This version of phpstan heavily improves the analysis
performance by using multi threading and caching out
of the box.

Used command:

    composer require phpstan/phpstan:"^0.12.13" --dev

Releases: master
Resolves: #90620
Change-Id: I3371227e3c4e0ed7512d02c7ffc20aff5515807e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63530


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

Change-Id: I0bdeb9a461dd2a6e5378075425412667f6126523
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63413


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

GeneralUtility::validEmail uses now Egulias\EmailValidator instead of
the method `filter_var` for validating an email address. This allows
more email addresses to be valid.

Resolves: #90370
Releases: master
Change-Id: I29bf4c994d730c789828cdecc247080dd669d9fb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63235


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>

A dashboard is introduced into TYPO3 to show the most important
information to the current logged in user.

Every user with access to this backend module can now have one
or more personal dashboards. Each dashboard can contain several
widgets. Which widgets and in which order the widgets are shown
is up to the users themselves.

Resolves: #90333
Releases: master
Change-Id: I964a52846ec9a1c901baa89508b9df0caecdf81f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63139


Tested-by: Koen Wouters <koen.wouters@maxserv.com>
Tested-by: Riny van Tiggelen <info@online-gamer.nl>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benjamin Kott <benjamin.kott@outlook.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Koen Wouters <koen.wouters@maxserv.com>
Reviewed-by: Riny van Tiggelen <info@online-gamer.nl>
Reviewed-by: Benjamin Kott <benjamin.kott@outlook.com>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>

Used commands:

    composer remove rector/rector --dev
    composer require rector/rector:"~0.7" --dev

Since updating phpstan to version 0.12.10, rector failed to
run properly. Also, the updated version of rector brings a
couple of bugfixes and new features.

Releases: master
Resolves: #90383
Change-Id: I29d66c5e34db594fbcf24949c61e6db85cecae1b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63260


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>

Upgrade phpstan/phpstan to at least 0.12.10 and enable
bleeding edge configuration to be able to run the phpstan
analysis with all available cpu cores.

Releases: master
Resolves: #90378
Change-Id: I4c76a8f44c570b126844d1bde96998cf9d3790fa
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63253


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

To promote the new PSR-14 Events and to make it easier for people to
see which kinds of events may be used, the admin panel now displays
all events that are dispatched in the current request with their
parameters.

Resolves: #90265
Releases: master
Change-Id: I3c73ab19168954e66ca3bb73762a26a3cb9628a2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63041


Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>

This change introduces a new security option for setting the SameSite
option to all cookies sent by TYPO3 Core.

Namely:
- Frontend User Sessions ("lax" by default)
- Backend User Sessions ("strict" by default)
- Install Tool Sessions ("strict", none-configurable)
- Last Login Provider in Backend ("strict", non-configurable)

This means that these can only be accessed by scripts and requests
by the same site, and not by any third-party scripts.

Since we're talking about actual cookies for a user, and not
ads-related or third-party login-dependant cookies, the default
options fit just perfectly.

All modern browsers except Internet Explorer respect this option
to be set. Please note that Firefox and Chrome will have "SameSite=lax"
set in Q1/2020 by default if NO SameSite option is set at all. This change
allows to configure this.

Backend and Frontend User Cookies can be configured to "strict", "lax"
or "none" (= same as before), whereas "none" only works for secure
connections (= HTTPS).

If "strict" is in place, security via CSRF is not needed anymore, and can
be dropped in the future.

Resolves: #90351
Releases: master, 9.5, 8.7
Change-Id: I8095e2a552faa9d1fd4fa7855297302a9ec6a75f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63183


Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>

TYPO3 uses "phpdocumentor/reflection-docblock" (added in Jan 2019)
but also added "webmozart/assert" which is not needed directly (as it is
a subdependency). Thus, TYPO3 Core should only require what is directly
used, therefore the dependency is removed.

