prezly / forbid-serialization
Micro-package with a handy trait to forbid serialization of specific class in PHP
Installs: 106 198
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 6
Forks: 0
Open Issues: 0
Requires
- php: ^7.4||^8.0
Requires (Dev)
- phpunit/phpunit: ~8.0
README
Prezly's ForbidSerialization is a micro-package with a handy trait to forbid serialization of specific class in PHP.
This is because standard PHP serialize()
function can serialize anything,
even instances you'd never want to be serialized. So ForbidSerialization
is just a nice easy way to opt-out whenever you do not intentionally want
an object to be serialized (which should be the default in 99.99% of all cases).
See this awesome talk from Marco Pivetta on Extremely Defensive PHP. Specifically the part about serialization: https://youtu.be/Gl9td0zGLhw?t=2352
Usage
Usage is as simple as adding use ForbidSerialization
to any class.
Only make sure you do not override __sleep()
or __serialize()
methods.
use Prezly\ForbidSerialization\ForbidsSerialization; class AmazonWebServicesIntegrationService { use ForbidsSerialization; // ... }
Changelog
Credits
Brought to you with ❤️ by Prezly.