feat: initial release as yii2-extensions/scaffold provider for dev environment standards (editor, linters, CI).

[terabytesoftw]

Pull Request

• Breaking change (fix or feature that would cause existing functionality to change)
• Bugfix (non-breaking change that fixes an issue)
• CI/build configuration
• Documentation update
• New feature (non-breaking change that adds functionality)
• Refactoring (no functional changes)

[terabytesoftw]

@codex review

[coderabbitai]

Warning

Rate limit exceeded

@terabytesoftw has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 43 minutes and 21 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 0494c489-fca2-4057-92c1-fd9d5b019d5c

📥 Commits

Reviewing files that changed from the base of the PR and between 44c3bbf and f5e5ade.

📒 Files selected for processing (12)

• README.md
• docs/configuration.md
• docs/development.md
• docs/examples.md
• docs/installation.md
• docs/testing.md
• infection.json5
• metadata/.gitignore
• phpstan.neon
• phpunit.xml.dist
• scaffold.json
• tests/bootstrap.php

📝 Walkthrough

Walkthrough

This PR transforms the repository from the yii2-extensions/template Yii2 extension template into the php-forge/baseline centralized PHP development package. The change consolidates development infrastructure by removing delegated GitHub workflows, updating package identity and dependencies, adding comprehensive metadata and linting configurations, and replacing template code with scaffolding infrastructure.

Changes

Project Identity & Development Infrastructure Transformation

Layer / File(s)	Summary
Package Identity & Core Dependencies composer.json	Package name, description, and namespace change from yii2-extensions/template/yii\template\ to php-forge/baseline/PHPForge\Baseline\. Removed yiisoft/yii2 runtime dependency, keeping only PHP >=8.3. Branch alias updated to 0.1.x-dev. Added extra.scaffold.manifest configuration and removed dev tooling config. Removed autoload-dev test namespace mappings.
Documentation & Installation README.md, CHANGELOG.md, docs/installation.md	README rebrand with Baseline logo/title, install instructions for php-forge/baseline:^0.1 --dev, and updated status badges. CHANGELOG documents Conventional Commits and Semantic Versioning adherence. Installation guide specifies PHP 8.3+ and dev-only install method.
Removal of Template Code src/Example.php, tests/ExampleTest.php	Deleted placeholder example class yii\template\Example and its test, leaving a clean codebase for the baseline provider.
Removal of Delegated Build Configurations .github/workflows/build.yml, .github/workflows/dependency-check.yml, .github/workflows/ecs.yml, .github/workflows/mutation.yml, .github/workflows/static.yml, ecs.php, rector.php	Eliminated local workflow files and bootstrap configs that previously triggered PHP unit testing, code style, dependency checking, and static analysis. These are now handled by external reusable workflows referenced from a centralized actions repository.
Development Infrastructure & Scaffolding metadata/.*, scaffold.json	Added comprehensive linting, formatting, and editor configuration suite under metadata/: .editorconfig, .gitattributes, .gitignore, .prettierrc.json, .styleci.yml, .stylelintignore, .ecrc, and .github/linters/ (codespell, gitleaks, markdown-lint, actionlint configs). New scaffold.json defines how these metadata files are copied into consuming projects with merge mode handling for .editorconfig, .gitignore, and composer-require-checker.json.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

🐰 From template to baseline, the rabbit does leap,
New namespace paths we carefully keep,
Workflows delegated, configs aligned,
A scaffold of standards, precisely designed,
Dev tools now centralized, hopping with glee! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The pull request title describes the main change as an initial release for a scaffold provider, but the actual changeset shows a transformation from yii2-extensions/template to php-forge/baseline, which is a significant discrepancy.	Update the title to accurately reflect that this converts the template package to the baseline package with development environment standards, or clarify the relationship between the scaffold provider mentioned in the title and the actual package transformation.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description is related to the changeset as it identifies this as a new feature adding development environment standards, which aligns with the configuration and metadata file additions in the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature_1

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/installation.md (1)

30-34: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Use a targeted Composer command instead of broad update.

Line 33 recommends composer update, which can unintentionally upgrade unrelated dependencies. Prefer a targeted update (composer update php-forge/baseline --dev) or composer install when lock is already aligned.

