diff options
-rw-r--r-- | .github/workflows/openapi.yml | 101 | ||||
-rw-r--r-- | vendor-bin/openapi-extractor/composer.json | 16 | ||||
-rw-r--r-- | vendor-bin/openapi-extractor/composer.lock | 235 |
3 files changed, 352 insertions, 0 deletions
diff --git a/.github/workflows/openapi.yml b/.github/workflows/openapi.yml new file mode 100644 index 00000000000..22a1a69a977 --- /dev/null +++ b/.github/workflows/openapi.yml @@ -0,0 +1,101 @@ +name: Psalm static code analysis + +on: + pull_request: + push: + branches: + - master + - stable* + +jobs: + static-code-analysis: + runs-on: ubuntu-latest + + if: ${{ github.repository_owner != 'nextcloud-gmbh' }} + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up php + uses: shivammathur/setup-php@v2 + with: + php-version: '8.0' + extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip + coverage: none + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Composer install + run: composer i + + - name: Psalm + run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif + + - name: Show potential changes in Psalm baseline + if: always() + run: git diff -- . ':!lib/composer' + + - name: Upload Analysis results to GitHub + if: always() + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif + + static-code-analysis-security: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up php + uses: shivammathur/setup-php@master + with: + php-version: '8.0' + extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip + coverage: none + + - name: Composer install + run: composer i + + - name: Psalm taint analysis + run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis + + - name: Upload Security Analysis results to GitHub + if: always() + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif + + static-code-analysis-ocp: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up php + uses: shivammathur/setup-php@v2 + with: + php-version: '8.0' + extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip + coverage: none + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Composer install + run: composer i + + - name: Psalm + run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline + + - name: Show potential changes in Psalm baseline + if: always() + run: git diff -- . ':!lib/composer' diff --git a/vendor-bin/openapi-extractor/composer.json b/vendor-bin/openapi-extractor/composer.json new file mode 100644 index 00000000000..87dc6a97c25 --- /dev/null +++ b/vendor-bin/openapi-extractor/composer.json @@ -0,0 +1,16 @@ +{ + "repositories": [ + { + "type": "vcs", + "url": "https://github.com/nextcloud/openapi-extractor" + } + ], + "config": { + "platform": { + "php": "8.1" + } + }, + "require": { + "nextcloud/openapi-extractor": "dev-main" + } +} diff --git a/vendor-bin/openapi-extractor/composer.lock b/vendor-bin/openapi-extractor/composer.lock new file mode 100644 index 00000000000..8e411f90b11 --- /dev/null +++ b/vendor-bin/openapi-extractor/composer.lock @@ -0,0 +1,235 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "143725e36726d6a8e8fc092c8b44a4ee", + "packages": [ + { + "name": "adhocore/cli", + "version": "v1.6.1", + "source": { + "type": "git", + "url": "https://github.com/adhocore/php-cli.git", + "reference": "25b5a93e5eebcdb70e20ee33313a011ea3a4f770" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/adhocore/php-cli/zipball/25b5a93e5eebcdb70e20ee33313a011ea3a4f770", + "reference": "25b5a93e5eebcdb70e20ee33313a011ea3a4f770", + "shasum": "" + }, + "require": { + "php": ">=8.0" + }, + "require-dev": { + "phpunit/phpunit": "^9.