* Hotfix: Reflected XSS in Debug mode
* Added entry for the security issue GHSA-qg5r-95m4-mjgj to the CHANGELOG
* Update CHANGELOG.md
* Update CHANGELOG.md
---------
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
* Added support for string as Cookie::$expire
* Updated changelog for #19920 (Broadened the accepted type of `Cookie::$expire` from `int` to `int|string|null`)
* Fixed `\yiiunit\framework\web\ResponseTest::parseHeaderCookies()` to overwrite existing cookie.
* Added support for `\DateTimeInterface` in `\yii\web\Cookie::$expire`
* Fixed `\yiiunit\framework\web\ResponseTest::cookiesTestProvider()` for PHP 5.4 and commited missing code for \DateTimeInterface processing in `\yii\web\Response::sendCookies()`
* Change property visibility to allow more flexibility for apps
* Update framework/web/View.php
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
* Added changelog
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
* Migration::upsert() returns void
* Unneeded `@property` tags
* Add missing `null` param/return types
* Null types for db\Query + db\ActiveQuery
* Fixed testSelect
* Null types for Validator
* Several more null types
* One more
* Make AccessRule::$allow always a boolean
It doesn't have any special null handling, so it's safe to default to false
* Validator::$skipOnEmpty is always a boolean
* Catch all throwable from Widget::widget()
* Don't limit $previous args to \Exception
The actual \Exception allows $previous to be any throwable in PHP 7+
* Add Throwable catch block to Instance::get()
* Throwable cleanup
Comment changes only.
- Document \Throwable instead of \Exception wherever appropriate
- Removed redundant exception/error classes when \Throwable is referenced
* Yii::setlogger() accepts null
* ArrayHelper::removeValue() can remove any type of value
* Change default $allow value to false
* Fix broken links for events with different namespace
* Fix broken links in see tag
* Fix broken links in see tag (loadData())
* Fix broken link for var_export()
* Fix broken link for CVE
* Remove redundant markdown link wrap in see tags
* Remove see tags that refer to private properties
* Remove more see tags that refer to private properties
* Remove see tags that refer to private methods
* Remove one more redundant markdown link wrap in see tag [skip ci]
* Fix typo in see tag (causes broken link)
* Remove more see tags that refer to private methods
