diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
index a9e3c51..41ea815 100644
--- a/.github/workflows/documentation.yml
+++ b/.github/workflows/documentation.yml
@@ -19,7 +19,7 @@ jobs:
runs-on: [ubuntu-latest]
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Lint markdown files
uses: nosborn/github-action-markdown-cli@v3
diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml
index be154bc..5133714 100644
--- a/.github/workflows/php.yml
+++ b/.github/workflows/php.yml
@@ -19,7 +19,7 @@ jobs:
runs-on: ['ubuntu-latest']
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
with:
# super-linter needs the full git history to get the
# list of files that changed across commits
@@ -59,7 +59,7 @@ jobs:
- name: Setup problem matchers for PHP
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Get composer cache directory
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$GITHUB_ENV"
@@ -86,26 +86,13 @@ jobs:
- name: PHP Code Sniffer
run: phpcs
- - name: Psalm
+ - name: PHPStan
run: |
- psalm -c psalm.xml \
- --show-info=true \
- --shepherd \
- --php-version=${{ steps.setup-php.outputs.php-version }}
+ vendor/bin/phpstan analyze -c phpstan.neon
- - name: Psalm (testsuite)
+ - name: PHPStan (testsuite)
run: |
- psalm -c psalm-dev.xml \
- --show-info=true \
- --shepherd \
- --php-version=${{ steps.setup-php.outputs.php-version }}
-
- - name: Psalter
- run: |
- psalm --alter \
- --issues=UnnecessaryVarAnnotation \
- --dry-run \
- --php-version=${{ steps.setup-php.outputs.php-version }}
+ vendor/bin/phpstan analyze -c phpstan-dev.neon
security:
name: Security checks
@@ -124,7 +111,7 @@ jobs:
- name: Setup problem matchers for PHP
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Get composer cache directory
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$GITHUB_ENV"
@@ -180,7 +167,7 @@ jobs:
git config --global core.autocrlf false
git config --global core.eol lf
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Get composer cache directory
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$GITHUB_ENV"
@@ -226,7 +213,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
- extensions: ctype, date, dom, fileinfo, filter, hash, intl, mbstring, openssl, pcre, posix, spl, xml
+ extensions: ctype, date, dom, fileinfo, filter, hash, intl, mbstring, openssl, pcre, posix, spl, xml, zip
tools: composer
ini-values: error_reporting=E_ALL
coverage: none
@@ -242,7 +229,7 @@ jobs:
git config --global core.autocrlf false
git config --global core.eol lf
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Get composer cache directory
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$env:GITHUB_ENV"
@@ -265,7 +252,7 @@ jobs:
runs-on: [ubuntu-latest]
needs: [unit-tests-linux]
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- uses: actions/download-artifact@v5
with:
diff --git a/phpstan-dev.neon b/phpstan-dev.neon
new file mode 100644
index 0000000..09d9773
--- /dev/null
+++ b/phpstan-dev.neon
@@ -0,0 +1,4 @@
+parameters:
+ level: 5
+ paths:
+ - tests
diff --git a/phpstan.neon b/phpstan.neon
new file mode 100644
index 0000000..db37782
--- /dev/null
+++ b/phpstan.neon
@@ -0,0 +1,4 @@
+parameters:
+ level: 6
+ paths:
+ - src
diff --git a/psalm.xml b/psalm.xml
deleted file mode 100644
index cd7d69d..0000000
--- a/psalm.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/src/Auth/Process/Authorize.php b/src/Auth/Process/Authorize.php
index 3fc05e3..e9366b2 100644
--- a/src/Auth/Process/Authorize.php
+++ b/src/Auth/Process/Authorize.php
@@ -47,7 +47,7 @@ class Authorize extends Auth\ProcessingFilter
/**
* Array of localised rejection messages
*
- * @var array
+ * @var string[]
*/
protected array $reject_msg = [];
@@ -60,9 +60,9 @@ class Authorize extends Auth\ProcessingFilter
/**
* Array of valid users. Each element is a regular expression. You should
- * user \ to escape special chars, like '.' etc.
+ * use \ to escape special chars, like '.' etc.
*
- * @param array
+ * @var array
*/
protected array $valid_attribute_values = [];
@@ -82,7 +82,7 @@ class Authorize extends Auth\ProcessingFilter
* Initialize this filter.
* Validate configuration parameters.
*
- * @param array $config Configuration information about this filter.
+ * @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
public function __construct(array $config, $reserved)
@@ -155,7 +155,7 @@ public function __construct(array $config, $reserved)
/**
* Apply filter to validate attributes.
*
- * @param array &$state The current request
+ * @param array &$state The current request
*/
public function process(array &$state): void
{
@@ -225,7 +225,7 @@ public function process(array &$state): void
* thinking in case a "chained" ACL is needed, more complex
* permission logic.
*
- * @param array $state
+ * @param array $state
*/
protected function unauthorized(array &$state): void
{
diff --git a/src/Controller/Authorize.php b/src/Controller/Authorize.php
index d7e8785..026558d 100644
--- a/src/Controller/Authorize.php
+++ b/src/Controller/Authorize.php
@@ -51,7 +51,7 @@ public function forbidden(Request $request): Template
throw new Error\BadRequest('Missing required StateId query parameter.');
}
- /** @var array $state */
+ /** @var array $state */
$state = Auth\State::loadState($stateId, 'authorize:Authorize');
$t = new Template($this->config, 'authorize:authorize_403.twig');
@@ -108,7 +108,7 @@ public function reauthenticate(Request $request): void
if (!is_string($stateId)) {
throw new Error\BadRequest('Missing required StateId query parameter.');
}
- /** @var array $state */
+ /** @var array $state */
$state = Auth\State::loadState($stateId, 'authorize:Authorize');
$authSource = $state['Source']['auth'];