Remove direct dependencies on doctrine/common

[Majkl578]

Q	A
Branch?	master
Bug fix?	no
New feature?	no
BC breaks?	no
Deprecations?	no
Tests pass?	yes
Fixed tickets	none
License	MIT
Doc PR	?

Doctrine has recently separated multiple components from doctrine/common:

• doctrine/event-manager [release notes | split PR]
• doctrine/persistence [release notes | split PR]
• doctrine/reflection [release notes | split PR]

All of the packages are 100% backward compatible with their counterparts in Common 2.8.

This is a major step to slowly start with phasing out doctrine/common package before ORM 3.0 / DBAL 3.0 / ODM 3.0.
Common 2.9.0 will also be composed from these new packages.

Most of the remaining parts in doctrine/common are likely to be deprecated (or already are), please see & discuss in the PR over in doctrine/common repository.

This PR therefore aims to remove the direct doctrine/common dependency from Symfony, replacing it by specific Doctrine components.

[nicolas-grekas]

annotations and cache were not required before, is it really now?
Looking at the deps of the new packages, it looks like so. Why?
If these are really a split of common, this should not be the case, isn't it?

[Majkl578]

annotations and cache were always indirectly required through common so they were always there.

Looking at the deps of the new packages, it looks like so. Why?

I am not sure I understand what you mean. There are no back references to common, only references to other requirements, otherwise these components (in their 1.0.x versions) are verbatim copy from doctrine/common.
I suppose you mean persistence which has multiple dependencies:

• event-manager - hard dependency for events
• annotations - hard dependency in AnnotationDriver - I suppose this could be made optional, although @Ocramius is against optional dependencies
• cache - hard dependency in AbstractClassMetadataFactory
• reflection - hard dependency in RuntimeReflectionService

Ad changes in this PR, in Bridge/Doctrine:

• common removed
• annotations + cache added - hard dependency in Bridge\Doctrine\Test\DoctrineTestHelper - should these be require-dev? imho not, it's not in Tests so it's production code...
• collections - hard dependencies in Doctrine/Form
• event-manager - hard dependency in ContainerAwareEventManager
• persistence - hard dependencies on many places

Root composer.json was just updated accordingly since I assumed it works as aggregate of all dependencies.

[Ocramius]

If these are really a split of common, this should not be the case, isn't it?

We can drop them from common in a major release: people depending on doctrine/common 2.x still expect those classes to exist when just depending on doctrine/common, so for now the dependencies are still mandatory in there.

[stof]

I think the only direct dependency of the doctrine bridge in doctrine/common is actually doctrine/persistence

[stof]

and this means the root composer.json would depend on persistence, cache and annotations.

[Majkl578]

I think the only direct dependency of the doctrine bridge in doctrine/common is actually doctrine/persistence

I don't think this is correct, see my comment above. There are hard dependencies (inheritance, API) to other components as well.

[stof]

What about having a class in doctrine/persistence providing this, instead of making each package duplicate the doctrine naming convention (which would mean that changing it would be a BC break btw) ?

[Majkl578]

I thought about that, I think we can possibly do that (probably immediately as @deprecated already since Proxy should be gone in ORM 3.0 / Persistence 2.0) and ship it as 1.1.

[stof]

annotations + cache added - hard dependency in Bridge\Doctrine\Test\DoctrineTestHelper - should these be require-dev? imho not, it's not in Tests so it's production code...

DoctrinetestHelper is a testing utility depending on the ORM anyway (I don't even know why we expose it btw, as it seems specific to the bridge tests). The ORM itself is a require-dev only, so these should as well.

collections - hard dependencies in Doctrine/Form

there is no hard dependency here. The listener says "if it is an instance of a collection, then I can clear it in a faster way". An instanceof check is not a hard requirement.

event-manager - hard dependency in ContainerAwareEventManager

that one is true. I forgot we have this class in the bridge.

[Majkl578]

collections - hard dependencies in Doctrine/Form

there is no hard dependency here. The listener says "if it is an instance of a collection, then I can clear it in a faster way".

I was more worried about Doctrine\Form\DataTransformer\CollectionToArrayTransformer::reverseTransform() which contains new ArrayCollection(). I am not sure whether this method could be called/used without Collections existing though.

