Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mutation testing, PHP 7.1 testing #40

Merged
merged 11 commits into from
Apr 20, 2017
Merged

Mutation testing, PHP 7.1 testing #40

merged 11 commits into from
Apr 20, 2017

Conversation

Ocramius
Copy link
Owner

This PR enforces mutation testing on the package.

@Ocramius Ocramius added this to the 1.1.3 milestone Dec 30, 2016
kalessil
kalessil reviewed Dec 30, 2016
View reviewed changes
test/PackageVersionsTest/InstallerTest.php
@@ -89,6 +89,7 @@ public function testDumpVersionsClass()

$expectedPath = $vendorDir . '/ocramius/package-versions/src/PackageVersions';

/** @noinspection MkdirRaceConditionInspection */
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ocramius : I'd just ignore test-classes in the inspection, bunch of inspection are doing ths already.

kalessil
kalessil reviewed Dec 30, 2016
View reviewed changes
src/PackageVersions/Installer.php
. '/src/PackageVersions/Versions.php';

file_put_contents($installPath, $versionClassSource);
chmod($installPath, 0664);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ocramius : perhaps we should have an inspection for this?

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A default umask() will usually be 0022 or such, so it is generally OK to use file_put_contents(), but this file is a generated PHP file, and therefore vulnerable to code injection if the umask() is incorrect.

Interestingly, specifying the mask on file_put_contents() doesn't behave as expected :S

Copy link

@kalessil kalessil Dec 30, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

chmod($installPath, 0664 & ~umask())?

PS: not tested but takes into account FS attributes

@Ocramius Ocramius merged commit e9cea37 into master Apr 20, 2017
@Ocramius
Copy link
Owner Author

Merging as per @malukenho's approval

@Ocramius Ocramius deleted the feature/mutation-testing branch April 20, 2017 13:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kalessil kalessil kalessil left review comments

@malukenho malukenho malukenho approved these changes

Assignees

@malukenho malukenho

Labels
enhancement
Projects
None yet
Milestone
1.1.3
Development

Successfully merging this pull request may close these issues.
3 participants
@Ocramius @kalessil @malukenho