fpm.sock
+    listen = /var/run/php/php7.1-fpm.sock
 
     ; or listen on a TCP socket
     listen = 127.0.0.1:9000
@@ -251,7 +251,7 @@ instead:
 
 .. code-block:: apache
 
-    FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi -socket /var/run/php7.1-fpm.sock -pass-header Authorization
+    FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi -socket /var/run/php/php7.1-fpm.sock -pass-header Authorization
 
 .. _web-server-nginx:
 
@@ -274,7 +274,7 @@ The **minimum configuration** to get your application running under Nginx is:
         # This rule should only be placed on your development environment
         # In production, don't include this and don't deploy app_dev.php or config.php
         location ~ ^/(app_dev|config)\.php(/|$) {
-            fastcgi_pass unix:/run/php/php7.1-fpm.sock;
+            fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
             fastcgi_split_path_info ^(.+\.php)(/.*)$;
             include fastcgi_params;
             # When you are using symlinks to link the document root to the
@@ -289,7 +289,7 @@ The **minimum configuration** to get your application running under Nginx is:
         }
         # PROD
         location ~ ^/app\.php(/|$) {
-            fastcgi_pass unix:/run/php/php7.1-fpm.sock;
+            fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
             fastcgi_split_path_info ^(.+\.php)(/.*)$;
             include fastcgi_params;
             # When you are using symlinks to link the document root to the

validation/severity.rst

@@ -148,10 +148,7 @@ so that the severity is added as an additional HTML class:
         {%- if errors|length > 0 -%}
         <ul>
             {%- for error in errors -%}
-                {% if error.constraint.payload.severity is defined %}
-                    {% set severity = error.constraint.payload.severity %}
-                {% endif %}
-                <li{% if severity is defined %} class="{{ severity }}"{% endif %}>{{ error.message }}</li>
+                <li class="{{ error.cause.constraint.payload.severity ?? '' }}">{{ error.message }}</li>
             {%- endfor -%}
         </ul>
         {%- endif -%}