[stof]

hmm, if you manage to use a EntityType (which is used for the ODM and ORM) without having collections installed, it might still trigger this code. But I think you would have a broken code earlier in the usage anyway (and so no reach it)

[nicolas-grekas]

can you move the doctrine/* packages before the symfony one, to have alpha order please?

[Majkl578]

If you agree, I will send separate PR with this and enabling sort-packages config option - the order is inconsistent also for many non-doctrine packages so I'd prefer not to mix it here. ☺️

Edit: Well, actually since I added these, I moved them up. But left the other occurences where some doctrine packages already existed.

[nicolas-grekas]

sort-package doesn't work here, because we manually merge composer.json files, so no need, as that would only make mergers' job a bit harder/slower

[nicolas-grekas]

annotations and cache were always indirectly required through common so they were always there.

I had missed that, thank you.

[nicolas-grekas]

When a feature is optional, our policy is to not list its dependencies as mandatory requirements.
This PR is an opportunity to follow this more closely. If we can remove cache, annotations, etc. because they are needed only as optional features, we should move them to require-dev. Let's do it :)

[nicolas-grekas]

Just checked: we should move cache and annotations to require-dev: they're only used in Test\DoctrineTestHelper, so totally optional.

[Majkl578]

Moved annotations and cache to dev in DoctrineBridge & root composer.jsons.
This leaves us with hard dependency on:

        "doctrine/collections": "~1.0",
        "doctrine/event-manager": "~1.0",
        "doctrine/persistence": "~1.0",

Which is IMO correct. Of course you can also make some of them optional later. :)

[Majkl578]

KO src/Symfony/Bundle/SecurityBundle
/bin/bash: line 1: 10403 Segmentation fault (core dumped) bash -xc "$*" 2>&1

😢

[fabpot]

Thank you @Majkl578.

[nicolas-grekas]

Reverted in 5fe78a3: by adding runtime deprecation, doctrine/common#845 highlighted that this was merged too early: doctrine/orm is not up to date and still triggers deprecated code paths. Please resubmit once this is fixed. (Resubmitting now would make tests fail, we now have visibility on the issue so it won't happen again.)

[Majkl578]

doctrine/common#845 has absolutely no impact on this change. You will face the same issue with or without this PR.

[nicolas-grekas]

Reverting allows locking to a stable version of doctrine/common, which is deprecation-free for now. That's the only way to make our test suite green. Of course, please don't tag a stable version of doctrine/common until doctrine/orm is able to run deprecation-free.

[Majkl578]

Why is your test suite failing when 3rd-party code triggers deprecated code? That shouldn't be an issue for Symfony as ORM is 3rd-party. Shouldn't you use weak-vendors?

[nicolas-grekas]

Because this way we help ensure the dependencies we rely on are at least as stable as we'd like to provide to our users. Personally, I believe this is one of the best part of OSS: e.g., in this case, we help Doctrine spot issues earlier, for the benefit of everyone.

[Majkl578]

There is no stable combination of Symfony + ORM + Common that would allow installation of Common 2.9 (which isn't even released). What you are talking about is currently only a development version. Also you are testing a Symfony 4.2-dev (where this PR was merged into) which is scheduled to be released in november (5 months from now).

highlighted that this was merged too early

Based on the above, I don't think this statement is correct. This is only applicable to 4.2-dev with minimum-stability=dev which is due to release in 5 months.

Because this way we help ensure the dependencies we rely on are at least as stable as we'd like to provide to our users.

By testing a development versions in your development version (with no stable minor release)... That doesn't sound correct to me.

[nicolas-grekas]

What I care about is having Travis green so that we can merge PRs safely. This is the minimal change I had to do to achieve that.

[nicolas-grekas]

(Please submit again on master)

[Majkl578]

ORM 2.6-dev: doctrine/orm@6d81d51
ORM 2.7-dev: doctrine/orm@315afbe

[shulard]

Hello !

We just got that deprecation notice when running our test suite.

Since it's not related to our codebase nor Symfony directly (and this PR seems to be shipped in 5 months), is there a better way than disabling deprecation notice during tests to handle that error ?

[Ocramius]

Are you running with latest dependencies? ORM should already be quite deprecation-free.

