chore: improve static analysis, bump min PHP to 7.4, support PHP 8.2

.github/workflows/continuous-integration.yml

@@ -0,0 +1,154 @@
+# GitHub Actions Documentation: https://docs.github.com/en/actions
+
+name: "build"
+
+on:
+  push:
+    branches:
+      - "main"
+    tags:
+      - "*"
+  pull_request:
+    branches:
+      - "main"
+
+# Cancels all previous workflow runs for the same branch that have not yet completed.
+concurrency:
+  # The concurrency group contains the workflow name and the branch name.
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+
+env:
+  COMPOSER_ROOT_VERSION: "1.99.99"
+
+jobs:
+  coding-standards:
+    name: "Coding standards"
+    runs-on: "ubuntu-latest"
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/[email protected]"
+
+      - name: "Install PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          php-version: "8.2"
+          coverage: "none"
+
+      - name: "Install dependencies (Composer)"
+        uses: "ramsey/[email protected]"
+
+      - name: "Check syntax (php-parallel-lint)"
+        run: "composer dev:lint:syntax"
+
+      - name: "Check coding standards (PHP_CodeSniffer)"
+        run: "composer dev:lint:style"
+
+  static-analysis:
+    name: "Static analysis"
+    runs-on: "ubuntu-latest"
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/[email protected]"
+
+      - name: "Install PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          php-version: "8.2"
+          coverage: "none"
+
+      - name: "Install dependencies (Composer)"
+        uses: "ramsey/[email protected]"
+
+      - name: "Statically analyze code (PHPStan)"
+        run: "composer dev:analyze:phpstan"
+
+      - name: "Statically analyze code (Psalm)"
+        run: "composer dev:analyze:psalm -- --shepherd"
+
+  security-analysis:
+    name: "Security analysis"
+    needs: ["coding-standards", "static-analysis"]
+    runs-on: "ubuntu-latest"
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/[email protected]"
+
+      - name: "Install PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          php-version: "8.2"
+          coverage: "none"
+
+      - name: "Install dependencies (Composer)"
+        uses: "ramsey/[email protected]"
+
+      - name: "Analyze security of code (Psalm)"
+        run: "./vendor/bin/psalm --taint-analysis --report=build/logs/psalm.sarif"
+
+      - name: "Upload security analysis results to GitHub"
+        uses: "github/codeql-action/upload-sarif@v2"
+        with:
+          sarif_file: "build/logs/psalm.sarif"
+
+  code-coverage:
+    name: "Code coverage"
+    needs: ["coding-standards", "static-analysis"]
+    runs-on: "ubuntu-latest"
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/[email protected]"
+
+      - name: "Install PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          php-version: "8.2"
+          coverage: "pcov"
+          ini-values: "memory_limit=-1"
+
+      - name: "Install dependencies (Composer)"
+        uses: "ramsey/[email protected]"
+
+      - name: "Run unit tests (PHPUnit)"
+        run: "composer dev:test:coverage:ci"
+
+      - name: "Publish coverage report to Codecov"
+        uses: "codecov/[email protected]"
+
+  unit-tests:
+    name: "Unit tests"
+    needs: ["code-coverage"]
+    runs-on: "${{ matrix.os }}"
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php:
+          - "7.4"
+          - "8.0"
+          - "8.1"
+          - "8.2"
+        os: ["ubuntu-latest"]
+        composer-deps: ["lowest", "highest"]
+
+    steps:
+      - name: "Checkout repository"
+        uses: "actions/[email protected]"
+
+      - name: "Install PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          php-version: "${{ matrix.php }}"
+          coverage: "none"
+
+      - name: "Install dependencies (Composer)"
+        uses: "ramsey/[email protected]"
+        with:
+          dependency-versions: "${{ matrix.composer-deps }}"
+
+      - name: "Run unit tests (PHPUnit)"
+        run: "composer dev:test:unit"

