Introduce #post_render_cache callback to allow for personalization without breaking the render cache

Attached are five different patches:

1. post_render_cache_ONLY.patch: to show only the changes to the render system plus test coverage (60% of the patch is test coverage)
2. post_render_cache_and_placeholder-2118703-1.patch: same as 1, plus the new #type = render_cache_placeholder element type (>50% is test coverage)
3. post_render_cache_USE_CASE_history-do-not-test.patch: only the changes for the "new and updated markers" use case; this patch would solve #2073535: Node history markers require an HTTP request — this implements delivery mechanism 3, and by simply unset()ting the #post_render_cache callbacks, the JS settings won't be added anymore, and the JS will start making HTTP requests again, i.e. automatic fallback to mechanism 2
4. post_render_cache_USE_CASE_comment_form-do-not-test.patch: only the changes for the "comment form on same page" use case; this patch would solve #2099133: Comment form on same page as comments forces node render caching to be per user — this implements delivery mechanism 1
5. post_render_cache_DEMO_EVERYTHING-do-not-test.patch: all of the above combined, for demo purposes

Hopefully that will make this easier to review. Patch 2 is the one being proposed for inclusion in Drupal 8 core.

Explain why we can't just change #post_render instead of introducing a new callback.

#2: Unfortunately, pretty much all of your points are incorrect. That's either because you don't fully grok what's going on, or — far more likely — because I've failed to explain everything sufficiently clearly in my issue summary.
I think all of your concerns can be clarified by an updating of the issue summary. So I did that: https://drupal.org/node/2118703/revisions/view/2887805/2887861.

Nevertheless, I still formulated a reply:

One disadvantage of client side / JavaScript solutions that isn't noted is that at best you are including the unpersonalised data in the source code, and at worst you are showing it to the user while waiting for the personalised data to be downloaded.

Both are utterly wrong. Unpersonalized data in the source, as in "universal truths", such as data-comment-author-user-id="99777" don't harm anyone. And of course you must not show anything until the personalized data is available.
That's precisely what #1991684: Node history markers (comment & node "new" indicator, "x new comments" links) forces render caching to be per user already has done for many weeks in D8 HEAD, and it's what I explain in http://wimleers.com/talk/really-fast-drupal-8.

One use case where this might not be desirable would be if you were using the personalisation to add up to the second prices to the page, as the source code might show lower prices from when they were last cached a few hours ago.

If your main content needs to be personalized, of course this is not your solution. In that case, you always want mechanism 1. In fact, that's also why I use mechanism 1 for #2099133: Comment form on same page as comments forces node render caching to be per user: the comment form is not a small thing, it's a primary component on the page, so you sacrifice performance for personalization.

Option 3 seems to be the worst of both worlds: You're dependent on JavaScript (which 1 avoids), yet can't cache the output (which 2 avoids). The only advantage over option 1 seems to be that it moves the work of replacing the tokens onto the client side, but is that really too expensive to always do server side?

I think you're entirely misunderstanding mechanism 3. The entire <BODY> of the page can be cached by the server in the render cache. Only drupalSettings will be calculated for each page load.
Only mechanism 1 is intended to be used for replacing placeholders! Consequently, only mechanism 1 is intended for "primary components on the page" (large chunks of content). Mechanisms 2 and 3 are only intended for "secondary components on the page" (metadata/tiny chunks of content). You could in theory also use mechanism 1 for "secondary components", at significant cost (see later).

Have we got performance figures to show that replacing tokens is too slow, and if so are there methods we could use to improve this performance rather than use option 3? This is basic functionality for twig, so I imagine it has optimised it well.

All of this is entirely unrelated to Twig. Generating 10 bits of metadata to be stored in drupalSettings is clearly much faster than having 10 callbacks each render a whole chunk of HTML, then searching 50 KiB of HTML.
Render time + huge string manipulation times the number of personalizations is clearly inherently slower than generating a few hundred bytes of metadata.

If you've got a site serving hundreds of times its usual traffic then even option two is unlikely to work, as the ajax requests cannot be cached in a reverse proxy. The only solution is to add hardware or turn off personalisation until traffic calms down.

No.

