build(deps): bump easycorp/easyadmin-bundle from 3.3.2 to 4.10.2

[dependabot]

Bumps easycorp/easyadmin-bundle from 3.3.2 to 4.10.2.

Release notes

Sourced from easycorp/easyadmin-bundle's releases.

4.10.2

New features

[1fdacd63] Allow defining constraints in the file of the Image field (@​Seb33300)

Bug fixes

[0049b0d2] Slug field is now triggered also by select fields (@​Romaixn) [1ad08d9d] Misc. doc fixes (@​Romaixn)

4.10.1

Bug fixes

[91b5b08f] Fix search engine for PostgreSQL databases when querying numbers (@​gregGit)

4.10.0

This release includes a security fix about a potential XSS issue in the detail page. Read the UPGRADE guide for more details:

https://github.com/EasyCorp/EasyAdminBundle/blob/4.x/UPGRADE.md#easyadmin-4100

Bug fixes

[4b4103e8] Change the default title of detail page to avoid XSS issues (@​javiereguiluz)

4.9.5

New features

[b1e739ef] Added support for translatable objects in Twig (@​Geolim4) [c25528c0] Added block for meta tags in login minimal template (@​dragosprotung)

Bug fixes

[8f20bcd5] Fix Enum translation for grid in ChoiceField (@​psihius) [c1d37bd5] Fix empty collection first item index (@​zorn-v) [13271790] Fix InvalidOptionsException when using ChoiceField with zero choices (@​alshenetsky) [5e1e6d09] Fix invalid DQL (@​alshenetsky) [24745c51] Fix warning in DateTimeFilterType (@​alshenetsky) [10b1f924] Fix login form bottom padding (@​Seb33300) [96404d8f] Hide unnecessary vertical scrollbar (@​Seb33300) [5182566a] Allow fields containing null-safe property paths (@​alshenetsky) [5523f612] If it's a JoinColumnMapping, use property access (@​KDederichs)

4.9.4

Bug fixes

[984a9904] Fix the conditional display of global actions (@​a-r-m-i-n) [92816bbb] Fix the case when referrer in query string is present but empty (@​oleg-andreyev) [d83b976a] Add extra check for empty referrer value in form theme twig template (@​nzhiti) [8664f039] Highlight search results only on searchable fields (@​javiereguiluz) [6f6b3fde] Fix inlined actions not clickable in responsive mode (@​javiereguiluz)

... (truncated)

Upgrade guide

Sourced from easycorp/easyadmin-bundle's upgrade guide.

Upgrade between EasyAdmin 4.x versions

EasyAdmin 4.10.0

Updated the Default Title of Detail Page

The default title of the detail page in previous versions was %entity_as_string% which is a placeholder that refers to the value returned by the __toString() method of the entity.

This can potentially result in a XSS vulnerability because page titles and other elements are rendered with the raw Twig filter (to allow you to customize the contents with HTML tags).

Starting from EasyAdmin 4.10.0, the default page title is %entity_label_singular% <small>(#%entity_short_id%)</small>, which only contains safe items that will never result in a XSS issue. If you want to keep the previous page title (because you don't include user-generated contents in __toString() or because you sanitize all user-submitted data) you can add the following to your dashboard and all your CRUD controllers will use that page title:

class DashboardController extends AbstractDashboardController
{
    // ...
public function configureCrud(Crud $crud): Crud
{
    return $crud
        // ...
        ->setPageTitle('detail', '%entity_as_string%')
    ;
}

}

EasyAdmin 4.8.0

Form Panels are now called Form Fieldsets

You can still use FormField::addPanel() but it's deprecated and it will be removed in EasyAdmin 5.0.0. To fix the deprecation, "Find & Replace" in your IDE:

// Before
yield FormField::addPanel('...');
// After
yield FormField::addFieldset('...');

... (truncated)

Commits

• a277535 Rebuild web assets
• 614a6ca Prepare 4.10.2 release
• 0049b0d bug #6282 feat: allow slug field to be triggered by select fields also (Romaixn)
• b7c8c0d feat: allow slug field to be triggered by select fields also
• 1ad08d9 minor #6283 typo(docs): fix double "of the" (Romaixn)
• ed0faf9 Tweak docs
• 1fdacd6 feature #6258 [ImageField] Support constraint validation (Seb33300)
• 76a9e9d [ImageField] Support constraint validation
• dabf649 bug #6288 Fix top border (Seb33300)
• 6248349 Bump development version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)