symfony: [HttpFoundation] Missing ext-session in composer.json

Symfony version(s) affected: ^4.0

Purpose: Reconsider #27955 taking into account Docker containers (especially php:cli-alpine)

Description

Missing PHP session extension requirements in composer.json of symfony/http-foundation

How to reproduce

$ composer create-project symfony/skeleton
$ composer req debug

Possible Solution

"require": {
    "ext-session": "*",

Additional context

@fabpot said :

(http://php.net/manual/en/session.installation.php: Session support is enabled in PHP by default.).

The next sentence of the doc is :

If you would not like to build your PHP with session support, you should specify the --disable-session option […]

$ php -m
 [PHP Modules]
 Core
 ctype
 date
 dom
 filter
 hash
 iconv
 json
 libxml
 mbstring
 openssl
 pcre
 PDO
 pdo_sqlite
 Phar
 Reflection \
 SimpleXML   | no session
 SPL        /
 sqlite3
 standard
 tokenizer
 xml
 xmlwriter
 zlib

Please consider the waste of time building docker images with a symfony distribution without any error fetching the composer packages but which finally end up with a 500 starting the server.

About this issue

Original URL
State: closed
Created 5 years ago
Reactions: 2
Comments: 17 (15 by maintainers)

Commits related to this issue

minor #32215 [HttpFoundation] Throw exception when the "session" extension is not loaded (vudaltsov) This PR was squashed before being merged into the 3.4 branch (closes #32215). Discussion --------... — committed to symfony/symfony by nicolas-grekas 5 years ago

Most upvoted comments

ok, let me think about the best way to do it.

fabpot on Apr 29, 2019

Given the discussion, I’m on the side we should throw an exception when e.g. session_start is not found in FrameworkExtension and a similar one in NativeSessionStorage. PR welcome.

nicolas-grekas on May 11, 2019

After reading this discussion it looks like it’s impossible to implement this feature. Too many extensions depend on what your app actually uses, so it’s impossible to anticipate the requirements.

Instead of this, people would need a tool that executes locally and introspects your app (both your code and vendors code) and gives you the list of PHP extensions needed to run it.

javiereguiluz on May 4, 2019

Also, if we added ext-session to the dependencies of symfony/http-foundation: If I only wanted to build a stateless API and thus disabled session support in Symfony, HttpFoundation should work fine without ext-session, shouldn’t it? Maybe we should rather add a check to the FrameworkExtension and throw a meaningful exception if someone tries to enable sessions with the native storage without having ext-session enabled.

derrabus on May 3, 2019