Symfony version(s) affected

6.1.*

Description

An issue with a method named cancel(): void on a serialized object.
On object normalization, PropertyAccessor recognizes cancel() as an accessor canCel() and mistakenly invokes cancel(),
the result contains key cel and modified data.

{
...
+"status": "CANCELED"
+"cel": null
}

To prevent this behavior, I placed an #[Ignore] attribute on the method but got an exception

Ignore on "Subscription::cancel()" cannot be added. Ignore can only be added on methods beginning with "get", "is", "has", or "set".

How to reproduce

Consider the following code:

use Symfony\Component\Serializer\Annotation\Ignore;

class Subscription
{
    public function __construct(
        private string $status = 'ACTIVE',
    )
    {
    }

    #[Ignore]
    public function cancel(): void
    {
        $this->status = 'CANCELED';
    }

    public function getStatus(): string
    {
        return $this->status;
    }
}

$subscription = new Subscription();

$serializer->serialize($subscription, 'json');

When serializing without the #[Ignore] attribute, cancel() is invoked, but with #[Ignore] applied, an exception is raised.

Possible Solution

Update Symfony\Component\Serializer\Mapping\Loader\AnnotationLoader regex with can: '/^(get|is|has|set|can)(.+)$/i'

Additional Context

No response