…

On Mon, 16 Jul 2018, 09:53 Stéphane HULARD, ***@***.***> wrote: Hello ! We just got that deprecation notice when running our test suite. Since it's not related to our codebase nor Symfony directly (and this PR seems to be shipped in 5 months), is there a better way than disabling deprecation notice during tests to handle that error ? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#27609 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAJakPhK3fBwliY0uorvmY7fPF8awJECks5uHEZ2gaJpZM4Uo4O1> .

[shulard]

Yes, we use the latest dependencies. We check using CI with composer outdated that every direct dependency is up to date.

We are using Symfony 4.1 dependency and recipes. Here's the list of our current versions :

aws/aws-sdk-php                     3.63.1             AWS SDK for PHP - Use Amazon Web Services in your PHP project
doctrine/annotations                v1.6.0             Docblock Annotations Parser
doctrine/cache                      v1.7.1             Caching library offering an object-oriented API for many cache backends
doctrine/collections                v1.5.0             Collections Abstraction library
doctrine/common                     v2.9.0             Common Library for Doctrine projects
doctrine/dbal                       v2.8.0             Database Abstraction Layer
doctrine/doctrine-bundle            1.9.1              Symfony DoctrineBundle
doctrine/doctrine-cache-bundle      1.3.3              Symfony Bundle for Doctrine Cache
doctrine/doctrine-migrations-bundle v1.3.1             Symfony DoctrineMigrationsBundle
doctrine/event-manager              v1.0.0             Doctrine Event Manager component
doctrine/inflector                  v1.3.0             Common String Manipulations with regard to casing and singular/plural rules.
doctrine/instantiator               1.1.0              A small, lightweight utility to instantiate objects in PHP without invoking their constructors
doctrine/lexer                      v1.0.1             Base library for a lexer that can be used in Top-Down, Recursive Descent Parsers.
doctrine/migrations                 v1.8.1             Database Schema migrations using Doctrine DBAL
doctrine/orm                        v2.6.2             Object-Relational-Mapper for PHP
doctrine/persistence                v1.0.0             Doctrine Persistence abstractions.
doctrine/reflection                 v1.0.0             Doctrine Reflection component
easycorp/easy-log-handler           v1.0.5             A handler for Monolog that optimizes log messages to be processed by humans instead of software. Improve your productivity with logs that are easy to understand.
egulias/email-validator             2.1.4              A library for validating emails against several RFCs
fig/link-util                       1.0.0              Common utility implementations for HTTP links
fzaninotto/faker                    v1.8.0             Faker is a PHP library that generates fake data for you.
guzzlehttp/guzzle                   6.3.3              Guzzle is a PHP HTTP client library
guzzlehttp/promises                 v1.3.1             Guzzle promises library
guzzlehttp/psr7                     1.4.2              PSR-7 message implementation that also provides common utility methods
jdorn/sql-formatter                 v1.2.17            a PHP SQL highlighting library
league/csv                          9.1.4              Csv data manipulation made easy in PHP
league/flysystem                    1.0.45             Filesystem abstraction: Many filesystems, one API.
league/flysystem-aws-s3-v3          1.0.19             Flysystem adapter for the AWS S3 SDK v3.x
monolog/monolog                     1.23.0             Sends your logs to files, sockets, inboxes, databases and various web services
mtdowling/jmespath.php              2.4.0              Declaratively specify how to extract elements from a JSON document
ocramius/package-versions           1.3.0              Composer plugin that provides efficient querying for installed package versions (no runtime IO)
ocramius/proxy-manager              2.2.0              A library providing utilities to generate, instantiate and generally operate with Object Proxies
psr/cache                           1.0.1              Common interface for caching libraries
psr/container                       1.0.0              Common Container Interface (PHP FIG PSR-11)
psr/http-message                    1.0.1              Common interface for HTTP messages
psr/link                            1.0.0              Common interfaces for HTTP links
psr/log                             1.0.2              Common interface for logging libraries
psr/simple-cache                    1.0.1              Common interfaces for simple caching
roave/security-advisories           dev-master 731d60f Prevents installation of composer packages with known security vulnerabilities: no API, simply require it
sensio/framework-extra-bundle       v5.2.0             This bundle provides a way to configure your controllers with annotations
squizlabs/php_codesniffer           3.3.0              PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.
