Hi
Am 2025-11-07 01:13, schrieb Dmytro Kulyk:
I’ve updated the RFC to include the new class-level behavior —
applying #[NoSerialize] to a class now forbids its serialization by
throwing, using the same internal mechanism as built-in
non-serializable classes (e.g., CurlHandle, Random\Engine\Secure).
This update aligns the proposal with existing engine semantics and
unifies both property-level skipping and class-level prohibition under
a single attribute.
The inheritance model has also been clarified: class-level
#[NoSerialize] is inherited (“sticky”) and cannot be overridden in
subclasses.
Updated RFC:
https://wiki.php.net/rfc/no_serialize_attribute
Thank you. The updated RFC is looking good to me. I also appreciate that
you kept a changelog within the RFC.
One thing you could mention and that should be done as part of the RFC
is migrating all existing classes with `@not-serializable` to make use
of the attribute instead. That's also what has been done when the
`#[\Deprecated]` attribute was introduced. Other than that, I don't have
any further comments.
Best regards
Tim Düsterhus
