Mention BC breaks caused while fixing security issues

This commit is contained in:
Kamil Kokot 2018-07-10 13:27:39 +02:00
parent 85b30af5f2
commit 1f5bf77714
No known key found for this signature in database
GPG key ID: 7BD76F7054D93C89

View file

@ -1,3 +1,14 @@
# UPGRADE FROM `v1.1.9` TO `v1.1.10`
* **BC BREAK**: `OrderShowMenuBuilder` constructor now requires the fourth argument being
`Symfony\Component\Security\Csrf\CsrfTokenManagerInterface` instance due to security reasons.
# UPGRADE FROM `v1.1.0` TO `v1.1.9`
* **BC BREAK**: `Sylius\Bundle\ResourceBundle\Controller::applyStateMachineTransitionAction` method now includes CSRF token checks due
to security reasons. If you used it for REST API, these checks can be disabled by adding
`csrf_protection: false` to your routing configuration.
# UPGRADE FROM `v1.0.X` TO `v1.1.0`
* Scanning for `composer.json` file inside themes directories is recursive by default, which can result in slow performance