Used composer command:
  composer remove webmozart/assert

Resolves: #90364
Releases: master
Change-Id: Ief2787cb98c0080517f73e321ab34568b0addafb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63209


Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>

https://github.com/TYPO3/testing-framework/commit/2111db60e8e1391fabdac4f2253af553f291d460

Resolves: #90294
Releases: master, 9.5
Change-Id: I21d8ad233b753c4a56c2227b4d2fec6944340c81
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63144


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

    composer require phpdocumentor/reflection-docblock:"^4.3.2"
    composer require phpdocumentor/type-resolver:"~0.5"

Upating phpdocumentor/reflection-docblock to at least 4.3.2
allows updating phpdocumentor/type-resolver to a version higher
than 0.4 which is needed to get support for resolving collection
types in doc blocks which enables the removal of the custom type
resolving via extbase/Classes/Reflection/DocBlock/Tags/Var_.php.

Releases: master
Resolves: #89795
Change-Id: I2126dd9362e51f6dae9e6103c219295c5c3d679b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62438


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Susanne Moog <look@susi.dev>

This commit introduces a development requirement to
phpstan/phpstan to enable static code analysis.

A basic configuration file has been added as well to
identify most basic errors in the TYPO3 code base.

Releases: master
Resolves: #90097
Change-Id: I87e11eca6296864fdd7ba8cd109a23b82c27f641
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62851


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Steffen Frese <steffenf14@gmail.com>
Tested-by: Felix P. <f.pachowsky@neusta.de>
Tested-by: Sascha Egerer <sascha@sascha-egerer.de>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Steffen Frese <steffenf14@gmail.com>
Reviewed-by: Felix P. <f.pachowsky@neusta.de>
Reviewed-by: Sascha Egerer <sascha@sascha-egerer.de>
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>

OpenSSL was only needed for EXT:rsaauth,
so a check in the installer / system maintenance
should be avoided. It is now rather a suggestion.

Resolves: #83643
Releases: master, 9.5
Change-Id: If62b7fc1ddc211083fa8b4f793019e61cf2046eb
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62918


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Steffen Frese <steffenf14@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Steffen Frese <steffenf14@gmail.com>
Reviewed-by: Tobi Kretschmann <tobi@tobishome.de>
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Felix P. <f.pachowsky@neusta.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>

    composer remove --dev rector/rector
    composer require --dev rector/rector:~0.6

The update of rector brings important bugfixes and
enables the installation of the latest version of
phpstan/phpstan.

Releases: master
Resolves: #89918
Change-Id: I406aa56b19e88db23260033023e2c785425aef5e
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62599


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

Due to the INTL/ICU bug, which we
have seen on various places, Guzzle, which
does not cover our edge cases yet, ran
in the same issue as our Core versions earlier
in 2019.

See
https://github.com/guzzle/guzzle/issues/2448
https://github.com/guzzle/guzzle/pull/2454

For the time being, lets mark guzzle as
incompatible until Guzzle has solved the issue
and released a new version, so we can loosen
the conflict constraint.

Related: #87953
Resolves: #89904
Releases: master, 9.5, 8.7
Change-Id: If64fb9472d046f020c850cd0551beeaf78796b60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62606


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

In order to use the final LTS distributions from Symfony for
our latest stable, we need to set proper platform requirements
for the root composer.json.

Our packages rely on the settings so the base package
can properly raise dependencies.

Symfony has the requirements due to other PHP bugs (fixed
very early already), however using the tarballs in
7.2.0 / 7.0.0 would still work, as the symfony changes
only fix issues we dont rely on.

v10: 7.2.5
v9: 7.2.5
v8: 7.0.8

Used composer commands:

  composer config platform.php 7.2.5
  composer update --lock

Resolves: #89882
Releases: master, 9.5, 8.7
Change-Id: Ib51ec076e643581603fced3ed0daa0de0aadb12c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62565


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Oliver Hader <...

In order to let rector process tests, the autoloading
of all processed classes needs to be intact.

In TYPO3 there were a bunch of classes whose namespace
were a bit wrong according to PSR-4 and there were some
class that didn't fit the PSR-4 standard at all.

Classes that could easily be fixed have been fixed.
All others have either been registered via a class map
in composer.json or they have been excluded from the
processing of rector.

This change does not apply rector rules to tests,
it only enables rector to operate on tests due to
fixed autoloading.

