Skip to content

Commit

Permalink
Merge e6cac34 into 386302d
Browse files Browse the repository at this point in the history
  • Loading branch information
@MGatner
MGatner committed Nov 24, 2021
2 parents 386302d + e6cac34 commit 554d326
Show file tree
Hide file tree
Showing 25 changed files with 1,364 additions and 1,040 deletions.
39 changes: 39 additions & 0 deletions .github/workflows/deduplicate.yml
View file
@@ -0,0 +1,39 @@
# When a PR is opened or a push is made, check code
# for duplication with PHP Copy/Paste Detector.
name: PHPCPD

on:
pull_request:
branches:
- 'develop'
paths:
- 'app/**'
- 'src/**'
- 'tests/**'
- '.github/workflows/deduplicate.yml'
push:
branches:
- 'develop'
paths:
- 'app/**'
- 'src/**'
- 'tests/**'
- '.github/workflows/deduplicate.yml'

jobs:
build:
name: Duplicate Code Detection
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
tools: phpcpd
extensions: dom, mbstring

- name: Detect code duplication
run: phpcpd app/ src/ tests/
79 changes: 79 additions & 0 deletions .github/workflows/inspect.yml
View file
@@ -0,0 +1,79 @@
# When a PR is opened or a push is made, perform an
# architectural inspection on the code using Deptrac.
name: Deptrac

on:
pull_request:
branches:
- 'develop'
paths:
- 'src/**'
- 'tests/**'
- 'composer.**'
- 'depfile.yaml'
- '.github/workflows/inspect.yml'
push:
branches:
- 'develop'
paths:
- 'src/**'
- 'tests/**'
- 'composer.**'
- 'depfile.yaml'
- '.github/workflows/inspect.yml'

jobs:
build:
name: Architectural Inspection
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
tools: composer, pecl, phive
extensions: intl, json, mbstring, xml
env:
COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Get composer cache directory
id: composer-cache
run: echo "::set-output name=dir::$(composer config cache-files-dir)"

- name: Create composer cache directory
run: mkdir -p ${{ steps.composer-cache.outputs.dir }}

- name: Cache composer dependencies
uses: actions/cache@v2
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
restore-keys: ${{ runner.os }}-composer-

- name: Create Deptrac cache directory
run: mkdir -p build/

- name: Cache Deptrac results
uses: actions/cache@v2
with:
path: build
key: ${{ runner.os }}-deptrac-${{ github.sha }}
restore-keys: ${{ runner.os }}-deptrac-

- name: Install dependencies (limited)
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader

- name: Install dependencies (authenticated)
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
env:
COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}

- name: Run architectural inspection
run: |
sudo phive --no-progress install --global --trust-gpg-keys B8F640134AB1782E,A98E898BB53EB748 qossmic/deptrac
deptrac analyze --cache-file=build/deptrac.cache
12 changes: 6 additions & 6 deletions .github/workflows/test.yml
View file
Expand Up @@ -28,7 +28,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
tools: composer, pecl, phpunit
tools: composer, infection, pecl, phive, phpunit
extensions: intl, json, mbstring, gd, mysqlnd, xdebug, xml, sqlite3
coverage: xdebug
env:
Expand All @@ -55,24 +55,24 @@ jobs:
env:
COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}

- name: Enable Tachycardia
run: echo "TACHYCARDIA_MONITOR_GA=enabled" >> $GITHUB_ENV

- name: Test with PHPUnit
run: vendor/bin/phpunit --verbose --coverage-text
env:
TERM: xterm-256color
TACHYCARDIA_MONITOR_GA: enabled

- if: matrix.php-versions == '8.0'
name: Mutate with Infection
run: |
composer global require infection/infection
git fetch --depth=1 origin $GITHUB_BASE_REF
infection --threads=2 --skip-initial-tests --coverage=build/phpunit --git-diff-base=origin/$GITHUB_BASE_REF --git-diff-filter=AM --logger-github --ignore-msi-with-no-mutations
- if: matrix.php-versions == '8.0'
name: Run Coveralls
run: vendor/bin/php-coveralls --verbose --coverage_clover=build/phpunit/clover.xml --json_path build/phpunit/coveralls-upload.json
continue-on-error: true
run: |
sudo phive --no-progress install --global --trust-gpg-keys E82B2FB314E9906E php-coveralls
php-coveralls --verbose --coverage_clover=build/phpunit/clover.xml --json_path build/phpunit/coveralls-upload.json
env:
COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COVERALLS_PARALLEL: true
Expand Down
60 changes: 60 additions & 0 deletions .github/workflows/unused.yml
View file
@@ -0,0 +1,60 @@
# When a PR is opened or a push is made, check code
# for unused packages with Composer Unused.
name: Unused

