From 310736fcf527f7b233393d7afc819735c44bf7ba Mon Sep 17 00:00:00 2001 From: Gustavo Freze Date: Wed, 7 Jan 2026 09:38:07 -0300 Subject: [PATCH 1/5] chore: Updates project dependencies and GitHub Actions workflows. --- .github/dependabot.yml | 31 +++++++++++++++++++++++++++ .github/workflows/auto-assign.yml | 2 +- .github/workflows/ci.yml | 4 ++-- .github/workflows/codeql.yml | 35 +++++++++++++++++++++++++++++++ .gitignore | 9 ++++---- composer.json | 10 ++++----- 6 files changed, 78 insertions(+), 13 deletions(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..f0ce8fc --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,31 @@ +version: 2 + +updates: + - package-ecosystem: "composer" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 0 + labels: + - "php" + - "security" + - "dependencies" + groups: + php-security: + applies-to: security-updates + patterns: + - "*" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + commit-message: + prefix: "build" + labels: + - "dependencies" + - "github-actions" + groups: + github-actions: + patterns: + - "*" diff --git a/.github/workflows/auto-assign.yml b/.github/workflows/auto-assign.yml index a17e92e..f37e91f 100644 --- a/.github/workflows/auto-assign.yml +++ b/.github/workflows/auto-assign.yml @@ -18,7 +18,7 @@ jobs: - name: Assign issues and pull requests uses: gustavofreze/auto-assign@2.0.0 with: - assignees: '${{ secrets.ASSIGNEES }}' + assignees: '${{ vars.ASSIGNEES }}' github_token: '${{ secrets.GITHUB_TOKEN }}' allow_self_assign: 'true' allow_no_assignees: 'true' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 358ac92..35d7788 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Configure PHP uses: shivammathur/setup-php@v2 @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Use PHP ${{ env.PHP_VERSION }} uses: shivammathur/setup-php@v2 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..4c6d7f7 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,35 @@ +name: Security checks + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: "0 0 * * *" + +permissions: + actions: read + contents: read + security-events: write + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: [ "actions" ] + + steps: + - name: Checkout repository + uses: actions/checkout@v6 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: ${{ matrix.language }} + + - name: Perform CodeQL analysis + uses: github/codeql-action/analyze@v4 diff --git a/.gitignore b/.gitignore index 1cb9b22..3333ef2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ .idea -vendor -report -.phpunit.cache -composer.lock -.phpunit.result.cache \ No newline at end of file +/vendor/ +/report +*.lock +.phpunit.* diff --git a/composer.json b/composer.json index 7fa5605..45657a7 100644 --- a/composer.json +++ b/composer.json @@ -43,13 +43,13 @@ }, "require": { "php": "^8.3", - "tiny-blocks/collection": "dev-main" + "tiny-blocks/collection": "^1" }, "require-dev": { "phpmd/phpmd": "^2.15", - "phpstan/phpstan": "^1", - "phpunit/phpunit": "^11", - "infection/infection": "^0", + "phpstan/phpstan": "^1.12", + "phpunit/phpunit": "^11.5", + "infection/infection": "^0.32", "squizlabs/php_codesniffer": "^3.11" }, "scripts": { @@ -58,7 +58,7 @@ "phpmd": "phpmd ./src text phpmd.xml --suffixes php --ignore-violations-on-exit", "phpstan": "phpstan analyse -c phpstan.neon.dist --quiet --no-progress", "test-file": "phpunit --configuration phpunit.xml --no-coverage --filter", - "mutation-test": "infection --only-covered --threads=max --logger-html=report/coverage/mutation-report.html --coverage=report/coverage", + "mutation-test": "infection --threads=max --logger-html=report/coverage/mutation-report.html --coverage=report/coverage", "test-no-coverage": "phpunit --configuration phpunit.xml --no-coverage tests", "review": [ "@phpcs", From ca86379318d8cfccfaa5ebed31873b5f09a66ac7 Mon Sep 17 00:00:00 2001 From: Gustavo Freze Date: Wed, 7 Jan 2026 09:39:57 -0300 Subject: [PATCH 2/5] chore: Updates project dependencies and GitHub Actions workflows. --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 45657a7..7141a92 100644 --- a/composer.json +++ b/composer.json @@ -43,7 +43,7 @@ }, "require": { "php": "^8.3", - "tiny-blocks/collection": "^1" + "tiny-blocks/collection": "^1.10" }, "require-dev": { "phpmd/phpmd": "^2.15", From 7f2140dbf5dc2aa9299294131afbb7343e56488f Mon Sep 17 00:00:00 2001 From: Gustavo Freze Date: Wed, 7 Jan 2026 09:44:12 -0300 Subject: [PATCH 3/5] chore: Updates project dependencies and GitHub Actions workflows. --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 7141a92..5d13dd6 100644 --- a/composer.json +++ b/composer.json @@ -42,14 +42,14 @@ } }, "require": { - "php": "^8.3", - "tiny-blocks/collection": "^1.10" + "php": "^8.3" }, "require-dev": { "phpmd/phpmd": "^2.15", "phpstan/phpstan": "^1.12", "phpunit/phpunit": "^11.5", "infection/infection": "^0.32", + "tiny-blocks/collection": "^1.10", "squizlabs/php_codesniffer": "^3.11" }, "scripts": { From 9a4593e755156af782411219778ad2f5d0c1e3c8 Mon Sep 17 00:00:00 2001 From: Gustavo Freze Date: Wed, 7 Jan 2026 09:47:40 -0300 Subject: [PATCH 4/5] chore: Updates project dependencies and GitHub Actions workflows. --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 5d13dd6..11ff428 100644 --- a/composer.json +++ b/composer.json @@ -49,7 +49,7 @@ "phpstan/phpstan": "^1.12", "phpunit/phpunit": "^11.5", "infection/infection": "^0.32", - "tiny-blocks/collection": "^1.10", + "tiny-blocks/collection": "1.*", "squizlabs/php_codesniffer": "^3.11" }, "scripts": { From f5a8ffc4481479a1fb23e158e8b2844e6d93df28 Mon Sep 17 00:00:00 2001 From: Gustavo Freze Date: Wed, 7 Jan 2026 09:53:38 -0300 Subject: [PATCH 5/5] chore: Updates project dependencies and GitHub Actions workflows. --- .github/workflows/ci.yml | 49 ---------------------------------------- composer.json | 1 - 2 files changed, 50 deletions(-) delete mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index 35d7788..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: CI - -on: - pull_request: - -permissions: - contents: read - -env: - PHP_VERSION: '8.3' - -jobs: - auto-review: - name: Auto review - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Configure PHP - uses: shivammathur/setup-php@v2 - with: - php-version: ${{ env.PHP_VERSION }} - - - name: Install dependencies - run: composer update --no-progress --optimize-autoloader - - - name: Run review - run: composer review - - tests: - name: Tests - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Use PHP ${{ env.PHP_VERSION }} - uses: shivammathur/setup-php@v2 - with: - php-version: ${{ env.PHP_VERSION }} - - - name: Install dependencies - run: composer update --no-progress --optimize-autoloader - - - name: Run tests - run: composer tests diff --git a/composer.json b/composer.json index 11ff428..be1edbe 100644 --- a/composer.json +++ b/composer.json @@ -49,7 +49,6 @@ "phpstan/phpstan": "^1.12", "phpunit/phpunit": "^11.5", "infection/infection": "^0.32", - "tiny-blocks/collection": "1.*", "squizlabs/php_codesniffer": "^3.11" }, "scripts": {