PHPackages ajgl/sf4-to-sf5-role-unserialization - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. ajgl/sf4-to-sf5-role-unserialization AbandonedLibrary[Authentication & Authorization](/categories/authentication) ajgl/sf4-to-sf5-role-unserialization ==================================== BC layer to keep users logged in after upgrading your Symfony 4 app to Symfony 5. 1.0.1(4y ago)014MIT Since Dec 16Compare [ Source](https://github.com/ajgarlag/AjglSf4ToSf5RoleUnserialization)[ Packagist](https://packagist.org/packages/ajgl/sf4-to-sf5-role-unserialization)[ RSS](/packages/ajgl-sf4-to-sf5-role-unserialization/feed)WikiDiscussions Synced 1mo ago READMEChangelog (1)Dependencies (2)Versions (3)Used By (0) AjglSf4ToSf5RoleUnserialization =============================== [](#ajglsf4tosf5roleunserialization) BC layer to keep users logged in after upgrading your Symfony 4 app to Symfony 5. See [\#44676](https://github.com/symfony/symfony/issues/44676). ❗ This issue has been already fixed in Symfony code. This package is not needed anymore. See [\#44805](https://github.com/symfony/symfony/pull/44805)The problem ----------- [](#the-problem) The `Symfony\Component\Security\Core\Role\Role` and `Symfony\Component\Security\Core\Role\SwitchUserRole` classes were [deprecated](https://github.com/symfony/symfony/pull/22048) in Symfony 4.3 and [removed](https://github.com/symfony/symfony/pull/31723) in Symfony 5.0. But if you are using PHP sessions to keep users logged in and you are using any authentication token that extends the given `AbstractToken`, the authenticated token is being serialized with references to old role classes in your Symfony 4 app. When you upgrade your app to Symfony 5, and the `ContextListener` tries to unserialize the token, the old role classes no longer exist, causing an exception. The exception is caught by Symfony and your users will only see their sessions closed without any reason. This component will provide the missing role classes to prevent the unserialization error. These classes are only needed the first time a token is unserialized after the upgrade, so **it can be safely removed when every Symfony 4 session has been upgraded or removed**. Installation ------------ [](#installation) To install the latest stable version of this component, open a console and execute the following command: ``` $ composer require ajgl/sf4-to-sf5-role-unserialization ``` Uninstallation -------------- [](#uninstallation) To uninstall this component, open a console and execute the following command: ``` $ composer remove ajgl/sf4-to-sf5-role-unserialization ``` License ------- [](#license) This component is under the MIT license. See the complete license in the [LICENSE](LICENSE) file. Reporting an issue or a feature request --------------------------------------- [](#reporting-an-issue-or-a-feature-request) Issues and feature requests are tracked in the [Github issue tracker](https://github.com/ajgarlag/AjglSf4ToSf5RoleUnserialization/issues). Author Information ------------------ [](#author-information) Developed with ♥ by [Antonio J. García Lagar](http://aj.garcialagar.es). If you find this component useful, please add a ★ in the [GitHub repository page](https://github.com/ajgarlag/AjglSf4ToSf5RoleUnserialization). ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community6 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~12 days Total 2 Last Release 1596d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f895b5880bdb002b96abac69a1a6630b4e20c4fbff9dbe3d47b08f0d1b7e2211?d=identicon)[ajgarlag](/maintainers/ajgarlag) --- Top Contributors [![ajgarlag](https://avatars.githubusercontent.com/u/388184?v=4)](https://github.com/ajgarlag "ajgarlag (4 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/ajgl-sf4-to-sf5-role-unserialization/health.svg) ``` [![Health](https://phpackages.com/badges/ajgl-sf4-to-sf5-role-unserialization/health.svg)](https://phpackages.com/packages/ajgl-sf4-to-sf5-role-unserialization) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)