Enhancement: Synchronize with ergebnis/php-library-template

.dependabot/config.yaml

@@ -3,10 +3,7 @@
 version: 1
 
 update_configs:
-  - automerged_updates:
-      - match:
-          dependency_type: "development"
-    commit_message:
+  - commit_message:
       include_scope: true
       prefix: "Build"
     default_labels:

.gitattributes

@@ -1,12 +1,14 @@
 /.dependabot/           export-ignore
 /.github/               export-ignore
 /test/                  export-ignore
+/tools/                 export-ignore
 /.editorconfig          export-ignore
 /.gitattributes         export-ignore
 /.gitignore             export-ignore
 /.php_cs                export-ignore
 /infection.json         export-ignore
 /Makefile               export-ignore
+/phive.xml              export-ignore
 /phpstan-baseline.neon  export-ignore
 /phpstan.neon           export-ignore
 /psalm-baseline.xml     export-ignore

.github/CONTRIBUTING.md

@@ -11,7 +11,17 @@ For details, take a look at the following workflow configuration files:
 
 ## Coding Standards
 
-We are using [`friendsofphp/php-cs-fixer`](https://github.com/FriendsOfPHP/PHP-CS-Fixer) to enforce coding standards.
+We are using [`yamllint`](https://github.com/adrienverge/yamllint) to enforce coding standards in YAML files.
+
+If you do not have `yamllint` installed yet, run
+
+```
+$ brew install yamllint
+```
+
+to install `yamllint`.
+
+We are using [`friendsofphp/php-cs-fixer`](https://github.com/FriendsOfPHP/PHP-CS-Fixer) to enforce coding standards in PHP files.
 
