Core:
- Added nullable types.
- Added DFA optimization framework based on e-SSA form.
- Added specialized opcode handlers (e.g. ZEND_ADD_LONG_NO_OVERFLOW).
- Added [] = as alternative construct to list() =.
- Added void return type.
- Added support for negative string offsets in string offset syntax and various string functions.
- Added a form of the list() construct where keys can be specified.
- Implemented safe execution timeout handling, that prevents random crashes after "Maximum execution time exceeded" error.
- Implemented the RFC `Support Class Constant Visibility`.
- Implemented the RFC `Catching multiple exception types`.
- Implemented logging to syslog with dynamic error levels.
- Implemented FR #72614 (Support "nmake test" on building extensions by phpize).
- Implemented RFC: Iterable.
- Implemented RFC: Closure::fromCallable (Danack)
- Implemented RFC: Replace "Missing argument" warning with "\ArgumentCountError" exception.
- Implemented RFC: Fix inconsistent behavior of $this variable.
- TypeError messages for arg_info type checks will now say "must be ... or null" where the parameter or return type accepts null.
- Added new constant PHP_FD_SETSIZE.
- Added optind parameter to getopt().
- Added PHP to SAPI error severity mapping for logs.
- Implemented RFC: RNG Fixes.
- Implemented email validation as per RFC 6531.
- Change statement and fcall extension handlers to accept frame.
- Number operators taking numeric strings now emit E_NOTICEs or E_WARNINGs when given malformed numeric strings.
- (int), intval() where $base is 10 or unspecified, settype(), decbin(), decoct(), dechex(), integer operators and other conversions now always respect scientific notation in numeric strings.
- Raise a compile-time warning on octal escape sequence overflow.
Apache2handler:
- Enable per-module logging in Apache 2.4+.
Curl:
- Implement support for handling HTTP/2 Server Push.
- Add curl_multi_errno(), curl_share_errno() and curl_share_strerror() functions.
Date:
- Invalid serialization data for a DateTime or DatePeriod object will now throw an instance of Error from __wakeup() or __set_state() instead of resulting in a fatal error.
- Timezone initialization failure from serialized data will now throw an instance of Error from __wakeup() or __set_state() instead of resulting in a fatal error.
- Export date_get_interface_ce() for extension use.
Dba:
- Data modification functions (e.g.: dba_insert()) now throw an instance of Error instead of triggering a catchable fatal error if the key is does not contain exactly two elements.
DOM:
- Invalid schema or RelaxNG validation contexts will throw an instance of Error instead of resulting in a fatal error.
- Attempting to register a node class that does not extend the appropriate base class will now throw an instance of Error instead of resulting in a fatal error.
- Attempting to read an invalid or write to a readonly property will throw an instance of Error instead of resulting in a fatal error.
DTrace:
- Disabled PHP call tracing by default (it makes significant overhead). This may be enabled again using envirionment variable USE_ZEND_DTRACE=1.
Hash:
- Added SHA3 fixed mode algorithms (224, 256, 384, and 512 bit).
- Added SHA512/256 and SHA512/224 algorithms.
IMAP:
- An email address longer than 16385 bytes will throw an instance of Error instead of resulting in a fatal error.
Intl:
- Failure to call the parent constructor in a class extending Collator before invoking the parent methods will throw an instance of Error instead of resulting in a recoverable fatal error.
- Cloning a Transliterator object may will now throw an instance of Error instead of resulting in a fatal error if cloning the internal transliterator fails.
- Added IntlTimeZone::getWindowsID() and IntlTimeZone::getIDForWindowsID().
JSON:
- Introduced encoder struct instead of global which fixes bugs #66025 and #73254 related to pretty print indentation.
- Implemented earlier return when json_encode fails, fixes bugs #68992 (Stacking exceptions thrown by JsonSerializable) and #70275 (On recursion error, json_encode can eat up all system memory).
- Exported JSON parser API including json_parser_method that can be used for implementing custom logic when parsing JSON.
