Apply updated dev toolkit

MGatner · MGatner · commit 403ca834ff98 · 2021-09-09T14:45:28.000Z
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,13 @@
+/.github           export-ignore
+/docs              export-ignore
+/examples          export-ignore
+/tests             export-ignore
+/.editorconfig     export-ignore
+/.gitattributes    export-ignore
+/.gitignore        export-ignore
+/phpunit.xml.dist  export-ignore
+/phpstan.neon.dist export-ignore
+
+# Configure diff output for .php and .phar files.
+*.php diff=php
+*.phar -diff
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,12 @@
+version: 2
+updates:
+- package-ecosystem: composer
+  directory: "/"
+  schedule:
+    interval: daily
+  open-pull-requests-limit: 10
+
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: daily
diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml
@@ -0,0 +1,81 @@
+# When a PR is opened or a push is made, perform
+# a static analysis check on the code using PHPStan.
+name: PHPStan
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'phpstan*'
+      - '.github/workflows/analyze.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'phpstan*'
+      - '.github/workflows/analyze.yml'
+
+jobs:
+  build:
+    name: PHP ${{ matrix.php-versions }} Static Analysis
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        php-versions: ['7.3', '7.4', '8.0']
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-versions }}
+          tools: composer, pecl, phpunit
+          extensions: intl, json, mbstring, gd, mysqlnd, xdebug, xml, sqlite3
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Create composer cache directory
+        run: mkdir -p ${{ steps.composer-cache.outputs.dir }}
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Create PHPStan cache directory
+        run: mkdir -p build/phpstan
+
+      - name: Cache PHPStan results
+        uses: actions/cache@v2
+        with:
+          path: build/phpstan
+          key: ${{ runner.os }}-phpstan-${{ github.sha }}
+          restore-keys: ${{ runner.os }}-phpstan-
+
+      - name: Install dependencies (limited)
+        if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install dependencies (authenticated)
+        if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+
+      - name: Run static analysis
+        run: vendor/bin/phpstan analyze
diff --git a/.github/workflows/deduplicate.yml b/.github/workflows/deduplicate.yml
@@ -0,0 +1,39 @@
+# When a PR is opened or a push is made, check code
+# for duplication with PHP Copy/Paste Detector.
+name: PHPCPD
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/test-phpcpd.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/test-phpcpd.yml'
+
+jobs:
+  build:
+    name: Duplicate Code Detection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          tools: phive
+          extensions: intl, json, mbstring, xml
+
+      - name: Detect code duplication
+        run: |
+            sudo phive --no-progress install --global --trust-gpg-keys 4AA394086372C20A phpcpd 
+            phpcpd src/ tests/
diff --git a/.github/workflows/inspect.yml b/.github/workflows/inspect.yml
@@ -0,0 +1,79 @@
+# When a PR is opened or a push is made, perform an
+# architectural inspection on the code using Deptrac.
+name: Deptrac
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'depfile.yaml'
+      - '.github/workflows/inspect.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'depfile.yaml'
+      - '.github/workflows/inspect.yml'
+
+jobs:
+  build:
+    name: Architectural Inspection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          tools: composer, pecl, phive
+          extensions: intl, json, mbstring, xml
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Create composer cache directory
+        run: mkdir -p ${{ steps.composer-cache.outputs.dir }}
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Create Deptrac cache directory
+        run: mkdir -p build/
+
+      - name: Cache Deptrac results
+        uses: actions/cache@v2
+        with:
+          path: build
+          key: ${{ runner.os }}-deptrac-${{ github.sha }}
+          restore-keys: ${{ runner.os }}-deptrac-
+
+      - name: Install dependencies (limited)
+        if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install dependencies (authenticated)
+        if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+
+      - name: Run architectural inspection
+        run: |
+            sudo phive --no-progress install --global --trust-gpg-keys B8F640134AB1782E,A98E898BB53EB748 qossmic/deptrac
+            deptrac analyze --cache-file=build/deptrac.cache
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,88 @@
+name: PHPUnit
+
+on:
+  pull_request:
+    branches:
+      - develop
+  push:
+    branches:
+      - develop
+
+jobs:
+  main:
+    name: PHP ${{ matrix.php-versions }} Unit Tests
+
+    strategy:
+      matrix:
+        php-versions: ['7.3', '7.4', '8.0']
+
+    runs-on: ubuntu-latest
+
+    if: "!contains(github.event.head_commit.message, '[ci skip]')"
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP, with composer and extensions
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-versions }}
+          tools: composer, pecl, phpunit
+          extensions: intl, json, mbstring, gd, mysqlnd, xdebug, xml, sqlite3
+          coverage: xdebug
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Install dependencies (limited)
+        if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install dependencies (authenticated)
+        if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+
+      - name: Test with PHPUnit
+        run: vendor/bin/phpunit --verbose --coverage-text
+        env:
+          TERM: xterm-256color
+          TACHYCARDIA_MONITOR_GA: enabled
+
+      - if: matrix.php-versions == '8.0'
+        name: Mutate with Infection
+        run: |
+          composer global require infection/infection
+          git fetch --depth=1 origin $GITHUB_BASE_REF
+          infection --threads=2 --skip-initial-tests --coverage=build/phpunit --git-diff-base=origin/$GITHUB_BASE_REF --git-diff-filter=AM --logger-github --ignore-msi-with-no-mutations
+
+      - if: matrix.php-versions == '8.0'
+        name: Run Coveralls
+        run: vendor/bin/php-coveralls --verbose --coverage_clover=build/phpunit/clover.xml --json_path build/phpunit/coveralls-upload.json
+        env:
+          COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COVERALLS_PARALLEL: true
+          COVERALLS_FLAG_NAME: PHP ${{ matrix.php-versions }}
+
+  coveralls:
+    needs: [main]
+    name: Coveralls Finished
+    runs-on: ubuntu-latest
+    steps:
+      - name: Upload Coveralls results
+        uses: coverallsapp/github-action@master
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          parallel-finished: true
diff --git a/.gitignore b/.gitignore
@@ -2,6 +2,7 @@ vendor/
 build/
 phpunit*.xml
 phpunit
+*.cache
 composer.lock
 .DS_Store
 .idea/
diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php
@@ -0,0 +1,21 @@
+<?php
+
+use CodeIgniter\CodingStandard\CodeIgniter4;
+use Nexus\CsConfig\Factory;
+use PhpCsFixer\Finder;
+
+$finder = Finder::create()
+    ->files()
+    ->in(__DIR__)
+    ->exclude('build')
+    ->append([__FILE__]);
+
+// Optional rule overrides
+$overrides = [];
+
+$options = [
+    'finder'    => $finder,
+    'cacheFile' => 'build/.php-cs-fixer.cache',
+];
+
+return Factory::create(new CodeIgniter4(), $overrides, $options)->forProjects();
diff --git a/README.md b/README.md
@@ -1,6 +1,8 @@
 # CodeIgniter Shield
 
