Fix "Member has protected visibility" in core profiles reported by PhpStorm

Nice cleanup - looks good to me

Are there any other calls like this in core (outside umami)

If so we should fix them all

I sure don't mind commonsense fixes like this, but, won't the PHPStan project find these and more?

I'm with @cilefen.

I strongly suspect that Migration tests do this for various properties.

I think PhpStorm is actually wrong here. I get the same warning, but then if I press Ctrl+B on the highlighted $user->roles property, it takes me to \Drupal\filter\Entity\FilterFormat::$roles which is irrelevant.

$user->roles is a dynamically defined magic entity property, and PhpStorm doesn't understand these. I assume it's somehow figuring out from docblocks that User::load() returns an EntityInterface, and FilterFormat is the only EntityInterface in core that has a $roles property, so it wrongly assumes it must be that one.

If PhpStorm was right, I don't think standard_install() would work - the administrator role would never be assigned to user 1 - but tests show this is working as intended.

@longwave you are right! Wow, I never would have thought of that. But when I temporarily change the name of the $roles property of FilterFormat the "error" disappears.

Yes, the current code is not broken, but the patch makes it more readable/self-documenting and it also removes a common (at least for me!) annoyance for people using PhpStorm. So even if PhpStorm is being a bit weird in this situation for me it's still a win-win to commit this patch. Not marking RTBC as I don't want to undermine any further discussion or reservations, but ++.

Agree we should use the API where possible to set a good example, and conveniently this also fixes the PhpStorm issue, so I'm going to mark this RTBC anyway.

I get the same "error" on $form_state->input and Cmd+B takes me to core/lib/Drupal/Core/Form/FormState.php, which says protected $input;. I must add that this is the standard profile.

@bserem yeah, sorry. I should've mentioned that $form_state->input is in a custom module.

Committed and pushed 056040934b to 10.0.x and 123f259d82 to 9.4.x. Thanks!