diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 70b4fc534..d98b34fc1 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -12,6 +12,9 @@ env: COMPOSER_FLAGS: "--ansi --no-interaction --no-progress --prefer-dist" COMPOSER_UPDATE_FLAGS: "" +permissions: + contents: read + jobs: tests: name: "CI" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 84063c5ac..153563a8e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -8,6 +8,9 @@ on: paths-ignore: - 'doc/**' +permissions: + contents: read + jobs: tests: name: "Lint" diff --git a/.github/workflows/phpstan.yml b/.github/workflows/phpstan.yml index f0b4624ee..587cbc264 100644 --- a/.github/workflows/phpstan.yml +++ b/.github/workflows/phpstan.yml @@ -12,6 +12,9 @@ env: COMPOSER_FLAGS: "--ansi --no-interaction --prefer-dist" SYMFONY_PHPUNIT_VERSION: "" +permissions: + contents: read + jobs: tests: name: "PHPStan" diff --git a/composer.lock b/composer.lock index d55a6d6c4..d1c3e2680 100644 --- a/composer.lock +++ b/composer.lock @@ -1898,16 +1898,16 @@ "packages-dev": [ { "name": "phpstan/phpstan", - "version": "1.7.10", + "version": "1.7.15", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "25e069474cf00215b0f64c60a26230908ef3eefa" + "reference": "cd0202ea1b1fc6d1bbe156c6e2e18a03e0ff160a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/25e069474cf00215b0f64c60a26230908ef3eefa", - "reference": "25e069474cf00215b0f64c60a26230908ef3eefa", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/cd0202ea1b1fc6d1bbe156c6e2e18a03e0ff160a", + "reference": "cd0202ea1b1fc6d1bbe156c6e2e18a03e0ff160a", "shasum": "" }, "require": { @@ -1933,7 +1933,7 @@ "description": "PHPStan - PHP Static Analysis Tool", "support": { "issues": "https://github.com/phpstan/phpstan/issues", - "source": "https://github.com/phpstan/phpstan/tree/1.7.10" + "source": "https://github.com/phpstan/phpstan/tree/1.7.15" }, "funding": [ { @@ -1953,7 +1953,7 @@ "type": "tidelift" } ], - "time": "2022-06-03T14:12:23+00:00" + "time": "2022-06-20T08:29:01+00:00" }, { "name": "phpstan/phpstan-deprecation-rules", @@ -2107,16 +2107,16 @@ }, { "name": "phpstan/phpstan-symfony", - "version": "1.2.2", + "version": "1.2.5", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan-symfony.git", - "reference": "30f12aeab960c7f324eee3b39645655cf8a84146" + "reference": "85be852a17fd5a6b67d4fc6daed21e794f935b2d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan-symfony/zipball/30f12aeab960c7f324eee3b39645655cf8a84146", - "reference": "30f12aeab960c7f324eee3b39645655cf8a84146", + "url": "https://api.github.com/repos/phpstan/phpstan-symfony/zipball/85be852a17fd5a6b67d4fc6daed21e794f935b2d", + "reference": "85be852a17fd5a6b67d4fc6daed21e794f935b2d", "shasum": "" }, "require": { @@ -2172,9 +2172,9 @@ "description": "Symfony Framework extensions and rules for PHPStan", "support": { "issues": "https://github.com/phpstan/phpstan-symfony/issues", - "source": "https://github.com/phpstan/phpstan-symfony/tree/1.2.2" + "source": "https://github.com/phpstan/phpstan-symfony/tree/1.2.5" }, - "time": "2022-05-28T15:18:51+00:00" + "time": "2022-06-10T08:44:35+00:00" }, { "name": "symfony/phpunit-bridge", diff --git a/phpstan/baseline.neon b/phpstan/baseline.neon index 97429dd89..6a7c6d188 100644 --- a/phpstan/baseline.neon +++ b/phpstan/baseline.neon @@ -3540,11 +3540,6 @@ parameters: count: 1 path: ../src/Composer/Plugin/PluginManager.php - - - message: "#^Only booleans are allowed in an if condition, CapabilityClass of Composer\\\\Plugin\\\\Capability\\\\Capability\\|null given\\.$#" - count: 1 - path: ../src/Composer/Plugin/PluginManager.php - - message: "#^Only booleans are allowed in an if condition, Composer\\\\Package\\\\PackageInterface\\|null given\\.