Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add static analysis #470

Merged
merged 3 commits into from
Dec 29, 2020
Merged

Add static analysis #470

merged 3 commits into from
Dec 29, 2020

Conversation

FrontEndCoffee
Copy link
Contributor

@FrontEndCoffee FrontEndCoffee commented Dec 22, 2020
edited
Loading

Description

There are no source code changes in this PR.

PHPStan is a static analysis tool for PHP. By adding this tool to the project, a quality standard of code can be maintained over time automatically.

Currently, the configured level of strictness is configured to 1 (see phpstan.neon). This can be increased all the way to 8. I suggest making these increments a PR at the time, as some code will need to be fixed to get to those levels.

I also suggest in time adding the following plugins to the PHPStan configuration:

  • phpstan/phpstan-deprecation-rules
  • phpstan/phpstan-strict-rules

As you can see, I have also updated the circle-ci config to include this tool in to the CI flow.

Testing

You can manually run PHPStan by executing composer static-analysis

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not master

@FrontEndCoffee FrontEndCoffee requested a review from a team as a code owner December 22, 2020 10:05
@FrontEndCoffee
Copy link
Contributor Author

@evansims The CI seems to fail on deprecation notices. I am not sure why master does not fail on this.

1) Auth0\Tests\unit\Auth0Test::testThatExchangeFailsWithNoStoredNonce
The use of the method "withClaim" is deprecated for registered claims. Please use dedicated method instead.

I do see that there are quite some deprecation notices in the application, shall I fix them as part of this PR?

@FrontEndCoffee FrontEndCoffee changed the title Add static analysis to project + add to CI flow. Add static analysis Dec 22, 2020
@evansims
Copy link
Member

Hey @FrontEndCoffee 👋 This is great, thanks so much for your pull request! Adding this had been on my backlog and I really appreciate you taking it on here. Don't fret too much on the CI issues, those will clear up once #467 is merged, and we'll get your PR merged in at that point.

Just waiting on our internal review process to finish on 467 and we can move forward, but with the holidays things are moving a bit slower than usual right now.

evansims
evansims approved these changes Dec 29, 2020
View reviewed changes
Copy link
Member

@evansims evansims left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thank you again for your contribution on this 👍

@evansims evansims added this to the 7.6.0 milestone Dec 29, 2020
@evansims evansims merged commit 2bbeccf into auth0:master Dec 29, 2020
@FrontEndCoffee FrontEndCoffee deleted the add-static-analysis branch January 4, 2021 07:02
@github-actions
Copy link
Contributor

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@evansims evansims evansims approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
7.6.0
Development

Successfully merging this pull request may close these issues.
2 participants
@FrontEndCoffee @evansims