First: everything would continue to work just fine, since the site is being served from a reverse proxy. The only thing that might fail, is the personalized stuff. Loss of personalization in case of high load: I'd sign up for that any time.
Second: AJAX/JSON requests are cacheable. You just have to make sure you cache them by user (or location or whatever context they depend on). You pretend like they're inherently uncacheable, and that is utterly wrong.
Third: hundreds of times usual traffic does not imply hundreds of times AJAX/JSON requests. Remember, the accompanying JS should apply client-side caching of the results it gets from talking to the server. So it should only be a fraction. And even then, remember that the web servers are mostly idle, because there's a reverse proxy in front of them. Furthermore, AJAX/JSON requests typically require less computation.

Hence I think that your reasoning is not well-founded.

Explain for each of the three mechanisms whether they're suitable for large chunks of content or metadata/tiny chunks of content.

#4:

1/ :)
2/ Yes, there's a dependency on JavaScript in mechanisms 2 and 3. But that's not necessarily a bad thing — it may be for your use case. It does inherently give us more possibilities to do smart caching! Plus, by moving some simple logic from the server side to the client-side (i.e. into JS), certain personalization things (e.g. the "by-viewer" class on comments, to allow sites to style comments by the current viewer differently) become 100% cacheable; zero web server CPU time needed.
3/ Per-role settings don't have to be injected using #post_render_cache, since they don't break render caching. It's still possible to do that though. And in any case, there's always going to be only one drupalSettings declaration in the page's <HEAD> if that's what you mean.

RE: "another question": Yes, you can use a combination! That's the whole point, that you can use all three mechanisms. Each has its own pros and cons, and depending on which kind of content it is, its size, and the requirements of your site, you should choose different mechanisms. I've updated the issue summary to make that more explicit: https://drupal.org/node/2118703/revisions/view/2887871/2888719 — clearly this is another thing that I've failed to explain sufficiently clearly :(
BTW, search for "hybrid approach", where I explain how you could use mechanism 3 on one page and 2 on another, to leverage the advantages of each to get a very nice combined end result :)
And finally: see #1, points 2 and 3. There you can see what the implementations of all three mechanisms look like!

#5: request batching! Yes! I/We have mentioned that several times now in other issues. That'd be a very powerful feature! I'd love to have that.

However, that will probably require pretty deep routing system work, potentially requiring big API additions/changes. If we'd have that, it'd make mechanism 2 much more efficient and hence attractive. However, as you say, that's only tangentially related: it's a further improvement, one that would be useful to have independent of the problem being tackled here :)

#6:

Yes, I had thought you were saying option 2 was unsuitable for primary content, so use option 3. If we're only talking secondary content, then that resolves some of my concerns, but means there are many use cases where we would still need option 1.

You're misinterpreting again. Mechanism 3 is also not acceptable for primary content. I've even explicitly stated that in the issue summary now, and linked you to the diff view. How else do you want me to explain this? :(
And yes, of course we still need mechanism 1 in some cases. That's precisely attiks' question: " Can one site use a combination of this proposal, or do we have to select one for all requests?". The answer is: the goal of this issue is to support ALL THREE, and the patch in #1 already does that!

The rest of your comment I will also reply to. But please stop speculating out of thin air in future comments. Please think within the constraints of existing APIs. Thank you.

Clearly the render step will be slower for option 1, but I would expect the difference to be insignificant when a and b are taken into account. Option 1 doesn't mean we have to call str_replace on large rendered strings of HTML.

Wrong. It means exactly that we have to call str_replace() on a huge chunk of HTML.

Instead the render process creates a php script and caches that.

WAT? Are you actually suggesting we generate PHP scripts that are facing the world? Not to mention file permissions problems and the number of potential PHP scripts we'd have to generate, and whatever other security concerns there may be: this clearly is far beyond the APIs that we currently have and is hence unacceptable.

Subsequent requests just call that php script with the personalised data. I know that's what Smarty does internally, I'd imagine twig is the same.

Sigh. Again. This is entirely unrelated to Twig or template systems in general. I see why you might think that though: because of the mention of placeholders. However, if we'd be using a template system for this, we'd be doing it wrong: the point is that all (template) rendering has been done and is cached (for better performance), except for the final bits of personalization, which we need to inject at the very last point possible, after (template) rendering, after caching, because otherwise the personalization would be cached. Hence by necessity, this *is* about simple string placeholder replacement, and not about complete template systems.

The only disadvantages I can see relate to reverse proxies, as you can't use them to cache the pre-personalisation template (which you can for option 3), and you'll fill them up much faster if you cache post-personalisation templates (compared to caching drupalSettings).

As explained in the summary, option 3 is inherently incompatible with reverse proxies.

