Merge branch '2.7' into 2.8

* 2.7:
  Rename "console tasks" to "console commands"
  [Fix][Console] Missing autoloading by Composer
  Revert "Fixed wrong inheritance information"
  [#7318] Removing unnecessary word
  Minor fixes
  Explain what is the Symfony Core team
  Added the references to security vulnerabilities discovered in 2016
  update year in license template
  describe should have an 's' on the end
  Removed an unneeded note

Author: xabbuh

components/console/usage.rst

@@ -16,6 +16,8 @@ built-in options as well as a couple of built-in commands for the Console compon
         <?php
         // application.php
 
+        require __DIR__.'/vendor/autoload.php';
+
         use Symfony\Component\Console\Application;
 
         $application = new Application();

console/input.rst

@@ -134,7 +134,7 @@ Next, use this in the command to print the message multiple times::
         $output->writeln($text);
     }
 
-Now, when you run the task, you can optionally specify a ``--iterations``
+Now, when you run the command, you can optionally specify a ``--iterations``
 flag:
 
 .. code-block:: terminal

contributing/code/core_team.rst

@@ -1,7 +1,15 @@
 Symfony Core Team
 =================
 
-This document states the rules that govern the Symfony Core group. These rules
+The **Symfony Core** team is the group of developers that determine the
+direction and evolution of the Symfony project. Their votes rule if the
+features and patches proposed by the community are approved or rejected.
+
+All the Symfony Core members are long-time contributors with solid technical
+expertise and they have demonstrated a strong commitment to drive the project
+forward.
+
+This document states the rules that govern the Symfony Core team. These rules
 are effective upon publication of this document and all Symfony Core members
 must adhere to said rules and protocol.
 

contributing/code/license.rst

@@ -16,7 +16,7 @@ According to `Wikipedia`_:
 The License
 -----------
 
-Copyright (c) 2004-2016 Fabien Potencier
+Copyright (c) 2004-2017 Fabien Potencier
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

contributing/code/security.rst

@@ -103,8 +103,11 @@ Security Advisories
 This section indexes security vulnerabilities that were fixed in Symfony
 releases, starting from Symfony 1.0.0:
 
-* November 23, 2015: `CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service <http://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service>`_ (2.3.35, 2.6.12 and 2.7.7)
-* November 23, 2015: `CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature <http://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature>`_ (2.3.35, 2.6.12 and 2.7.7)
+* May 9, 2016: `CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password <http://symfony.com/blog/cve-2016-2403-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password>`_ (2.8.0-2.8.5, 3.0.0-3.0.5)
+* May 9, 2016: `CVE-2016-4423: Large username storage in session <https://symfony.com/blog/cve-2016-4423-large-username-storage-in-session>`_ (2.3.0-2.3.40, 2.7.0-2.7.12, 2.8.0-2.8.5, 3.0.0-3.0.5)
+* January 18, 2016: `CVE-2016-1902: SecureRandom's fallback not secure when OpenSSL fails <https://symfony.com/blog/cve-2016-1902-securerandom-s-fallback-not-secure-when-openssl-fails>`_ (2.3.0-2.3.36, 2.6.0-2.6.12, 2.7.0-2.7.8)
+* November 23, 2015: `CVE-2015-8125: Potential Remote Timing Attack Vulnerability in Security Remember-Me Service <https://symfony.com/blog/cve-2015-8125-potential-remote-timing-attack-vulnerability-in-security-remember-me-service>`_ (2.3.35, 2.6.12 and 2.7.7)
+* November 23, 2015: `CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature <https://symfony.com/blog/cve-2015-8124-session-fixation-in-the-remember-me-login-feature>`_ (2.3.35, 2.6.12 and 2.7.7)
 * May 26, 2015: `CVE-2015-4050: ESI unauthorized access <https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access>`_ (Symfony 2.3.29, 2.5.12 and 2.6.8)
 * April 1, 2015: `CVE-2015-2309: Unsafe methods in the Request class <https://symfony.com/blog/cve-2015-2309-unsafe-methods-in-the-request-class>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)
 * April 1, 2015: `CVE-2015-2308: Esi Code Injection <https://symfony.com/blog/cve-2015-2308-esi-code-injection>`_ (Symfony 2.3.27, 2.5.11 and 2.6.6)

create_framework/routing.rst

@@ -56,7 +56,7 @@ Instead of an array for the URL map, the Routing component relies on a
 