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Ahc\\Cli\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jitendra Adhikari", + "email": "jiten.adhikary@gmail.com" + } + ], + "description": "Command line interface library for PHP", + "keywords": [ + "argument-parser", + "argv-parser", + "cli", + "cli-action", + "cli-app", + "cli-color", + "cli-option", + "cli-writer", + "command", + "console", + "console-app", + "php-cli", + "php8", + "stream-input", + "stream-output" + ], + "support": { + "issues": "https://github.com/adhocore/php-cli/issues", + "source": "https://github.com/adhocore/php-cli/tree/v1.6.1" + }, + "funding": [ + { + "url": "https://paypal.me/ji10", + "type": "custom" + }, + { + "url": "https://github.com/adhocore", + "type": "github" + } + ], + "time": "2023-06-26T09:55:29+00:00" + }, + { + "name": "nextcloud/openapi-extractor", + "version": "dev-main", + "source": { + "type": "git", + "url": "https://github.com/nextcloud/openapi-extractor.git", + "reference": "bede0855daf07c2caeebb7ff566e33af72d3e143" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/nextcloud/openapi-extractor/zipball/bede0855daf07c2caeebb7ff566e33af72d3e143", + "reference": "bede0855daf07c2caeebb7ff566e33af72d3e143", + "shasum": "" + }, + "require": { + "adhocore/cli": "^v1.6", + "ext-simplexml": "*", + "nikic/php-parser": "^4.16", + "php": "^8.1", + "phpstan/phpdoc-parser": "^1.23" + }, + "default-branch": true, + "bin": [ + "generate-spec", + "merge-specs" + ], + "type": "library", + "autoload": { + "psr-4": { + "OpenAPIExtractor\\": "src" + } + }, + "support": { + "source": "https://github.com/nextcloud/openapi-extractor/tree/main", + "issues": "https://github.com/nextcloud/openapi-extractor/issues" + }, + "time": "2023-08-11T10:00:26+00:00" + }, + { + "name": "nikic/php-parser", + "version": "v4.16.0", + "source": { + "type": "git", + "url": "https://github.com/nikic/PHP-Parser.git", + "reference": "19526a33fb561ef417e822e85f08a00db4059c17" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/19526a33fb561ef417e822e85f08a00db4059c17", + "reference": "19526a33fb561ef417e822e85f08a00db4059c17", + "shasum": "" + }, + "require": { + "ext-tokenizer": "*", + "php": ">=7.0" + }, + "require-dev": { + "ircmaxell/php-yacc": "^0.0.7", + "phpunit/phpunit": "^6.5 || ^7.0 || ^8.0 || ^9.0" + }, + "bin": [ + "bin/php-parse" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "4.9-dev" + } + }, + "autoload": { + "psr-4": { + "PhpParser\\": "lib/PhpParser" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Nikita Popov" + } + ], + "description": "A PHP parser written in PHP", + "keywords": [ + "parser", + "php" + ], + "support": { + "issues": "https://github.com/nikic/PHP-Parser/issues", + "source": "https://github.com/nikic/PHP-Parser/tree/v4.16.0" + }, + "time": "2023-06-25T14:52:30+00:00" + }, + { + "name": "phpstan/phpdoc-parser", + "version": "1.23.1", + "source": { + "type": "git", + "url": "https://github.com/phpstan/phpdoc-parser.git", + "reference": "846ae76eef31c6d7790fac9bc399ecee45160b26" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpstan/phpdoc-parser/zipball/846ae76eef31c6d7790fac9bc399ecee45160b26", + "reference": "846ae76eef31c6d7790fac9bc399ecee45160b26", + "shasum": "" + }, + "require": { + "php": "^7.2 || ^8.0" + }, + "require-dev": { + "doctrine/annotations": "^2.0", + "nikic/php-parser": "^4.15", + "php-parallel-lint/php-parallel-lint": "^1.2", + "phpstan/extension-installer": "^1.0", + "phpstan/phpstan": "^1.5", + "phpstan/phpstan-phpunit": "^1.1", + "phpstan/phpstan-strict-rules": "^1.0", + "phpunit/phpunit": "^9.5", + "symfony/process": "^5.2" + }, + "type": "library", + "autoload": { + "psr-4": { + "PHPStan\\PhpDocParser\\": [ + "src/" + ] + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "PHPDoc parser with support for nullable, intersection and generic types", + "support": { + "issues": "https://github.com/phpstan/phpdoc-parser/issues", + "source": "https://github.com/phpstan/phpdoc-parser/tree/1.23.1" + }, + "time": "2023-08-03T16:32:59+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": { + "nextcloud/openapi-extractor": 20 + }, + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [], + "platform-overrides": { + "php": "8.1" + }, + "plugin-api-version": "2.3.0" +} |