 Run
 
@@ -89,7 +99,7 @@ Run
 $ make
 ```
 
-to enforce coding standards, run a dependency analysis, run a static code analysis, and run tests!
+to enforce coding standards, run a static code analysis, and run tests!
 
 ## Help
 

.github/settings.yml

@@ -28,8 +28,6 @@ branches:
           - "Tests (7.4, highest)"
           - "Code Coverage (7.4, locked)"
           - "Mutation Tests (7.4, locked)"
-          - "codecov/patch"
-          - "codecov/project"
         strict: false
       restrictions:
 
@@ -38,8 +36,7 @@ branches:
         # Note: User, app, and team restrictions are only available for organization-owned repositories.
         # Set to null to disable when using this configuration for a repository on a personal account.
 
-        apps:
-          - "dependabot-preview"
+        apps: []
         teams: []
         users:
           - "ergebnis-bot"
@@ -60,6 +57,10 @@ labels:
     color: "0e8a16"
     description: ""
 
+  - name: "merge"
+    color: "6f42c1"
+    description: ""
+
   - name: "question"
     color: "cc317c"
     description: ""

.github/workflows/integrate.yaml

@@ -56,7 +56,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -81,7 +81,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: ".build/php-cs-fixer"
-          key: "php-${{ matrix.php-version }}-php-cs-fixer-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-php-cs-fixer-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-php-cs-fixer-"
 
       - name: "Run friendsofphp/php-cs-fixer"
@@ -119,7 +119,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -135,7 +135,7 @@ jobs:
         run: "composer update --no-interaction --no-progress --no-suggest"
 
       - name: "Run maglnet/composer-require-checker"
-        uses: "docker://webfactory/composer-require-checker:2.1.0"
+        run: "tools/composer-require-checker check"
 
   static-code-analysis:
     name: "Static Code Analysis"
@@ -169,7 +169,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "${{ matrix.php-version }}-composer-locked-${{ hashFiles('**/composer.lock') }}"
+          key: "${{ matrix.php-version }}-composer-locked-${{ hashFiles('composer.lock') }}"
           restore-keys: "${{ matrix.php-version }}-composer-locked-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -191,7 +191,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: ".build/phpstan"
-          key: "php-${{ matrix.php-version }}-phpstan-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-phpstan-${{ github.sha }}"
           restore-keys: "php-${{ matrix.php-version }}-phpstan-"
 
       - name: "Run phpstan/phpstan"
@@ -200,8 +200,15 @@ jobs:
       - name: "Create cache directory for vimeo/psalm"
         run: "mkdir -p .build/psalm"
 
+      - name: "Cache cache directory for vimeo/psalm"
+        uses: "actions/cache@v1"
+        with:
+          path: ".build/psalm"
+          key: "php-${{ matrix.php-version }}-psalm-${{ github.sha }}"
+          restore-keys: "php-${{ matrix.php-version }}-psalm-"
+
       - name: "Run vimeo/psalm"
-        run: "vendor/bin/psalm --config=psalm.xml --shepherd --show-info=false --stats"
+        run: "vendor/bin/psalm --config=psalm.xml --diff --diff-methods --shepherd --show-info=false --stats --threads=4"
 
   tests:
     name: "Tests"
@@ -239,7 +246,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -295,7 +302,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -350,7 +357,7 @@ jobs:
         uses: "actions/cache@v1"
         with:
           path: "${{ steps.determine-composer-cache-directory.outputs.directory }}"
-          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('**/composer.lock') }}"
+          key: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}"
           restore-keys: "php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-"
 
       - name: "Install lowest dependencies from composer.json"
@@ -368,8 +375,8 @@ jobs:
       - name: "Run mutation tests with pcov and infection/infection"
         run: "vendor/bin/infection --ignore-msi-with-no-mutations --min-covered-msi=${{ env.MIN_COVERED_MSI }} --min-msi=${{ env.MIN_MSI }}"
 
-  review:
-    name: "Review"
+  merge:
+    name: "Merge"
 
     runs-on: "ubuntu-latest"
 
@@ -381,15 +388,93 @@ jobs:
       - "static-code-analysis"
       - "tests"
 
+    if: >
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.draft == false && (
+        github.event.action == 'opened' ||
+        github.event.action == 'reopened' ||
+        github.event.action == 'synchronize'
+      ) && (
+        (github.actor == 'dependabot-preview[bot]' && startsWith(github.event.pull_request.title, 'Build(deps-dev)')) ||
+        (github.actor == 'ergebnis-bot' && github.event.pull_request.title == 'Enhancement: Update license year') ||
+        (github.actor == 'localheinz' && contains(github.event.pull_request.labels.*.name, 'merge'))
+      )
+
     steps:
-      - name: "Approve pull requests created by dependabot that update development dependencies"
-        uses: "hmarr/auto-approve-action@v2.0.0"
-        if: "(github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]') && github.event_name == 'pull_request' && startsWith(github.event.pull_request.title, 'Build(deps-dev)')"
+      - name: "Request review from @ergebnis-bot"
+        uses: "actions/github-script@0.8.0"
         with:
           github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
-
-      - name: "Approve pull requests created by @ergebnis-bot that update the license year"
-        uses: "hmarr/auto-approve-action@v2.0.0"
-        if: "github.actor == 'ergebnis-bot' && github.event_name == 'pull_request' && github.event.pull_request.title == 'Enhancement: Update license year'"
+          script: |
+            const pullRequest = context.payload.pull_request
