PHP 8.2.0

What's new in this version:

CLI:
- Fixed bug #81496 (Server logs incorrect request method)
- Updated the mime-type table for the builtin-server
- Fixed potential overflow for the builtin server via the PHP_CLI_SERVER_WORKERS environment variable
- Fixed GH-8575 by changing STDOUT, STDERR and STDIN to not close on resource destruction
- Implement built-in web server responding without body to HEAD request on a static resource
- Implement built-in web server responding with HTTP status 405 to DELETE/PUT/PATCH request on a static resource
- Fixed bug GH-9709 (Null pointer dereference with -w/-s options)

COM:
- Fixed bug GH-8750 (Can not create VT_ERROR variant type)

Core:
- Fixed bug #81380 (Observer may not be initialized properly)
- Fixed bug GH-7771 (Fix filename/lineno of constant expressions)
- Fixed bug GH-7792 (Improve class type in error messages)
- Support huge pages on MacOS
- Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1 references)
- Fixed bug GH-8661 (Nullsafe in coalesce triggers undefined variable warning)
- Fixed bug GH-7821 and GH-8418 (Allow arbitrary const expressions in backed enums)
- Fixed bug GH-8810 (Incorrect lineno in backtrace of multi-line function calls)
- Optimised code path for newly created file with the stream plain wrapper
- Uses safe_perealloc instead of perealloc for the ZEND_PTR_STACK_RESIZE_IF_NEEDED to avoid possible overflows

Reduced the memory footprint of strings returned by var_export(), json_encode(), serialize(), iconv_*(), mb_ereg*(), session_create_id(), http_build_query(), strstr(), Reflection*::__toString().
- Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
- Added error_log_mode ini setting.
- Updated request startup messages.
- Fixed bug GH-7900 (Arrow function with never return type compile-time errors).
- Fixed incorrect double to long casting in latest clang.
- Added support for defining constants in traits.
- Stop incorrectly emitting false positive deprecation notice alongside unsupported syntax fatal error for `"{$g{'h'}}"`.
- Fix unexpected deprecated dynamic property warning, which occurred when exit() in finally block after an exception was thrown without catching.
- Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
- Fixed bug GH-9227 (Trailing dots and spaces in filenames are ignored).
- Fixed bug GH-9285 (Traits cannot be used in readonly classes).
- Fixed bug GH-9186 (@strict-properties can be bypassed using unserialization).
- Fixed bug GH-9500 (Using dnf type with parentheses after readonly keyword results in a parse error).
- Fixed bug GH-9516 ((A&B)|D as a param should allow AB or D. Not just A).
- Fixed observer class notify with Opcache file_cache_only=1.
- Fixes segfault with Fiber on FreeBSD i386 architecture.
- Fixed bug GH-9655 (Pure intersection types cannot be implicitly nullable) (Girgias)
- Fixed bug GH-9589 (dl() segfaults when module is already loaded).
- Fixed bug GH-9752 (Generator crashes when interrupted during argument evaluation with extra named params).
- Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during initialization).
- Fixed a bug with preloaded enums possibly segfaulting.
- Fixed bug GH-9823 (Don’t reset func in zend_closure_internal_handler).
- Fixed potential NULL pointer dereference Windows shm*() functions.
- Fix target validation for internal attributes with constructor property promotion.
- Fixed bug GH-9750 (Generator memory leak when interrupted during argument evaluation.
- Move observer_declared_function_notify until after pass_two().
- Do not report MINIT stage internal class aliases in extensions.

Curl:
- Added support for CURLOPT_XFERINFOFUNCTION.
- Added support for CURLOPT_MAXFILESIZE_LARGE.
- Added new constants from cURL 7.62 to 7.80.
- New function curl_upkeep().

Date:
- Fixed GH-8458 (DateInterval::createFromDateString does not throw if non-relative items are present).
- Fixed bug #52015 (Allow including end date in DatePeriod iterations) (Daniel Egeberg, Derick)
- idate() now accepts format specifiers "N" (ISO Day-of-Week) and "o" (ISO Year).
- Fixed bug GH-8730 (DateTime::diff miscalculation is same time zone of different type).
- Fixed bug GH-8964 (DateTime object comparison after applying delta less than 1 second).
- Fixed bug GH-9106 (DateInterval 1.5s added to DateTimeInterface is rounded down since PHP 8.1.0).
- Fixed bug #75035 (Datetime fails to unserialize "extreme" dates).
- Fixed bug #80483 (DateTime Object with 5-digit year can't unserialized).
- Fixed bug #81263 (Wrong result from DateTimeImmutable::diff).
- Fixed bug GH-9431 (DateTime::getLastErrors() not returning false when no errors/warnings).
- Fixed bug with parsing large negative numbers with the @ notation.

DBA:
- Fixed LMDB driver hanging when attempting to delete a non-existing key (Girgias)
- Fixed LMDB driver memory leak on DB creation failure (Girgias)

Fixed GH-8856 (dba: lmdb: allow to override the MDB_NOSUBDIR flag).

