composer: bump phpstan/phpstan-phpunit from 2.0.11 to 2.0.12 #95
+630,089
−21,164
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add /var/lib/multiflexi directory for secure key storage - Generate encryption master key during deb package installation - Set proper permissions (600) and ownership (www-data) on key file - Update DataEncryption to check /var/lib/multiflexi first for production - Add error handling for file operations and base64 decoding - Fallback to project directory for development environments Fixes permission denied errors when writing to /usr/lib/
Applied the same 30s rotation animation from project-logo.svg to the MultiFlexi logo in the social preview Updated rotation center to (754, 456) so the logo spins in place around its own center
Changed multiflexi-probe from Depends to Pre-Depends on multiflexi package This ensures multiflexi is fully configured (including autoload.php creation) before multiflexi-probe postinst script runs
Ensures composer dependencies are installed during package configuration
Creates machine-readable copyright file in DEP-5 format Fixes lintian no-copyright-file errors for all packages
- Add debian/config script for debconf prompting - Add debian/templates with consent banner question - Update postinst to handle debconf value and write to /etc/multiflexi/multiflexi.env - Fix null array handling in runtemplate.php
Moved to standalone repository: ~/Projects/Multi/multiflexi-probe - Removed probe package from debian/control - Removed probe build targets from Makefile - Probe is now maintained separately
The multiflexi-zabbix package does not install a composer.json file and the Zabbix code has been moved to the core package. The composer-debian call was causing installation failures on Ubuntu Jammy with 'composer.json does not contain valid JSON' error.
Removed composer-debian calls from packages that don't install a composer.json file (multiflexi, multiflexi-zabbix, multiflexi-abraflexi, multiflexi-raiffeisenbank). These packages only install standalone library scripts and depend on system packages for dependencies. Only multiflexi-web and multiflexi-api need composer-debian: - multiflexi-web installs the composer.json - multiflexi-api modifies it and depends on multiflexi-web This fixes Ubuntu Jammy installation failures with: 'composer.json does not contain valid JSON' errors.
- Add array type and empty checks before calling saveModeConfigs() - Fix debian/multiflexi-web.install Api directory pattern Prevents 'Argument #2 must be of type array, string given' error
The Api directory was being installed by both multiflexi-web and multiflexi-api packages, causing dpkg conflicts during upgrades. Fixes: trying to overwrite '/usr/lib/multiflexi/MultiFlexi/Api/Auth/ApiKeyAuthenticator.php'
Cast lastInsertId() return value to int to match return type declaration Fixes: PHP Fatal error: Return value must be of type ?int, string returned
Correct method call to match signature: string, string, ?string, ?int Fixes: TypeError - Argument #3 must be of type ?string, int given
- Document automatic key generation in multiflexi-common.postinst - Explain environment variable usage for production - Provide key regeneration and rotation guidance - Include security best practices and warnings - Reference encryption settings and README security section
- Add automatic encryption master key generation in postinst script - Create /var/lib/multiflexi/.encryption_master_key with proper permissions - Add missing clearRateLimit() method to RateLimiter class - Fix fatal error in login.php when calling clearRateLimit() Resolves permission denied errors on encryption key file and undefined method errors.
