bug #1743 do not implement __serialize() for users without passwords (xabbuh)

This PR was squashed before being merged into the 1.x branch.

Discussion
----------

do not implement `__serialize()` for users without passwords

Commits
-------

d67cf83 fix the Maker test environment
fafd951 run tests with Symfony 7.3
4ba90e1 do not implement __serialize() for users without passwords

Author: xabbuh

.github/workflows/ci-linux.yaml

@@ -45,7 +45,7 @@ jobs:
                     - '8.3'
                 symfony-version:
                     - '6.4.*'
-                    - '7.2.*'
+                    - '7.3.*'
                 dependency-versions: ['highest']
                 include:
                     # testing lowest PHP+dependencies with lowest Symfony

src/Security/UserClassBuilder.php

@@ -38,7 +38,7 @@ public function addUserInterfaceImplementation(ClassSourceManipulator $manipulat
 
         $this->addPasswordImplementation($manipulator, $userClassConfig);
 
-        if (class_exists(IsGrantedContext::class)) {
+        if (class_exists(IsGrantedContext::class) && $userClassConfig->hasPassword()) {
             $this->addSerialize($manipulator);
         }
 

src/Test/MakerTestEnvironment.php

@@ -246,7 +246,7 @@ private function buildFlexSkeleton(): void
         $flexProjectDir = \sprintf('flex_project%s', $targetVersion);
 
         MakerTestProcess::create(
-            \sprintf('composer create-project symfony/skeleton%s %s --prefer-dist --no-progress', $versionString, $flexProjectDir),
+            \sprintf('composer create-project symfony/skeleton%s %s --prefer-dist --no-progress --keep-vcs', $versionString, $flexProjectDir),
             $this->cachePath
         )->run();
 
@@ -260,7 +260,7 @@ private function buildFlexSkeleton(): void
         }
 
         // fetch a few packages needed for testing
-        MakerTestProcess::create('composer require phpunit browser-kit symfony/css-selector --prefer-dist --no-progress --no-suggest', $this->flexPath)
+        MakerTestProcess::create('composer require phpunit:1.1.* browser-kit symfony/css-selector --prefer-dist --no-progress --no-suggest', $this->flexPath)
                         ->run();
 
         if ('\\' !== \DIRECTORY_SEPARATOR) {

tests/Security/fixtures/expected/UserEntityWithoutPassword.php

@@ -67,17 +67,6 @@ public function setRoles(array $roles): static
         return $this;
     }
 
-    /**
-     * Ensure the session doesn't contain actual password hashes by CRC32C-hashing them, as supported since Symfony 7.3.
-     */
-    public function __serialize(): array
-    {
-        $data = (array) $this;
-        $data["\0" . self::class . "\0password"] = hash('crc32c', $this->password);
-        
-        return $data;
-    }
-
     #[\Deprecated]
     public function eraseCredentials(): void
     {

tests/Security/fixtures/expected/UserModelWithoutPassword.php

@@ -52,17 +52,6 @@ public function setRoles(array $roles): static
         return $this;
     }
 
-    /**
-     * Ensure the session doesn't contain actual password hashes by CRC32C-hashing them, as supported since Symfony 7.3.
-     */
-    public function __serialize(): array
-    {
-        $data = (array) $this;
-        $data["\0" . self::class . "\0password"] = hash('crc32c', $this->password);
-        
-        return $data;
-    }
-
     #[\Deprecated]
     public function eraseCredentials(): void
     {