FFI:
- Fixed bug GH-9090 (Support assigning function pointers in FFI).

Fileinfo:
- Fixed bug GH-8805 (finfo returns wrong mime type for woff/woff2 files).

Filter:
- Added FILTER_FLAG_GLOBAL_RANGE to filter Global IPs.

FPM:
- Emit error for invalid port setting.
- Added extra check for FPM proc dumpable on SELinux based systems.
- Added support for listening queue on macOS.
- Changed default for listen.backlog on Linux to -1.
- Added listen.setfib pool option to set route FIB on FreeBSD.
- Added access.suppress_path pool option to filter access log entries.
- Fixed on fpm scoreboard occasional warning on acquisition failure.
- Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running php-fpm 8.1.11).

FTP:
- Fix datetime format string to follow POSIX spec in ftp_mdtm().

GD:
- Fixed bug #81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)

GMP:
- Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()).

Hash:
- Fixed bug #81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454)

Intl:
- Update all grandfathered language tags with preferred values
- Fixed GH-7939 (Cannot unserialize IntlTimeZone objects).
- Fixed build for ICU 69.x and onwards.
- Declared Transliterator::$id as readonly to unlock subclassing it.
- Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).

MBString:
- Fixed bug GH-9248 (Segmentation fault in mb_strimwidth()).

mysqli:
- Fixed bug GH-9841 (mysqli_query throws warning despite using silenced error mode).

MySQLnd:
- Fixed potential heap corruption due to alignment mismatch.

OCI8:
- Added oci8.prefetch_lob_size directive to tune LOB query performance
- Support for building against Oracle Client libraries 10.1 and 10.2 has been dropped. Oracle Client libraries 11.2 or newer are now required.

ODBC:
- Fixed bug GH-8300 (User input not escaped when building connection string).
- Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate).

Opcache:
- Allocate JIT buffer close to PHP .text segemnt to allow using direct IP-relative calls and jumps.
- Added initial support for JIT performance profiling generation for macOs Instrument.
- Fixed bug GH-8030 (Segfault with JIT and large match/switch statements).
- Added JIT support improvement for macOs for segments and executable permission bit handling.
- Added JIT buffer allocation near the .text section on FreeNSD.
- Fixed bug GH-9371 (Crash with JIT on mac arm64) (jdp1024/David Carlier)
- Fixed bug GH-9259 (opcache.interned_strings_buffer setting integer overflow).
- Added indirect call reduction for jit on x86 architectures.
- Fixed bug GH-9164 (Segfault in zend_accel_class_hash_copy).
- Fix opcache preload with observers enabled.

OpenSSL:
- Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT
- Fixed bug GH-9310 (SSL local_cert and local_pk do not respect open_basedir)
- Implement FR #76935 ("chacha20-poly1305" is an AEAD but does not work like AEAD)
- Added openssl_cipher_key_length function
- Fixed bug GH-9517 (Compilation error openssl extension related to PR GH-9366)
- Fixed missing clean up of OpenSSL engine list - attempt to fix GH-8620
- Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does not build)

PCNTL:
- Fixed pcntl_(get|set)priority error handling for MacOS

PCRE:
- Implemented FR #77726 (Allow null character in regex patterns)
- Updated bundled libpcre to 10.40.

PDO:
- Fixed bug GH-9818 (Initialize run time cache in PDO methods)

PDO_Firebird:
- Fixed bug GH-8576 (Bad interpretation of length when char is UTF-8)

PDO_ODBC:
- Fixed bug #80909 (crash with persistent connections in PDO_ODBC)
- Fixed bug GH-8300 (User input not escaped when building connection string)
- Fixed bug GH-9347 (Current ODBC liveness checks may be inadequate)
- Fixed bug GH-9372 (HY010 when binding overlong parameter)

PDO_PGSQL:
- Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed)

Random:
- Added new random extension
- Fixed bug GH-9067 (random extension is not thread safe)
- Fixed bug GH-9055 (segmentation fault if user engine throws)
- Fixed bug GH-9066 (signed integer overflow)
- Fixed bug GH-9083 (undefined behavior during shifting)
- Fixed bug GH-9088, GH-9056 (incorrect expansion of bytes when generating uniform integers within a given range)
- Fixed bug GH-9089 (Fix memory leak on Randomizer::__construct() call twice)
- Fixed bug GH-9212 (PcgOneseq128XslRr64::jump() should not allow negative $advance)
- Changed Mt19937 to throw a ValueError instead of InvalidArgumentException for invalid $mode
Splitted Random\Randomizer::getInt() (without arguments) to Random\Randomizer::nextInt()
- Fixed bug GH-9235 (non-existant $sequence parameter in stub for PcgOneseq128XslRr64::__construct()).
- Fixed bug GH-9190, GH-9191 (undefined behavior for MT_RAND_PHP when handling large ranges).
- Fixed bug GH-9249 (Xoshiro256StarStar does not reject the invalid all-zero state).
- Removed redundant RuntimeExceptions from Randomizer methods. The exceptions thrown by the engines will be exposed directly
- Added extension specific Exceptions/Errors (RandomException, RandomError, BrokenRandomEngineError)
- Fixed bug GH-9415 (Randomizer::getInt(0, 2**32 - 1) with Mt19937 always returns 1)
- Fixed Randomizer::getInt() consistency for 32-bit engines
- Fixed bug GH-9464 (build on older macOs releases)
- Fixed bug GH-9839 (Pre-PHP 8.2 output compatibility for non-mt_rand() functions for MT_RAND_PHP)