In order to avoid an endless bikeshed, which is a waste of both of our times: please don't post any further comments until you've had a chance to fully understand the patches and have observed the way each mechanism works. I spent hours writing the issue summary precisely to avoid this kind of misinformed back-and-forth. I don't mind clarifying things in the issue summary and answering questions, but this kind of (superficial) speculation is most unproductive (and extremely frustrating).

Clarify that the proposed solution supports all 3 mechanisms!

#9: Thanks for the review! :)

I'm fine with more hand holding in general. But then we must be certain that that is better. Right now, #post_render_cache callbacks just receive $element = array('#markup' => 'HTML', '#attached' => array('attachments')), and those are precisely the things it can manipulate. (Test coverage ensures it can't manipulate anything else.) That means two things can be modified. So simply returning things won't work: it's possible to both add attachments and replace placeholders in one #post_render_cache callback.
Or am I missing something? :)

1. This is necessary to deal with the "nested #cache'd elements" case. Feel free to remove/disable the $is_recursive_call stuff, but then run tests again and observe which things fail. If you can make those tests pass without adding this parameter, go ahead :)
   I personally hate that new parameter. But it's the simplest solution catch and I could think of (I discussed this with catch in IRC, this is the idea he came up with).
2. Indeed. And it is mentioned in the API changes:
   

   Private API change: drupal_render_cache_get() now returns the cached $element rather than its output (`$element['#markup']`), to allow #post_render_cache callbacks to run.

   Which reminds me: I should add the appropriate tags. Done.

3. You're right. :) That's much better! Thanks, fixed.
4. I was able to slightly simplify it, but I don't think I can simplify it further, because the code aims to guarantee only #markup and #attached can be modified by #post_render_cache callbacks. If you can simplify it further while keeping the tests passing, go ahead! :)
5. This is the exact same code structure as drupal_render_collect_attached() uses. I'd rather follow established patterns than come up with new ones. I personally agree with you though that the code is weird because of the unneeded static.

#10: that would be better also, but thanks to twistor's comment, I noticed it's possible to remove that parameter altogether :)

#13: Oh, I see now :) Yes, that could work. I like it. Let's see what other people think first.
Initial concern: wouldn't that make the implementation of #post_render_cache callbacks too confusing? We could in both cases just always pass $context; then in the mechanism 1 case we allow for a render array to be returned, just like you did; in the mechanism 2/3 case we allow for just an #attached array to be returned. Same signatures (yay), but very different return values (boo). Thoughts?

#14/#15: Oh, we do have a precedent then! Rerolled for a cleaner drupal_render_collect_post_render_cache() :)

#16: lovely, thanks! For those wondering, here's the diff that shows catch's additions: https://drupal.org/node/2118703/revisions/view/2888765/2888975

Updated issue summary.

#18:
Indeed, we're not trying to reinvent ESI. But the point there is that for personalized secondary content, we have one mechanism that is compatible with reverse proxies (mechanism 2) and one that isn't (mechanism 3). For personalized primary content, ESI is the only feasible solution in reverse proxy setups. When not working with a reverse proxy setup, mechanism 1 is the solution.

You're also right that this is about gaining speed, not about losing speed.
When I originally wrote the issue summary, I was particularly thinking about secondary content. When looking at personalized secondary content (e.g. "new" markers or comment "edit" links; which are all similar in pattern, all just slightly different, and typically a large number per page), mechanisms 2 and 3 are superior. It is in that light that I marked mechanism 1 as being the worst. But it's also the only one that's usable for personalized primary content. That's why I am using mechanism 1 in e.g. the "comment form on same page" patch.

I agree the DX is not stellar. But neither is using anything more than the mere basics of the render system! However, I do think it's acceptable, and definitely not overwhelming. If you could improve it, I'm all in favor of though :)

You label the DX in #2099133-4: Comment form on same page as comments forces node render caching to be per user as "silly". I think you say that because it's moving part of the render array into another callback? I can see that. I'd prefer not to have to do that either. I think it makes sense conceptually though: all the generic (non-personalized, or solely depending on user role) stuff sits in the main render array, anything that is personalized for another context than just "role" must use a #post_render_cache callback if you don't want to break the render cache.

