Hi! > Personally I feel the restoring them impossible argument weak, consider > that we allow stuff like serializing resources without even a notice.
Not sure what you mean by that. If you try to serialize resource, you just get an integer. Not ideal, as a remanant of the times in PHP where the approach was "if it doesn't make sense, do whatever and hope the user is ok with that", but certainly it's not "serializing resources". It's "ignoring resources when serializing and producing integers instead". Replacing Exceptions with integers probably won't work that well :) > Based on my own experiences where I had to fix multiple apps when we > introduced the unserializable Closure (mostly error logger and debugging > tools) which got passed as argument in the backtrace I would prefer if > we could remove that restriction. I don't see how we can really remove the underlying problem - Exceptions contain backtraces, which means serializing them tries to serialize a ton of stuff that may be not only not serializable but outright dangerous to carry around - such as keys, passwords, etc. Given how many problems we have had with serialization of complex objects lately, and given that I still see absolutely no practical use of actually serializing exceptions I would rather remove it and reduce the vulnerable surface than keep dealing with dozens of issues that continue to pop up from that. BTW what you mean by "unserializable Closure"? As far as I know you can not serialize Closure. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