- Escaped U+2028 and U+2029 when JSON_UNESCAPED_UNICODE is supplied as json_encode options and added JSON_UNESCAPED_LINE_TERMINATORS to restore the previous behaviour.
LDAP:
- Providing an unknown modification type to ldap_batch_modify() will now throw an instance of Error instead of resulting in a fatal error.
Mbstring:
- Deprecated mb_ereg_replace() eval option.
- mb_ereg() and mb_eregi() will now throw an instance of ParseError if an invalid PHP expression is provided and the 'e' option is used.
Mcrypt:
- Deprecated ext/mcrypt.
- mcrypt_encrypt() and mcrypt_decrypt() will throw an instance of Error instead of resulting in a fatal error if mcrypt cannot be initialized.
Mysqli:
- Attempting to read an invalid or write to a readonly property will throw an instance of Error instead of resulting in a fatal error.
OpenSSL:
- Bumped a minimal version to 1.0.1.
- Dropped support for SSL2.
- Implemented FR #61204 (Add elliptic curve support for OpenSSL).
- Implemented FR #67304 (Added AEAD support [CCM and GCM modes] to openssl_encrypt and openssl_decrypt).
- Implemented error storing to the global queue and cleaning up the OpenSSL error queue (resolves bugs #68276 and #69882).
Pcntl:
- Implemented asynchronous signal handling without TICKS.
- Added pcntl_signal_get_handler() that returns the current signal handler for a particular signal. Addresses FR #72409.
- Add signinfo to pcntl_signal() handler args (Bishop Bettini, David Walker)
phpdbg:
- Added generator command for inspection of currently alive generators.
Reflection:
- Undo backwards compatiblity break in ReflectionType->__toString() and deprecate via documentation instead.
- Reverted prepending \ for class names.
- Implemented request #38992 (invoke() and invokeArgs() static method calls should match). (cmb).
- Add ReflectionNamedType::getName(). This method should be used instead of ReflectionType::__toString()
- Prepend \ for class names and ? for nullable types returned from ReflectionType::__toString().
- Failure to retrieve a reflection object or retrieve an object property will now throw an instance of Error instead of resulting in a fatal error.
Session:
- Implemented session_gc() (Yasuo) https://wiki.php.net/rfc/session-create-id
- Implemented session_create_id() (Yasuo) https://wiki.php.net/rfc/session-gc
- Implemented RFC: Session ID without hashing. (Yasuo) https://wiki.php.net/rfc/session-id-without-hashing
- Custom session handlers that do not return strings for session IDs will now throw an instance of Error instead of resulting in a fatal error when a function is called that must generate a session ID.
- An invalid setting for session.hash_function will throw an instance of Error instead of resulting in a fatal error when a session ID is created.
- Improved fix for bug #68063 (Empty session IDs do still start sessions).
SPL:
- Attempting to clone an SplDirectory object will throw an instance of Error instead of resulting in a fatal error.
- Calling ArrayIterator::append() when iterating over an object will throw an instance of Error instead of resulting in a fatal error.
SQLite3:
- Update to SQLite 3.15.1.
Standard:
- Implemented RFC: More precise float values.
- array_multisort now uses zend_sort instead zend_qsort.
- assert() will throw a ParseError when evaluating a string given as the first argument if the PHP code is invalid instead of resulting in a catchable fatal error.
- Calling forward_static_call() outside of a class scope will now throw an instance of Error instead of resulting in a fatal error.
- Added is_iterable() function.
- Additional validation for parse_url() for login/pass components).
- unpack() function accepts an additional optional argument $offset.
- Implemented #51879 stream context socket option tcp_nodelay (Joe)
Tidy:
- Implemented support for libtidy 5.0.0 and above.
- Creating a tidyNode manually will now throw an instance of Error instead of resulting in a fatal error.
XMLRPC:
- A circular reference when serializing will now throw an instance of Error instead of resulting in a fatal error.
Zip:
- ZipArchive::addGlob() will throw an instance of Error instead of resulting in a fatal error if glob support is not avai