Fix deprecated assert.active directive

at CLI side

/var/www/html/web $ php -v
PHP 8.3.0RC5 (cli) (built: Oct 24 2023 23:57:57) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.0RC5, Copyright (c) Zend Technologies
    with Zend OPcache v8.3.0RC5, Copyright (c), by Zend Technologies
/var/www/html/web $ php -dassert.active=0 -r 'echo 1;'
PHP Deprecated:  PHP Startup: assert.active INI setting is deprecated in Unknown on line 0
1

Searched for assert.active in .htaccess and 1 instance has been replaced.

Tagging for release notes because this should go in 'changes to site owner managed files'.

Also tagging for a change record update because the one linked doesn't explicitly mention .htaccess yet.

I agree with removing assert.active, but not with removing the documentation for adding PHP settings. I relied heavily on this documentation to get my sites working when I started out with Drupal.

I restored the PHP settings documentation to the 11.x branch. I don't think assertions should be enabled by default in 10.x because they are used in contrib projects, so I added a merge request for 10.x that replaces assert.active with zend.assertions.

Don't see any issue with leaving the comments. Think this missed 10.2 though.

Darren Oh → changed the visibility of the branch 3398033-remove-assert.active to hidden.

I don't think a default setting for assertions should be removed in Drupal 10. I switched the merge request for 10.2.x to 11.x and changed zend.assertions to a value that can be overridden in settings.local.php. Also updated the change record.

Think 10.3 should be fine. But MR has a test failure now.

Didn't realize files in the sites folder were scaffolded.

Not sure it makes sense to have this sessions in .htaccess and setting.php as well

I'd just removed this lines

settings.local.php has a different value for development environments.

Left a comment on the MR

We should just replace the deprecated setting with the correct setting and stop trying to remove something that helps users set up a development environment correctly. Recommending a correct setting for php.ini is compatible with showing how to override it temporarily in the example settings.local.php.

assert.active takes precedence over zend.assertions. Does it mean all tests running on Apache does not check for assertions? If so I would consider this as a bug.

Chi, we have always disabled checking for assertions in Apache by default, with the option to enable checking in settings.local.php. Please review.

If zend_assertions is set to prod mode, in php.ini this statement in .htaccess

+ php_value zend.assertions 0

causes the following warning in Apache error log

[php:warn] [pid 176] [client 172.29.0.254:50836] PHP Warning: zend.assertions may be completely enabled or disabled only in php.ini in Unknown on line

The default value is 1, so if an administrator sets it to -1 they can also remove the line from .htaccess.

The default value is 1

The default value may be set by Linux distributions or hosting providers. They don't know much about Drupal requirements.

The recommended php config for production has zend.assertions at -1, and I think this will be pretty commonly installed. And so you have that warning message logged for every request. My 2 cents is that setting zend.assertions is something that should be documented for developers to do, rather than happening out-of-the-box

Looks ready to go, comments make sense, thank you!

I think the change record needs updating. We're no longer setting in .htaccess and we appear to be recommending managing this in your php.ini. The Cr should explain the intricacies here.