Skip to content

0.34.x#226

Open
loks0n wants to merge 151 commits into0.33.xfrom
0.34.x
Open

0.34.x#226
loks0n wants to merge 151 commits into0.33.xfrom
0.34.x

Conversation

@loks0n
Copy link
Copy Markdown
Contributor

@loks0n loks0n commented Mar 13, 2026

No description provided.

lohanidamodar and others added 30 commits July 6, 2023 06:24
@lohanidamodar
adapters and refactor request and response
e817592
@lohanidamodar
Merge remote-tracking branch 'origin/feat-routing-v2' into feat-v2
ee75d8a
@lohanidamodar
update test and fix
02006b2
@lohanidamodar
fix lint
151434c
@lohanidamodar
fix tests
af83713
@lohanidamodar
fixes
4260458
@lohanidamodar
fix param reference
4355dfa
@lohanidamodar
downgrade symfony console
29909da
@lohanidamodar
downgrade phpbench
63121c8
@lohanidamodar
remove leftover code
b6d83d5
@lohanidamodar
move namespace
9fbb075
@lohanidamodar
fix formatting
f23bbe8
@lohanidamodar
update constructor
45beee6
@lohanidamodar @eldadfux
Update src/Adapter/Swoole/Server.php
d8350d1 
Co-authored-by: Eldad A. Fux <eldad.fux@gmail.com>
@lohanidamodar
Merge branch 'feat-v2' of https://github.com/utopia-php/framework int…
415a236 
…o feat-v2
@lohanidamodar
fix test
146ae35
@lohanidamodar
update readme
4eeddf7
@lohanidamodar
file loading support in servers
803dddc
@lohanidamodar
fix and update test for both server adapters
1876af8
@lohanidamodar
fix test flow
cbe0901
@lohanidamodar
fix parameter name
c2e70ab
@lohanidamodar @eldadfux
Update src/Adapter.php
136c318 
Co-authored-by: Eldad A. Fux <eldad.fux@gmail.com>
@lohanidamodar @eldadfux
Update src/Adapter.php
a3bdb49 
Co-authored-by: Eldad A. Fux <eldad.fux@gmail.com>
@lohanidamodar
update dockerfile name
ab04d15
@lohanidamodar
update readme
8b448f6
@lohanidamodar
abstract away app start
eaf63bd
@lohanidamodar
rename dockerfile
bd9ff87
@lohanidamodar
rename App -> Http
c8de4cc
@lohanidamodar
fix formatting
644687b
@lohanidamodar
update namespace
4bcf458
loks0n and others added 19 commits May 22, 2025 19:12
@loks0n
fix: duplicate
35839e9
@loks0n
fix: prevent callable strings
2cad921
@loks0n
Merge pull request #172 from utopia-php/fix-prevent-callable-strings
349d403 
fix: prevent callable strings
@Meldiron
trigger ci/cd checks
569d423
@Meldiron
Make CI/CD checks pass
f23a6e7
@Meldiron
Add cookies header support for swoole
9d62aad
@Meldiron
Merge pull request #178 from utopia-php/fix-cookie-headers
9e8cd49 
Fix: Cookie headers
@Meldiron
Improve cookie handling
4700d38
@Meldiron
Logical fixes & new tests
abe3304
@Meldiron
Merge pull request #180 from utopia-php/feat-improve-cookie-handling
be935b1 
Feat: Improve cookie handling
@Meldiron
Allow array for headers
d19da13
@Meldiron
Merge pull request #182 from utopia-php/feat-array-headers
334b99d 
Feat: Allow array for headers
@ChiragAgg5k
Fix array to string conversion warning in Request::getSize()
2b500d0 
Headers can now be arrays (after recent changes allowing array headers).
The getSize() method was attempting to directly implode headers, causing
a warning when a header value was an array.

This fix properly handles both string and array header values by joining
array values with commas (standard HTTP header format) before calculating
the request size.

