From ae60748b6aa36a72ab73b00c89e4ca37d269e529 Mon Sep 17 00:00:00 2001 From: James Titcumb Date: Thu, 27 Nov 2025 15:38:30 +0000 Subject: [PATCH] Fix self-verify to use latest attestation library, see ThePHPF/attestation#14 --- composer.json | 6 +- composer.lock | 173 +++++++++++++----- .../FallbackVerificationUsingOpenSslTest.php | 2 +- 3 files changed, 131 insertions(+), 50 deletions(-) diff --git a/composer.json b/composer.json index 7f0dd58..1bba548 100644 --- a/composer.json +++ b/composer.json @@ -28,7 +28,7 @@ ], "require": { "php": "8.1.*||8.2.*||8.3.*||8.4.*||8.5.*", - "composer/composer": "^2.9.1", + "composer/composer": "^2.9.2", "composer/pcre": "^3.3.2", "composer/semver": "^3.4.4", "fidry/cpu-core-counter": "^1.3.0", @@ -37,12 +37,12 @@ "symfony/console": "^6.4.27", "symfony/event-dispatcher": "^6.4.25", "symfony/process": "^6.4.26", - "thephpf/attestation": "^0.0.4", + "thephpf/attestation": "^0.0.5", "webmozart/assert": "^1.12.1" }, "require-dev": { "ext-openssl": "*", - "behat/behat": "^3.26.0", + "behat/behat": "^3.27.0", "bnf/phpstan-psr-container": "^1.1", "doctrine/coding-standard": "^14.0.0", "phpstan/phpstan": "^2.1.32", diff --git a/composer.lock b/composer.lock index cbec523..665d0ee 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "e727345321bd068d9b5b6250d70defb5", + "content-hash": "ab3e2edb8ee4fdb637409ca1149f7d0a", "packages": [ { "name": "composer/ca-bundle", @@ -80,22 +80,22 @@ }, { "name": "composer/class-map-generator", - "version": "1.6.2", + "version": "1.7.0", "source": { "type": "git", "url": "https://github.com/composer/class-map-generator.git", - "reference": "ba9f089655d4cdd64e762a6044f411ccdaec0076" + "reference": "2373419b7709815ed323ebf18c3c72d03ff4a8a6" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/class-map-generator/zipball/ba9f089655d4cdd64e762a6044f411ccdaec0076", - "reference": "ba9f089655d4cdd64e762a6044f411ccdaec0076", + "url": "https://api.github.com/repos/composer/class-map-generator/zipball/2373419b7709815ed323ebf18c3c72d03ff4a8a6", + "reference": "2373419b7709815ed323ebf18c3c72d03ff4a8a6", "shasum": "" }, "require": { "composer/pcre": "^2.1 || ^3.1", "php": "^7.2 || ^8.0", - "symfony/finder": "^4.4 || ^5.3 || ^6 || ^7" + "symfony/finder": "^4.4 || ^5.3 || ^6 || ^7 || ^8" }, "require-dev": { "phpstan/phpstan": "^1.12 || ^2", @@ -103,7 +103,7 @@ "phpstan/phpstan-phpunit": "^1 || ^2", "phpstan/phpstan-strict-rules": "^1.1 || ^2", "phpunit/phpunit": "^8", - "symfony/filesystem": "^5.4 || ^6" + "symfony/filesystem": "^5.4 || ^6 || ^7 || ^8" }, "type": "library", "extra": { @@ -133,7 +133,7 @@ ], "support": { "issues": "https://github.com/composer/class-map-generator/issues", - "source": "https://github.com/composer/class-map-generator/tree/1.6.2" + "source": "https://github.com/composer/class-map-generator/tree/1.7.0" }, "funding": [ { @@ -145,20 +145,20 @@ "type": "github" } ], - "time": "2025-08-20T18:52:43+00:00" + "time": "2025-11-19T10:41:15+00:00" }, { "name": "composer/composer", - "version": "2.9.1", + "version": "2.9.2", "source": { "type": "git", "url": "https://github.com/composer/composer.git", - "reference": "35cb6d47d03b0cae52dc12d686f941365b20f08b" + "reference": "8d5358f147c63a3a681b002076deff8c90e0b19d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/composer/composer/zipball/35cb6d47d03b0cae52dc12d686f941365b20f08b", - "reference": "35cb6d47d03b0cae52dc12d686f941365b20f08b", + "url": "https://api.github.com/repos/composer/composer/zipball/8d5358f147c63a3a681b002076deff8c90e0b19d", + "reference": "8d5358f147c63a3a681b002076deff8c90e0b19d", "shasum": "" }, "require": { @@ -183,6 +183,7 @@ "symfony/polyfill-php73": "^1.24", "symfony/polyfill-php80": "^1.24", "symfony/polyfill-php81": "^1.24", + "symfony/polyfill-php84": "^1.30", "symfony/process": "^5.4.47 || ^6.4.25 || ^7.1.10 || ^8.0" }, "require-dev": { @@ -245,7 +246,7 @@ "irc": "ircs://irc.libera.chat:6697/composer", "issues": "https://github.com/composer/composer/issues", "security": "https://github.com/composer/composer/security/policy", - "source": "https://github.com/composer/composer/tree/2.9.1" + "source": "https://github.com/composer/composer/tree/2.9.2" }, "funding": [ { @@ -257,7 +258,7 @@ "type": "github" } ], - "time": "2025-11-13T15:10:38+00:00" + "time": "2025-11-19T20:57:25+00:00" }, { "name": "composer/metadata-minifier", @@ -2186,6 +2187,86 @@ ], "time": "2024-12-23T08:48:59+00:00" }, + { + "name": "symfony/polyfill-php84", + "version": "v1.33.