[FrameworkBundle] changed some default configs from canBeEnabled to canBeDisabled #21196
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ed on the existence of Doctrine Annotations
|
👍 |
8a1caa9 to
5c1f9a1
Compare
GuilhemN
reviewed
Jan 7, 2017
| @@ -127,7 +134,7 @@ private function addCsrfSection(ArrayNodeDefinition $rootNode) | |||
| $rootNode | |||
| ->children() | |||
| ->arrayNode('csrf_protection') | |||
| ->canBeEnabled() | |||
| ->{!class_exists(FullStack::class) && class_exists(CsrfToken::class) ? 'canBeDisabled' : 'canBeEnabled'}() | |||
There was a problem hiding this comment.
Shouldn't we add a new method to ArrayNodeDefinition instead ?
Like
->canBeAutomaticallyEnabled(function() {
return !class_exists(FullStack::class) && class_exists(CsrfToken::class);
}There was a problem hiding this comment.
I don't think this is needed as this is rarely useful.
|
I like this way :) Btw, it's quite funny, as Symfony changed everything to disabled in Symfony 3: #13703 |
|
👍 |
15ced32 to
3539248
Compare
3539248 to
ef80873
Compare
fabpot
added a commit
that referenced
this pull request
Jan 8, 2017
…nBeEnabled to canBeDisabled (fabpot) This PR was squashed before being merged into the 3.3-dev branch (closes #21196). Discussion ---------- [FrameworkBundle] changed some default configs from canBeEnabled to canBeDisabled | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a FrameworkBundle configuration is currently "optimized" for when a project depends on symfony/symfony (which is the vast majority of Symfony projects out there as that's how Symfony Standard Edition is set up). As all components are always available, features (forms, validation, translation, serializer, ...) are disabled by default in FrameworkBundle's configuration (`canBeEnabled`) and developers must enable them when they need them (that was done mainly for performance reasons). That's annoying as it means one configuration step before being able to use forms for the first time (or validation, or serialization, or translation, ...). To make features auto-configurable and make the framework a bit more user-friendly (that's where I think I need to invoke DX :), I'd like Symfony 4 to work in a different way. Instead of relying on symfony/symfony, I want people to install only the components/bundles they need. In that scenario, we can auto-configure Symfony FrameworkBundle based on the available components. If you add symfony/form as a dependency, then it makes sense to automatically enable the feature in framework bundle (with the possibility to disable it if needed thanks to `canBeDisabled`). Let's recap: * Before: * You want to use forms; you have symfony/symfony, so nothing to install; * Using forms does not work out of the box though; you need to know that you have to edit `app/config/config.yml` to explicitly enable forms; * Forms work! * After: * You want to use forms so you install symfony/form (like for any other packages out there; want to use Twig for templating, install twig/twig); * But for Symfony components, there are no other steps; forms are auto-configured just because you installed the dependency, go work now! In a way, it makes handling/installing/configuring Symfony components no different than doing the same for a third party package. That's about relying even more on Composer and less on configuration. Symfony components have the extra benefit of being auto-configured via FrameworkBundle. That's not the case for other third-party packages/bundles, but for those who attended SymfonyCon Berlin, you know that this is coming soon via Symfony Flex. That's even more interesting for forms as CSRF protection needs an extra knob to be turned on currently. With the new way, just install the CSRF security component. An again, you still have the possibility to turn it off if you want to. Anyway, this PR gives us the flexibility to do both: when using symfony/symfony, everything works as before, if you are using symfony/framework-bundle, then auto-configuration based on the installed packages is automatically activated. This also brings consistency as this behavior is already what we've done for the Doctrine Annotation library in 3.2. Last, but not the least, with all the work currently done on the container lazyness for Symfony 3.3, concerns about performance are less important than before, so having components auto-enabled when installed should not be a big deal. We might even go one step further and remove enabling/disabling for ESI/SSI/fragments/... And whenever we create an independent Session component, we will be able to do the same with the session configuration. The astute reader might have noticed that I haven't talked about the templating configuration, but as the component will be deprecated in 3.3, I prefer to keep its activation explicit. In terms of BC, the only change is for people using symfony/framework-bundle with some packages that were installed but not enabled in the config. I would say that this should be pretty rare and anyway, the only consequence is a small performance hit which can be easily offset by explicitly disabling the config. That's all folks! Commits ------- ef80873 [FrameworkBundle] changed some default configs from canBeEnabled to canBeDisabled 98ce21a [FrameworkBundle] changed the default value of annotation setting based on the existence of Doctrine Annotations
