aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.github/workflows/openapi.yml101
-rw-r--r--vendor-bin/openapi-extractor/composer.json16
-rw-r--r--vendor-bin/openapi-extractor/composer.lock235
3 files changed, 352 insertions, 0 deletions
diff --git a/.github/workflows/openapi.yml b/.github/workflows/openapi.yml
new file mode 100644
index 00000000000..22a1a69a977
--- /dev/null
+++ b/.github/workflows/openapi.yml
@@ -0,0 +1,101 @@
+name: Psalm static code analysis
+
+on:
+ pull_request:
+ push:
+ branches:
+ - master
+ - stable*
+
+jobs:
+ static-code-analysis:
+ runs-on: ubuntu-latest
+
+ if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@v2
+ with:
+ php-version: '8.0'
+ extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
+
+ - name: Show potential changes in Psalm baseline
+ if: always()
+ run: git diff -- . ':!lib/composer'
+
+ - name: Upload Analysis results to GitHub
+ if: always()
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: results.sarif
+
+ static-code-analysis-security:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@master
+ with:
+ php-version: '8.0'
+ extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm taint analysis
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
+
+ - name: Upload Security Analysis results to GitHub
+ if: always()
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: results.sarif
+
+ static-code-analysis-ocp:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ submodules: true
+
+ - name: Set up php
+ uses: shivammathur/setup-php@v2
+ with:
+ php-version: '8.0'
+ extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ coverage: none
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Composer install
+ run: composer i
+
+ - name: Psalm
+ run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+
+ - name: Show potential changes in Psalm baseline
+ if: always()
+ run: git diff -- . ':!lib/composer'
diff --git a/vendor-bin/openapi-extractor/composer.json b/vendor-bin/openapi-extractor/composer.json
new file mode 100644
index 00000000000..87dc6a97c25
--- /dev/null
+++ b/vendor-bin/openapi-extractor/composer.json
@@ -0,0 +1,16 @@
+{
+ "repositories": [
+ {
+ "type": "vcs",
+ "url": "https://github.com/nextcloud/openapi-extractor"
+ }
+ ],
+ "config": {
+ "platform": {
+ "php": "8.1"
+ }
+ },
+ "require": {
+ "nextcloud/openapi-extractor": "dev-main"
+ }
+}
diff --git a/vendor-bin/openapi-extractor/composer.lock b/vendor-bin/openapi-extractor/composer.lock
new file mode 100644
index 00000000000..8e411f90b11
--- /dev/null
+++ b/vendor-bin/openapi-extractor/composer.lock
@@ -0,0 +1,235 @@
+{
+ "_readme": [
+ "This file locks the dependencies of your project to a known state",
+ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
+ "This file is @generated automatically"
+ ],
+ "content-hash": "143725e36726d6a8e8fc092c8b44a4ee",
+ "packages": [
+ {
+ "name": "adhocore/cli",
+ "version": "v1.6.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/adhocore/php-cli.git",
+ "reference": "25b5a93e5eebcdb70e20ee33313a011ea3a4f770"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/adhocore/php-cli/zipball/25b5a93e5eebcdb70e20ee33313a011ea3a4f770",
+ "reference": "25b5a93e5eebcdb70e20ee33313a011ea3a4f770",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=8.0"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^9.0"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "Ahc\\Cli\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Jitendra Adhikari",
+ "email": "jiten.adhikary@gmail.com"
+ }
+ ],
+ "description": "Command line interface library for PHP",
+ "keywords": [
+ "argument-parser",
+ "argv-parser",
+ "cli",
+ "cli-action",
+ "cli-app",
+ "cli-color",
+ "cli-option",
+ "cli-writer",
+ "command",
+ "console",
+ "console-app",
+ "php-cli",
+ "php8",
+ "stream-input",
+ "stream-output"
+ ],
+ "support": {
+ "issues": "https://github.com/adhocore/php-cli/issues",