on:
pull_request:
branches:
- 'develop'
paths:
- 'src/**'
- 'tests/**'
- '.github/workflows/unused.yml'
push:
branches:
- 'develop'
paths:
- 'src/**'
- 'tests/**'
- '.github/workflows/unused.yml'

jobs:
build:
name: Unused Package Detection
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
tools: composer, composer-unused
extensions: intl, json, mbstring, xml
env:
COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Get composer cache directory
id: composer-cache
run: echo "::set-output name=dir::$(composer config cache-files-dir)"

- name: Cache composer dependencies
uses: actions/cache@v2
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
restore-keys: ${{ runner.os }}-composer-

- name: Install dependencies (limited)
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader

- name: Install dependencies (authenticated)
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
env:
COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}

- name: Detect unused packages
run: composer-unused -vvv --profile --ansi --no-interaction --no-progress --excludePackage=php
19 changes: 3 additions & 16 deletions .php-cs-fixer.dist.php
View file
@@ -1,33 +1,20 @@
<?php

use CodeIgniter\CodingStandard\CodeIgniter4;
use Nexus\CsConfig\Factory;
use PhpCsFixer\Finder;
use Tatter\Tools\Standard;

$finder = Finder::create()
->files()
->in(__DIR__)
->exclude('build')
->append([__FILE__]);

// Remove overrides for incremental changes
$overrides = [
'array_indentation' => false,
'braces' => false,
'indentation_type' => false,
];
$overrides = [];

$options = [
'finder' => $finder,
'cacheFile' => 'build/.php-cs-fixer.cache',
];

/* Reenable after incremental changes are applied
return Factory::create(new Standard(), $overrides, $options)->forLibrary(
'Library',
'Tatter Software',
'',
2021
);
*/
return Factory::create(new Standard(), $overrides, $options)->forProjects();
return Factory::create(new CodeIgniter4(), $overrides, $options)->forProjects();
26 changes: 26 additions & 0 deletions SECURITY.md
View file
@@ -0,0 +1,26 @@
# Security Policy

The development team and community take all security issues seriously. **Please do not make public any uncovered flaws.**

## Reporting a Vulnerability

Thank you for improving the security of our code! Any assistance in removing security flaws will be acknowledged.

**Please report security flaws by emailing the development team directly: support@tattersoftware.com**.

The lead maintainer will acknowledge your email within 48 hours, and will send a more detailed response within 48 hours indicating
the next steps in handling your report. After the initial reply to your report, the security team will endeavor to keep you informed of the
progress towards a fix and full announcement, and may ask for additional information or guidance.

## Disclosure Policy

When the security team receives a security bug report, they will assign it to a primary handler.
This person will coordinate the fix and release process, involving the following steps:

- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.

## Comments on this Policy

If you have suggestions on how this process could be improved please submit a Pull Request.
14 changes: 12 additions & 2 deletions composer.json
View file
Expand Up @@ -25,7 +25,7 @@
},
"require-dev": {
"codeigniter4/codeigniter4": "dev-develop",
"tatter/tools": "^1.10"
"tatter/tools": "^1.15"
},
"autoload": {
"psr-4": {
Expand All @@ -50,8 +50,18 @@
"prefer-stable": true,
"scripts": {
"analyze": "phpstan analyze",
"ci": [
"Composer\\Config::disableProcessTimeout",
"@deduplicate",
"@analyze",
"@test",
"@inspect",
"@style"
],
"deduplicate": "phpcpd app/ src/",
"inspect": "deptrac analyze --cache-file=build/deptrac.cache",
"mutate": "infection --threads=2 --skip-initial-tests --coverage=build/phpunit",
"style": "php-cs-fixer fix --verbose --ansi",
"style": "php-cs-fixer fix --verbose --ansi --using-cache=no",
"test": "phpunit"
}
}

0 comments on commit 554d326

Please sign in to comment.