Summary
TimelineCache::forget(Model $subject) (src/Timeline/TimelineCache.php) ignores the $subject argument and calls $this->store()->getStore()->flush() — wiping every cached value in the store, not just this subject's timeline entries.
public function forget(Model $subject): void
{
unset($subject);
$this->store()->getStore()->flush();
}Impact
If the user's app shares the default cache store with sessions, application caches, etc., calling $person->forgetTimelineCache() clears all of those too.
Recommended fix
Replace with tagged-cache invalidation keyed on the keyFor() prefix, e.g.:
public function forget(Model $subject): void
{
$prefix = sprintf(
'%s:%s:%s:',
config('activity-log.cache.key_prefix', 'activity-log'),
str_replace('\\\\', '_', $subject::class),
(string) $subject->getKey(),
);
// Use Cache::tags() if driver supports it, otherwise track keys per subject.
}Tracked by docs spec
Finding A3 in the upcoming docs restructure.
Summary
TimelineCache::forget(Model $subject)(src/Timeline/TimelineCache.php) ignores the$subjectargument and calls$this->store()->getStore()->flush()— wiping every cached value in the store, not just this subject's timeline entries.Impact
If the user's app shares the default cache store with sessions, application caches, etc., calling
$person->forgetTimelineCache()clears all of those too.Recommended fix
Replace with tagged-cache invalidation keyed on the
keyFor()prefix, e.g.:Tracked by docs spec
Finding A3 in the upcoming docs restructure.