ergebnis · localheinz · Jan 2, 2023 · Jan 2, 2023
@@ -10,6 +10,9 @@ trim_trailing_whitespace = true
 [*.json]
 indent_size = 2
 
+[*.md]
+indent_size = 2
+
 [*.neon]
 indent_style = tab
 

@@ -8,6 +8,8 @@
 /.yamllint.yaml                 export-ignore
 /composer-require-checker.json  export-ignore
 /composer.lock                  export-ignore
+/infection.json                 export-ignore
 /Makefile                       export-ignore
 /psalm-baseline.xml             export-ignore
 /psalm.xml                      export-ignore
+/rector.php                     export-ignore
@@ -1 +1,3 @@
+# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-file-size
+
 * @ergebnis-bot @localheinz
@@ -47,6 +47,30 @@ make dependency-analysis
 
 to run a dependency analysis.
 
+## Refactoring
+
+We are using [`rector/rector`](https://github.com/rectorphp/rector) to automatically refactor code.
+
+Run
+
+```sh
+make refactoring
+```
+
+to automatically refactor code.
+
+## Security Analysis
+
+We are using [`composer`](https://github.com/composer/composer) to run a security analysis.
+
+Run
+
+```sh
+make security-analysis
+```
+
+to run a security analysis.
+
 ## Static Code Analysis
 
 We are using [`vimeo/psalm`](https://github.com/vimeo/psalm) to statically analyze the code.
@@ -83,6 +107,18 @@ make tests
 
 to run all the tests.
 
+## Mutation Tests
+
+We are using [`infection/infection`](https://github.com/infection/infection) to ensure a minimum quality of the tests.
+
+Enable `Xdebug` and run
+
+```sh
+make mutation-tests
+```
+
+to run mutation tests.
+
 ## Extra lazy?
 
 Run

@@ -13,20 +13,23 @@ branches:
         require_code_owner_reviews: true
         required_approving_review_count: 1
       required_status_checks:
-        contexts:
-          - "Code Coverage (8.0, locked)"
-          - "Coding Standards (8.0, locked)"
-          - "Dependency Analysis (8.0, locked)"
-          - "Static Code Analysis (8.0, locked)"
-          - "Tests (8.0, highest)"
-          - "Tests (8.0, locked)"
-          - "Tests (8.0, lowest)"
-          - "Tests (8.1, highest)"
-          - "Tests (8.1, locked)"
-          - "Tests (8.1, lowest)"
-          - "Tests (8.2, highest)"
-          - "Tests (8.2, locked)"
-          - "Tests (8.2, lowest)"
+        checks:
+          - context: "Code Coverage (8.0, locked)"
+          - context: "Coding Standards (8.0, locked)"
+          - context: "Dependency Analysis (8.0, locked)"
+          - context: "Mutation Tests (8.0, locked)"
+          - context: "Refactoring (8.0, locked)"
+          - context: "Security Analysis (8.0, locked)"
+          - context: "Static Code Analysis (8.0, locked)"
+          - context: "Tests (8.0, highest)"
+          - context: "Tests (8.0, locked)"
+          - context: "Tests (8.0, lowest)"
+          - context: "Tests (8.1, highest)"
+          - context: "Tests (8.1, locked)"
+          - context: "Tests (8.1, lowest)"
+          - context: "Tests (8.2, highest)"
+          - context: "Tests (8.2, locked)"
+          - context: "Tests (8.2, lowest)"
         strict: false
       restrictions:
 

@@ -59,10 +59,11 @@ jobs:
           XDEBUG_MODE: "coverage"
         run: "vendor/bin/phpunit --colors=always --configuration=test/Unit/phpunit.xml --coverage-clover=.build/phpunit/logs/clover.xml"
 
-      - name: "Send code coverage report to Codecov.io"
-        env:
-          CODECOV_TOKEN: "${{ secrets.CODECOV_TOKEN }}"
-        run: "bash <(curl -s https://codecov.io/bash)"
+      - name: "Send code coverage report to codecov.io"
+        uses: "codecov/[email protected]"
+        with:
+          files: ".build/phpunit/logs/clover.xml"
+          token: "${{ secrets.CODECOV_TOKEN }}"
 
   coding-standards:
     name: "Coding Standards"
@@ -82,7 +83,7 @@ jobs:
         uses: "actions/[email protected]"
 
       - name: "Lint YAML files"
-        uses: "ibiqlik/[email protected]"
+        uses: "ibiqlik/[email protected].1"
         with:
           config_file: ".yamllint.yaml"
           file_or_dir: "."
@@ -132,7 +133,7 @@ jobs:
             php-${{ matrix.php-version }}-php-cs-fixer-
 