Releases: master
Resolves: #89900
Change-Id: Iaa4a5bb2677a5a9af374d780423d962dcc09ade2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62583


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

Change-Id: I0e8abdb62a45326896fc75d9872eead478615dce
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62525


Tested-by: Susanne Moog <look@susi.dev>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Benni Mack <benni@typo3.org>

composer require --dev typo3/testing-framework:~6.1.0

Also reverts changes to tests for phpunit 8.3 only.

Resolves: #89833
Releases: master
Change-Id: I834f70452775ea18960da162bb2affe459b8556a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62519


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

The testing framework has been reworked and slimmed down.
To make use of it, tests had to be adjusted.

   composer require --dev typo3/testing-framework:"~6.0.0"

Resolves: #89815
Releases: master
Change-Id: Ib0a8d7436070ef17be96a5f4011f796dd15b09fd
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62502


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Benni Mack <benni@typo3.org>

Using the freshly released version 2.6.8
in our packages adds PHP 7.4 support for Fluid
Standalone.

composer req "typo3fluid/fluid:^2.6.8"

Resolves: #89819
Releases: master, 9.5, 8.7
Change-Id: I986b3f8e73e3114af3aef9f65b42c3bf109f9f39
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62504


Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>

TYPO3 Core now requires at least doctrine/annotations
1.7, effectively helping to upgrade to PHP 7.4.

Resolves: #89812
Releases: master, 9.5
Change-Id: I8ca951711bbcb19d935baad67ff69705d8e51aa2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62498


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

A new Extbase-based plugin is added to TYPO3's Extension "felogin"
which can be used as a toggle with custom templates based on Fluid,
instead of marker-based templates.

A new feature toggle is added to the Settings module for Site Administrators
to switch to the newly added felogin extbase plugin, or continuing using
the pibase plugin, e.g. for upgrading purposes.

Resolves: #84262
Releases: master
Change-Id: I9d281912373a078e0403f52b27483dd3e04785f7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61900


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Susanne Moog <look@susi.dev>

    composer require --dev rector/rector:"^0.5.0"

This commit introduces the requirement to rector/rector to
automatically process code changes by given set of rules.

To make this commit more meaningful, a first set "php53"
has been processed.

Releases: master
Resolves: #89785
Change-Id: I6e2ff9654266458ae9fb6800547ff4712b0b66d8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62437


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

    composer require --dev friendsofphp/php-cs-fixer:"^2.16.1"

Raising the version brings support for running the fixer with
PHP 7.4.

Releases: master, 9.5, 8.7
Resolves: #89776
Change-Id: Ib065b38c606f17c8e58a684e819cc555e493a91f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62433


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Tobi Kretschmann <tobi@tobishome.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Tobi Kretschmann <tobi@tobishome.de>
Reviewed-by: Benni Mack <benni@typo3.org>

- Adjust namespaces of classes according to PSR-4
- Add a classmap for test fixtures

Releases: master
Resolves: #89706
Change-Id: Iefd73f8039eb3db4de419ecaab13a18f6abb23e2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62341


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Jörg Bösche <typo3@joergboesche.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Jörg Bösche <typo3@joergboesche.de>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>

When running composer update --prefer-lowest
the abandoned package hoa/core could still
be installed via codeception/codeception,
which in turn results in issues running
our test suite.

See https://github.com/hoaproject/Protocol/issues/8

This is also needed for PHP 7.4 compatibility.

Resolves: #89736
Releases: master
Change-Id: I51d2e73875650222bcf9c829cfc684cefd59b612
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62365


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

The next version has PHP 7.4 support and was
cleaned up a lot.

Used composer command:
    composer req typo3/testing-framework:~5.0.16 \
        --update-with-all-dependencies --dev

Resolves: #89725
Releases: master
Change-Id: Iba181feb693c9ee61b8792cd0d0197c1e3b1f59a
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62359


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

TYPO3 Core v10 should rely on Symfony 4.4 (LTS release)
and add support for 5.0 automatically.

Symfony 4.4 made breaking changes to the Mailer and Mime components
which now need adaptions.