+            const repository = context.repo
+
+            const reviewers = [
+              "ergebnis-bot",
+            ]
+
+            await github.pulls.createReviewRequest({
+              owner: repository.owner,
+              pull_number: pullRequest.number,
+              repo: repository.repo,
+              reviewers: reviewers,
+            })
+
+      - name: "Wait"
+        run: "sleep 3"
+
+      - name: "Assign @ergebnis-bot"
+        uses: "actions/github-script@0.8.0"
+        with:
+          github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
+          script: |
+            const pullRequest = context.payload.pull_request
+            const repository = context.repo
+
+            const reviewers = [
+              "ergebnis-bot",
+            ]
+
+            await github.issues.addAssignees({
+              assignees: reviewers,
+              issue_number: pullRequest.number,
+              owner: repository.owner,
+              repo: repository.repo,
+            })
+
+      - name: "Wait"
+        run: "sleep 3"
+
+      - name: "Approve pull request"
+        uses: "actions/github-script@0.8.0"
+        if: "github.actor != 'ergebnis-bot'"
+        with:
+          github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
+          script: |
+            const pullRequest = context.payload.pull_request
+            const repository = context.repo
+
+            await github.pulls.createReview({
+              event: "APPROVE",
+              owner: repository.owner,
+              pull_number: pullRequest.number,
+              repo: repository.repo,
+            })
+
+      - name: "Wait"
+        run: "sleep 3"
+
+      - name: "Merge pull request"
+        uses: "actions/github-script@0.8.0"
         with:
           github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}"
+          script: |
+            const pullRequest = context.payload.pull_request
+            const repository = context.repo
+
+            await github.pulls.merge({
+              merge_method: "merge",
+              owner: repository.owner,
+              pull_number: pullRequest.number,
+              repo: repository.repo,
+            })

.github/workflows/renew.yaml

@@ -74,7 +74,7 @@ jobs:
         run: "vendor/bin/php-cs-fixer fix --config=.php_cs --diff --diff-format=udiff --dry-run --verbose"
 
       - name: "Open pull request updating license year"
-        uses: "gr2m/create-or-update-pull-request-action@v1.2.9"
+        uses: "gr2m/create-or-update-pull-request-action@v1.2.10"
         with:
           author: "ergebnis-bot <bot@ergebn.is>"
           branch: "feature/license-year"

.gitignore

@@ -1,2 +1,3 @@
 /.build/
+/.notes/
 /vendor/

.php_cs

@@ -35,6 +35,7 @@ $config->getFinder()
         '.build/',
         '.dependabot/',
         '.github/',
+        '.notes/',
     ])
     ->name('.php_cs');
 

.yamllint.yaml

@@ -2,6 +2,7 @@ extends: "default"
 
 ignore: |
   .build/
+  .notes/
   vendor/
 
 rules:
@@ -32,7 +33,7 @@ rules:
   document-start:
     present: false
   indentation:
-    check-multi-line-strings: true
+    check-multi-line-strings: false
     indent-sequences: true
     spaces: 2
   empty-lines:

Makefile

@@ -2,7 +2,7 @@ MIN_COVERED_MSI:=94
 MIN_MSI:=87
 
 .PHONY: it
-it: coding-standards dependency-analysis static-code-analysis tests ## Runs the coding-standards, dependency-analysis, static-code-analysis, and tests targets
+it: coding-standards static-code-analysis tests ## Runs the coding-standards, static-code-analysis, and tests targets
 
 .PHONY: code-coverage
 code-coverage: vendor ## Collects coverage from running unit tests with phpunit/phpunit
@@ -17,7 +17,7 @@ coding-standards: vendor ## Fixes code style issues with friendsofphp/php-cs-fix
 
 .PHONY: dependency-analysis
 dependency-analysis: vendor ## Runs a dependency analysis with maglnet/composer-require-checker
-	docker run --interactive --rm --tty --volume ${PWD}:/app webfactory/composer-require-checker:2.1.0
+	tools/composer-require-checker check
 
 .PHONY: help
 help: ## Displays this list of targets with descriptions
@@ -33,13 +33,12 @@ static-code-analysis: vendor ## Runs a static code analysis with phpstan/phpstan
 	mkdir -p .build/phpstan
 	vendor/bin/phpstan analyse --configuration=phpstan.neon
 	mkdir -p .build/psalm
-	vendor/bin/psalm --config=psalm.xml --show-info=false --stats
+	vendor/bin/psalm --config=psalm.xml --diff --diff-methods --show-info=false --stats --threads=4
 
 .PHONY: static-code-analysis-baseline
 static-code-analysis-baseline: vendor ## Generates a baseline for static code analysis with phpstan/phpstan and vimeo/psalm
 	mkdir -p .build/phpstan
-	echo '' > phpstan-baseline.neon
-	vendor/bin/phpstan analyze --configuration=phpstan.neon --error-format=baselineNeon > phpstan-baseline.neon || true
+	vendor/bin/phpstan analyze --configuration=phpstan.neon --generate-baseline=phpstan-baseline.neon
 	mkdir -p .build/psalm
 	vendor/bin/psalm --config=psalm.xml --set-baseline=psalm-baseline.xml
 

phive.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phive xmlns="https://phar.io/phive">
+  <phar name="composer-require-checker" version="^2.1.0" installed="2.1.0" location="./tools/composer-require-checker" copy="true"/>
+</phive>

phpstan.neon

@@ -13,4 +13,4 @@ parameters:
 	paths:
 		- src/
 		- test/
-	tmpDir: %currentWorkingDirectory%/.build/phpstan/
+	tmpDir: .build/phpstan/

psalm-baseline.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="3.9.3@2e4154d76e24d1b4e59e6cc2bebef7790cb9e550">
+<files psalm-version="3.10.1@eeed5ecccc10131397f0eb7ee6da810c0be3a7fc">
   <file src="src/FakeVariables.php">
     <DocblockTypeContradiction occurrences="1">
       <code>\is_string($name)</code>