       - name: "Run friendsofphp/php-cs-fixer"
-        run: "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --diff --dry-run --verbose"
+        run: "vendor/bin/php-cs-fixer fix --ansi --config=.php-cs-fixer.php --diff --dry-run --verbose"
 
   dependency-analysis:
     name: "Dependency Analysis"
@@ -179,6 +180,143 @@ jobs:
       - name: "Run maglnet/composer-require-checker"
         run: ".phive/composer-require-checker check --config-file=$(pwd)/composer-require-checker.json"
 
+  mutation-tests:
+    name: "Mutation Tests"
+
+    runs-on: "ubuntu-latest"
+
+    strategy:
+      matrix:
+        php-version:
+          - "8.0"
+
+        dependencies:
+          - "locked"
+
+    steps:
+      - name: "Checkout"
+        uses: "actions/[email protected]"
+
+      - name: "Set up PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          coverage: "xdebug"
+          extensions: "none, ctype, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter"
+          php-version: "${{ matrix.php-version }}"
+
+      - name: "Set up problem matchers for PHP"
+        run: "echo \"::add-matcher::${{ runner.tool_cache }}/php.json\""
+
+      - name: "Determine composer cache directory"
+        uses: "ergebnis/.github/actions/composer/[email protected]"
+
+      - name: "Cache dependencies installed with composer"
+        uses: "actions/[email protected]"
+        with:
+          path: "${{ env.COMPOSER_CACHE_DIR }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
+          restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
+
+      - name: "Install ${{ matrix.dependencies }} dependencies with composer"
+        uses: "ergebnis/.github/actions/composer/[email protected]"
+        with:
+          dependencies: "${{ matrix.dependencies }}"
+
+      - name: "Run mutation tests with Xdebug and infection/infection"
+        env:
+          XDEBUG_MODE: "coverage"
+        run: "vendor/bin/infection --ansi --configuration=infection.json --logger-github"
+
+  refactoring:
+    name: "Refactoring"
+
+    runs-on: "ubuntu-latest"
+
+    strategy:
+      matrix:
+        php-version:
+          - "8.0"
+
+        dependencies:
+          - "locked"
+
+    steps:
+      - name: "Checkout"
+        uses: "actions/[email protected]"
+
+      - name: "Set up PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          coverage: "none"
+          extensions: "none, ctype, dom, intl, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter"
+          php-version: "${{ matrix.php-version }}"
+
+      - name: "Set up problem matchers for PHP"
+        run: "echo \"::add-matcher::${{ runner.tool_cache }}/php.json\""
+
+      - name: "Determine composer cache directory"
+        uses: "ergebnis/.github/actions/composer/[email protected]"
+
+      - name: "Cache dependencies installed with composer"
+        uses: "actions/[email protected]"
+        with:
+          path: "${{ env.COMPOSER_CACHE_DIR }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
+          restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
+
+      - name: "Install ${{ matrix.dependencies }} dependencies with composer"
+        uses: "ergebnis/.github/actions/composer/[email protected]"
+        with:
+          dependencies: "${{ matrix.dependencies }}"
+
+      - name: "Create cache directory for rector/rector"
+        run: "mkdir -p .build/rector"
+
+      - name: "Cache cache directory for rector/rector"
+        uses: "actions/[email protected]"
+        with:
+          path: ".build/rector"
+          key: "php-${{ matrix.php-version }}-rector-${{ github.ref_name }}"
+          restore-keys: |
+            php-${{ matrix.php-version }}-rector-main
+            php-${{ matrix.php-version }}-rector-
+
+      - name: "Run automated refactoring with rector/rector"
+        run: "vendor/bin/rector --ansi --config=rector.php --dry-run"
+
+  security-analysis:
+    name: "Security Analysis"
+
+    runs-on: "ubuntu-latest"
+
+    strategy:
+      matrix:
+        php-version:
+          - "8.0"
+
+        dependencies:
+          - "locked"
+
+    steps:
+      - name: "Checkout"
+        uses: "actions/[email protected]"
+
+      - name: "Set up PHP"
+        uses: "shivammathur/[email protected]"
+        with:
+          coverage: "none"
+          extensions: "none, ctype, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter"
+          php-version: "${{ matrix.php-version }}"
+
+      - name: "Set up problem matchers for PHP"
+        run: "echo \"::add-matcher::${{ runner.tool_cache }}/php.json\""
+
+      - name: "Validate composer.json and composer.lock"
+        run: "composer validate --ansi --strict"
+
+      - name: "Check installed packages for security vulnerability advisories"
+        run: "composer audit --ansi"
+
   static-code-analysis:
     name: "Static Code Analysis"
 

@@ -33,8 +33,8 @@ jobs:
       - name: "Assign @ergebnis-bot"
         uses: "ergebnis/.github/actions/github/pull-request/[email protected]"
         with:
-          github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
           assignee: "ergebnis-bot"
+          github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
 