stripe/stripe-php                   v6.10.2            Stripe PHP Library
swiftmailer/swiftmailer             v6.1.2             Swiftmailer, free feature-rich PHP mailer
symfony/apache-pack                 v1.0.1             A pack for Apache support in Symfony
symfony/asset                       v4.1.1             Symfony Asset Component
symfony/browser-kit                 v4.1.1             Symfony BrowserKit Component
symfony/cache                       v4.1.1             Symfony Cache component with PSR-6, PSR-16, and tags
symfony/config                      v4.1.1             Symfony Config Component
symfony/console                     v4.1.1             Symfony Console Component
symfony/css-selector                v4.1.1             Symfony CssSelector Component
symfony/debug                       v4.1.1             Symfony Debug Component
symfony/debug-bundle                v4.1.1             Symfony DebugBundle
symfony/debug-pack                  v1.0.5             A debug pack for Symfony projects
symfony/dependency-injection        v4.1.1             Symfony DependencyInjection Component
symfony/doctrine-bridge             v4.1.1             Symfony Doctrine Bridge
symfony/dom-crawler                 v4.1.1             Symfony DomCrawler Component
symfony/dotenv                      v4.1.1             Registers environment variables from a .env file
symfony/event-dispatcher            v4.1.1             Symfony EventDispatcher Component
symfony/expression-language         v4.1.1             Symfony ExpressionLanguage Component
symfony/filesystem                  v4.1.1             Symfony Filesystem Component
symfony/finder                      v4.1.1             Symfony Finder Component
symfony/flex                        v1.0.83            Composer plugin for Symfony
symfony/form                        v4.1.1             Symfony Form Component
symfony/framework-bundle            v4.1.1             Symfony FrameworkBundle
symfony/http-foundation             v4.1.1             Symfony HttpFoundation Component
symfony/http-kernel                 v4.1.1             Symfony HttpKernel Component
symfony/inflector                   v4.1.1             Symfony Inflector Component
symfony/intl                        v4.1.1             A PHP replacement layer for the C intl extension that includes additional data from the ICU library.
symfony/lts                         dev-master 6de50b2 Enforces Long Term Supported versions of Symfony components
symfony/monolog-bridge              v4.1.1             Symfony Monolog Bridge
symfony/monolog-bundle              v3.3.0             Symfony MonologBundle
symfony/options-resolver            v4.1.1             Symfony OptionsResolver Component
symfony/orm-pack                    v1.0.5             A pack for the Doctrine ORM
symfony/phpunit-bridge              v4.1.1             Symfony PHPUnit Bridge
symfony/polyfill-ctype              v1.8.0             Symfony polyfill for ctype functions
symfony/polyfill-intl-icu           v1.8.0             Symfony polyfill for intl's ICU-related data and classes
symfony/polyfill-mbstring           v1.8.0             Symfony polyfill for the Mbstring extension
symfony/polyfill-php72              v1.8.0             Symfony polyfill backporting some PHP 7.2+ features to lower PHP versions
symfony/profiler-pack               v1.0.3             A pack for the Symfony web profiler
symfony/property-access             v4.1.1             Symfony PropertyAccess Component
symfony/routing                     v4.1.1             Symfony Routing Component
symfony/security                    v4.1.1             Symfony Security Component
symfony/security-bundle             v4.1.1             Symfony SecurityBundle
symfony/stopwatch                   v4.1.1             Symfony Stopwatch Component
symfony/swiftmailer-bundle          v3.2.2             Symfony SwiftmailerBundle
symfony/templating                  v4.1.1             Symfony Templating Component
symfony/translation                 v4.1.1             Symfony Translation Component
symfony/twig-bridge                 v4.1.1             Symfony Twig Bridge
symfony/twig-bundle                 v4.1.1             Symfony TwigBundle
symfony/validator                   v4.1.1             Symfony Validator Component
symfony/var-dumper                  v4.1.1             Symfony mechanism for exploring and dumping PHP variables
symfony/web-link                    v4.1.1             Symfony WebLink Component
symfony/web-profiler-bundle         v4.1.1             Symfony WebProfilerBundle
symfony/webpack-encore-pack         v1.0.2             A pack for Symfony Encore
symfony/yaml                        v4.1.1             Symfony Yaml Component
twig/twig                           v2.5.0             Twig, the flexible, fast, and secure template language for PHP
zendframework/zend-code             3.3.0              provides facilities to generate arbitrary code using an object oriented interface
zendframework/zend-eventmanager     3.2.1              Trigger and listen to events within a PHP application

Maybe it's related to our current environment / setup ?