Added test case to verify the fix works correctly with array headers.
@ChiragAgg5k
Merge pull request #195 from utopia-php/fix-array-header-size-calcula…
2c652b6 
…tion
@ChiragAgg5k
feat: remove validators and use utopia validators lib
b73e9e8
@abnegate
Merge pull request #199 from utopia-php/feat-remove-validator
3571c49 
feat: remove validators and use utopia validators lib
@hmacr
Convert hostname to lowercase (#214)
396a8e3
@ChiragAgg5k
chore: bump validators lib (#218)
d60c9ce
@ChiragAgg5k @loks0n
Move resource ownership into utopia-php/di (#220)
15d1195 
* Use utopia-php/di for resource injection

* Move resource ownership into utopia-php/di

* Update DI branch dependency

* update getting started

* update

* update

* update appwrite base version

* update to use php 8.2

* fix: restore php 8.2 test runtime

* chore: use container scopes

* remove utopia keyword

* remove optional container in run

* remove optional container in run

* renaming

* remove public getContainer

* fix getcontainer

* fix getcontainer

* update

* remove tests

* make public

* remove tests

* add scoped request containers

* cleanup

* feat: request scopes

* fixes

---------

Co-authored-by: loks0n <22452787+loks0n@users.noreply.github.com>
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Mar 13, 2026

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d29c187e-8381-420b-ab45-9fec0cd3a823

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch 0.34.x
📝 Coding Plan
  • Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ChiragAgg5k
feat: split Swoole adapters, add compression, adopt utopia-php/servers (
2b4021b 
#230)

* feat: split Swoole adapters, add compression support, and adopt utopia-php/servers

- Split Swoole adapter into Swoole (SWOOLE_PROCESS) and SwooleCoroutine (coroutine-based) servers
- Add response compression support with configurable min size and algorithm selection
- Migrate Hook to utopia-php/servers and Route now extends Servers\Hook
- Add View class for template rendering
- Add trusted IP header support and IP validation in Request
- Enhance Response with cookie management, content-type helpers, and chunked transfer
- Add utopia-php/servers and utopia-php/compression dependencies
- Fix server-swoole.php test server to work with non-coroutine Swoole adapter
- Disable Swoole cookie parsing to preserve raw Cookie headers

* fix: address Greptile review comments on PR #230

- Remove Content-Length before re-adding after compression to prevent duplicate headers
- Defer onStart callback into coroutine event loop for SwooleCoroutine adapter consistency
- Add null-coalescing fallback for preg_replace in View::render
- Add void return types to compression setter methods for API consistency

* add telemetry
@ChiragAgg5k
Fix Swoole coroutine server lifecycle (#231)
d3e4143
@greptile-apps
Copy link
Copy Markdown

greptile-apps bot commented Apr 6, 2026
edited
Loading

Greptile Summary

This PR introduces the 0.34.x branch, adding split Swoole/SwooleCoroutine adapters, telemetry (OpenTelemetry-compatible metrics), compression support, and DI container isolation per request. The most significant new finding is in src/Http/Http.php: the onRequest hook error handler catches \Exception only, meaning PHP internal Errors (e.g., TypeError) thrown from request hooks bypass the framework's error handler entirely. The same issue exists in the start() hook handler. The execute() method correctly uses \Throwable — these two catch sites should match it.

  • P1 (src/Http/Http.php line 877): catch (\Exception $e) in request hooks lets PHP Errors escape uncaught, bypassing all configured error handlers. Same issue at the start-hook catch (line 646).
  • P2 (src/Http/Http.php line 959): elseif (REQUEST_METHOD_OPTIONS == $method) is dead code — the earlier if block at line 915 always handles OPTIONS and returns before this branch is reachable.

Confidence Score: 3/5

Needs fixes before merging — the P1 \Exception-only catch in request hooks lets PHP Errors bypass all error handlers, and prior review threads flagged several additional open issues (activeRequests counter leak, Swoole getSize returning zero, missing port cast).

One confirmed P1 defect (request-hook errors escaping the error handler) plus several open items from previous review threads that appear unresolved. Score reflects that this is a significant architectural PR that is close but needs targeted fixes on Http.php before it is safe to ship.

src/Http/Http.php requires the most attention — P1 catch-block fix, removal of dead OPTIONS branch, and the previously flagged activeRequests try/finally gap.

Important Files Changed

Filename Overview
src/Http/Http.php Core HTTP orchestration class — contains a P1 bug where \Exception-only catch in request hooks lets PHP Errors bypass the error handler, dead unreachable OPTIONS branch, and a gap in the isSent() guard for group init hooks.
src/Http/Adapter/Swoole/Server.php Process-mode Swoole server adapter — correctly casts port to int; sets per-request coroutine container but lacks try/finally cleanup (noted in previous threads).
src/Http/Adapter/SwooleCoroutine/Server.php Coroutine Swoole adapter — correctly uses try/finally for container cleanup; missing (int) cast for port (noted in previous threads).
src/Http/Adapter/Swoole/Response.php Swoole response adapter — spurious (string) cast in sendStatus (noted in previous threads); otherwise straightforward delegation to Swoole response object.
src/Http/Request.php Abstract request base class — getSize() uses php://input which returns empty in Swoole adapters (noted in previous threads); otherwise well-structured abstract interface.
src/Http/Adapter/FPM/Server.php FPM server adapter — simple synchronous single-request lifecycle; no issues found.

