Adding psalm

ericsizemore · Mar 15, 2024 · a6a0cd6 · a6a0cd6
1 parent f381095
commit a6a0cd6
Show file tree

Hide file tree

Showing 12 changed files with 1,577 additions and 169 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -9,5 +9,8 @@
 /.scrutinizer.yml         export-ignore
 /tests                    export-ignore
 /composer.lock            export-ignore
+/mkdocs.xml               export-ignore
 /phpstan.neon             export-ignore
 /phpunit.xml              export-ignore
+/psalm.xml                export-ignore
+/renovate.json            export-ignore
diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml
@@ -1,40 +1,24 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
+name: Psalm Static analysis
 
-name: Psalm Security Scan
-
-on:
-  workflow_dispatch:
-  push:
-    branches: [ "master" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "master" ]
-  schedule:
-    - cron: '26 23 * * 0'
-
-permissions:
-  contents: read
+on: [push, pull_request]
 
 jobs:
-  php-security:
+  psalm:
+    name: Psalm
     runs-on: ubuntu-latest
-    permissions:
-      contents: read # for actions/checkout to fetch code
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
-
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-      - name: Psalm Security Scan
-        uses: psalm/psalm-github-security-scan@master
+      - name: Psalm
+        uses: docker://vimeo/psalm-github-actions:latest
+        with:
+          args: --shepherd
+          composer_require_dev: true
+          security_analysis: true
+          report_file: results.sarif
 
       - name: Upload Security Analysis results to GitHub
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
-          wait-for-processing: true
+          wait-for-processing: true
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        php: [ '8.2', '8.3', '8.4' ]
+        php: [ '8.2', '8.3' ]
     steps:
       - uses: actions/checkout@v4
         with:

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -23,6 +23,7 @@ However, if you make use of the `raw`, `toArray`, or `toObject` functions, pleas
       * `Utils::raw()`, `Utils::toArray()`, `Utils::toObject()`
   * The `LibrariesIO` class now only defines functions to access the API endpoints and leaves the rest of the work up to `AbstractClient` and `Utils`.
   * `Exception\RateLimitExceededException` now takes `GuzzleHttp\Exception\ClientException` as a parameter.
+  * Fixes to both code and docblocks/etc. throughout per Psalm.
 
 ### Added
 
@@ -32,6 +33,7 @@ However, if you make use of the `raw`, `toArray`, or `toObject` functions, pleas
     * Exception\InvalidApiKeyException
     * Exception\InvalidEndpointException
     * Exception\InvalidEndpointOptionsException
+  * `vimeo/psalm` as a dev dependency
 
 ### Removed
 

diff --git a/README.md b/README.md
@@ -1,12 +1,14 @@
 # LibrariesIO - A simple API wrapper/client for the Libraries.io API.
 
-[![PHPMD](https://github.com/ericsizemore/librariesio/actions/workflows/phpmd.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/phpmd.yml)
-[![PHPStan](https://github.com/ericsizemore/librariesio/actions/workflows/main.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/main.yml)
-[![Psalm Security Scan](https://github.com/ericsizemore/librariesio/actions/workflows/psalm.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/psalm.yml)
-[![Tests](https://github.com/ericsizemore/librariesio/actions/workflows/tests.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/tests.yml)
-[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/ericsizemore/librariesio/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/ericsizemore/librariesio/?branch=master)
+[![Build Status](https://scrutinizer-ci.com/g/ericsizemore/librariesio/badges/build.png?b=master)](https://scrutinizer-ci.com/g/ericsizemore/librariesio/build-status/master)
 [![Code Coverage](https://scrutinizer-ci.com/g/ericsizemore/librariesio/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/ericsizemore/librariesio/?branch=master)
-
+[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/ericsizemore/librariesio/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/ericsizemore/librariesio/?branch=master)
+[![Tests](https://github.com/ericsizemore/librariesio/actions/workflows/tests.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/tests.yml)
+[![PHPStan](https://github.com/ericsizemore/librariesio/actions/workflows/main.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/main.yml)
+[![Psalm Static analysis](https://github.com/ericsizemore/librariesio/actions/workflows/psalm.yml/badge.svg?branch=master)](https://github.com/ericsizemore/librariesio/actions/workflows/psalm.yml)
+[![PHPMD](https://github.com/ericsizemore/librariesio/actions/workflows/phpmd.yml/badge.svg)](https://github.com/ericsizemore/librariesio/actions/workflows/phpmd.yml)
+[![Type Coverage](https://shepherd.dev/github/ericsizemore/librariesio/coverage.svg)](https://shepherd.dev/github/ericsizemore/librariesio)
+[![Psalm Level](https://shepherd.dev/github/ericsizemore/librariesio/level.svg)](https://shepherd.dev/github/ericsizemore/librariesio)
 [![Latest Stable Version](https://img.shields.io/packagist/v/esi/librariesio.svg)](https://packagist.org/packages/esi/librariesio)
 [![Downloads per Month](https://img.shields.io/packagist/dm/esi/librariesio.svg)](https://packagist.org/packages/esi/librariesio)
 [![License](https://img.shields.io/packagist/l/esi/librariesio.svg)](https://packagist.org/packages/esi/librariesio)

diff --git a/composer.json b/composer.json
@@ -25,7 +25,8 @@
         "security": "https://github.com/ericsizemore/librariesio/security/policy"
     },
     "require": {
-        "php": "^8.2 <8.5",
+        "php": "^8.2 <8.4",
+        "ext-json": "*",
         "guzzlehttp/guzzle": "^7.0 <8.0",
         "kevinrob/guzzle-cache-middleware": "^5.1 <6.0",
         "symfony/cache": "^7.0"
@@ -35,7 +36,9 @@
         "phpstan/phpstan": "^1.11 <2.0",
         "phpstan/phpstan-phpunit": "^1.4",
         "phpstan/phpstan-strict-rules": "^1.6",
-        "phpunit/phpunit": "^11.0"
+        "phpunit/phpunit": "^11.0",
+        "psalm/plugin-phpunit": "^0.18.4",
+        "vimeo/psalm": "dev-master"
     },
     "minimum-stability": "dev",
     "prefer-stable": true,
@@ -58,6 +61,7 @@
         "phpcs-fix": "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php",
         "phpcs-nofix": "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.dist.php --dry-run --diff",
         "phpstan": "vendor/bin/phpstan analyse -c phpstan.neon",
+        "psalm": "vendor/bin/psalm -c psalm.xml --no-diff",
         "test": "phpunit"
     }
 }