ergebnis · localheinz · Nov 18, 2024 · Nov 18, 2024
@@ -14,6 +14,9 @@ indent_size = 2
 [*.md]
 indent_size = 2
 
+[*.neon]
+indent_style = tab
+
 [*.{yaml,yml}]
 indent_size = 2
 

@@ -10,6 +10,6 @@
 /composer.lock                  export-ignore
 /infection.json                 export-ignore
 /Makefile                       export-ignore
-/psalm-baseline.xml             export-ignore
-/psalm.xml                      export-ignore
+/phpstan-baseline.neon          export-ignore
+/phpstan.neon                   export-ignore
 /rector.php                     export-ignore
@@ -1,4 +1,4 @@
-# CONTRIBUTING
+# Contributing
 
 We use [GitHub Actions](https://github.com/features/actions) as a continuous integration system.
 
@@ -84,7 +84,7 @@ to run a security analysis.
 
 ## Static Code Analysis
 
-We use [`vimeo/psalm`](https://github.com/vimeo/psalm) to statically analyze the code.
+We use [`phpstan/phpstan`](https://github.com/phpstan/phpstan) to statically analyze the code.
 
 Run
 
@@ -94,15 +94,15 @@ make static-code-analysis
 
 to run a static code analysis.
 
-We also use the baseline feature of [`vimeo/psalm`](https://psalm.dev/docs/running_psalm/dealing_with_code_issues/#using-a-baseline-file).
+We also use the baseline feature of [`phpstan/phpstan`](https://phpstan.org/user-guide/baseline).
 
 Run
 
 ```sh
 make static-code-analysis-baseline
 ```
 
-to regenerate the baseline in [`../psalm-baseline.xml`](../psalm-baseline.xml).
+to regenerate the baseline in [`../phpstan-baseline.neon`](../phpstan-baseline.neon).
 
 :exclamation: Ideally, the baseline should shrink over time.
 

@@ -14,7 +14,7 @@ updates:
     open-pull-requests-limit: 10
     package-ecosystem: "composer"
     schedule:
-      interval: "daily"
+      interval: "weekly"
     versioning-strategy: "increase"
 
   - commit-message:
@@ -26,4 +26,4 @@ updates:
     open-pull-requests-limit: 10
     package-ecosystem: "github-actions"
     schedule:
-      interval: "daily"
+      interval: "weekly"
@@ -44,6 +44,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -102,14 +105,16 @@ jobs:
           coverage: "none"
           extensions: "none, ctype, curl, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter"
           php-version: "${{ matrix.php-version }}"
-          tools: "phive"
 
       - name: "Set up problem matchers for PHP"
         run: "echo \"::add-matcher::${{ runner.tool_cache }}/php.json\""
 
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -125,13 +130,8 @@ jobs:
         with:
           dependencies: "${{ matrix.dependencies }}"
 
-      - name: "Install dependencies with phive"
-        uses: "ergebnis/.github/actions/phive/install@1.9.2"
-        with:
-          trust-gpg-keys: "0xC00543248C87FB13,0x033E5F8D801A2F8D"
-
       - name: "Run ergebnis/composer-normalize"
-        run: ".phive/composer-normalize --ansi --dry-run"
+        run: "composer normalize --ansi --dry-run"
 
       - name: "Cache cache directory for friendsofphp/php-cs-fixer"
         uses: "actions/cache@v4.1.2"
@@ -178,6 +178,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -196,7 +199,7 @@ jobs:
       - name: "Install dependencies with phive"
         uses: "ergebnis/.github/actions/phive/install@1.9.2"
         with:
-          trust-gpg-keys: "0xC00543248C87FB13,0x033E5F8D801A2F8D"
+          trust-gpg-keys: "0x033E5F8D801A2F8D"
 
       - name: "Run maglnet/composer-require-checker"
         run: ".phive/composer-require-checker check --ansi --config-file=$(pwd)/composer-require-checker.json --verbose"
@@ -233,6 +236,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -285,6 +291,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -344,6 +353,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -394,6 +406,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 
@@ -409,8 +424,8 @@ jobs:
         with:
           dependencies: "${{ matrix.dependencies }}"
 
-      - name: "Run vimeo/psalm"
-        run: "vendor/bin/psalm --config=psalm.xml --output-format=github --shepherd --show-info=false --stats --threads=4"
+      - name: "Run phpstan/phpstan"
+        run: "vendor/bin/phpstan --ansi --configuration=phpstan.neon --memory-limit=-1"
 
   tests:
     name: "Tests"
@@ -454,6 +469,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 

@@ -41,6 +41,9 @@ jobs:
       - name: "Validate composer.json and composer.lock"
         run: "composer validate --ansi --strict"
 
+      - name: "Determine composer root version"
+        uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.2"
+
       - name: "Determine composer cache directory"
         uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.2"
 

@@ -1,5 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
-  <phar name="composer-normalize" version="^2.42.0" installed="2.42.0" location="./.phive/composer-normalize" copy="false"/>
-  <phar name="composer-require-checker" version="^3.8.0" installed="3.8.0" location="./.phive/composer-require-checker" copy="false"/>
+    <phar name="composer-require-checker" version="^3.8.0" installed="3.8.0" location="./.phive/composer-require-checker" copy="false"/>
 </phive>
@@ -2,13 +2,13 @@
 it: refactoring coding-standards security-analysis static-code-analysis tests ## Runs the refactoring, coding-standards, security-analysis, static-code-analysis, and tests targets
 
