[SecurityBundle] Prevent auto-registration of UserPasswordEncoderCommand #22858
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ogizanagi
approved these changes
May 22, 2017
|
👍 Fixes the issue However, I am a bit worried about the PR that introduced this - #20677 - specifically that it adds the EncoderFactoryInterface to the constructor. I think we need to be careful to keep commands lazy - I believe this change will cause that service to be instantiated just by running |
|
@weaverryan : Which is something that #22734 would solve. (Anyway for this particular case, |
|
@ogizanagi Thanks for pointing me to that :). I'd like to see that get done! 👍 |
|
Thank you @chalasr. |
nicolas-grekas
added a commit
that referenced
this pull request
May 23, 2017
…EncoderCommand (chalasr) This PR was merged into the 3.3 branch. Discussion ---------- [SecurityBundle] Prevent auto-registration of UserPasswordEncoderCommand | Q | A | ------------- | --- | Branch? | 3.3 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #22855 | License | MIT | Doc PR | n/a Always registers the command as a service even if no encoders are configured so that it is not auto-registered via reflection. Prevents an irrelevant deprecation when no encoders are configured and, if a day the per-convention command registration is removed, ensures that the command always exists (leading to an exception saying that you have no configured encoder, better than nothing). ping @ogizanagi Commits ------- b39b35b Prevent auto-registration of UserPasswordEncoderCommand
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Always registers the command as a service even if no encoders are configured so that it is not auto-registered via reflection.
Prevents an irrelevant deprecation when no encoders are configured and, if a day the per-convention command registration is removed, ensures that the command always exists (leading to an exception saying that you have no configured encoder, better than nothing).
ping @ogizanagi