Used composer command:

composer req "symfony/config":"^4.4 || ^5.0" \
"symfony/console":"^4.4 || ^5.0" \
"symfony/dependency-injection":"^4.4 || ^5.0" \
"symfony/expression-language":"^4.4 || ^5.0" \
"symfony/finder":"^4.4 || ^5.0" \
"symfony/mailer":"^4.4 || ^5.0" \
"symfony/mime":"^4.4 || ^5.0" \
"symfony/property-access":"^4.4 || ^5.0" \
"symfony/property-info":"^4.4 || ^5.0" \
"symfony/routing":"^4.4 || ^5.0" \
"symfony/yaml":"^4.4 || ^5.0" --update-with-all-dependencies

Loading composer repositories with package information
Updating dependencies (including require-dev)
Package operations: 0 installs, 27 updates, 0 removals
  - Updating symfony/polyfill-ctype (v1.11.0 => v1.12.0)
  - Updating symfony/filesystem (v4.3.1 => v4.4.0)
  - Updating symfony/config (v4.3.2 => v4.4.0)
  - Updating symfony/service-contracts (v1.1.2 => v1.1.8)
  - Updating symfony/polyfill-php73 (v1.11.0 => v1.12.0)
  - Updating symfony/polyfill-mbstring (v1.11.0 => v1.12.0)
  - Updating symfony/console (v4.3.1 => v4.4.0)
  - Updating symfony/dependency-injection (v4.3.2 => v4.4.0)
  - Updating symfony/var-exporter (v4.3.1 => v4.4.0)
  - Updating symfony/cache-contracts (v1.1.1 => v1.1.7)
  - Updating psr/log (1.0.2 => 1.1.2)
  - Updating symfony/cache (v4.3.1 => v4.4.0)
  - Updating symfony/expression-language (v4.3.1 => v4.4.0)
  - Updating symfony/finder (v4.3.3 => v4.4.0)
  - Updating symfony/polyfill-php72 (v1.11.0 => v1.12.0)
  - Updating symfony/polyfill-intl-idn (v1.11.0 => v1.12.0)
  - Updating symfony/mime (v4.3.2 => v4.4.0)
  - Updating symfony/event-dispatcher-contracts (v1.1.1 => v1.1.7)
  - Updating symfony/event-dispatcher (v4.3.1 => v4.4.0)
  - Updating doctrine/lexer (v1.0.1 => 1.2.0)
  - Updating egulias/email-validator (2.1.9 => 2.1.11)
  - Updating symfony/mailer (v4.3.2 => v4.4.0)
  - Updating symfony/inflector (v4.3.1 => v4.4.0)
  - Updating symfony/property-access (v4.3.1 => v4.4.0)
  - Updating symfony/property-info (v4.3.1 => v4.4.0)
  - Updating symfony/routing (v4.3.1 => v4.4.0)
  - Updating symfony/yaml (v4.3.1 => v4.4.0)

Resolves: #89721
Releases: master
Change-Id: I834a79e3880b3a7a95429c2fe052657e21599ec7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62354


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Susanne Moog <look@susi.dev>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Susanne Moog <look@susi.dev>
Reviewed-by: Benni Mack <benni@typo3.org>

    composer require nikic/php-parser:"^4.3"

Bump version as PHP 5 support is not necessary for TYPO3
version 10 and modern packages like rector/rector need
a newer version of nikic/php-parser to work.

Releases: master
Resolves: #89704
Change-Id: I402714959750b5203a6e0117e5ef84b62229441b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62339


Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>

    composer require "psr/http-message":"^1.0"
    composer require "psr/log":"^1.0"

Releases: master
Resolves: #89626
Change-Id: Ieeceddba8ea49da1eac66f113f1c22623f479582
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62260


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Susanne Moog <look@susi.dev>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Susanne Moog <look@susi.dev>

    composer require doctrine/dbal:"^2.10"

Releases: master
Resolves: #89625
Change-Id: I1f0591d2544c34d1785c3cd3ee4b8a6d6643885f
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62259


Tested-by: Daniel Goerz <daniel.goerz@posteo.de>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Daniel Goerz <daniel.goerz@posteo.de>
Reviewed-by: Benni Mack <benni@typo3.org>

A new fluid standalone version 2.6.6 reverted the changes
that had regressions in v2.6.5 and v2.6.4.