Analysis

To ensure I fully grasp the consequences of your proposal, I wanted to rewrite the "silly" patch at #2099133-4 on top of your proposal. However, because it's not completely functioning, I can't. But that doesn't prevent me from analyzing how it would work.
So: when the comment form is displayed on the same page as a node, it breaks the render cache for authenticated users. The code looks like this:

// Only show the add comment form if the user has permission.
if ($this->currentUser->hasPermission('post comments')) {
  $output['comment_form'] = comment_add($entity, $field_name);
}

In your proposal, that would change to:

// Only show the add comment form if the user has permission.
if ($this->currentUser->hasPermission('post comments')) {
  $output['comment_form'] = comment_add($entity, $field_name);
  $output['comment_form']['#delay_render'] = TRUE;
}

Wow — magic! Elegant! Simple! Beautiful, even! I'd love it if we could make mechanism 1 work like this. This is definitely a stellar DX!

So let's now look at the next step in your proposed algorithm: drupal_render() detecting #delay_render, transforming it into an #attached callback, with $token to find the automatically generated placeholder and $elements to render the comment form after it's been retrieved from the render cache, both of which will be serialize()d.

if (!isset($elements['#attached']['drupal_render_delayed'][$token])) {
  $elements['#attached']['drupal_render_delayed'][$token] = $elements;
}

This works. But it has one huge consequence. Depending on what's inside $elements, I fear it's going to serialize a rather large amount of data — think Node and View objects. We can check precisely how much by adding some debug output:

// Only show the add comment form if the user has permission.
if ($this->currentUser->hasPermission('post comments')) {
  $output['comment_form'] = comment_add($entity, $field_name);
  $output['comment_form']['#delay_render'] = TRUE;
  // Debug output.
  var_dump(strlen(serialize($output['comment_form'])));
  var_dump($output['comment_form']);
  exit;
}

The output looks like this:

int 60020
array (size=37)
  '#attributes' => 
    array (size=1)
      'class' => 
        array (size=2)
          0 => string 'node__comment-comment-form' (length=26)
          1 => string 'comment-form' (length=12)
  '#id' => string 'comment-form' (length=12)
  '#theme' => 
    array (size=2)
      0 => string 'comment_form__node__article__comment' (length=36)
      1 => string 'comment_form' (length=12)
  '#action' => string '/comment/reply/node/1/comment' (length=29)
  'author' => 
[… snip …]
  '#validate' => 
    array (size=1)
      0 => 
        array (size=2)
          0 => 
            object(Drupal\comment\CommentFormController)[423]
              ...
          1 => string 'validateForm' (length=12)
  '#submit' => 
    array (size=1)
      0 => 
        array (size=2)
          0 => 
            object(Drupal\comment\CommentFormController)[423]
              ...
          1 => string 'submitForm' (length=10)
  '#processed' => boolean true
  '#defaults_loaded' => boolean true
  '#required' => boolean false
  '#title_display' => string 'before' (length=6)
  '#array_parents' => 
    array (size=0)
      empty

60020 bytes. ±60 KiB!
I don't think that's acceptable. That's probably more than the entire HTML markup that's being render cached (for the node plus all its comments). It fills the cache with huge amounts of metadata, hence decreasing the number of render cache entries that can be stored. It makes retrieving data from the render cache more expensive.

Comparison

That problem does not occur in my implementation, because it allows us to enforce object identifier-based serialization: you have to specifically define the context — in the comment form case that would be:

+              '#context' => array(
+                'entity_type' => $entity->entityType(),
+                'entity_id' => $entity->id(),
+                'field_name' => $field_name
+              ),

Conclusion

I'd love to see mechanism 1 work the way you proposed. It's a zillion times more elegant. But unless we can solve the "serialize huge blobs of data" problem, I don't see how we can consciously choose this. :(

#20: optimizing serialization of huge objects still results in huge objects. Look at #2027795-5: Optimize content entity serialization: from 13000 bytes to 5800 bytes (assuming that's bytes). Plus, that still won't help with pretty darn complex and huge $elements render arrays either — even if you assume the serialized objects become tiny, they're still going to be huge! For example, this is just for the "name" field of the author of a comment form. A tiny part of a super simple form:

  'author' => 
    array (size=15)
      'name' => 
        array (size=23)
          '#type' => string 'item' (length=4)
          '#title' => string 'Your name' (length=9)
          '#default_value' => string 'root' (length=4)
          '#required' => boolean false
          '#maxlength' => int 60
          '#size' => int 30
          '#value' => string 'root' (length=4)
          '#theme' => string 'username' (length=8)
          '#account' => 
            object(Drupal\Core\Session\UserSession)[93]
              ...
          '#input' => boolean true
          '#markup' => string '' (length=0)
          '#theme_wrappers' => 
            array (size=1)
              ...
          '#defaults_loaded' => boolean true
          '#tree' => boolean false
          '#parents' => 
            array (size=1)
              ...
          '#array_parents' => 
            array (size=2)
              ...
          '#weight' => int 0
          '#processed' => boolean false
          '#attributes' => 
            array (size=0)
              ...
          '#title_display' => string 'before' (length=6)
          '#id' => string 'edit-name' (length=9)
          '#name' => string 'name' (length=4)
          '#sorted' => boolean true

That's why I believe that regardless of any such optimizations, this is the wrong way to go.