Suggested doc change

-Then run.
+Then install/update only this dev dependency.

 ```bash
-composer update
+composer update php-forge/baseline --dev

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @docs/installation.md around lines 30 - 34, Replace the broad Composer
instruction composer update with a targeted command to avoid upgrading
unrelated packages; update the docs to recommend either composer update php-forge/baseline --dev when you need to update that specific package or
composer install if composer.lock is already up to date, and change the
example in the installation instructions accordingly.

</details>

</blockquote></details>

</blockquote></details>

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@metadata/.github/linters/actionlint.yml`:
- Around line 3-6: Remove the two actionlint ignore entries that suppress
'"pull_request" section is alias node but mapping node is expected' and '"push"
section is alias node but mapping node is expected' and either (a) change
workflows using on: [pull_request, push] to the mapping form on: {pull_request:
null, push: null} so actionlint accepts the trigger syntax, or (b) if the list
form is intended, delete those ignore rules from the actionlint configuration so
it no longer hides unrelated warnings about event trigger syntax.

In `@metadata/.gitignore`:
- Around line 39-43: The .gitignore entry "phpunit.xml*" is too broad and
unintentionally ignores committed config files like phpunit.xml.dist; update the
ignore to be explicit (remove phpunit.xml* and instead ignore only uncommitted
local/override files such as phpunit.xml.local or phpunit.xml) so that
phpunit.xml.dist remains tracked—specifically replace the phpunit.xml* pattern
with explicit names (e.g., phpunit.xml.local or phpunit.xml) and ensure
phpunit.xml.dist is not ignored.

---

Outside diff comments:
In `@docs/installation.md`:
- Around line 30-34: Replace the broad Composer instruction `composer update`
with a targeted command to avoid upgrading unrelated packages; update the docs
to recommend either `composer update php-forge/baseline --dev` when you need to
update that specific package or `composer install` if composer.lock is already
up to date, and change the example in the installation instructions accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e2d92b4f-d3cb-41e4-88ca-50184c1294d9

📥 Commits

Reviewing files that changed from the base of the PR and between 9347843 and 44c3bbf.

📒 Files selected for processing (27)

• .github/workflows/build.yml
• .github/workflows/dependency-check.yml
• .github/workflows/ecs.yml
• .github/workflows/mutation.yml
• .github/workflows/static.yml
• CHANGELOG.md
• README.md
• composer.json
• docs/installation.md
• ecs.php
• metadata/.ecrc
• metadata/.editorconfig
• metadata/.gitattributes
• metadata/.github/linters/.codespellrc
• metadata/.github/linters/.gitleaks.toml
• metadata/.github/linters/.markdown-lint.yml
• metadata/.github/linters/actionlint.yml
• metadata/.gitignore
• metadata/.prettierignore
• metadata/.prettierrc.json
• metadata/.styleci.yml
• metadata/.stylelintignore
• metadata/composer-require-checker.json
• rector.php
• scaffold.json
• src/Example.php
• tests/ExampleTest.php

💤 Files with no reviewable changes (9)

• .github/workflows/static.yml
• .github/workflows/dependency-check.yml
• .github/workflows/ecs.yml
• .github/workflows/build.yml
• rector.php
• src/Example.php
• tests/ExampleTest.php
• .github/workflows/mutation.yml
• ecs.php

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: linter / Super Linter
• GitHub Check: linter / Super Linter

🔇 Additional comments (20)

metadata/.stylelintignore (1)

1-1: LGTM!

The ignore pattern correctly excludes minified CSS files from stylelint checking, which is a standard best practice since minified files are typically generated and should not be linted.

metadata/composer-require-checker.json (1)

1-3: LGTM!

The empty symbol whitelist enforces strict dependency checking, ensuring all symbols must be properly declared in composer.json dependencies. This is a good default for maintaining clean dependency declarations.

metadata/.github/linters/.codespellrc (1)

1-2: LGTM!

The skip patterns appropriately exclude test directories and Composer manifest files from spell-checking, preventing false positives from technical terms, test fixtures, and package names.

metadata/.gitattributes (2)

1-22: LGTM!

The text file normalization (LF line endings), explicit text/binary file declarations, and binary file handling are all correctly configured for cross-platform development.

---

24-39: LGTM!

The export-ignore directives appropriately exclude development/testing files and directories from distribution archives, reducing package size for end users.

metadata/.github/linters/.gitleaks.toml (1)

1-7: LGTM!

The allowlist appropriately exempts test fixture files from secret scanning, preventing false positives on intentional dummy credentials used for testing purposes. The path pattern correctly targets PHP files under tests/support/data/.

CHANGELOG.md (2)

5-6: LGTM!

The updated format references correctly link to Conventional Commits and Semantic Versioning standards, providing clear guidance for future changelog entries.

---

8-10: LGTM!

The changelog entry accurately documents the initial release using the Conventional Commits format with the feat: type, clearly describing the scaffold provider functionality.

metadata/.ecrc (1)

1-10: LGTM!

The exclusion patterns appropriately skip EditorConfig validation for:

• Generated files (phpstan baseline, minified assets)
• Temporary directories (runtime, test runtime)
• Third-party code (vendor)

This prevents false positives while ensuring hand-written code adheres to EditorConfig standards.

metadata/.styleci.yml (1)

1-89: Configuration looks consistent for a shared baseline.

Good alignment between preset, excludes, and explicit enabled/disabled rules for a scaffolded standards package.

metadata/.editorconfig (1)

3-48: EditorConfig baseline is well-scoped.

Defaults and per-file overrides are clear and suitable for cross-repo scaffolding.

README.md (1)

16-37: README refresh is aligned with the new package purpose.

Installation, documentation pointers, and package/quality badges are coherent for the baseline release.

metadata/.prettierrc.json (1)

1-29: Prettier configuration is clean and practical.

Global defaults plus focused overrides should keep formatting predictable across mixed file types.

metadata/.prettierignore (1)

1-19: Ignore list is appropriate for generated and non-authored artifacts.

The exclusions look intentional and reduce formatter noise in scaffolded projects.

metadata/.github/linters/.markdown-lint.yml (1)

1-6: Markdown lint rules are sensible for this docs style.

The configuration strikes a practical balance for readable markdown in project docs.

scaffold.json (2)

2-13: Copy manifest entries are consistent and complete for baseline metadata bootstrap.

The mapping cleanly mirrors metadata source files to expected root-level destinations and keeps the scaffold intent explicit.

---

14-18: Mode strategy looks safe for consumer repositories.

Using append for .editorconfig/.gitignore and preserve for composer-require-checker.json is a sensible default to avoid destructive overwrites.

composer.json (3)

2-18: Package identity update is clear and aligned with the new baseline purpose.

Name, description, and keywords consistently reflect the new scaffold-provider positioning.

---

22-28: Runtime and autoload configuration is cleanly scoped.

Keeping require minimal (php >=8.3) and updating PSR-4 namespace mapping to PHPForge\\Baseline\\ matches the package transition.

---

30-36: Scaffold manifest wiring is correctly placed under extra.

Registering scaffold.json here is the right integration point for provider-driven scaffolding.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 44c3bbf5dd

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".