[Ocramius]

Yep, so if I read this correctly, you already have everything. Try adding a "provides": {"doctrine/common": "2.9.99"} to your package to kick doctrine/common out.

[Majkl578]

We just got that deprecation notice when running our test suite.

This is not related to this PR, it was reverted I and I am not re-submitting it again.

We missed one case which triggers a silent-only deprecation, see doctrine/orm#7306 (comment). Your test suite should ignore this type of deprecation call, please see the referenced PR to see how to configure your test suite properly.

Also note that ORM will require Common until ORM 3.0, it can't be removed sooner due to BC.

[shulard]

Hello !

Thanks a lot for the details. Yes trying to kick out Common doesn't work actually and it's not a problem.

If I use the symfony weak_vendor mode (which seems to be the best solution here) I'm still aware about the deprecation but it doesn't block my tests. So I got the best of the two worlds I think.

It's fixed for me 😄.

[soletan]

If I use the symfony weak_vendor mode (which seems to be the best solution here) I'm still aware about the deprecation but it doesn't block my tests. So I got the best of the two worlds I think.

Could you elaborate on this one, please, for searching Symfony docs using Google/DDG (searching for "symfony weak_vendors") is a mess delivering lots of pages not even matching the keyword "weak" except for one on PHPUnit/Bridge mentioning this configuration option in a similarly brief way you did here. I sometimes wonder if Symfony community is really struggling with proper documentation this much ... even this approach is talking about what this value is for rather than telling where to put it. One of the first impediments in understanding Symfony is due to limited documentation on paradigms for configuration hierarchy. Placing weak_vendor: true at 2nd level in config/packages/framework.yaml did result in an exception on unexpected value. Gosh ...

[nicolas-grekas]

@soletan there's no such thing as "the Symfony community" here: that's just code and doc laying out for you to use and improve. As I read it, the doc already tells how to configure the bridge here:
https://symfony.com/doc/current/components/phpunit_bridge.html#configuration
(hint: SYMFONY_DEPRECATIONS_HELPER environment variable) but your new eyes on it make it feel like there is something obvious for me that isn't for others? Please open a doc issue or PR if you think it needs to be improved, that's how it will happen. The repo is https://github.com/symfony/symfony-docs/

[engharb]

Hello,

When some dependencies or classes are deprecated why are not removed and still available and used.

I installed Symfony4.1 with Doctrine and when I runt the Tests all the asserts passed successfully but at the end I got error (because of existence of such deprecated class).

What should I do and how can avoid that? or should I wait till the upgraded version of Doctrine (v3)?

[soletan]

@engharb Looks like you've missed the clear instruction just as I did. You need to set environment variable

SYMFONY_DEPRECATIONS_HELPER=weak_vendor

when starting your unit tests. This will suppress those warning or at least prevent them from failing your test run.

[engharb]

@soletan Thank you very much. Now it works.

[crmpicco]

Any news on what version this will be released with?

[shulard]

Hello @crmpicco, this is not a Symfony problem so that kind of issues will not enter the symfony release lifecycle.

If you prefer not using the weak vendor mode, you can allow a specific number of deprecations with the constant :

SYMFONY_DEPRECATIONS_HELPER=1

This statement will allow 1 deprecation only.

[gtrxshock]

In the end, in this case: Doctrine\Common\ClassLoader is deprecated (https://pasteboard.co/HJOKbzk.png), we have 2 ways

1. when running phpunit in console set environment variable, like this:
   $ SYMFONY_DEPRECATIONS_HELPER=weak ./vendor/bin/phpunit
   show simple notice in result: Remaining deprecation notices (1) (https://pasteboard.co/HJONdvJ.png)
   besides, we can use this option:
   $ SYMFONY_DEPRECATIONS_HELPER=weak_vendors ./vendor/bin/phpunit
   we will get a more strict warning (https://pasteboard.co/HJOOZH9.png)

2. we can also add a variable to the phpunit configuration (phpunit.xml[.dist])

<phpunit ...>
    <php>
        ...
        <env name="SYMFONY_DEPRECATIONS_HELPER" value="weak_vendors" />