Allow closures in #config_target's to be serialised

Created on 13 December 2023, about 1 year ago
Updated 10 January 2024, 12 months ago

Problem/Motivation

We had to work around the fact closures cannot be serialised in πŸ› \Drupal\Core\Form\ConfigTarget is not fully serializable Active . We could remove this restriction by using https://github.com/laravel/serializable-closure

Proposed resolution

Add https://github.com/laravel/serializable-closure and use it in ConfigTarget.

Update https://www.drupal.org/node/3373502 β†’

Dependency evaluation

Per https://www.drupal.org/about/core/policies/core-dependency-policies/depe... β†’ :

Remaining tasks

User interface changes

None

API changes

New API

Data model changes

None

Release notes snippet

@todo

πŸ“Œ Task
Status

Needs work

Version

11.0 πŸ”₯

Component
ConfigurationΒ  β†’

Last updated 3 days ago

Created by

πŸ‡¬πŸ‡§United Kingdom alexpott πŸ‡ͺπŸ‡ΊπŸŒ

Live updates comments and jobs are added and updated live.
  • Needs change record

    A change record needs to be drafted before an issue is committed. Note: Change records used to be called change notifications.

Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @alexpott
  • Merge request !5799Resolve #3408542 "Allow closures in" β†’ (Open) created by alexpott
  • Status changed to Needs review about 1 year ago
  • πŸ‡¬πŸ‡§United Kingdom alexpott πŸ‡ͺπŸ‡ΊπŸŒ

    Pushed an MR that implements the functionality. We need to decide how to set the secret.

  • πŸ‡«πŸ‡·France andypost

    Probably it could help to serialize better renderables too, lots of callbacks in core pointing to services or static methods (not really callables) and can't use closures

  • πŸ‡§πŸ‡ͺBelgium borisson_ Mechelen, πŸ‡§πŸ‡ͺ

    Probably it could help to serialize better renderables too, lots of callbacks in core pointing to services or static methods (not really callables) and can't use closures

    I agree, it can probably help there as well, but we can leave that to a followup.

     // Configure Serializable Closure signing for security.
        // @todo Use hash salt and private key - but it is not always available
        //   here.

    This is the comment in the code about setting the secret, I don't understand why the hash salt is not available there.
    Can we use it when it exists and fall back to not serializing when it is not available?

  • πŸ‡¬πŸ‡§United Kingdom alexpott πŸ‡ͺπŸ‡ΊπŸŒ

    @borisson_ example of when we don't have a hash salt:

    • in the very early installer
    • in unit tests.

    Also I wonder if we should be using the private key here too which would mean a database query.

  • Status changed to Needs work 12 months ago
  • πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Revisiting this, reading the comments seems like using private key is our only option right?

Production build 0.71.5 2024