$#" count: 1 diff --git a/src/Composer/Downloader/GitDownloader.php b/src/Composer/Downloader/GitDownloader.php index 4e458c3b2..c4fbc8d76 100644 --- a/src/Composer/Downloader/GitDownloader.php +++ b/src/Composer/Downloader/GitDownloader.php @@ -460,7 +460,7 @@ class GitDownloader extends VcsDownloader implements DvcsDownloaderInterface // check whether non-commitish are branches or tags, and fetch branches with the remote name $gitRef = $reference; if (!Preg::isMatch('{^[a-f0-9]{40}$}', $reference) - && $branches + && null !== $branches && Preg::isMatch('{^\s+composer/'.preg_quote($reference).'$}m', $branches) ) { $command = sprintf('git checkout '.$force.'-B %s %s -- && git reset --hard %2$s --', ProcessExecutor::escape($branch), ProcessExecutor::escape('composer/'.$reference)); @@ -472,7 +472,7 @@ class GitDownloader extends VcsDownloader implements DvcsDownloaderInterface // try to checkout branch by name and then reset it so it's on the proper branch name if (Preg::isMatch('{^[a-f0-9]{40}$}', $reference)) { // add 'v' in front of the branch if it was stripped when generating the pretty name - if (!Preg::isMatch('{^\s+composer/'.preg_quote($branch).'$}m', $branches) && Preg::isMatch('{^\s+composer/v'.preg_quote($branch).'$}m', $branches)) { + if (null !== $branches && !Preg::isMatch('{^\s+composer/'.preg_quote($branch).'$}m', $branches) && Preg::isMatch('{^\s+composer/v'.preg_quote($branch).'$}m', $branches)) { $branch = 'v' . $branch; } diff --git a/src/Composer/Installer/BinaryInstaller.php b/src/Composer/Installer/BinaryInstaller.php index 11f561fbb..203b62494 100644 --- a/src/Composer/Installer/BinaryInstaller.php +++ b/src/Composer/Installer/BinaryInstaller.php @@ -437,7 +437,7 @@ if [ -d /proc/cygdrive ]; then esac fi -export COMPOSER_RUNTIME_BIN_DIR=\$(cd "\${self%[/\\\\]*}" > /dev/null; pwd) +export COMPOSER_RUNTIME_BIN_DIR="\$(cd "\${self%[/\\\\]*}" > /dev/null; pwd)" # If bash is sourcing this file, we have to source the target as well bashSource="\$BASH_SOURCE" diff --git a/src/Composer/Plugin/PluginManager.php b/src/Composer/Plugin/PluginManager.php index a2da6b9bd..b93164168 100644 --- a/src/Composer/Plugin/PluginManager.php +++ b/src/Composer/Plugin/PluginManager.php @@ -638,7 +638,8 @@ class PluginManager { $capabilities = array(); foreach ($this->getPlugins() as $plugin) { - if ($capability = $this->getPluginCapability($plugin, $capabilityClassName, $ctorArgs)) { + $capability = $this->getPluginCapability($plugin, $capabilityClassName, $ctorArgs); + if (null !== $capability) { $capabilities[] = $capability; } } diff --git a/src/Composer/Util/AuthHelper.php b/src/Composer/Util/AuthHelper.php index 85bfe7608..db41c694f 100644 --- a/src/Composer/Util/AuthHelper.php +++ b/src/Composer/Util/AuthHelper.php @@ -192,9 +192,9 @@ class AuthHelper // fail if the console is not interactive if (!$this->io->isInteractive()) { if ($statusCode === 401) { - $message = "The '" . $url . "' URL required authentication.\nYou must be using the interactive console to authenticate"; + $message = "The '" . $url . "' URL required authentication (HTTP 401).\nYou must be using the interactive console to authenticate"; } elseif ($statusCode === 403) { - $message = "The '" . $url . "' URL could not be accessed: " . $reason; + $message = "The '" . $url . "' URL could not be accessed (HTTP 403): " . $reason; } else { $message = "Unknown error code '" . $statusCode . "', reason: " . $reason; } @@ -210,7 +210,7 @@ class AuthHelper return array('retry' => true, 'storeAuth' => false); } - throw new TransportException("Invalid credentials for '" . $url . "', aborting.", $statusCode); + throw new TransportException("Invalid credentials (HTTP $statusCode) for '$url', aborting.", $statusCode); } $this->io->writeError(' Authentication required ('.$origin.'):');