Slim 3.9.1 (and 3.9.2) released

After the release of 3.9.0, a regression and an unexpected side-effect of a bug fix were noticed.

Firstly, you could not clear the user’s password when using Uri::withUserInfo(''), so this is fixed in #2332.

Secondly, we discovered that return $response->withHeader('Location', '/login'); no longer redirected in a browser. This isn’t a surprise as the 302 status code isn’t explicitly set developers were relying on a feature of PHP’s header() function that set 302 for them. This side-effect was causing other issues such as #1730, so it was fixed in 3.9.0. To mitigate the effect of this change, 3.9.1 includes #2345 which sets the status code to 302 when you add a Location header if the status code is currently 200. This change will not be forward-ported to 4.x though.

The full list of changes is here

Update: Shortly after the release of 3.9.1, it was discovered that #2342 should not have been merged as it breaks BC, so this PR was reverted in 3.9.2.