Merge branch '5.4' into 6.0

* 5.4:
  Fix CI by removing ext-mongodb
  [ErrorHandler] fix parsing `@param` with dollars in the description
  [SecurityBundle] Fix wrong array key
  [SecurityBundle] Fix listing listeners in profiler when authenticator manager is disabled
  Fix FlattenException::setPrevious argument typing
  bug #43941 [FrameworkBundle] Comment design decision
  [DependencyInjection] fix auto-refresh when inline_factories is enabled

Author: nicolas-grekas

Secrets/SodiumVault.php

@@ -81,7 +81,8 @@ public function seal(string $name, string $value): void
         $this->lastMessage = null;
         $this->validateName($name);
         $this->loadKeys();
-        $this->export($name.'.'.substr(md5($name), 0, 6), sodium_crypto_box_seal($value, $this->encryptionKey ?? sodium_crypto_box_publickey($this->decryptionKey)));
+        $filename = $this->getFilename($name);
+        $this->export($filename, sodium_crypto_box_seal($value, $this->encryptionKey ?? sodium_crypto_box_publickey($this->decryptionKey)));
 
         $list = $this->list();
         $list[$name] = null;
@@ -96,7 +97,8 @@ public function reveal(string $name): ?string
         $this->lastMessage = null;
         $this->validateName($name);
 
-        if (!is_file($file = $this->pathPrefix.$name.'.'.substr_replace(md5($name), '.php', -26))) {
+        $filename = $this->getFilename($name);
+        if (!is_file($file = $this->pathPrefix.$filename.'.php')) {
             $this->lastMessage = sprintf('Secret "%s" not found in "%s".', $name, $this->getPrettyPath(\dirname($this->pathPrefix).\DIRECTORY_SEPARATOR));
 
             return null;
@@ -130,7 +132,8 @@ public function remove(string $name): bool
         $this->lastMessage = null;
         $this->validateName($name);
 
-        if (!is_file($file = $this->pathPrefix.$name.'.'.substr_replace(md5($name), '.php', -26))) {
+        $filename = $this->getFilename($name);
+        if (!is_file($file = $this->pathPrefix.$filename.'.php')) {
             $this->lastMessage = sprintf('Secret "%s" not found in "%s".', $name, $this->getPrettyPath(\dirname($this->pathPrefix).\DIRECTORY_SEPARATOR));
 
             return false;
@@ -194,16 +197,16 @@ private function loadKeys(): void
         }
     }
 
-    private function export(string $file, string $data): void
+    private function export(string $filename, string $data): void
     {
-        $b64 = 'decrypt.private' === $file ? '// SYMFONY_DECRYPTION_SECRET='.base64_encode($data)."\n" : '';
-        $name = basename($this->pathPrefix.$file);
+        $b64 = 'decrypt.private' === $filename ? '// SYMFONY_DECRYPTION_SECRET='.base64_encode($data)."\n" : '';
+        $name = basename($this->pathPrefix.$filename);
         $data = str_replace('%', '\x', rawurlencode($data));
         $data = sprintf("<?php // %s on %s\n\n%sreturn \"%s\";\n", $name, date('r'), $b64, $data);
 
         $this->createSecretsDir();
 
-        if (false === file_put_contents($this->pathPrefix.$file.'.php', $data, \LOCK_EX)) {
+        if (false === file_put_contents($this->pathPrefix.$filename.'.php', $data, \LOCK_EX)) {
             $e = error_get_last();
             throw new \ErrorException($e['message'] ?? 'Failed to write secrets data.', 0, $e['type'] ?? \E_USER_WARNING);
         }
@@ -217,4 +220,10 @@ private function createSecretsDir(): void
 
         $this->secretsDir = null;
     }
+
+    private function getFilename(string $name): string
+    {
+        // The MD5 hash allows making secrets case-sensitive. The filename is not enough on Windows.
+        return $name.'.'.substr(md5($name), 0, 6);
+    }
 }