       - name: "Approve pull request"
         uses: "ergebnis/.github/actions/github/pull-request/[email protected]"

@@ -67,7 +67,7 @@ jobs:
             php-${{ matrix.php-version }}-php-cs-fixer-
 
       - name: "Run friendsofphp/php-cs-fixer"
-        run: "vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --diff --verbose"
+        run: "vendor/bin/php-cs-fixer fix --ansi --config=.php-cs-fixer.php --diff --verbose"
 
       - name: "Commit modified files"
         uses: "stefanzweifel/[email protected]"

@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
-  <phar name="composer-require-checker" version="^4.2.0" installed="4.2.0" location="./.phive/composer-require-checker" copy="true"/>
+  <phar name="composer-require-checker" version="^4.4.0" installed="4.4.0" location="./.phive/composer-require-checker" copy="true"/>
 </phive>
@@ -1,15 +1,15 @@
 .PHONY: it
-it: coding-standards static-code-analysis tests ## Runs the coding-standards, static-code-analysis, and tests targets
+it: refactoring coding-standards security-analysis static-code-analysis tests ## Runs the refactoring, coding-standards, security-analysis, static-code-analysis, and tests targets
 
 .PHONY: code-coverage
 code-coverage: vendor ## Collects coverage from running unit tests with phpunit/phpunit
 	mkdir -p .build/phpunit
 	vendor/bin/phpunit --configuration=test/Unit/phpunit.xml --coverage-text
 
 .PHONY: coding-standards
-coding-standards: vendor ## Normalizes composer.json with ergebnis/composer-normalize, lints YAML files with yamllint and fixes code style issues with friendsofphp/php-cs-fixer
-	composer normalize
+coding-standards: vendor ## Lints YAML files with yamllint, normalizes composer.json with ergebnis/composer-normalize, and fixes code style issues with friendsofphp/php-cs-fixer
 	yamllint -c .yamllint.yaml --strict .
+	composer normalize
 	mkdir -p .build/php-cs-fixer
 	vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --diff --verbose
 
@@ -21,11 +21,24 @@ dependency-analysis: vendor ## Runs a dependency analysis with maglnet/composer-
 help: ## Displays this list of targets with descriptions
 	@grep -E '^[a-zA-Z0-9_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[32m%-30s\033[0m %s\n", $$1, $$2}'
 
+.PHONY: mutation-tests
+mutation-tests: vendor ## Runs mutation tests with infection/infection
+	mkdir -p .build/infection
+	vendor/bin/infection --configuration=infection.json
+
+.PHONY: refactoring
+refactoring: vendor ## Runs automated refactoring with rector/rector
+	vendor/bin/rector process --config=rector.php
+
+.PHONY: security-analysis
+security-analysis: vendor ## Runs a security analysis with composer
+	composer audit
+
 .PHONY: static-code-analysis
 static-code-analysis: vendor ## Runs a static code analysis with vimeo/psalm
 	mkdir -p .build/psalm
 	vendor/bin/psalm --config=psalm.xml --clear-cache
-	vendor/bin/psalm --config=psalm.xml --diff --show-info=false --stats --threads=4
+	vendor/bin/psalm --config=psalm.xml --show-info=false --stats --threads=4
 
 .PHONY: static-code-analysis-baseline
 static-code-analysis-baseline: vendor ## Generates a baseline for static code analysis with vimeo/psalm

@@ -138,6 +138,6 @@ This package is licensed using the MIT License.
 
 Please have a look at [`LICENSE.md`](LICENSE.md).
 
-## Curious what I am building?
+## Curious what I am up to?
 
-:mailbox_with_mail: [Subscribe to my list](https://localheinz.com/projects/), and I will occasionally send you an email to let you know what I am working on.
+Follow me on [Twitter](https://twitter.com/localheinz)!
@@ -26,8 +26,10 @@
     "ergebnis/composer-normalize": "^2.29.0",
     "ergebnis/license": "^2.1.0",
     "ergebnis/php-cs-fixer-config": "^5.0.1",
+    "infection/infection": "~0.26.6",
     "phpunit/phpunit": "^9.5.27",
     "psalm/plugin-phpunit": "~0.18.4",
+    "rector/rector": "~0.15.2",
     "vimeo/psalm": "^5.4.0"
   },
   "autoload": {
@@ -42,7 +44,8 @@
   },
   "config": {
     "allow-plugins": {
-      "ergebnis/composer-normalize": true
+      "ergebnis/composer-normalize": true,
+      "infection/extension-installer": true
     },
     "platform": {
       "php": "8.0.25"
Original file line number	Diff line number	Diff line change
		@@ -1 +1,3 @@
		# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-file-size

		* @ergebnis-bot @localheinz