- Add regenerateId() public wrapper method - Fix fatal error in login.php calling undefined method - Method was private, now exposed as public API
- Updated EngineForm to extend SecureForm instead of Form - Updated all form classes to extend SecureForm for automatic CSRF protection - Fixes 403 Forbidden error on runtemplate.php and other form submissions Modified files: - EngineForm.php: Changed parent class to SecureForm - UserDataCorrectionForm.php: Now extends SecureForm - JobScheduleForm.php: Now extends SecureForm - ConfFieldsForm.php: Now extends SecureForm - CredentialForm.php: Now extends SecureForm - ServicesForCompanyForm.php: Now extends SecureForm - ColumnsForm.php: Now extends SecureForm - UserForm.php: Now extends SecureForm
Fixed TypeError in SecureForm::__construct() where null was passed as second argument to parent Ease\TWB4\Form::__construct() which requires an array for $formDivProperties parameter. Swapped parameter order to match parent signature: Form::__construct(array $formProperties, array $formDivProperties, $formContents)
Fixed TypeError where EngineForm was passing arguments in wrong order to parent SecureForm::__construct(). Parent expects (properties, formContents, tagProperties) but was receiving (properties, [], formContents). This caused: PHP Fatal error: Argument #2 must be of type array, null given
Changed search form from \Ease\TWB4\Form to SecureForm to automatically include CSRF token protection Resolves: 403 Forbidden - CSRF token validation failed error
Updates the requirements on [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) to permit the latest version. - [Release notes](https://github.com/phpstan/phpstan-phpunit/releases) - [Commits](phpstan/phpstan-phpunit@2.0.0...2.0.7) --- updated-dependencies: - dependency-name: phpstan/phpstan-phpunit dependency-version: 2.0.7 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Changed form from \Ease\TWB4\Form to SecureForm
Updated Form usage in: - consent-preferences.php - passwordrecovery.php - intervals.php - companyapps.php - adhoc.php - periodical.php - admin-data-corrections.php - MultiFlexi/Ui/EnvironmentEditor.php - MultiFlexi/Ui/FilterDialog.php Updated Form-extending classes to extend SecureForm: - AppLaunchForm - CredentialCloneForm - RuntemplateCloneForm - RuntemplateLaunchForm - RuntemplatePopulateForm - EnvsForm - UserDeletionRequestForm - CredentialTypeForm All forms now automatically include CSRF tokens
… in postinst scripts
…/phpstan-phpunit-2.0.7 composer: update phpstan/phpstan-phpunit requirement from 2.0.x-dev to 2.0.7
- Remove class-level property declarations for createColumn and lastModifiedColumn - Initialize timestamp columns in constructors to ensure properties exist before serialization - Add constructor to UserDataCorrectionRequest for proper initialization - Fix RST documentation formatting in gdpr-compliance.rst (add blank line after note directive) This resolves the __sleep() warning that occurred during PHP request shutdown when objects were serialized for sessions or caching.
…omponents and pages.
…d centralized global CSS.
… queued job indicators, and interactive popovers, adding a `secondsToHuman` utility.
…nels, and buttons
…or admin/super_admin roles and improve IP whitelist handling.
Enhances the logo display logic to use a default image when no company logo is provided. This change ensures a consistent user experience by preventing broken images and ensuring that a placeholder is always shown. Improves visual integrity across the application.
Upgrades various package versions in the composer.lock file, including OpenTelemetry SDK and Symfony Process. Refactors the EnvironmentEditor and related classes to accept the entire Company object instead of just the company key, enhancing code clarity and maintainability. Improves the condition for checking the logo presence in the company view. This change aligns the code with updated library requirements and improves the overall structure for future development.
Adds a check to ensure the uploaded .env file has a valid name before processing. Introduces an error message notification if no .env file is provided, improving user feedback during file upload. This change helps prevent potential errors during runtime due to missing or improperly named files.
Introduces automated browser tests covering user authentication and sign-off functionality. Enhances regression coverage by verifying both login and logout processes, including GDPR banner handling.
…ues and descriptions
Fixed issue where users were asked for consent repeatedly due to data structure mismatch between cookie storage and in-memory format.
Changes:
- Updated getConsentFromCookie() to properly extract consent data from wrapped cookie format
- Added automatic refresh check when reading from cookie
- Normalized cookie data structure to match API format
- Updated documentation with troubleshooting section
The cookie stores data as {consent: {...}, granted_at: '...', version: '1.0'}
but the application expects just the inner consent object. Now properly
extracts the consent choices while checking expiration and version.