Composer command: composer req typo3fluid/fluid:^2.6.6

Resolves: #89542
Releases: master, 9.5, 8.7
Change-Id: I30a29a3cc07a277bd4a72e83a67a6c3260adc5d7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62156


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>

A failing nightly test is fixed by avoiding the fluid version
to be raised until the cause can be resolved.

Resolves: #89480
Releases: master, 9.5
Change-Id: I65329b1ea08c2fbf46766cb82365a7e4275b99c7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62050


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Richard Haeser <richard@maxserv.com>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Richard Haeser <richard@maxserv.com>

Ensure PHP 7.4 compatibility by using recent release of the package.

composer require typo3/phar-stream-wrapper:^3.1.3

Resolves: #89453
Releases: master, 9.5, 8.7
Change-Id: I025bf2efae45b731e1f068afc5fa1d56e1e59a56
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62017


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

Change-Id: I81e89208e45b689b32f5c8df2392e8c2b24b8392
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61870


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>

The implementation of the PSR-18 ClientInterface is provided
as an adapter to the existing GuzzleHTTP Client. Therefore
existing configuraton settings will be reused.

As our current Guzzle wrapper (RequestFactory->request)
has support for passing custom guzzle per-request options,
we do not deprecate this method but add the PSR-18 implementation
as a more generic alternative.

Once GuzzleHTTP supports PSR-18 natively we can (and will)
drop our adapter and point to Guzzles native implementation
in our dependency injection configuration.
Therefore, this adapter is marked as internal and extensions
are being instructed to depend on the PSR-18 interfaces
only.

composer require psr/http-client:^1.0

Releases: master
Resolves: #89216
Change-Id: I0f2c81916a2f5e4b40abd6f0b146440ef155cf00
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61567


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

Resolves: #82850
Releases: master, 9.5
Change-Id: I05dc5e83199d58b23a8da6e625d1b9557b5c57a2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61712


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Tymoteusz Motylewski <t.motylewski@gmail.com>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

Addresses the following issues:

* Fixes an annotation that makes phpdocumentor/reflection-docblock
  throw exceptions in TYPO3v10.
* Removes deprecation warning from composer due
  to incorrectly cased package name.
* Fixes issues with binary characters in compiled templates.
* Supports overloaded methods for variable extraction.
* Avoids signature issues with CompileWithRenderStatic.
* Works around PCRE regression issues on affected platforms.

Change-Id: I2b766ccc9bf3eaae77b1dfc1a73e9acc2a88d8a9
Resolves: #89110
Releases: master, 9.5, 8.7
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61642


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>

Support for PSR-17 HTTP Message Factories has been added.

PSR-17 HTTP Factories are intended to be used by PSR-15 request handlers
in order to create PSR-7 compatible message objects.

Classes may use dependency injection to use any of the available PSR-17
HTTP Factory interfaces.

The Request/Response base class (Message) is adapted to be able to lazily
initialize a stream when getBody() is called.
This is done as the PSR (Stream)RequestFactoryInterface does not allow
to control Stream properties. Therefore it is a performance
optimization to defer initialization. It is likely, that a new
Stream will be added to a Request with withStream() anyway.
(Which would mean resources for the intermediate stream would have
been wasted)

Furthermore some DocBlocks are adapted to reflect the variadic
UriInterface/StreamInterface parameters that are already handled in
code but were not documented. These cases are needed/required
by the PSR-17 factory implementation now.

composer require psr/http-factory:^1.0

Releases: master
Resolves: #89018
Change-Id: Ie6b9d865679bbf6f5d3d030b0ed1a3f277c47a3d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61558


Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Frank Nägler <frank.naegler@typo3.org>
Reviewed-by: Benni Mack <benni@typo3.org>
Reviewed-by: Frank Nägler <frank.naegler@typo3.org>