I think I finally understood why dependency injection is very wrong in the normalizers and now fully support making this very impossible. Unless one uses the snapstore, each event will be deserialized every single time upon saving and if I do a database request every single time then the workload is intense.

My problem is probably that I designed the aggregate a bit too big and thus assuming I need to have all the information here. It is a very interesting learning curve coming from a standard ORM where I always have all information available. I have realized that every normalization comes with a cost, that with n-events hurts the performance. That was really good to understand and learn more about it and I thank you for your super valuable input - made me realize I do have to refactor in a second iteration :D

This code adds dependency injection to phpsu

Warning: php 7.2 support is not removed but will not be tested anymore due to incompatibilites with dependencies and the amount of work that would go into making it work Travis has been replaced with github actions because of slow responses and composer version issues One test had to be temporarily disabled, as the container has to run in root until that gets fixed

Will be addressed in a new pull request with reduced features

This issue is meant more for discussion than for immediate action

If we have an event, that has e.g. a doctrine entity as a property, then it currently is not possible to get access to the data inside that event.

My aggregate only saves the ID to the payload. In my Normalizer I then retrieve that ID and turn that into an actual object. My thinking is, to use ProxyObjects that are going to be resolved, if the aggregate actually needs more than the ID.

Currently I am adding a static function to the entity that creates an entity with just its ID but from there I could actually never repopulate the entity data.

To support Injection, we'd just need a ContainerAware AttributeEventMetadataFactory, that, when calling normalizer() would then also add the necessary properties.

Is this Idea something useful for others?

Part of me thinks we should at least have a property allowing to re-enable this behaviour. As we currently dont actively test for shared databases or shared database-files, it's probably okay to just keep it in mind until we actually need it somewhere.

Please add tests

Bump minimatch from 3.0.4 to 3.0.8

Bumps minimatch from 3.0.4 to 3.0.8.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: minimatch dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #49 from ChrisB9/dependabot/npm_and_yarn/minimatch-3.0.8

Bump minimatch from 3.0.4 to 3.0.8

Bumps minimatch from 3.0.4 to 3.0.8.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bump loader-utils from 2.0.0 to 2.0.4

Bumps loader-utils from 2.0.0 to 2.0.4.

• Release notes
• Changelog
• Commits

updated-dependencies:

• dependency-name: loader-utils dependency-type: indirect ...

Signed-off-by: dependabot[bot] support@github.com

Merge pull request #50 from ChrisB9/dependabot/npm_and_yarn/loader-utils-2.0.4

Bump loader-utils from 2.0.0 to 2.0.4

Bumps loader-utils from 2.0.0 to 2.0.4.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sorry for replying late, and happy late new year

I am using normal entities and event sourced models side-by-side. Lets say I have a Member Model as a normal entity and some WorkingHistory as an event model. Whenever the API saves something into the WorkingHistory, I do not want to save the entirety of User into the WorkingHistory-Table, that would completely bloat that table and the serialization would take forever.

I do agree, the normalizer might be actually the wrong place to populate the object as it would do that to every event and not just my most current one – but if the member data is only retrieved on access (proxied), then I should have no issue there and can fully interact with the result from my Aggregate or Projection.

This is how it currently looks like:

public function __construct(
        #[Normalize(new WorkingHistoryJsonNormalizer())]
        public readonly WorkingHistoryEntry $entry,
        #[Normalize(new MemberNormalizer())]
        public readonly Member              $member,
    )
    {
    }

public function denormalize(mixed $value): Member|null
    {
        if ($value === null) {
            return null;
        }
        if (is_string($value)) {
            // this just returns an empty Member Object with only a uuid
            return Member::fromUuid(Uuid::fromString($value));
        }
        throw new \Exception('some error');
    }

Remove wrong link in about file

Fix production dockerfile

Bumps json5 from 1.0.1 to 1.0.2.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps express from 4.17.1 to 4.18.2.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps qs from 6.5.2 to 6.5.3.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps decode-uri-component from 0.2.0 to 0.2.2.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Update website to php 8.2 and symfony 6

Merge pull request #48 from ChrisB9/upgrade-dependencies

Update website to php 8.2 and symfony 6