Reviews (4): Last reviewed commit: "Skip action if response already sent by ..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 6, 2026
View reviewed changes
src/Http/Adapter/Swoole/Response.php
*/
protected function sendStatus(int $statusCode): void
{
$this->swoole->status((string) $statusCode);
Copy link
Copy Markdown

@greptile-apps greptile-apps bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Unnecessary (string) cast in sendStatus

Swoole\Http\Response::status() has the signature status(int $http_status_code, string $reason = ''): bool. $statusCode is already typed as int by the parent abstract method — casting it to string before passing it in is at best a no-op (PHP coerces it back) and could cause a TypeError if Swoole ever enforces strict typing internally. The cast should be removed.

Suggested change
$this->swoole->status((string) $statusCode);
$this->swoole->status($statusCode);

src/Http/Adapter/Swoole/Server.php
Comment on lines +29 to +36
$this->server->on('request', function (SwooleRequest $request, SwooleResponse $response) use ($callback) {
$requestContainer = new Container($this->container);
$requestContainer->set('swooleRequest', fn () => $request);
$requestContainer->set('swooleResponse', fn () => $response);

Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY] = $requestContainer;

\call_user_func($callback, new Request($request), new Response($response));
Copy link
Copy Markdown

@greptile-apps greptile-apps bot Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Missing try/finally cleanup for coroutine context

The SwooleCoroutine\Server variant wraps the callback invocation in a try/finally to unset(Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY]) after each request, ensuring stale per-request containers don't linger if an exception escapes. The process-mode Swoole\Server does not do this:

Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY] = $requestContainer;
\call_user_func($callback, new Request($request), new Response($response));
// No cleanup

Although Swoole destroys each request coroutine's context automatically when the coroutine exits, adding the matching try/finally here keeps the two adapters consistent and guards against any future change that reuses coroutines across requests:

Suggested change
$this->server->on('request', function (SwooleRequest $request, SwooleResponse $response) use ($callback) {
$requestContainer = new Container($this->container);
$requestContainer->set('swooleRequest', fn () => $request);
$requestContainer->set('swooleResponse', fn () => $response);
Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY] = $requestContainer;
\call_user_func($callback, new Request($request), new Response($response));
Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY] = $requestContainer;
try {
\call_user_func($callback, new Request($request), new Response($response));
} finally {
unset(Coroutine::getContext()[self::REQUEST_CONTAINER_CONTEXT_KEY]);
}

greptile-apps[bot]
greptile-apps bot reviewed Apr 7, 2026
View reviewed changes
src/Http/Request.php
Comment on lines 353 to 365
public function getSize(): int
{
return \mb_strlen(\implode("\n", $this->generateHeaders()), '8bit') + \mb_strlen(\file_get_contents('php://input'), '8bit');
$headers = $this->generateHeaders();
$headerStrings = [];
foreach ($headers as $key => $value) {
if (\is_array($value)) {
$headerStrings[] = $key . ': ' . \implode(', ', $value);
} else {
$headerStrings[] = $key . ': ' . $value;
}
}
return \mb_strlen(\implode("\n", $headerStrings), '8bit') + \mb_strlen(\file_get_contents('php://input'), '8bit');
}
Copy link
Copy Markdown

@greptile-apps greptile-apps bot Apr 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 getSize() reads php://input — incorrect for Swoole adapters

The base getSize() calls file_get_contents('php://input') to measure the request body size. This works under PHP-FPM, but in Swoole the request body is only accessible via $swoole->rawContent() — PHP's php://input stream is empty in that context.

Neither Swoole/Request.php nor SwooleCoroutine/Request.php override getSize(). Because Http::run() now calls $this->requestBodySize->record($request->getSize(), ...) for the new telemetry, all Swoole requests will report zero bytes for the body in the http.server.request.body.size metric.