     $routes = new RouteCollection();
 
-Let's add a route that describe the ``/hello/SOMETHING`` URL and add another
+Let's add a route that describes the ``/hello/SOMETHING`` URL and add another
 one for the simple ``/bye`` one::
 
     use Symfony\Component\Routing\Route;

doctrine.rst

@@ -473,7 +473,7 @@ in your application. To do this, run:
     your entities) with how it *actually* looks, and executes the SQL statements
     needed to *update* the database schema to where it should be. In other
     words, if you add a new property with mapping metadata to ``Product``
-    and run this task, it will execute the "ALTER TABLE" statement needed
+    and run this command, it will execute the "ALTER TABLE" statement needed
     to add that new column to the existing ``product`` table.
 
     An even better way to take advantage of this functionality is via

doctrine/associations.rst

@@ -18,7 +18,7 @@ the class for you.
         --entity="AppBundle:Category" \
         --fields="name:string(255)"
 
-This task generates the ``Category`` entity for you, with an ``id`` field,
+This command generates the ``Category`` entity for you, with an ``id`` field,
 a ``name`` field and the associated getter and setter functions.
 
 Relationship Mapping Metadata

doctrine/console.rst

@@ -16,13 +16,13 @@ command:
 A list of available commands will print out. You can find out more information
 about any of these commands (or any Symfony command) by running the ``help``
 command. For example, to get details about the ``doctrine:database:create``
-task, run:
+command, run:
 
 .. code-block:: terminal
 
     $ php app/console help doctrine:database:create
 
-Some notable or interesting tasks include:
+Some notable or interesting commands include:
 
 * ``doctrine:ensure-production-settings`` - checks to see if the current
   environment is configured efficiently for production. This should always

reference/dic_tags.rst

@@ -489,7 +489,7 @@ kernel.cache_warmer
 process
 
 Cache warming occurs whenever you run the ``cache:warmup`` or ``cache:clear``
-task (unless you pass ``--no-warmup`` to ``cache:clear``). It is also run
+command (unless you pass ``--no-warmup`` to ``cache:clear``). It is also run
 when handling the request, if it wasn't done by one of the commands yet.
 The purpose is to initialize any cache that will be needed by the application
 and prevent the first user from any significant "cache hit" where the cache

security/acl.rst

@@ -91,8 +91,8 @@ First, you need to configure the connection the ACL system is supposed to use:
     domain objects. You can use whatever mapper you like for your objects, be it
     Doctrine ORM, MongoDB ODM, Propel, raw SQL, etc. The choice is yours.
 
-After the connection is configured, you have to import the database structure.
-Fortunately, there is a task for this. Simply run the following command:
+After the connection is configured, you have to import the database structure
+running the following command:
 
 .. code-block:: terminal
 

security/custom_provider.rst

@@ -211,11 +211,6 @@ Now you make the user provider available as a service:
     dependencies or configuration options or other services. Add these as
     arguments in the service definition.
 
-.. note::
-
-    Make sure the services file is being imported. See :ref:`service-container-imports-directive`
-    for details.
-
 Modify ``security.yml``
 -----------------------
 

testing.rst

@@ -464,7 +464,7 @@ Injection Container::
     $container = $client->getContainer();
 
 For a list of services available in your application, use the ``debug:container``
-console task.
+command.
 
 .. tip::
 

validation/groups.rst

@@ -166,11 +166,11 @@ the class name or the string ``Default``.
     object that's actually the one being validated.
 
     If you have inheritance (e.g. ``User extends BaseUser``) and you validate
-    with the class name of the subclass (i.e. ``User``), then only constraints
-    in the ``User`` will be validated. To validate the parent constraints as 
-    well you need to provide multiple groups (i.e ``User`` and ``BaseUser``) or
-    ``Default``.
-    
+    with the class name of the subclass (i.e. ``User``), then all constraints
+    in the ``User`` and ``BaseUser`` will be validated. However, if you
+    validate using the base class (i.e. ``BaseUser``), then only the default
+    constraints in the ``BaseUser`` class will be validated.
+
 To tell the validator to use a specific group, pass one or more group names
 as the third argument to the ``validate()`` method::