symfony
diff --git a/‎UPGRADE-7.3.md
Lines changed: 28 additions & 0 deletions b/‎UPGRADE-7.3.md
Lines changed: 28 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/Functional/app/CacheAttributeListener/config.yml
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/Functional/app/CacheAttributeListener/config.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/Functional/app/Security/config.yml
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/Functional/app/Security/config.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
Lines changed: 3 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
Lines changed: 3 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Debug/TraceableFirewallListenerTest.php
Lines changed: 3 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/Debug/TraceableFirewallListenerTest.php
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/AddSessionDomainConstraintPassTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/AddSessionDomainConstraintPassTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/MakeFirewallsEventDispatcherTraceablePassTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/MakeFirewallsEventDispatcherTraceablePassTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterGlobalSecurityEventListenersPassTest.php
Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterGlobalSecurityEventListenersPassTest.php
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_customized_config.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/access_decision_manager_customized_config.php
Lines changed: 1 addition & 0 deletions
@@ -10,6 +10,7 @@ services:
         public: true
 
 security:
+    erase_credentials: false
     providers:
         main:
             memory:
 
@@ -8,6 +8,7 @@ services:
             - container.service_subscriber
 
 security:
+    erase_credentials: false
     providers:
         main:
             memory:
 
@@ -135,6 +135,9 @@ public function load(array $configs, ContainerBuilder $container): void
 
         // set some global scalars
         $container->setParameter('security.access.denied_url', $config['access_denied_url']);
+        if (true === $config['erase_credentials']) {
+            trigger_deprecation('symfony/security-bundle', '7.3', 'Setting the "security.erase_credentials" config option to true is deprecated and won\'t have any effect in 8.0, set it to false instead and use your own erasing logic if needed.');
+        }
         $container->setParameter('security.authentication.manager.erase_credentials', $config['erase_credentials']);
         $container->setParameter('security.authentication.session_strategy.strategy', $config['session_fixation_strategy']);
 
 
@@ -103,7 +103,9 @@ public function testOnKernelRequestRecordsAuthenticatorsInfo()
             [new TraceableAuthenticator($notSupportingAuthenticator), new TraceableAuthenticator($supportingAuthenticator)],
             $tokenStorage,
             $dispatcher,
-            'main'
+            'main',
+            null,
+            false
         );
 
         $listener = new TraceableAuthenticatorManagerListener(new AuthenticatorManagerListener($authenticatorManager));
 
@@ -139,6 +139,7 @@ private function createContainer($sessionStorageOptions)
 
         $config = [
             'security' => [
+                'erase_credentials' => false,
                 'providers' => ['some_provider' => ['id' => 'foo']],
                 'firewalls' => ['some_firewall' => ['security' => false]],
             ],
 
@@ -34,6 +34,7 @@ protected function setUp(): void
 
         $this->container->registerExtension(new SecurityExtension());
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true]],
         ]);
 
 
@@ -56,6 +56,7 @@ protected function setUp(): void
     public function testEventIsPropagated(string $configuredEvent, string $registeredEvent)
     {
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true]],
         ]);
 
@@ -89,6 +90,7 @@ public static function providePropagatedEvents(): array
     public function testRegisterCustomListener()
     {
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true]],
         ]);
 
@@ -109,6 +111,7 @@ public function testRegisterCustomListener()
     public function testRegisterCustomSubscriber()
     {
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true]],
         ]);
 
@@ -128,6 +131,7 @@ public function testRegisterCustomSubscriber()
     public function testMultipleFirewalls()
     {
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true], 'api' => ['pattern' => '/api', 'http_basic' => true]],
         ]);
 
@@ -157,6 +161,7 @@ public function testMultipleFirewalls()
     public function testListenerAlreadySpecific()
     {
         $this->container->loadFromExtension('security', [
+            'erase_credentials' => false,
             'firewalls' => ['main' => ['pattern' => '/', 'http_basic' => true]],
         ]);
 
 
@@ -1,6 +1,7 @@
 <?php
 
 $container->loadFromExtension('security', [
+    'erase_credentials' => false,
     'access_decision_manager' => [
         'allow_if_all_abstain' => true,
         'allow_if_equal_granted_denied' => false,