Skip to content

ContainerBuilder::hash() is unstable when switching from PHP 8.0 to 8.1 #41592

@derrabus

Description

@derrabus

Symfony version(s) affected: 4.4-dev

Blocks #41552

Description
ContainerBuilder comes with a handy hash() function that is used to produce file names of dumped containers or unique service IDs.

public static function hash($value)
{
$hash = substr(base64_encode(hash('sha256', serialize($value), true)), 0, 7);
return str_replace(['/', '+'], ['.', '_'], $hash);
}

Because of a failing test (PhpDumperTest::testServiceSubscriber) I noticed that the produced hash on PHP 8.1 differs from the one we've created on PHP 8.0. The test compares the result of dumping a container against a fixture. That fixture contains such a hash and is currently used in unit tests with PHP versions 7.1 through 8.0.

I've dumped the result of serialize() on PHP 8.0 and 8.1 and got different results. At first glace, it appears that the properties of the serialized objects appear in a different order on PHP 8.0 and below than on 8.1. For the sole purpose of serializing and unserializing objects, this probably does not matter, but if the serialized string is used as input for a hash function, this becomes a problem.

Question is: Is that hash meant to remain stable across PHP versions?

  • If the answer is no, we could either produce a second version of that fixture or find a way to make the test more resilient against hash changes. I don't know yet, if there are more test failures related to that issue, though.
  • If the answer is yes: Can we find a more stable way to calculate those hashes? Or is this something we should report to the PHP team?

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions