New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Symfony 3.4.22 session not compatible with 3.4.21 #30073
Comments
The problem is in |
Hello, yes, that's correct. Yet there is no way around - relying on the |
In my humble opinion, this change isn't something that belongs in a patch version... |
See #29951 for some background on this. I get it's not ideal, but the status quo was even worse, with broken payloads. |
@nicolas-grekas The problem was up until this change, sharing sessions among Symfony versions worked great. I have a suite of 15 Symfony applications ranging from 2.7 to 3.4 and they all shared sessions for security happily. We have years of work built around that assumption, because up until now they had been working fine. But then this patch version happened that broke backwards compatibility. I was under the impression that Symfony patch versions would not do that. I guess it's already been decided that this is ok, but it's disappointing. Any suggestions for how to provide the same single sign on functionality among a series of apps? Up until now sharing a firewall configuration was enough. |
So a Symfony 2.7 and a Symfony 3.4 application are sharing the same session? Assuming that serialized objects remain compatible if you switch the major version of a library sounds pretty unsafe to me. I'm actually surprised that it has worked so far. I mean, you can fork Symfony 2.7 and apply the patch there. That might get you a compatible version, but there's no guarantee that this won't break again. |
I don't think I assumed anything would work the same across major versions. Nor even minor versions. We tend to test out major and minor versions very heavily before going forward with them. However, I did not expect a core thing to change across a patch version. |
we have the same issue. |
Symfony version(s) affected: 3.4.22 PHP7.1
Description
Symfony 3.4.22 session is not compatible with 3.4.21.
Error:
Probably related to:
#30006
How to reproduce
Create session in Symfony 3.4.22 app and try to re-use this session in 3.4.21 application.
Additional context
Full stack trace:
The text was updated successfully, but these errors were encountered: