Merge branch '7.1' into 7.2

* 7.1: (34 commits)
  improve amqp connection issues
  [Serializer] [ObjectNormalizer] Filter int when using FILTER_BOOL
  Fix #53778
  [PropertyInfo] Add missing test
  fix tests
  [Security][Validators] Review translations.
  [validator] Updated Dutch translation
  [FrameworkBundle] Fix wiring ConsoleProfilerListener
  [HttpKernel] Fix link to php doc
  [Validator] Update sr_Cyrl 120:This value is not a valid slug.
  [Validator] Update sr_Latn 120:This value is not a valid slug.
  6.4 Missing translations for Italian (it) #59419
  tests(notifier): avoid failing SNS test with local AWS configuration
  Fix typo ratio comment
  chore: PropertyAccess - fix typo in DocBlock
  [Validator] Missing translations for Brazilian Portuguese (pt_BR)
  fix(dependency-injection): reset env vars with kernel.reset
  [Translation][Validator] Review Russian translation (114 - 120)
  Review validator-related persian translation with id 120
  [Scheduler] Clarify description of exclusion time
  ...

Author: xabbuh

IpUtils.php

@@ -196,6 +196,16 @@ public static function anonymize(string $ip/* , int $v4Bytes = 1, int $v6Bytes =
             throw new \InvalidArgumentException('Cannot anonymize more than 4 bytes for IPv4 and 16 bytes for IPv6.');
         }
 
+        /**
+         * If the IP contains a % symbol, then it is a local-link address with scoping according to RFC 4007
+         * In that case, we only care about the part before the % symbol, as the following functions, can only work with
+         * the IP address itself. As the scope can leak information (containing interface name), we do not want to
+         * include it in our anonymized IP data.
+         */
+        if (str_contains($ip, '%')) {
+            $ip = substr($ip, 0, strpos($ip, '%'));
+        }
+
         $wrappedIPv6 = false;
         if (str_starts_with($ip, '[') && str_ends_with($ip, ']')) {
             $wrappedIPv6 = true;

RequestStack.php

@@ -114,4 +114,11 @@ public function getSession(): SessionInterface
 
         throw new SessionNotFoundException();
     }
+
+    public function resetRequestFormats(): void
+    {
+        static $resetRequestFormats;
+        $resetRequestFormats ??= \Closure::bind(static fn () => self::$formats = null, null, Request::class);
+        $resetRequestFormats();
+    }
 }

Tests/IpUtilsTest.php

@@ -147,6 +147,7 @@ public static function anonymizedIpData()
             ['[2a01:198::3]', '[2a01:198::]'],
             ['::ffff:123.234.235.236', '::ffff:123.234.235.0'], // IPv4-mapped IPv6 addresses
             ['::123.234.235.236', '::123.234.235.0'], // deprecated IPv4-compatible IPv6 address
+            ['fe80::1fc4:15d8:78db:2319%enp4s0', 'fe80::'], // IPv6 link-local with RFC4007 scoping
         ];
     }
 

Tests/RequestStackTest.php

@@ -74,4 +74,18 @@ public function testGetParentRequest()
         $requestStack->push($secondSubRequest);
         $this->assertSame($firstSubRequest, $requestStack->getParentRequest());
     }
+
+    public function testResetRequestFormats()
+    {
+        $requestStack = new RequestStack();
+
+        $request = Request::create('/foo');
+        $request->setFormat('foo', ['application/foo']);
+
+        $this->assertSame(['application/foo'], $request->getMimeTypes('foo'));
+
+        $requestStack->resetRequestFormats();
+
+        $this->assertSame([], $request->getMimeTypes('foo'));
+    }
 }