Update serialization mechanism

- Suggest suggest __serialize and __unserialize (previously discouraged) - Add sniff to discourage Serializable interface See - https://wiki.php.net/rfc/custom_object_serialization - https://www.php.net/manual/en/class.serializable.php
inpsyde · Apr 16, 2024 · 24bb1fc · 24bb1fc
1 parent 236ee34
commit 24bb1fc
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 3 deletions.
diff --git a/Inpsyde/Sniffs/CodeQuality/DisableMagicSerializeSniff.php b/Inpsyde/Sniffs/CodeQuality/DisableMagicSerializeSniff.php
@@ -13,9 +13,7 @@ class DisableMagicSerializeSniff implements Sniff
 {
     /** @var list<string>  */
     public array $disabledFunctions = [
-        '__serialize',
         '__sleep',
-        '__unserialize',
         '__wakeup',
     ];
 
@@ -45,7 +43,7 @@ public function process(File $phpcsFile, $stackPtr): void
         if (in_array($name, $this->disabledFunctions, true)) {
             $phpcsFile->addError(
                 sprintf(
-                    'The method "%s" is forbidden, please use Serializable interface.',
+                    'The method "%s" is deprecated, please use __serialize and __unserialize instead.',
                     $name
                 ),
                 $stackPtr,

diff --git a/Inpsyde/Sniffs/CodeQuality/DisableSerializeInterfaceSniff.php b/Inpsyde/Sniffs/CodeQuality/DisableSerializeInterfaceSniff.php
@@ -0,0 +1,51 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Inpsyde\Sniffs\CodeQuality;
+
+use PHP_CodeSniffer\Files\File;
+use PHP_CodeSniffer\Sniffs\Sniff;
+use PHPCSUtils\Utils\ObjectDeclarations;
+
+class DisableSerializeInterfaceSniff implements Sniff
+{
+    /**
+     * @return list<int>
+     */
+    public function register(): array
+    {
+        return [
+            \T_CLASS,
+            \T_ANON_CLASS,
+            \T_ENUM,
+            \T_INTERFACE,
+        ];
+    }
+
+    /**
+     * @param File $phpcsFile
+     * @param int $stackPtr
+     * @return void
+     *
+     * phpcs:disable Inpsyde.CodeQuality.ArgumentTypeDeclaration
+     */
+    public function process(File $phpcsFile, $stackPtr): void
+    {
+        // phpcs:enable Inpsyde.CodeQuality.ArgumentTypeDeclaration
+        $tokenCode = $phpcsFile->getTokens()[$stackPtr]['code'];
+        $find = ($tokenCode === \T_INTERFACE)
+            ? ObjectDeclarations::findExtendedInterfaceNames($phpcsFile, $stackPtr)
+            : ObjectDeclarations::findImplementedInterfaceNames($phpcsFile, $stackPtr);
+
+        if (($find === false) || !in_array('Serializable', $find, true)) {
+            return;
+        }
+
+        $phpcsFile->addError(
+            'The Serializable interface is deprecated, please use __serialize and __unserialize instead.',
+            $stackPtr,
+            'Found'
+        );
+    }
+}