I saw that the new ACL was merged into master but have some concerns about the dependency it creates inside core. Currently the init:acl command is in FrameworkBundle and the Symfony\Component\Security\ACL have dependencies on Doctrine\DBAL as the only thing in core.
I think this should be moved to DoctrineBundle or similar so that we dont have dependencies to third party libraries. I dont see a problem with a developer using the ACL outside symfony have to do some work. As work is already required to use some of the other components like BrowserKit where the Client is a abstract class. Also i think we should create some clear guidelines as to how this should be handled instead of a case by case basis as more and more of this quiestionable stuff gets merged into master. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