Fix: override getSize() in Swoole/Request.php to use rawContent() for the body component:

public function getSize(): int
{
    $headers = $this->generateHeaders();
    $headerStrings = [];
    foreach ($headers as $key => $value) {
        $headerStrings[] = is_array($value)
            ? $key . ': ' . implode(', ', $value)
            : $key . ': ' . $value;
    }
    return mb_strlen(implode("\n", $headerStrings), '8bit')
         + mb_strlen($this->swoole->rawContent(), '8bit');
}

SwooleCoroutine/Request.php extends Swoole/Request.php, so it will inherit the fix.

@ChiragAgg5k
Use Swoole parsed cookies again (#233)
995c119 
* Use Swoole parsed cookies again

* Skip Swoole test without extension

* Remove Swoole adapter unit test
greptile-apps[bot]
greptile-apps bot reviewed Apr 8, 2026
View reviewed changes
src/Http/Http.php
Comment on lines +822 to +848
public function run(Request $request, Response $response): static
{
$this->activeRequests->add(1, [
'http.request.method' => $request->getMethod(),
'url.scheme' => $request->getProtocol(),
]);

$start = microtime(true);
$result = $this->runInternal($request, $response);

$requestDuration = microtime(true) - $start;
$attributes = [
'url.scheme' => $request->getProtocol(),
'http.request.method' => $request->getMethod(),
'http.route' => $this->route?->getPath(),
'http.response.status_code' => $response->getStatusCode(),
];
$this->requestDuration->record($requestDuration, $attributes);
$this->requestBodySize->record($request->getSize(), $attributes);
$this->responseBodySize->record($response->getSize(), $attributes);
$this->activeRequests->add(-1, [
'http.request.method' => $request->getMethod(),
'url.scheme' => $request->getProtocol(),
]);

return $result;
}
Copy link
Copy Markdown

@greptile-apps greptile-apps bot Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 activeRequests counter leaks when runInternal throws

run() increments the active-requests counter before calling runInternal(), but the matching decrement sits after the call with no try/finally guard. runInternal can throw — for example, when an error handler itself raises an exception the code explicitly re-throws:

throw new Exception('Error handler had an error: ' . $e->getMessage(), 500, $e);

If that path is taken the add(-1) call on line 842 is skipped, and the http.server.active_requests gauge is permanently over-counted by one for every such request. Over time this makes the metric untrustworthy.

The fix is to wrap the post-call telemetry in a try/finally:

$start = microtime(true);
try {
    $result = $this->runInternal($request, $response);
} finally {
    $requestDuration = microtime(true) - $start;
    $attributes = [
        'url.scheme' => $request->getProtocol(),
        'http.request.method' => $request->getMethod(),
        'http.route' => $this->route?->getPath(),
        'http.response.status_code' => $response->getStatusCode(),
    ];
    $this->requestDuration->record($requestDuration, $attributes);
    $this->requestBodySize->record($request->getSize(), $attributes);
    $this->responseBodySize->record($response->getSize(), $attributes);
    $this->activeRequests->add(-1, [
        'http.request.method' => $request->getMethod(),
        'url.scheme' => $request->getProtocol(),
    ]);
}
return $result;

@loks0n @claude
Skip action if response already sent by init hook (#234)
d6b360d 
* Skip action if response already sent by init hook

If an init hook (e.g. cache) calls $response->send(), the action should
not run — the response has already been delivered to the client. Without
this guard the action executes in full, wasting worker time on work
whose output is immediately discarded.

Shutdown hooks still run so metrics, billing, and other teardown logic
are unaffected.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Fix: pass Response to execute() so isSent() guard is in scope

The 0.34.x execute() method had dropped the Response parameter compared
to 0.33.x, meaning $response->isSent() in the action guard would be an
undefined variable. Restore the parameter and update all call sites in
the test suite.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
greptile-apps[bot]
greptile-apps bot reviewed Apr 12, 2026
View reviewed changes
src/Http/Http.php
$arguments = $this->getArguments($hook, [], []);
\call_user_func_array($hook->getAction(), $arguments);
}
} catch (\Exception $e) {
Copy link
Copy Markdown

@greptile-apps greptile-apps bot Apr 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Request hook errors not caught by error handler

The onRequest hook catch block uses \Exception, but PHP fatal errors (e.g., TypeError, ArithmeticError, Error) extend \Throwable, not \Exception. Any PHP internal error thrown inside a request hook will bypass this catch block entirely, skipping the error handler and propagating to the Swoole/FPM layer uncaught. The execute() method correctly uses \Throwable (line 745) — the same fix is needed here and at the start() hook catch (line 646).

Suggested change
} catch (\Exception $e) {
} catch (\Throwable $e) {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.