.gitignore

@@ -1,7 +1,8 @@
 composer.phar
+/build/
 /vendor/
 /node_modules/
 *.cache
 cov.xml
 .idea
-.vscode
+.vscode

composer.json

@@ -1,21 +1,29 @@
 {
     "name": "skillshare/apollo-federation-php",
     "description": "A PHP port of the Apollo Federation specification.",
-    "type": "library",
     "license": "MIT",
+    "type": "library",
     "require": {
-        "php": "^7.1||^8.0",
-        "webonyx/graphql-php": "^0.13.8 || ^14.0"
-    },
-    "scripts": {
-        "test": "phpunit",
-        "sync": "yarn install && composer update",
-        "commit": "yarn commit"
+        "php": "^7.4 || ^8.0",
+        "webonyx/graphql-php": "^14.0"
     },
-    "config": {
-        "preferred-install": "dist",
-        "sort-packages": true
+    "require-dev": {
+        "ergebnis/composer-normalize": "^2.28",
+        "php-parallel-lint/php-console-highlighter": "^1.0",
+        "php-parallel-lint/php-parallel-lint": "^1.3.2",
+        "phpstan/extension-installer": "^1.2",
+        "phpstan/phpstan": "^1.9.3",
+        "phpstan/phpstan-phpunit": "^1.3.2",
+        "phpunit/phpunit": "^9.5.27",
+        "psalm/plugin-phpunit": "^0.18.4",
+        "psr/http-message": "^1.0.1",
+        "ramsey/coding-standard": "^2.0.3",
+        "react/promise": "^2.9.0",
+        "spatie/phpunit-snapshot-assertions": "^4.2.16",
+        "vimeo/psalm": "^5.2"
     },
+    "minimum-stability": "dev",
+    "prefer-stable": true,
     "autoload": {
         "psr-4": {
             "Apollo\\Federation\\": "src/"
@@ -26,10 +34,55 @@
             "Apollo\\Federation\\Tests\\": "test/"
         }
     },
-    "require-dev": {
-        "phpunit/phpunit": "^9.5",
-        "psr/http-message": "^1.0",
-        "react/promise": "^2.7",
-        "spatie/phpunit-snapshot-assertions": "^4.2"
+    "config": {
+        "allow-plugins": {
+            "dealerdirect/phpcodesniffer-composer-installer": true,
+            "phpstan/extension-installer": true,
+            "ergebnis/composer-normalize": true
+        },
+        "preferred-install": "dist",
+        "sort-packages": true
+    },
+    "scripts": {
+        "commit": "yarn commit",
+        "dev:analyze": [
+            "@dev:analyze:phpstan",
+            "@dev:analyze:psalm"
+        ],
+        "dev:analyze:phpstan": "phpstan analyse --ansi --memory-limit=1G",
+        "dev:analyze:psalm": "psalm",
+        "dev:lint": [
+            "@dev:lint:syntax",
+            "@dev:lint:style"
+        ],
+        "dev:lint:fix": "phpcbf",
+        "dev:lint:style": "phpcs --colors",
+        "dev:lint:syntax": "parallel-lint --colors src/ test/",
+        "dev:test": [
+            "@dev:lint",
+            "@dev:analyze",
+            "@dev:test:unit"
+        ],
+        "dev:test:coverage:ci": "phpunit --colors=always --coverage-text --coverage-clover build/coverage/clover.xml --coverage-cobertura build/coverage/cobertura.xml --coverage-crap4j build/coverage/crap4j.xml --coverage-xml build/coverage/coverage-xml --log-junit build/junit.xml",
+        "dev:test:coverage:html": "phpunit --colors=always --coverage-html build/coverage/coverage-html/",
+        "dev:test:unit": "phpunit --colors=always",
+        "sync": "yarn install && composer install",
+        "test": "@dev:test"
+    },
+    "scripts-descriptions": {
+        "commit": "Runs specialized tooling for git commits.",
+        "dev:analyze": "Runs all static analysis checks.",
+        "dev:analyze:phpstan": "Runs the PHPStan static analyzer.",
+        "dev:analyze:psalm": "Runs the Psalm static analyzer.",
+        "dev:lint": "Runs all linting checks.",
+        "dev:lint:fix": "Auto-fixes coding standards issues, if possible.",
+        "dev:lint:style": "Checks for coding standards issues.",
+        "dev:lint:syntax": "Checks for syntax errors.",
+        "dev:test": "Runs linting, static analysis, and unit tests.",
+        "dev:test:coverage:ci": "Runs unit tests and generates CI coverage reports.",
+        "dev:test:coverage:html": "Runs unit tests and generates HTML coverage report.",
+        "dev:test:unit": "Runs unit tests.",
+        "sync": "Installs dependencies.",
+        "test": "Runs linting, static analysis, and unit tests."
     }
 }