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php84.git", + "reference": "d8ced4d875142b6a7426000426b8abc631d6b191" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php84/zipball/d8ced4d875142b6a7426000426b8abc631d6b191", + "reference": "d8ced4d875142b6a7426000426b8abc631d6b191", + "shasum": "" + }, + "require": { + "php": ">=7.2" + }, + "type": "library", + "extra": { + "thanks": { + "url": "https://github.com/symfony/polyfill", + "name": "symfony/polyfill" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ], + "psr-4": { + "Symfony\\Polyfill\\Php84\\": "" + }, + "classmap": [ + "Resources/stubs" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 8.4+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "support": { + "source": "https://github.com/symfony/polyfill-php84/tree/v1.33.0" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2025-06-24T13:30:11+00:00" + }, { "name": "symfony/process", "version": "v6.4.26", @@ -2429,16 +2510,16 @@ }, { "name": "thephpf/attestation", - "version": "0.0.4", + "version": "0.0.5", "source": { "type": "git", "url": "https://github.com/ThePHPF/attestation.git", - "reference": "30b9ce5b8d458d832c04d98ebf7f3b8a986ef000" + "reference": "fa81efb3f6f8147287ebaebd81ff6688e0f2ec9d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ThePHPF/attestation/zipball/30b9ce5b8d458d832c04d98ebf7f3b8a986ef000", - "reference": "30b9ce5b8d458d832c04d98ebf7f3b8a986ef000", + "url": "https://api.github.com/repos/ThePHPF/attestation/zipball/fa81efb3f6f8147287ebaebd81ff6688e0f2ec9d", + "reference": "fa81efb3f6f8147287ebaebd81ff6688e0f2ec9d", "shasum": "" }, "require": { @@ -2475,7 +2556,7 @@ "description": "A PHP library to aid in verifying artifact attestations", "support": { "issues": "https://github.com/ThePHPF/attestation/issues", - "source": "https://github.com/ThePHPF/attestation/tree/0.0.4" + "source": "https://github.com/ThePHPF/attestation/tree/0.0.5" }, "funding": [ { @@ -2487,7 +2568,7 @@ "type": "open_collective" } ], - "time": "2025-11-18T14:20:12+00:00" + "time": "2025-11-27T15:31:24+00:00" }, { "name": "webmozart/assert", @@ -2551,16 +2632,16 @@ "packages-dev": [ { "name": "behat/behat", - "version": "v3.26.0", + "version": "v3.27.0", "source": { "type": "git", "url": "https://github.com/Behat/Behat.git", - "reference": "1b6b08efa995fe4135901b862d112adc7e95ecbb" + "reference": "3282ad774358e4eaf533855e9a1f48559894d1b5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Behat/Behat/zipball/1b6b08efa995fe4135901b862d112adc7e95ecbb", - "reference": "1b6b08efa995fe4135901b862d112adc7e95ecbb", + "url": "https://api.github.com/repos/Behat/Behat/zipball/3282ad774358e4eaf533855e9a1f48559894d1b5", + "reference": "3282ad774358e4eaf533855e9a1f48559894d1b5", "shasum": "" }, "require": { @@ -2569,7 +2650,7 @@ "composer/xdebug-handler": "^1.4 || ^2.0 || ^3.0", "ext-mbstring": "*", "nikic/php-parser": "^4.19.2 || ^5.2", - "php": ">=8.1 <8.5", + "php": ">=8.1 <8.6", "psr/container": "^1.0 || ^2.0", "symfony/config": "^5.4 || ^6.4 || ^7.0", "symfony/console": "^5.4 || ^6.4 || ^7.0", @@ -2640,9 +2721,9 @@ ], "support": { "issues": "https://github.com/Behat/Behat/issues", - "source": "https://github.com/Behat/Behat/tree/v3.26.0" + "source": "https://github.com/Behat/Behat/tree/v3.27.0" }, - "time": "2025-10-29T09:46:14+00:00" + "time": "2025-11-23T12:12:41+00:00" }, { "name": "behat/gherkin", @@ -4694,32 +4775,32 @@ }, { "name": "slevomat/coding-standard", - "version": "8.24.0", + "version": "8.25.1", "source": { "type": "git", "url": "https://github.com/slevomat/coding-standard.git", - "reference": "08e7989c0351f3f38b82172838195c35d9819efa" + "reference": "4caa5ec5a30b84b2305e80159c710d437f40cc40" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/slevomat/coding-standard/zipball/08e7989c0351f3f38b82172838195c35d9819efa", - "reference": "08e7989c0351f3f38b82172838195c35d9819efa", + "url": "https://api.github.com/repos/slevomat/coding-standard/zipball/4caa5ec5a30b84b2305e80159c710d437f40cc40", + "reference": "4caa5ec5a30b84b2305e80159c710d437f40cc40", "shasum": "" }, "require": { - "dealerdirect/phpcodesniffer-composer-installer": "^0.6.2 || ^0.7 || ^1.1.2", + "dealerdirect/phpcodesniffer-composer-installer": "^0.6.2 || ^0.7 || ^1.2.0", "php": "^7.4 || ^8.0", "phpstan/phpdoc-parser": "^2.3.0", - "squizlabs/php_codesniffer": "^4.0.0" + "squizlabs/php_codesniffer": "^4.0.1" }, "require-dev": { "phing/phing": "3.0.1|3.1.0", "php-parallel-lint/php-parallel-lint": "1.4.0", - "phpstan/phpstan": "2.1.29", + "phpstan/phpstan": "2.1.32", "phpstan/phpstan-deprecation-rules": "2.0.3", - "phpstan/phpstan-phpunit": "2.0.7", - "phpstan/phpstan-strict-rules": "2.0.6", - "phpunit/phpunit": "9.6.8|10.5.48|11.4.4|11.5.36|12.3.14" + "phpstan/phpstan-phpunit": "2.0.8", + "phpstan/phpstan-strict-rules": "2.0.7", + "phpunit/phpunit": "9.6.8|10.5.48|11.4.4|11.5.36|12.4.4" }, "type": "phpcodesniffer-standard", "extra": { @@ -4743,7 +4824,7 @@ ], "support": { "issues": "https://github.com/slevomat/coding-standard/issues", - "source": "https://github.com/slevomat/coding-standard/tree/8.24.0" + "source": "https://github.com/slevomat/coding-standard/tree/8.25.1" }, "funding": [ { @@ -4755,7 +4836,7 @@ "type": "tidelift" } ], - "time": "2025-09-25T21:37:40+00:00" + "time": "2025-11-25T18:01:43+00:00" }, { "name": "squizlabs/php_codesniffer", @@ -5340,16 +5421,16 @@ }, { "name": "theseer/tokenizer", - "version": "1.2.3", + "version": "1.3.1", "source": { "type": "git", "url": "https://github.com/theseer/tokenizer.git", - "reference": "737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2" + "reference": "b7489ce515e168639d17feec34b8847c326b0b3c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/theseer/tokenizer/zipball/737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2", - "reference": "737eda637ed5e28c3413cb1ebe8bb52cbf1ca7a2", + "url": "https://api.github.com/repos/theseer/tokenizer/zipball/b7489ce515e168639d17feec34b8847c326b0b3c", + "reference": "b7489ce515e168639d17feec34b8847c326b0b3c", "shasum": "" }, "require": { @@ -5378,7 +5459,7 @@ "description": "A small library for converting tokenized PHP source code into XML and potentially other formats", "support": { "issues": "https://github.com/theseer/tokenizer/issues", - "source": "https://github.com/theseer/tokenizer/tree/1.2.3" + "source": "https://github.com/theseer/tokenizer/tree/1.3.1" }, "funding": [ { @@ -5386,7 +5467,7 @@ "type": "github" } ], - "time": "2024-03-03T12:36:25+00:00" + "time": "2025-11-17T20:03:58+00:00" } ], "aliases": [], diff --git a/test/unit/SelfManage/Verify/FallbackVerificationUsingOpenSslTest.php b/test/unit/SelfManage/Verify/FallbackVerificationUsingOpenSslTest.php index 58c9743..b58e333 100644 --- a/test/unit/SelfManage/Verify/FallbackVerificationUsingOpenSslTest.php +++ b/test/unit/SelfManage/Verify/FallbackVerificationUsingOpenSslTest.php @@ -135,7 +135,7 @@ private function prepareCertificateAndSignature(string $dsseEnvelopePayload): ar private function mockAttestationResponse(string $digestInUrl, string $dsseEnvelopePayload, string $signature, string $pemCertificate): void { - $url = self::TEST_GITHUB_URL . '/orgs/php/attestations/sha256:' . $digestInUrl; + $url = self::TEST_GITHUB_URL . '/orgs/php/attestations/sha256:' . $digestInUrl . '?predicate_type=provenance'; $this->httpDownloader->expects(self::once()) ->method('get') ->with(