We’ve tagged, created and pushed packages, and can finally announce that the second release candidate of ZF2, Zend Framework 2.0.0rc2, is now available!
Release candidates are now happening weekly, and will continue until we feel the code is stable; we anticipate that by the end of the month, we should have a stable release.
In the past week, we’ve managed around 70 pull requests, patching primarily bugfixes. Two addressed potential eXternal XML Enity (XXE) injection vulnerabilities in Zend\Feed, Zend\Soap, Zend\Dom, and Zend\Serializer. If you were building on RC1, we highly recommend updating at this time.
Additionally, this marks the first release that incorporates Rob Allen’s excellent ZF2 tutorial; it has now been incorporated into the manual:
Our efforts are now turning primarily to documentation. If you can help us, please do! Enrico has posted a primer on helping with documentation:
as well as a list of documentation tasks:
Please help out!
Below is the full changelog. Take some time to test the release, and to thank all the contributors who have helped get us this far!
UPDATES IN RC2
- REALLY removed Zend\Markup from the repository (we reported it removed for RC1, and had in fact created the repository for it, but not removed it from the zf2 repository). - Addition of Hydrator strategies, to allow easier hydration of composed objects. The HydratorInterface remains unchanged, but the shipped hydrators now all implement both that and the new StrategyEnabledInterface. - Zend\View\Model\ViewModel::setVariables() no longer overwrites the internal variables container by default. If you wish to do so, it does provide an optional $overwrite argument; passing a boolean true will cause the method to overwrite the container. - Zend\Validator\Iban was expanded to include Single Euro Payments Area (SEPA) support - Zend\Mvc\Controller\ControllerManager now allows fetching controllers via DI. This is done via a new DiStrict abstract service factory, which only fetches services in a provided whitelist. - Zend\Json\Encoder now accepts IteratorAggregates. - Controller, Filter, and Validator plugin managers were fixed to no longer share instances. - Zend\Form was updated to only bind values that were actually provided in the data. Additionally, if a Collection has no entries, it will be removed from the validation group. Finally, elements with the name "0" (zero) are now allowed. - Zend\View\Helper\Doctype was updated to respond true to isRdfa() when the doctype is an HTML5 variant. - Zend\Navigation was fixed to ensure the navigation services is passed correctly between helpers. Additionally, a bug in Mvc::isActive() was fixed to ensure routes were properly seeded. - The GreaterThan and LessThan validators were updated to pass constructor arguments to the parents, for consistency with other validators. - Log formatters are now responsible for formatting DateTime values in the log events. - The Console ViewManager was updated to extend from the standard HTTP version, and to use Config instead of Configuration, fixing several minor issues. - Zend\Version was moved to Zend\Version\Version (for consistency) - Zend\Debug was moved to Zend\Debug\Debug (for consistency) - All protected members that still had underscore prefixes were refactored to remove that prefix. - Identified and fixed all CS issues as identified by php-cs-fixer, and added php-cs-fixer to the Travis-CI build tasks. - ServiceManagerAwareInterface was removed from all but the most necessary locations, and replaced with ServiceLocatorAwareInterface. - Zend\Feed\Reader, Zend\Dom, Zend\Serializer\Wddx, and Zend\Soap were not properly protecting against XXE injections; these situations have now been corrected.