dev-environment, workflow updates

.github/workflows/psalm.yml

@@ -1,33 +1,23 @@
-name: Psalm Security Scan
+name: Psalm Static analysis
 
-on:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    branches: [ "master" ]
-  schedule:
-    - cron: '38 23 * * 1'
-
-permissions:
-  contents: read
+on: [push, pull_request]
 
 jobs:
-  psalm-security-scan:
+  psalm:
     name: Psalm
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      security-events: write
-      actions: read
-
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-      - name: Psalm Security Scan
-        uses: docker://ghcr.io/psalm/psalm-security-scan:5.23.1
+      - name: Psalm
+        uses: docker://vimeo/psalm-github-actions:latest
+        with:
+          args: --shepherd
+          composer_require_dev: true
+          security_analysis: true
+          report_file: results.sarif
 
       - name: Upload Security Analysis results to GitHub
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: results.sarif
+          sarif_file: results.sarif

.github/workflows/tests.yml

@@ -55,6 +55,9 @@ jobs:
       - name: "Run test suite"
         run: composer run-script test
 
+      - name: Coverage check
+        run: composer run-script coverage
+
       - uses: sudo-bot/action-scrutinizer@latest
         with:
            cli-args: "--format=php-clover build/logs/clover.xml"

README.md

@@ -5,7 +5,10 @@
 [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/ericsizemore/clock/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/ericsizemore/clock/?branch=master)
 [![Tests](https://github.com/ericsizemore/clock/actions/workflows/tests.yml/badge.svg)](https://github.com/ericsizemore/clock/actions/workflows/tests.yml)
 [![PHPStan](https://github.com/ericsizemore/clock/actions/workflows/main.yml/badge.svg)](https://github.com/ericsizemore/clock/actions/workflows/main.yml)
+[![Psalm Static analysis](https://github.com/ericsizemore/clock/actions/workflows/psalm.yml/badge.svg?branch=master)](https://github.com/ericsizemore/clock/actions/workflows/psalm.yml)
 
+[![Type Coverage](https://shepherd.dev/github/ericsizemore/clock/coverage.svg)](https://shepherd.dev/github/ericsizemore/clock)
+[![Psalm Level](https://shepherd.dev/github/ericsizemore/clock/level.svg)](https://shepherd.dev/github/ericsizemore/clock)
 [![Latest Stable Version](https://img.shields.io/packagist/v/esi/clock.svg)](https://packagist.org/packages/esi/clock)
 [![Downloads per Month](https://img.shields.io/packagist/dm/esi/clock.svg)](https://packagist.org/packages/esi/clock)
 [![License](https://img.shields.io/packagist/l/esi/clock.svg)](https://packagist.org/packages/esi/clock)

composer.json

@@ -43,13 +43,16 @@
         "symfony/polyfill-php83": "^1.29"
     },
     "require-dev": {
+        "esi/phpunit-coverage-check": "^1.0",
         "friendsofphp/php-cs-fixer": "^3.53",
         "infection/infection": "^0.28",
         "phpstan/phpstan": "^1.11",
         "phpstan/phpstan-deprecation-rules": "^1.2",
         "phpstan/phpstan-phpunit": "^1.4",
         "phpstan/phpstan-strict-rules": "^1.6",
-        "phpunit/phpunit": "^11.0"
+        "phpunit/phpunit": "^11.0",
+        "psalm/plugin-phpunit": "^0.19.0",
+        "vimeo/psalm": "dev-master"
     },
     "provide": {
         "psr/clock-implementation": "1.0"
@@ -78,7 +81,9 @@
     },
     "scripts": {
         "analyze:mutation": "vendor/bin/infection --threads=max --configuration=infection.json5 --min-msi=100 --min-covered-msi=100",
+        "analyze:psalm": "vendor/bin/psalm -c psalm.xml --no-diff",
         "analyze:static": "vendor/bin/phpstan analyse -c phpstan.neon -vvv",
+        "coverage": "vendor/bin/coverage-check coverage:check build/logs/clover.xml 100 --ansi",
         "cs:check": "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php --dry-run --diff",
         "cs:fix": "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php",
         "test": "phpunit"