nicolas-grekas
added a commit
that referenced
this pull request
Jan 8, 2017
This PR was merged into the 3.3-dev branch. Discussion ---------- [TwigBundle] Disable form in tests | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Tests are broken with high deps due to the changes made in #21196 > Symfony\Bundle\TwigBundle\Tests\NoTemplatingEntryTest::test Symfony\Component\DependencyInjection\Exception\LogicException: Form support cannot be enabled as the Translation component is not installed. > Symfony\Bundle\TwigBundle\Tests\NoTemplatingEntryTest::test Symfony\Component\DependencyInjection\Exception\LogicException: The Validator component is required to use the Form component. This will fix them. Commits ------- 2a279b9 [TwigBundle] Disable form in tests
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
FrameworkBundle configuration is currently "optimized" for when a project
depends on symfony/symfony (which is the vast majority of Symfony projects out
there as that's how Symfony Standard Edition is set up). As all components are
always available, features (forms, validation, translation, serializer, ...)
are disabled by default in FrameworkBundle's configuration (
canBeEnabled) anddevelopers must enable them when they need them (that was done mainly for
performance reasons).
That's annoying as it means one configuration step before being able to use
forms for the first time (or validation, or serialization, or translation, ...).
To make features auto-configurable and make the framework a bit more
user-friendly (that's where I think I need to invoke DX :), I'd like Symfony 4
to work in a different way. Instead of relying on symfony/symfony, I want
people to install only the components/bundles they need. In that scenario, we
can auto-configure Symfony FrameworkBundle based on the available components.
If you add symfony/form as a dependency, then it makes sense to automatically
enable the feature in framework bundle (with the possibility to disable it if
needed thanks to
canBeDisabled).Let's recap:
Before:
You want to use forms; you have symfony/symfony, so nothing to install;
Using forms does not work out of the box though; you need to know that you
have to edit
app/config/config.ymlto explicitly enable forms;Forms work!
After:
You want to use forms so you install symfony/form (like for any other
packages out there; want to use Twig for templating, install twig/twig);
But for Symfony components, there are no other steps; forms are
auto-configured just because you installed the dependency, go work now!
In a way, it makes handling/installing/configuring Symfony components no
different than doing the same for a third party package. That's about relying
even more on Composer and less on configuration. Symfony components have the
extra benefit of being auto-configured via FrameworkBundle. That's not the case
for other third-party packages/bundles, but for those who attended SymfonyCon
Berlin, you know that this is coming soon via Symfony Flex.
That's even more interesting for forms as CSRF protection needs an extra knob
to be turned on currently. With the new way, just install the CSRF security
component. An again, you still have the possibility to turn it off if you want
to.
Anyway, this PR gives us the flexibility to do both: when using
symfony/symfony, everything works as before, if you are using
symfony/framework-bundle, then auto-configuration based on the installed
packages is automatically activated.
This also brings consistency as this behavior is already what we've done for
the Doctrine Annotation library in 3.2.
Last, but not the least, with all the work currently done on the container
lazyness for Symfony 3.3, concerns about performance are less important than
before, so having components auto-enabled when installed should not be a big
deal. We might even go one step further and remove enabling/disabling for
ESI/SSI/fragments/... And whenever we create an independent Session component,
we will be able to do the same with the session configuration. The astute
reader might have noticed that I haven't talked about the templating
configuration, but as the component will be deprecated in 3.3, I prefer to keep
its activation explicit.
In terms of BC, the only change is for people using symfony/framework-bundle
with some packages that were installed but not enabled in the config. I would
say that this should be pretty rare and anyway, the only consequence is a small
performance hit which can be easily offset by explicitly disabling the config.
That's all folks!