Merge branch '5.4' into 6.0

* 5.4:
  Update ExceptionInterface.php
  Revert removal of Stringable check
  Flush with flush() after ob_end_flush()
  [Validator] : Fix "PHP Warning: Undefined array key 1" in NotCompromisedPasswordValidator
  [Validator] Fix traverse option on Valid constraint when used as Attribute
  [HttpFoundation] Fix deleteFileAfterSend on client abortion
  Prevent that bad Ignore method annotations lead to incorrect results
  also fix the test
  fix deprecation
  fix sending request to paths containing multiple slashes
  Fix generated validation error message for wrong exception mapping status code

Author: derrabus

Constraints/NotCompromisedPasswordValidator.php

@@ -91,6 +91,10 @@ public function validate(mixed $value, Constraint $constraint)
         }
 
         foreach (explode("\r\n", $result) as $line) {
+            if (!str_contains($line, ':')) {
+                continue;
+            }
+
             [$hashSuffix, $count] = explode(':', $line);
 
             if ($hashPrefix.$hashSuffix === $hash && $constraint->threshold <= (int) $count) {

Constraints/Valid.php

@@ -24,6 +24,13 @@ class Valid extends Constraint
 {
     public $traverse = true;
 
+    public function __construct(array $options = null, array $groups = null, $payload = null, bool $traverse = null)
+    {
+        parent::__construct($options ?? [], $groups, $payload);
+
+        $this->traverse = $traverse ?? $this->traverse;
+    }
+
     public function __get(string $option): mixed
     {
         if ('groups' === $option) {

Tests/Constraints/NotCompromisedPasswordValidatorTest.php

@@ -162,6 +162,31 @@ public function testInvalidPasswordCustomEndpoint()
             ->assertRaised();
     }
 
+    public function testEndpointWithInvalidValueInReturn()
+    {
+        $returnValue = implode(
+            "\r\n",
+            [
+                '36039744C253F9B2A4E90CBEDB02EBFB82D:5',
+                'This should not break the validator',
+                '3686792BBC66A72D40D928ED15621124CFE:7',
+                '36EEC709091B810AA240179A44317ED415C:2',
+                '',
+            ]
+        );
+
+        $validator = new NotCompromisedPasswordValidator(
+            $this->createHttpClientStub($returnValue),
+            'UTF-8',
+            true,
+            'https://password-check.internal.example.com/range/%s'
+        );
+
+        $validator->validate(self::PASSWORD_NOT_LEAKED, new NotCompromisedPassword());
+
+        $this->assertNoViolation();
+    }
+
     public function testInvalidConstraint()
     {
         $this->expectException(UnexpectedTypeException::class);
@@ -196,11 +221,11 @@ public function provideErrorSkippingConstraints(): iterable
         yield 'named arguments' => [new NotCompromisedPassword(skipOnError: true)];
     }
 
-    private function createHttpClientStub(): HttpClientInterface
+    private function createHttpClientStub(?string $returnValue = null): HttpClientInterface
     {
         $httpClientStub = $this->createMock(HttpClientInterface::class);
         $httpClientStub->method('request')->willReturnCallback(
-            function (string $method, string $url): ResponseInterface {
+            function (string $method, string $url) use ($returnValue): ResponseInterface {
                 if (self::PASSWORD_TRIGGERING_AN_ERROR_RANGE_URL === $url) {
                     throw new class('Problem contacting the Have I been Pwned API.') extends \Exception implements ServerExceptionInterface {
                         public function getResponse(): ResponseInterface
@@ -213,7 +238,7 @@ public function getResponse(): ResponseInterface
                 $responseStub = $this->createMock(ResponseInterface::class);
                 $responseStub
                     ->method('getContent')
-                    ->willReturn(implode("\r\n", self::RETURN));
+                    ->willReturn($returnValue ?? implode("\r\n", self::RETURN));
 
                 return $responseStub;
             }

Tests/Constraints/ValidTest.php

@@ -13,6 +13,8 @@
 
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Validator\Constraints\Valid;
+use Symfony\Component\Validator\Mapping\ClassMetadata;
+use Symfony\Component\Validator\Mapping\Loader\AnnotationLoader;
 
 /**
  * @author Bernhard Schussek <[email protected]>
@@ -32,4 +34,34 @@ public function testGroupsAreNullByDefault()
 
         $this->assertNull($constraint->groups);
     }
+
+    /**
+     * @requires PHP 8
+     */
+    public function testAttributes()
+    {
+        $metadata = new ClassMetaData(ValidDummy::class);
+        $loader = new AnnotationLoader();
+        self::assertTrue($loader->loadClassMetadata($metadata));
+
+        [$bConstraint] = $metadata->properties['b']->getConstraints();
+        self::assertFalse($bConstraint->traverse);
+        self::assertSame(['traverse_group'], $bConstraint->groups);
+
+        [$cConstraint] = $metadata->properties['c']->getConstraints();
+        self::assertSame(['my_group'], $cConstraint->groups);
+        self::assertSame('some attached data', $cConstraint->payload);
+    }
+}
+
+class ValidDummy
+{
+    #[Valid]
+    private $a;
+
+    #[Valid(groups: ['traverse_group'], traverse: false)] // Needs a group to work at all for this test
+    private $b;
+
+    #[Valid(groups: ['my_group'], payload: 'some attached data')]
+    private $c;
 }