Reflection:
- Added ReflectionFunction::isAnonymous()
- Added ReflectionMethod::hasPrototype()
- Narrow ReflectionEnum::getBackingType() return type to ReflectionNamedType
- Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure)

Session:
- Fixed bug GH-7787 (Improve session write failure message for user error handlers)
- Fixed GH-9200 (setcookie has an obsolete expires date format)
- Fixed GH-9584 (Avoid memory corruption when not unregistering custom session handler)
- Fixed bug GH-9583 (session_create_id() fails with user defined save handler that doesn't have a validateId() method)

SOAP:
- Fixed bug GH-9720 (Null pointer dereference while serializing the response)

Sockets:
- Added TCP_NOTSENT_LOWAT socket option
- Added SO_MEMINFO socket option
- Added SO_RTABLE socket option (OpenBSD), equivalent of SO_MARK (Linux)
- Added TCP_KEEPALIVE, TCP_KEEPIDLE, TCP_KEEPINTVL, TCP_KEEPCNT socket options
- Added ancillary data support for FreeBSD
- Added ancillary data support for NetBSD
- Added SO_BPF_EXTENSIONS socket option
- Added SO_SETFIB socket option
- Added TCP_CONGESTION socket option
- Added SO_ZEROCOPY/MSG_ZEROCOPY options
- Added SOL_FILTER socket option for Solaris
- Fixed socket constants regression as of PHP 8.2.0beta3

Sodium:
- Added sodium_crypto_stream_xchacha20_xor_ic()

SPL:
- Uses safe_erealloc instead of erealloc to handle heap growth for the SplHeap::insert method to avoid possible overflows
- Widen iterator_to_array() and iterator_count()'s $iterator parameter to iterable
- Fixed bug #69181 (READ_CSV|DROP_NEW_LINE drops newlines within fields)
- Fixed bug #65069 (GlobIterator incorrect handling of open_basedir check)

SQLite3:
- Changed sqlite3.defensive from PHP_INI_SYSTEM to PHP_INI_USER

Standard:
- net_get_interfaces() also reports wireless network interfaces on Windows
- Finished AVIF support in getimagesize()
- Fixed bug GH-7847 (stripos with large haystack has bad performance)
- New function memory_reset_peak_usage()
- Fixed parse_url(): can not recognize port without scheme
- Deprecated utf8_encode() and utf8_decode()
- Fixed the crypt_sha256/512 api build with clang > 12
- Uses safe_erealloc instead of erealloc to handle options in getopt to avoid possible overflows
- Implemented FR GH-8924 (str_split should return empty array for empty string)
- Added ini_parse_quantity function to convert ini quantities shorthand notation to int
- Enable arc4random_buf for Linux glibc 2.36 and onwards for the random_bytes
- Uses CCRandomGenerateBytes instead of arc4random_buf on macOs
- Fixed bug #65489 (glob() basedir check is inconsistent)
- Fixed GH-9200 (setcookie has an obsolete expires date format)
- Fixed GH-9244 (Segfault with array_multisort + array_shift)
- Fixed bug GH-9296 (`ksort` behaves incorrectly on arrays with mixed keys)
- Marked crypt()'s $string parameter as #[\SensitiveParameter]
- Fixed bug GH-9464 (build on older macOs releases)
- Fixed bug GH-9518 (Disabling IPv6 support disables unrelated constants)
- Revert "Fixed parse_url(): can not recognize port without scheme." (andypost)
- Fix crash reading module_entry after DL_UNLOAD() when module already loaded

Streams:
- Set IP_BIND_ADDRESS_NO_PORT if available when connecting to remote host
- Fixed bug GH-8548 (stream_wrapper_unregister() leaks memory)
- Discard poll calls on socket when no timeout/non blocking/MSG_DONTWAIT
- Fixed bug GH-9316 ($http_response_header is wrong for long status line)
- Fixed bug GH-9590 (stream_select does not abort upon exception or empty valid fd set)
- Fixed bug GH-9653 (file copy between different filesystems)
- Fixed bug GH-9779 (stream_copy_to_stream fails if dest in append mode)

Windows:
- Added preliminary support for (cross-)building for ARM64

XML:
- Added libxml_get_external_entity_loader() function

Zip:
- add ZipArchive::clearError() method
- add ZipArchive::getStreamName() method
- add ZipArchive::getStreamIndex() method
- On Windows, the Zip extension is now built as shared library (DLL) by default
- Implement fseek for zip stream when possible with libzip 1.9.1