Generics for PasswordUpgraderInterface fail with SF < 5.3

[kevinpapst]

Hi @VincentLanglet, the commit dac2474 caused a BC, which I can't solve. I would appreciate your input 😄

A Symfony project that still uses 4.4 fails now with

Parameter $user of method App\Security\DoctrineUserProvider::upgradePassword() has invalid type Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface. 

This is the Symfony 4.4 code:
https://github.com/symfony/symfony/blob/4.4/src/Symfony/Component/Security/Core/User/PasswordUpgraderInterface.php

The interface that you check was first added with 5.3, see the sources at 5.2:
https://github.com/symfony/symfony/tree/5.2/src/Symfony/Component/Security/Core/User

Is that behavior somehow configurable (e.g. add a SF version in phpstan.neon config) or do I have to pin my composer dep?

        "phpstan/phpstan-symfony": "1.2.18",

In my case it doesn't matter, as this project branch only receives security fixes ... but considering that the PasswordAuthenticatedUserInterface interface was first added with 5.3 this might be an issue for others as well.

I don't know how the stubs work, but could it help if your stubbed interface would extend UserInterface to make it compatible with old SF versions?

[VincentLanglet]

We might need to write something similar to https://github.com/phpstan/phpstan-symfony/blob/1.2.x/src/Symfony/InputBagStubFilesExtension.php in order to load dynamically the stub files

Do you want to do it @kevinpapst ?

[kevinpapst]

I'd love to help, but I never contributed code to phpstan and I am really short on time currently.
Maybe I am the only one experiencing it, so let's wait and see if someone else runs into that issue before jumping through the hoop.

[github-actions]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.