The comparison to $form_state doesn't hold IMHO: form state must be able to be arbitrarily complex and large, because forms can be arbitrarily large and complex. Render caching needs to be efficient.

#21: I don't understand what you mean. Are you referring to the #pre_render usage of drupal_render_cache_by_query()?
(And by "current patch", do you mean amateescu's or mine?)

#24: Thanks for the clarification, now I understand :)

I see the rationale, but I fear this is more difficult than what I'm proposing, because it changes the semantics of #pre_render entirely. Normally, anything that is #pre_rendered or #post_rendered will end up in the render cache. In your proposal, there would be a modifier for #pre_render to make it effectively run after the render cache. Which IMHO is very tricky/confusing/easy to miss.

That being said, we could of course just call it #post_render_cache like in my patch instead of a modifier for #pre_render, to avoid any confusion, but still make it work exactly like #pre_render: this would save us from introducing a new pattern. Then, it seems, it's possible to do what you propose, yet still maintain conceptual clarity.

However … there is one problem with this approach that none of us has noticed so far, and it's hiding in plain sight. It's this: how do you determine the #some, #which, #passed etc. properties that provide context in your example? That's indeed how #pre_render gets its context. But render caching will only store #markup and #attached (as well as #post_render_cache in my proposal). How can the render caching system determine which of those #properties are there to provide context? (I'd be happy to be proven wrong here!)
AFAICT it's that aspect of the entire #pre_render architecture that makes it impossible to adopt the #pre_render architecture for our post-render cache needs, which means that we must choose a different architecture… such as the one I proposed :)

Conclusion: So, unless I'm wrong, the possibility of using the #pre_render pattern in any shape or form is inherently impossible. #pre_render cache seems a great way to reduce the cost on render cache hits though.

This was all wrong. #delay_render would cause the entire $element array to be cached, including all those #properties, and hence #pre_render would just be able to use that. No problems.

#25: working on a reply!

My goal ever since amateescu posted #18 was to incorporate its much simpler DX into my patch, to come up with the best of both. However, after long deliberation, I can't find a way to combine his proposal into what I built. I found several fundamental problems with it.

Alternative proposal's "modifier flag" is bad DX

catch and I have both argued now that a "modifier flag" such as #delay_render to modify the behavior of #pre_render (and #post_render, too, then) is a bad idea. The idea of the alternative proposal results in a better DX but due to the "modifier flag" the effective DX is worse.

Alternative proposal's problematic aspects

There are more aspects of the implementation that are problematic though:

Shouldn't leverage #attached

(This is the only problematic aspect that may only be problematic because #18 was a quick 'n dirty proof of concept.)

The piggy-backing of "drupal_render_delayed" on #attached is unacceptable, because it is only being used to get the metadata for delayed rendering to be stored in the render cache; it is not handled by #attached-handling code at all: drupal_process_attached() was specifically modified to ignore it.

Nesting

Unfortunately, in the alternative proposal, it is very easy to make render caching extremely expensive and inefficient: just set the #delay_render flag on an element that is the top of a large tree of child elements. Now Drupal has to serialize and store an enormous array in the render cache. Plus, upon unserialization, Drupal may have to run potentially dozens of #pre_render/#post_render callbacks, including some that were not intended to be run after the render cache. All of that simply because a user set a single property somewhere in a render array!
The #post_render_cache approach I proposed always renders as much as it can before render caching, stores that in the render cache, and always stores only a very minimal amount of extra information in the render cache: a callback plus the context for it.

Only supports 1:1, not 1:n (single callback to update many placeholders)

The alternative proposal forces one to replace only a single placeholder. I did not mention this explicitly yet, but an option I wanted to keep open in my proposal, is for people to generate their own placeholders (which is impossible in the alternative proposal), and more importantly, to have a single #post_render_cache callback replace many placeholders. I know that this is the 1% use case, but it can have a very big performance impact.
e.g.: A 1:n implementation could be used for #1979468: ".active" from linkGenerator(), l() and theme_links() forces an upper limit of per-page caching for all content containing links, to provide a no-JS solution for authenticated users; placeholders for that use case could be generated, and a single callback could efficiently inject the "active" class for just the appropriate links.

