Update toolkit

Author: MGatner

.github/workflows/deduplicate.yml

@@ -0,0 +1,39 @@
+# When a PR is opened or a push is made, check code
+# for duplication with PHP Copy/Paste Detector.
+name: PHPCPD
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'app/**'
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/deduplicate.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'app/**'
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/deduplicate.yml'
+
+jobs:
+  build:
+    name: Duplicate Code Detection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          tools: phpcpd
+          extensions: dom, mbstring
+
+      - name: Detect code duplication
+        run: phpcpd app/ src/ tests/

.github/workflows/inspect.yml

@@ -0,0 +1,79 @@
+# When a PR is opened or a push is made, perform an
+# architectural inspection on the code using Deptrac.
+name: Deptrac
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'depfile.yaml'
+      - '.github/workflows/inspect.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - 'composer.**'
+      - 'depfile.yaml'
+      - '.github/workflows/inspect.yml'
+
+jobs:
+  build:
+    name: Architectural Inspection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          tools: composer, pecl, phive
+          extensions: intl, json, mbstring, xml
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Create composer cache directory
+        run: mkdir -p ${{ steps.composer-cache.outputs.dir }}
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Create Deptrac cache directory
+        run: mkdir -p build/
+
+      - name: Cache Deptrac results
+        uses: actions/cache@v2
+        with:
+          path: build
+          key: ${{ runner.os }}-deptrac-${{ github.sha }}
+          restore-keys: ${{ runner.os }}-deptrac-
+
+      - name: Install dependencies (limited)
+        if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install dependencies (authenticated)
+        if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+
+      - name: Run architectural inspection
+        run: |
+          sudo phive --no-progress install --global --trust-gpg-keys B8F640134AB1782E,A98E898BB53EB748 qossmic/deptrac
+          deptrac analyze --cache-file=build/deptrac.cache

.github/workflows/test.yml

@@ -28,7 +28,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ matrix.php-versions }}
-          tools: composer, pecl, phpunit
+          tools: composer, infection, pecl, phive, phpunit
           extensions: intl, json, mbstring, gd, mysqlnd, xdebug, xml, sqlite3
           coverage: xdebug
         env:
@@ -55,24 +55,24 @@ jobs:
         env:
           COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
 
-      - name: Enable Tachycardia
-        run: echo "TACHYCARDIA_MONITOR_GA=enabled" >> $GITHUB_ENV
-
       - name: Test with PHPUnit
         run: vendor/bin/phpunit --verbose --coverage-text
         env:
           TERM: xterm-256color
+          TACHYCARDIA_MONITOR_GA: enabled
 
       - if: matrix.php-versions == '8.0'
         name: Mutate with Infection
         run: |
-          composer global require infection/infection
           git fetch --depth=1 origin $GITHUB_BASE_REF
           infection --threads=2 --skip-initial-tests --coverage=build/phpunit --git-diff-base=origin/$GITHUB_BASE_REF --git-diff-filter=AM --logger-github --ignore-msi-with-no-mutations
 
       - if: matrix.php-versions == '8.0'
         name: Run Coveralls
-        run: vendor/bin/php-coveralls --verbose --coverage_clover=build/phpunit/clover.xml --json_path build/phpunit/coveralls-upload.json
+        continue-on-error: true
+        run: |
+          sudo phive --no-progress install --global --trust-gpg-keys E82B2FB314E9906E php-coveralls
+          php-coveralls --verbose --coverage_clover=build/phpunit/clover.xml --json_path build/phpunit/coveralls-upload.json
         env:
           COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           COVERALLS_PARALLEL: true

.github/workflows/unused.yml

@@ -0,0 +1,60 @@
+# When a PR is opened or a push is made, check code
+# for unused packages with Composer Unused.
+name: Unused
+
+on:
+  pull_request:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/unused.yml'
+  push:
+    branches:
+      - 'develop'
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.github/workflows/unused.yml'
+
+jobs:
+  build:
+    name: Unused Package Detection
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          tools: composer, composer-unused
+          extensions: intl, json, mbstring, xml
+        env:
+          COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v2
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - name: Install dependencies (limited)
+        if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Install dependencies (authenticated)
+        if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
+        run: composer update --no-progress --no-interaction --prefer-dist --optimize-autoloader
+        env:
+          COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
+
+      - name: Detect unused packages
+        run: composer-unused -vvv --profile --ansi --no-interaction --no-progress --excludePackage=php

.php-cs-fixer.dist.php

@@ -1,33 +1,20 @@
 <?php
 
+use CodeIgniter\CodingStandard\CodeIgniter4;
 use Nexus\CsConfig\Factory;
 use PhpCsFixer\Finder;
-use Tatter\Tools\Standard;
 
 $finder = Finder::create()
     ->files()
     ->in(__DIR__)
     ->exclude('build')
     ->append([__FILE__]);
 
-// Remove overrides for incremental changes
-$overrides = [
-	'array_indentation' => false,
-	'braces'            => false,
-	'indentation_type'  => false,
-];
+$overrides = [];
 
 $options = [
     'finder'    => $finder,
     'cacheFile' => 'build/.php-cs-fixer.cache',
 ];
 
-/* Reenable after incremental changes are applied
-return Factory::create(new Standard(), $overrides, $options)->forLibrary(
-    'Library',
-    'Tatter Software',
-    '',
-    2021
-);
-*/
-return Factory::create(new Standard(), $overrides, $options)->forProjects();
+return Factory::create(new CodeIgniter4(), $overrides, $options)->forProjects();

SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+The development team and community take all security issues seriously. **Please do not make public any uncovered flaws.**
+
+## Reporting a Vulnerability
+
+Thank you for improving the security of our code! Any assistance in removing security flaws will be acknowledged.
+
+**Please report security flaws by emailing the development team directly: [email protected]**.
+
+The lead maintainer will acknowledge your email within 48 hours, and will send a more detailed response within 48 hours indicating
+the next steps in handling your report. After the initial reply to your report, the security team will endeavor to keep you informed of the
+progress towards a fix and full announcement, and may ask for additional information or guidance.
+
+## Disclosure Policy
+
+When the security team receives a security bug report, they will assign it to a primary handler.
+This person will coordinate the fix and release process, involving the following steps:
+
+- Confirm the problem and determine the affected versions.
+- Audit code to find any potential similar problems.
+- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved please submit a Pull Request.

composer.json

@@ -25,7 +25,7 @@
     },
     "require-dev": {
         "codeigniter4/codeigniter4": "dev-develop",
-        "tatter/tools": "^1.10"
+        "tatter/tools": "^1.15"
     },
     "autoload": {
         "psr-4": {
@@ -50,8 +50,18 @@
     "prefer-stable": true,
     "scripts": {
         "analyze": "phpstan analyze",
+        "ci": [
+            "Composer\\Config::disableProcessTimeout",
+            "@deduplicate",
+            "@analyze",
+            "@test",
+            "@inspect",
+            "@style"
+        ],
+        "deduplicate": "phpcpd app/ src/",
+        "inspect": "deptrac analyze --cache-file=build/deptrac.cache",
         "mutate": "infection --threads=2 --skip-initial-tests --coverage=build/phpunit",
-        "style": "php-cs-fixer fix --verbose --ansi",
+        "style": "php-cs-fixer fix --verbose --ansi --using-cache=no",
         "test": "phpunit"
     }
 }