- Issue created by @spokje
- Status changed to Postponed
over 1 year ago 10:31am 17 March 2024 - ๐ณ๐ฑNetherlands spokje
Postponed on ๐ Annotation component has an undeclared dependency on doctrine/lexer 2 RTBC
- Status changed to Active
over 1 year ago 11:04am 17 March 2024 - ๐ซ๐ทFrance andypost
still would be great to have this compatibility in 11.2
- ๐จ๐ฆCanada Charlie ChX Negyesi ๐Canada
DocParser was written for Lexer 1 when token was an array, 2 added an object with ArrayAccess support and 3 dropped this support finalizing the move to object. "Luckily" the class is
finalso there is no easy way to add ArrayAccess back for the short time annotations are still supported before everything becomes an attribute. (I will crosslink this issue from the@finalissue as a textbook example of whyfinalis bad.) Also, why they dropped ArrayAccess I can't even imagine, it was four one line methods.Recommendation: do not upgrade. Let this be until it's removed.
If that's not desirable I guess I can write a rector rule to convert every array access to an object access unless the variable is called $metadata and pray it works.
- ๐ฌ๐งUnited Kingdom catch
I agree upstream is hostile, every time we've raised anything like this it's been immediately won't fixed.
Two concerns with not upgrading though:
This will still be a dependency in Drupal 12, which we will be supporting until some time in 2030, so if there is a single security release in the next five years it will be annoying. But there is not really security surface area here, and if necessary we could fork.
Similarly, do we think this will support every PHP version released between now and at least 2028 or 2029? Given we hope nothing will actually be using annotation parsing at that point, PHP deprecations would probably be OK but a hard break would not.
- ๐ฌ๐งUnited Kingdom longwave UK
2 added an object with ArrayAccess support and 3 dropped this support finalizing the move to object.
Given we control
\Drupal\Component\Annotation\Doctrine\DocParserand it's already final, can we make it compatible with the object way of doing things, and allow^2 || ^3in composer.json, but stay pinned to^2(for now) in core-recommended? This adds forward compatibility for anyone who wants to upgrade for other reasons, but stays conservative otherwise - but also opens the door to finishing the upgrade in Drupal 12 if we want to. If the token arrays/objects are not leaked outside of the implementation this seems like it might be workable. - Merge request !12087Resolve #3429849 "Make doctrinelexer3.0 compatible" โ (Closed) created by longwave
- ๐จ๐ฆCanada Charlie ChX Negyesi ๐Canada
> can we make it compatible with the object way of doing things,
It's Turing complete, nothing stops you :P
Can is not the problem, want is. It's a bit painful to do it.
- ๐ฌ๐งUnited Kingdom longwave UK
It passes tests, but I'm not sure how much we exercise the code any more, given we have few annotations left in core...
- ๐ซ๐ทFrance andypost
Looks it should be simple rector rule as there's only
value,typeandpositionare actually used by core as test-only MR showing all is compatible The Needs Review Queue Bot โ tested this issue. It no longer applies to Drupal core. Therefore, this issue status is now "Needs work".
This does not mean that the patch necessarily needs to be re-rolled or the MR rebased. Read the Issue Summary, the issue tags and the latest discussion here to determine what needs to be done.
Consult the Drupal Contributor Guide โ to find step-by-step guides for working with issues.
- ๐ซ๐ทFrance andypost
rebased and cleaned up the
drupal/core-recipe-unpack - ๐บ๐ธUnited States smustgrave
Seems pretty straight forward, don't see a reason no
- ๐ฎ๐นItaly mondrake ๐ฎ๐น
The composer lock test fail on PHP 8.3 seems a legit one.
- ๐ซ๐ทFrance andypost
sorry, should be solved now, messed in conflict resolution
- ๐ฌ๐งUnited Kingdom catch
Committed/pushed to 11.x, thanks!
This will need a backport MR for 11.2.x, although I also don't think it hurts if it's 11.3.x-only?
- Merge request !12303Resolve #3429849 "Make doctrinelexer3.0 compatible" 11.2 โ (Closed) created by andypost
- ๐ฌ๐งUnited Kingdom catch
Thought about this some more and discussed with @longwave. If we were going to backport this to 10.x then it would mitigate against a Doctrine 2.x security release, but that seems unlikely, at least not in 10.5.x, and also there is not really much security surface with this code. So let's leave it in 11.3.x - moving back to fixed.
Automatically closed - issue fixed for 2 weeks with no activity.
