On 11 December 2017 at 09:23, Andreas Hennings <andr...@dqxtech.net> wrote: >>> These side effects would be that the class loader loads files which can >>> break things? >> >> >> Yes. Reflecting over a codebase which contains even just polyfills >> (duplicate classes) can already lead to unexpected crashes. Reflecting over >> non-PSR-2 code can even lead to worse things such as starting a DB >> connection and performing unwanted operations. >> > > My own use case avoids this problem. > Instead of randomly scanning anything, you need to tell the annotation > parser explicitly which namespace directory you want to scan. > It is the caller's responsibility that all class files in this > directory are nicely shaped, and can be safely autoloaded. > > In fact I did use a userland parser in the past, but then decided that > native reflection is safe with the above assumption.
Maybe one fragile edge case would be if one of the files causes the autoloader to include a different file, outside of the library, due to ambiguous namespace mapping. But this problem would also occur during everyday use of the library, if this class is used. So the condition is: Only scan namespace directories where you know that every class can be safely autoloaded. In fact I do not explicitly include the class file, but let the class loader do this, to be sure that the same version of the class is used that would be used in a regular request / process. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
