Skip to content

[SecurityBundle] Fix semantic configuration for singulars/plurals in XML #61714

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 10, 2025
Merged

[SecurityBundle] Fix semantic configuration for singulars/plurals in XML #61714

merged 1 commit into from
Sep 10, 2025

Conversation

@nicolas-grekas
Copy link
Member

@nicolas-grekas nicolas-grekas commented Sep 10, 2025

Q A
Branch? 7.3
Bug fix? yes
New feature? no
Deprecations? no
Issues -
License MIT

@carsonbot carsonbot added this to the 7.3 milestone Sep 10, 2025
nicolas-grekas
nicolas-grekas commented Sep 10, 2025
View reviewed changes
Copy link
Member Author

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please approve #60568 @symfony/mergers

...y/Bundle/SecurityBundle/DependencyInjection/Security/AccessToken/OidcTokenHandlerFactory.php
->arrayNode($this->getKey())
->fixXmlConfig($this->getKey())
->fixXmlConfig('issuer')
->fixXmlConfig('algorithm')
Copy link
Member Author

@nicolas-grekas nicolas-grekas Sep 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be done in 7.3: while both keys algorithm and algorithms exist, they are coalesced in the end.

src/Symfony/Bundle/SecurityBundle/Resources/config/schema/security-1.0.xsd
<xsd:complexType name="config">
<xsd:choice maxOccurs="unbounded">
<xsd:element name="access-decision-manager" type="access_decision_manager" minOccurs="0" maxOccurs="1" />
<xsd:element name="password_hashers" type="password_hashers" minOccurs="0" maxOccurs="1" />
Copy link
Member Author

@nicolas-grekas nicolas-grekas Sep 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This XSD doesn't follow any existing practice (the same issue is fixed for a few other keys below).
Note that the resulting config tree is going to be exactly the same.
It's just validation that might fail if anyone uses XML to define these semantic trees.
This will happen at compile time, so really easy to spot and fix.

Copy link
Member

@GromNaN GromNaN Sep 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is indeed more standard this way.
These are breaking changes if the old version worked and was valid for the XSD.
Perhaps it would be better to apply these changes in 7.4 only? Or is this a way to trigger potential users of the XML configuration to express themselves?

Copy link
Member Author

@nicolas-grekas nicolas-grekas Sep 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is :) + an invitation to fix their config!

@OskarStark
Copy link
Contributor

OskarStark commented Sep 10, 2025

Wow thanks for digging into that mess. Can we somehow ensure this for the future via automatic checks?

@GromNaN
Copy link
Member

GromNaN commented Sep 10, 2025

Wow thanks for digging into that mess. Can we somehow ensure this for the future via automatic checks?

That's something to be careful during reviews.

@stof
Copy link
Member

stof commented Sep 10, 2025

Wow thanks for digging into that mess. Can we somehow ensure this for the future via automatic checks?

I'll try to think about how this could be done.
The general case is that any prototyped array node should have a corresponding fixXmlConfig on the parent node. But I think we have a few weird cases where we normalize things differently (when the prototyped node does not use a proper plural name), preventing us to enforce this rule strictly.

@nicolas-grekas
Copy link
Member Author

nicolas-grekas commented Sep 10, 2025

Wow thanks for digging into that mess. Can we somehow ensure this for the future via automatic checks?

Part of it is approving ;) #60568
Then I'm playing with something like what @stof suggests this morning, PR to come.

@nicolas-grekas
Copy link
Member Author

nicolas-grekas commented Sep 10, 2025

I figured more XSD mismatches, see https://github.com/symfony/symfony/compare/61e187964ffe16ac4d328f10e9a3fcfbac4765ee..a94730f3b8a3bd7df7b57d7296e58a92c356881c

@nicolas-grekas nicolas-grekas merged commit 84c65cb into symfony:7.3 Sep 10, 2025
9 of 11 checks passed
@nicolas-grekas nicolas-grekas deleted the fix-plurals branch September 10, 2025 12:11
@fabpot fabpot mentioned this pull request Sep 27, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GromNaN GromNaN GromNaN approved these changes

@stof stof stof approved these changes

@yceruto yceruto yceruto approved these changes

@alexandre-daubois alexandre-daubois alexandre-daubois approved these changes

@HypeMC HypeMC HypeMC approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees

No one assigned

Labels

Bug SecurityBundle Status: Reviewed

Projects

None yet

Milestone

7.3

Development

Successfully merging this pull request may close these issues.

8 participants

@nicolas-grekas @OskarStark @GromNaN @stof @yceruto @alexandre-daubois @HypeMC @carsonbot