Alternative proposal: does it truly have a superior DX? And: improving main proposal's DX!

But most importantly, I think it's questionable whether this approach really has a superior DX. It is not truly declarative, it only is on the surface (i.e. "set #delay_render and you're done"). In practice, it only works if you have a #pre_render or #post_render callback.

From #18:

1. Specifically, why would I want to write *another* callback and provide it with "context" when my render element already has all the context it needs in order to do its job.

   Because the semantics of the callback are different than #pre_render or #post_render. And as I'll show below, it's not a matter of providing the same "context" again (i.e. duplication), it's a matter of moving the context just a little bit.

2. Even more, why should I use a special element type to output the placeholder when the system can easily do it for me.

   I'd love to improve this aspect of the DX of my proposal.
   But it's not as simple as you make it seem. The only reason you were able to do it in a seemingly super simple way is because you're dynamically changing the semantics of other callbacks. That's very bad for DX!
   Furthermore, we should not prevent developers from generating their own placeholders if they chose to do so.

   The DX of how the callback function should be written is the most problematic part of the implementation of mechanism 1 in my proposal, because that currently requires calling drupal_merge_attachments() and drupal_render_cache_generate_placeholder(), the result of the latter must be used to call str_replace(). That's not very nice. So I improved that in this reroll. With this reroll, a #post_render_cache callback that uses the included placeholder system (which is also used when you use #type => render_cache_placeholder) will only receive array $context and will simply have to return a render array. That's it. Drupal will automatically take that and replace the placeholder with that and use its attachments.
   I've also updated the comment form patch from #2099133: Comment form on same page as comments forces node render caching to be per user accordingly and attached it here: the difference in code/DX is huge.

When you're doing

$element = array(
  '#pre_render' => array('_build_the_comment_form'),
  '#delay_render' => TRUE,
  '#some' => $context,
  '#and' => $more_context,
);

or

$element = array(
  '#pre_render' => array('_build_the_comment_form'),
  '#delay_render' => array(
    '#some' => $context,
    '#and' => $more_context,
  ),
);

then that is not fundamentally simpler than

$element = array(
  '#type' => 'render_cache_placeholder',
  '#callback' => '_build_the_comment_form',
  '#context' => array(
    'some' => $context,
    'and' => $more_context,
  ),
);

But the latter is not messing with existing semantics, and makes everything very explicit (and hence clearer).

#30: good point. I'll definitely need to fix that.

catch, what do you think?

#32: Interesting! Thanks for sharing that :)

I think a key difference is that you can output all potential outputs next to each other, and in your Symfony Response Filter you can then just strip away the stuff that doesn't apply.

In a nutshell: you generate content that applies to all roles, then strip away the content that doesn't match the current user's role. It's a solution for role-specific content.

But the key problem the current patch solves is this about user-specific content. We can't generate e.g. the "last read" timestamps for every user on the site and then remove those that aren't for the current user: that wouldn't scale.

Finally, if it's role-specific content that you're dealing with, you might as well leverage the render cache: that's role-specific by default. I think the reason you're not going that road is that your data-audience attributes are in a filtered text field, and filters don't have context. Since a filter won't do, you need to filter at a later stage, where you do have access to the request context, and that's apparently Symfony's Response Filter.
(To add context to filters, see #8000: Filter contexts (and fix some small issues in filtering) and #226963: Context-aware text filters (provide more meta information to the filter system).)

#41: Good question — no, #30 has not yet been addressed. In fact, that's the last thing we need to make a decision for.
The thing about supporting object method callbacks is that that inherently means serializing the object the method is on and storing that in the render cache… which means it'd be very easy to fill up the render cache much faster (and making render cache hits slower) than would be the case if we'd just support procedural callbacks. For that reason alone, I propose to stick to purely procedural callbacks.

(I worked on implementing this, and only then realized this problem.)

Thoughts?

Change notice at https://drupal.org/node/2151609.

#52: Thanks — glad you like it :) I see your potential confusion there: the change notice indeed assumes that you already know how render caching itself works. I've now added an additional explanation to explain the part you had to figure out for yourself: https://drupal.org/node/2151609/revisions/view/6758123/6762699 — thanks for the feedback!

Retroactively marking critical: a blocker to a critical issue should itself be critical, and this blocked #2151459: Enable node render caching, which is critical.