Co-Authored-By: Warp <agent@warp.dev>
Add detailed analysis and restructuring proposal for MultiFlexi documentation based on Read the Docs best practices and benchmark analysis of Scrapy, Weblate, and Wagtail documentation. Key additions: - DOCUMENTATION_RESTRUCTURING.md: Complete restructuring plan with benchmark analysis, problem identification, proposed architecture, implementation phases, and writing guidelines - quickstart.rst: New 15-minute quickstart guide demonstrating proposed documentation structure - concepts/data-model.rst: Comprehensive data model explanation covering Application, Company, RunTemplate, and Job entities The proposal addresses critical issues: - Missing clear entry point for first-time users - Concept-task confusion throughout existing docs - Incomplete documentation stubs - Reference material mixed with learning content - Fragmented core concepts Proposed structure follows Diátaxis framework: - Getting Started (learning-oriented) - Core Concepts (understanding-oriented) - How-To Guides (task-oriented) - Integration Guides (domain-specific tasks) - Reference (information-oriented) - System Administration (ops-focused) - Development & Contributing (developer-oriented) Co-Authored-By: Warp <agent@warp.dev>
Implement comprehensive restructuring of MultiFlexi documentation following Read the Docs best practices and Diátaxis framework. Major Changes: - Restructured index.rst with clear documentation categories (Getting Started, Core Concepts, How-To Guides, Integration Guides, Reference, System Administration, Development) - Created new directory structure: concepts/, howto/, integrations/, reference/, administration/, development/ - Added comprehensive content pages: * concepts/system-overview.rst - High-level architecture and use cases * concepts/job-lifecycle.rst - Detailed job execution phases with diagrams * concepts/data-model.rst - Core entities and relationships * tutorial-first-job.rst - End-to-end tutorial placeholder - Created 30+ stub pages for upcoming content across all categories - Improved navigation with explicit audience targeting and prerequisites Documentation Organization: - Getting Started: Quickstart, Installation, Tutorial (learning-oriented) - Core Concepts: System overview, data model, job lifecycle (understanding-oriented) - How-To Guides: Task-specific instructions (task-oriented) - Integration Guides: External system connections (domain-specific) - Reference: API, CLI, config specs (information-oriented) - Administration: Deployment, maintenance (ops-focused) - Development: Contributing, application development (developer-oriented) Benefits: - Clear entry point for new users (Quickstart → Tutorial → Concepts) - Separation of learning vs doing vs reference content - Reduced cognitive load through audience-specific organization - Consistent page structure with target audience and difficulty - Improved discoverability through logical categorization This restructuring provides foundation for scaling documentation following patterns from Scrapy, Weblate, and Wagtail projects. Co-Authored-By: Warp <agent@warp.dev>
Migrate existing documentation content to new restructured locations and enhance Sphinx configuration. Content Migration: - Migrated api.rst → reference/api.rst - Migrated zabbix.rst → integrations/zabbix.rst - Migrated opentelemetry.rst → integrations/opentelemetry.rst - Migrated docker.rst → administration/docker.rst - Migrated ansible.rst → integrations/ansible.rst - Migrated architecture.rst → development/architecture.rst - Migrated commandline.rst, multiflexi-cli.rst → reference/cli.rst - Migrated executors.rst → reference/executors.rst - Migrated actions.rst → reference/actions.rst - Migrated configuration.rst → reference/configuration.rst - Migrated apps.rst → reference/application-schema.rst Sphinx Configuration Enhancements: - Added sphinx.ext.todo, sphinx.ext.ifconfig, sphinx.ext.viewcode extensions - Added PHP to intersphinx mapping for cross-referencing - Configured TODO extension to show warnings - Fixed pygments style issues (removed problematic dark styles) - Switched to alabaster theme for better compatibility and build reliability - Added GitHub integration (user, repo, button) - Enhanced HTML context with GitHub repository information Index Updates: - Added Legacy Pages section for backward compatibility - Included old pages (application, company, job, runtemplate, etc.) to prevent orphaned document warnings - Maintains navigation to existing content during migration Build Status: - Documentation builds successfully with alabaster theme - 226 warnings (mostly formatting issues in legacy content) - All new structured pages render correctly - HTML output generated in build/html/ This completes the documentation restructuring implementation. Legacy content is now accessible while being gradually migrated to new structure. Co-Authored-By: Warp <agent@warp.dev>
Configure documentation to use the shibuya theme (python3-shibuya-sphinx-theme) with proper compatibility fixes. Changes: - Switched html_theme from alabaster to shibuya - Added monkey patch to fix incompatibility between shibuya's hardcoded pygments styles (github-light-default, github-dark-default) and available pygments version - Override ShibuyaPygmentsBridge class attributes to use available styles: * light_style_name: default * dark_style_name: github-dark - Configured shibuya theme options with GitHub URL and navigation links - Enabled dark_code option for better code syntax highlighting Build Status: - Documentation builds successfully ✅ - 226 warnings (existing legacy content formatting) - Shibuya theme renders correctly with proper light/dark mode support This resolves the pygments.util.ClassNotFound error for 'github-dark-default' style and enables the modern shibuya theme for MultiFlexi documentation. Co-Authored-By: Warp <agent@warp.dev>
Bumps [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) from 2.0.11 to 2.0.12. - [Release notes](https://github.com/phpstan/phpstan-phpunit/releases) - [Commits](phpstan/phpstan-phpunit@2.0.11...2.0.12) --- updated-dependencies: - dependency-name: phpstan/phpstan-phpunit dependency-version: 2.0.12 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Comment |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps phpstan/phpstan-phpunit from 2.0.11 to 2.0.12.
Release notes
Sourced from phpstan/phpstan-phpunit's releases.
Commits
e4c5a22TestMethodsHelper - class methods cache80091f9TestMethodsHelper - speed-up by asking for immediate methods onlyDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)