-[![Build Status](https://github.com/lonnieezell/codigniter-shield/workflows/PHPUnit/badge.svg)](https://github.com/lonnieezell/codigniter-shield/actions?query=workflow%3A%22PHPUnit%22)
+[![Unit Tests](https://github.com/lonnieezell/codigniter-shield/workflows/PHPUnit/badge.svg)](https://github.com/lonnieezell/codigniter-shield/actions/workflows/test.yml)
+[![Static Analysis](https://github.com/lonnieezell/codigniter-shield/workflows/PHPStan/badge.svg)](https://github.com/lonnieezell/codigniter-shield/actions/workflows/analyze.yml)
+[![Architecture](https://github.com/lonnieezell/codigniter-shield/workflows/Deptrac/badge.svg)](https://github.com/lonnieezell/codigniter-shield/actions/workflows/inspect.yml)
 [![Coverage Status](https://coveralls.io/repos/github/lonnieezell/codigniter-shield/badge.svg?branch=develop)](https://coveralls.io/github/lonnieezell/codigniter-shield?branch=develop)
 
 Shield is an authentication and authorization framework for CodeIgniter 4. While it does provide a base set of tools
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,26 @@
+# Security Policy
+
+The development team and community take all security issues seriously. **Please do not make public any uncovered flaws.**
+
+## Reporting a Vulnerability
+
+Thank you for improving the security of our code! Any assistance in removing security flaws will be acknowledged.
+
+**Please report security flaws by emailing the development team directly: security@codeigniter.com**.
+
+The lead maintainer will acknowledge your email within 48 hours, and will send a more detailed response within 48 hours indicating
+the next steps in handling your report. After the initial reply to your report, the security team will endeavor to keep you informed of the
+progress towards a fix and full announcement, and may ask for additional information or guidance.
+
+## Disclosure Policy
+
+When the security team receives a security bug report, they will assign it to a primary handler.
+This person will coordinate the fix and release process, involving the following steps:
+
+- Confirm the problem and determine the affected versions.
+- Audit code to find any potential similar problems.
+- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved please submit a Pull Request.
diff --git a/admin/pre-commit b/admin/pre-commit
diff --git a/composer.json b/composer.json
diff --git a/depfile.yaml b/depfile.yaml
diff --git a/infection.json.dist b/infection.json.dist
diff --git a/phpunit.xml.dist b/phpunit.xml.dist