 .PHONY: code-coverage
-code-coverage: vendor ## Collects coverage from running unit tests with phpunit/phpunit
+code-coverage: vendor ## Collects code coverage from running unit tests with phpunit/phpunit
 	vendor/bin/phpunit --configuration=test/Unit/phpunit.xml --coverage-text
 
 .PHONY: coding-standards
-coding-standards: phive vendor ## Lints YAML files with yamllint, normalizes composer.json with ergebnis/composer-normalize, and fixes code style issues with friendsofphp/php-cs-fixer
+coding-standards: vendor ## Lints YAML files with yamllint, normalizes composer.json with ergebnis/composer-normalize, and fixes code style issues with friendsofphp/php-cs-fixer
 	yamllint -c .yamllint.yaml --strict .
-	.phive/composer-normalize
+	composer normalize
 	vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php --diff --show-progress=dots --verbose
 
 .PHONY: dependency-analysis
@@ -25,7 +25,7 @@ mutation-tests: vendor ## Runs mutation tests with infection/infection
 
 .PHONY: phive
 phive: .phive ## Installs dependencies with phive
-	PHIVE_HOME=.build/phive phive install --trust-gpg-keys 0xC00543248C87FB13,0x033E5F8D801A2F8D
+	PHIVE_HOME=.build/phive phive install --trust-gpg-keys 0x033E5F8D801A2F8D
 
 .PHONY: refactoring
 refactoring: vendor ## Runs automated refactoring with rector/rector
@@ -36,14 +36,14 @@ security-analysis: vendor ## Runs a security analysis with composer
 	composer audit
 
 .PHONY: static-code-analysis
-static-code-analysis: vendor ## Runs a static code analysis with vimeo/psalm
-	vendor/bin/psalm --config=psalm.xml --clear-cache
-	vendor/bin/psalm --config=psalm.xml --show-info=false --stats --threads=4
+static-code-analysis: vendor ## Runs a static code analysis with phpstan/phpstan
+	vendor/bin/phpstan clear-result-cache --configuration=phpstan.neon
+	vendor/bin/phpstan --configuration=phpstan.neon --memory-limit=-1
 
 .PHONY: static-code-analysis-baseline
-static-code-analysis-baseline: vendor ## Generates a baseline for static code analysis with vimeo/psalm
-	vendor/bin/psalm --config=psalm.xml --clear-cache
-	vendor/bin/psalm --config=psalm.xml --set-baseline=psalm-baseline.xml
+static-code-analysis-baseline: vendor ## Generates a baseline for static code analysis with phpstan/phpstan
+	vendor/bin/phpstan clear-result-cache --configuration=phpstan.neon
+	vendor/bin/phpstan --allow-empty-baseline --configuration=phpstan.neon --generate-baseline=phpstan-baseline.neon --memory-limit=-1
 
 .PHONY: tests
 tests: vendor ## Runs unit tests with phpunit/phpunit

@@ -6,7 +6,6 @@
 [![Renew](https://github.com/ergebnis/json-schema-validator/workflows/Renew/badge.svg)](https://github.com/ergebnis/json-schema-validator/actions)
 
 [![Code Coverage](https://codecov.io/gh/ergebnis/json-schema-validator/branch/main/graph/badge.svg)](https://codecov.io/gh/ergebnis/json-schema-validator)
-[![Type Coverage](https://shepherd.dev/github/ergebnis/json-schema-validator/coverage.svg)](https://shepherd.dev/github/ergebnis/json-schema-validator)
 
 [![Latest Stable Version](https://poser.pugx.org/ergebnis/json-schema-validator/v/stable)](https://packagist.org/packages/ergebnis/json-schema-validator)
 [![Total Downloads](https://poser.pugx.org/ergebnis/json-schema-validator/downloads)](https://packagist.org/packages/ergebnis/json-schema-validator)

@@ -29,16 +29,20 @@
     "justinrainbow/json-schema": "^5.2.12"
   },
   "require-dev": {
+    "ergebnis/composer-normalize": "^2.44.0",
     "ergebnis/data-provider": "^3.3.0",
     "ergebnis/license": "^2.5.0",
     "ergebnis/php-cs-fixer-config": "^6.37.0",
     "ergebnis/phpunit-slow-test-detector": "^2.16.1",
     "fakerphp/faker": "^1.24.0",
     "infection/infection": "~0.26.6",
+    "phpstan/extension-installer": "^1.4.3",
+    "phpstan/phpstan": "^1.12.10",
+    "phpstan/phpstan-deprecation-rules": "^1.2.1",
+    "phpstan/phpstan-phpunit": "^1.4.0",
+    "phpstan/phpstan-strict-rules": "^1.6.1",
     "phpunit/phpunit": "^9.6.20",
-    "psalm/plugin-phpunit": "~0.19.0",
-    "rector/rector": "^1.2.10",
-    "vimeo/psalm": "^5.26.1"
+    "rector/rector": "^1.2.10"
   },
   "autoload": {
     "psr-4": {
@@ -52,7 +56,9 @@
   },
   "config": {
     "allow-plugins": {
-      "infection/extension-installer": true
+      "ergebnis/composer-normalize": true,
+      "infection/extension-installer": true,
+      "phpstan/extension-installer": true
     },
     "audit": {
       "abandoned": "report"
@@ -64,6 +70,9 @@
     "sort-packages": true
   },
   "extra": {
+    "branch-alias": {
+      "dev-main": "4.3-dev"
+    },
     "composer-normalize": {
       "indent-size": 2,
       "indent-style": "space"