+ "source": "https://github.com/adhocore/php-cli/tree/v1.6.1"
+ },
+ "funding": [
+ {
+ "url": "https://paypal.me/ji10",
+ "type": "custom"
+ },
+ {
+ "url": "https://github.com/adhocore",
+ "type": "github"
+ }
+ ],
+ "time": "2023-06-26T09:55:29+00:00"
+ },
+ {
+ "name": "nextcloud/openapi-extractor",
+ "version": "dev-main",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/nextcloud/openapi-extractor.git",
+ "reference": "bede0855daf07c2caeebb7ff566e33af72d3e143"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/nextcloud/openapi-extractor/zipball/bede0855daf07c2caeebb7ff566e33af72d3e143",
+ "reference": "bede0855daf07c2caeebb7ff566e33af72d3e143",
+ "shasum": ""
+ },
+ "require": {
+ "adhocore/cli": "^v1.6",
+ "ext-simplexml": "*",
+ "nikic/php-parser": "^4.16",
+ "php": "^8.1",
+ "phpstan/phpdoc-parser": "^1.23"
+ },
+ "default-branch": true,
+ "bin": [
+ "generate-spec",
+ "merge-specs"
+ ],
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "OpenAPIExtractor\\": "src"
+ }
+ },
+ "support": {
+ "source": "https://github.com/nextcloud/openapi-extractor/tree/main",
+ "issues": "https://github.com/nextcloud/openapi-extractor/issues"
+ },
+ "time": "2023-08-11T10:00:26+00:00"
+ },
+ {
+ "name": "nikic/php-parser",
+ "version": "v4.16.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/nikic/PHP-Parser.git",
+ "reference": "19526a33fb561ef417e822e85f08a00db4059c17"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/19526a33fb561ef417e822e85f08a00db4059c17",
+ "reference": "19526a33fb561ef417e822e85f08a00db4059c17",
+ "shasum": ""
+ },
+ "require": {
+ "ext-tokenizer": "*",
+ "php": ">=7.0"
+ },
+ "require-dev": {
+ "ircmaxell/php-yacc": "^0.0.7",
+ "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0 || ^9.0"
+ },
+ "bin": [
+ "bin/php-parse"
+ ],
+ "type": "library",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "4.9-dev"
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "PhpParser\\": "lib/PhpParser"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "BSD-3-Clause"
+ ],
+ "authors": [
+ {
+ "name": "Nikita Popov"
+ }
+ ],
+ "description": "A PHP parser written in PHP",
+ "keywords": [
+ "parser",
+ "php"
+ ],
+ "support": {
+ "issues": "https://github.com/nikic/PHP-Parser/issues",
+ "source": "https://github.com/nikic/PHP-Parser/tree/v4.16.0"
+ },
+ "time": "2023-06-25T14:52:30+00:00"
+ },
+ {
+ "name": "phpstan/phpdoc-parser",
+ "version": "1.23.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/phpstan/phpdoc-parser.git",
+ "reference": "846ae76eef31c6d7790fac9bc399ecee45160b26"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/846ae76eef31c6d7790fac9bc399ecee45160b26",
+ "reference": "846ae76eef31c6d7790fac9bc399ecee45160b26",
+ "shasum": ""
+ },
+ "require": {
+ "php": "^7.2 || ^8.0"
+ },
+ "require-dev": {
+ "doctrine/annotations": "^2.0",
+ "nikic/php-parser": "^4.15",
+ "php-parallel-lint/php-parallel-lint": "^1.2",
+ "phpstan/extension-installer": "^1.0",
+ "phpstan/phpstan": "^1.5",
+ "phpstan/phpstan-phpunit": "^1.1",
+ "phpstan/phpstan-strict-rules": "^1.0",
+ "phpunit/phpunit": "^9.5",
+ "symfony/process": "^5.2"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "PHPStan\\PhpDocParser\\": [
+ "src/"
+ ]
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "description": "PHPDoc parser with support for nullable, intersection and generic types",
+ "support": {
+ "issues": "https://github.com/phpstan/phpdoc-parser/issues",
+ "source": "https://github.com/phpstan/phpdoc-parser/tree/1.23.1"
+ },
+ "time": "2023-08-03T16:32:59+00:00"
+ }
+ ],
+ "packages-dev": [],
+ "aliases": [],
+ "minimum-stability": "stable",
+ "stability-flags": {
+ "nextcloud/openapi-extractor": 20
+ },
+ "prefer-stable": false,
+ "prefer-lowest": false,
+ "platform": [],
+ "platform-dev": [],
+ "platform-overrides": {
+ "php": "8.1"
+ },
+ "plugin-api-version": "2.3.0"
+}