-
-
Notifications
You must be signed in to change notification settings - Fork 394
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extend service provider search #318
Extend service provider search #318
Conversation
b826639
to
92fd378
Compare
Thank you for you contribute. Could you use Composer's mechanisms instead of getcwd().... ? |
@szepeviktor , I'll certainly try - I used getcwd() because the existing code did so. |
$reflection = new \ReflectionClass(\Composer\Autoload\ClassLoader::class);
$vendorDir = dirname($reflection->getFileName(), 2); |
Thanks - let me try that. |
8661a42
to
95766f9
Compare
@szepeviktor , thanks for your suggestion - it seems to have worked well. |
getFileName() gives you vendor/composer/ClassLoader.php so one dirname() is enough |
require_once may not serve us well as this file could be already loaded, please consider |
if it is possible please try to nuke See #284 |
e87d01b
to
15cae26
Compare
@szepeviktor , that should be all of your comments addressed except I'm not sure if they're in this pull req's scope - maybe I should try to clean them up in another pull request after you're otherwise happy with this one? |
@szepeviktor I just waited to add my two cents on the removal of the find and require_once. I have recently tackled a similar issue and had to build a custom class finder. If you want I could either What's your preference? |
@szepeviktor i think the danger could be heavily mitigated removing the need to include get declared classes and the require (And execution) of the files. If composer/composer was added as a dep then the directory information gained from the new getProjectSearchDirs method added by @CyberiaResurrection could then be piped into That would yield a set of classes (as key) and the files (as value). They would then invoked by the autoloader in the class_parents call. Thoughts? |
@szepeviktor , I was reluctant to expand the dependency list on my own because I've had pull requests rejected for that reason before. However, adding composer/composer and proceeding as @c-harris suggests seems to be the easiest way forward to defuse your concerns. I'll welcome a better idea, from anyone. |
I would agree any solution that avoids iteration through files. |
@nunomaduro Please tell us your opinion. |
617598e
to
056f179
Compare
@szepeviktor , @nunomaduro , I've followed @c-harris' suggestion and used the composer ClassMapGenerator's createMap method. Is this what you were thinking of, @szepeviktor ? |
056f179
to
287adc5
Compare
I am just a janitor here! |
Almighty janitor you may be (and an extremely helpful one, to boot), @szepeviktor , is my commit where I introduced ClassMapGenerator::createMap what you had in mind when you were asking me to nuke Finder and require_file? |
:) Yes, it is. @nunomaduro Please take another look at it. |
As I'm planning to reorganise the guts of ApplicationResolver in later commits, it's good practice to verify that those changes don't break what's already there.
This commit simply clears the way for later changes to enable searching multiple directories.
This is what I've been working up to in this patch set - since the Composer autoloader has assembled a by-definition definitive list of source folders to search for the supplied namespace, use it.
Not only does this avoid false negatives if somehow a project service provider was loaded earlier, this also eliminates the need for require_once calls, which the project maintainer is justifiably worried about. Require (and its _once cousin) do have known security issues when following symbolic links. I'm not sure if they apply here, but it's easier all around to remove the potential attack surface, rather than rely on the input to potential problems always being well-formed.
287adc5
to
2bfcaef
Compare
@nunomaduro , I've just rebased this, for ease of merging, on top of the other pull reqs that have landed since this one did. Is there anything else you want me to clean up, or can this PR be merged? |
This looks good 👍 |
Ok, looks like I've missed something here and I hope you can help me, @canvural - do I need to request specific reviewers for this PR, or can anyone with write access jump in and mark it approved? |
@nunomaduro No, you didn't miss anything. @nunomaduro is the only one with the write access. And at the end its his decision for merging. I just gave my opinion. |
This may be an important change - I will test it out tonight. |
@canvural , thanks for your patience and your explanation. @nunomaduro , thank you for your patience, too - sorry for being a little eager. |
@nunomaduro as changes go this one has helped me solve a problem where I had to separate my project into two but required the same service provider (Or specifically fascard) on both. Just wanted to add my two cents here, I'm keen yo see it incorporated. |
@canvural Leaving this one to you. We just need to make sure that Larastan works on:
|
Sure. I can test it. Then let you know. (I guess I don't have rights to merge) |
@canvural You are admin - so you should have rights 👍 |
@nunomaduro This is good to merge! But I can't merge because it says |
A package is tested: Larastan itself |
@canvural , should I send up a dummy commit to trip the CI infrastructure again? |
@CyberiaResurrection I'm not sure how the StyleCI push system works. I've never seen it work. Or we can wait @nunomaduro to help 😄 |
@canvural , if the StyleCI push bitz aren't working, are you able to merge this PR anyway? |
No. It doesn't let me. |
My attempt to implement a suggestion implied in #273 (comment) , namely getting a list of directories to check for service providers, directly from Composer data.
@szepeviktor , I wasn't sure exactly how to test the load-from-extra-search-directories without polluting production use with test code (such as a dummy service provider). In lieu of a way to do that cleanly, I added a test that verified my changes didn't break the status quo on Larastan itself.