diff --git a/.github/release-checklist.md b/.github/release-checklist.md index a57baeb50a..c84b469a59 100644 --- a/.github/release-checklist.md +++ b/.github/release-checklist.md @@ -8,6 +8,17 @@ - [ ] Verify that any new functions have type declarations (ClassName/array/callable) whenever possible. - [ ] Verify that the license tags all refer to the _new_ organisation and no longer to Squizlabs. (easily overlooked in new files) - [ ] Verify that `@copyright` tags in new files use `@copyright 20xx PHPCSStandards and contributors`. +- [ ] Check if the GPG key is still valid (not expired). + If it has expired, create a new key before starting the release process. + - Generate a new key following the steps here: . + - Upload the new key following the steps here: . + :warning: the command for exporting the key will export _all_ keys for the email address. This will not work as OpenPGP does not send an email to verify the key if the upload contained multiple keys. + So, first run `gpg --keyid-format LONG --list-keys my@email.com`. + Then run `gpg --export --armor KEY_ID > phpcs.pub` specifically for the new key. + And then upload the file. + - Verify the key via the link received via email. + - Update the key information in the README x 3. + - Update the key info in the verify-release GHA workflow x 2. ### Wiki @@ -77,11 +88,6 @@ Please consider [funding the PHP_CodeSniffer project](https://opencollective.com gpg -u my@email.com --detach-sign --output phpcs-x.x.x.phar.asc phpcs-x.x.x.phar gpg -u my@email.com --detach-sign --output phpcbf-x.x.x.phar.asc phpcbf-x.x.x.phar ``` - - If, for whatever reason, the key is no longer available or has expired: - -> generate a new key following the steps here: . - -> upload the new key following the steps here: . - -> update the key information in the README x 3. - -> update the key info in the verify-release GHA workflow. - [ ] Get the SHA of the files for the phive.xml file ```bash # Linux diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml index 5e689923f7..a0a6d988aa 100644 --- a/.github/workflows/verify-release.yml +++ b/.github/workflows/verify-release.yml @@ -113,11 +113,16 @@ jobs: GH_TOKEN: ${{ github.token }} GH_FORCE_TTY: true - - name: Download public key + - name: Download public key (May 2024) env: FINGERPRINT: "0x689DAD778FF08760E046228BA978220305CD5C32" run: gpg --keyserver "hkps://keys.openpgp.org" --recv-keys "$FINGERPRINT" + - name: Download public key (June 2025) + env: + FINGERPRINT: "0xD91D86963AF3A29B6520462297B02DD8E5071466" + run: gpg --keyserver "hkps://keys.openpgp.org" --recv-keys "$FINGERPRINT" + - name: Verify signature of the PHAR file run: gpg --verify ${{ steps.source.outputs.FILE }}.asc ${{ steps.source.outputs.FILE }} @@ -200,7 +205,9 @@ jobs: tools: phive - name: Install - run: phive install ${{ matrix.pharfile }} --copy --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32 + run: > + phive install ${{ matrix.pharfile }} --copy + --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32,D91D86963AF3A29B6520462297B02DD8E5071466 - name: "DEBUG: List files" run: ls -R diff --git a/CHANGELOG.md b/CHANGELOG.md index 7aadb84344..70065bef86 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,7 +6,23 @@ The file documents changes to the PHP_CodeSniffer project. _Nothing yet._ -## [3.13.1] - 2025-06-12 +## [3.13.2] - 2025-06-18 + +### Changed +- The documentation for the following sniffs has been improved: + - Squiz.Classes.SelfMemberReference + - Thanks to [Rodrigo Primo][@rodrigoprimo] for the patch. +- Various housekeeping, including improvements to the tests and documentation. + - Thanks to [Rodrigo Primo][@rodrigoprimo] and [Juliette Reinders Folmer][@jrfnl] for their contributions. + +### Fixed +- Fixed bug [#1135] : Squiz.Functions.FunctionDeclarationArgumentSpacing: typo in new error code `SpacingAfterSetVis\[i\]bility`. + - Thanks to [Juliette Reinders Folmer][@jrfnl] for the patch. + +[#1135]: https://github.com/PHPCSStandards/PHP_CodeSniffer/pull/1135 + + +## [3.13.1] - 2025-06-13 ### Added - Added support for PHP 8.4 properties with asymmetric visibility to File::getMemberProperties() through a new `set_scope` array index in the return value. [#1116] @@ -31,7 +47,7 @@ _Nothing yet._ - Errors will be reported via a new `AvizKeywordOrder` error code. - Thanks to [Juliette Reinders Folmer][@jrfnl] for the patch. - The Squiz.Functions.FunctionDeclarationArgumentSpacing will now check spacing after a set-visibility modifier keyword. [#1121] - - Errors will be reported via a new `SpacingAfterSetVisbility` error code. + - Errors will be reported via a new `SpacingAfterSetVisibility` error code. - Thanks to [Juliette Reinders Folmer][@jrfnl] for the patch. - The Squiz.Scope.MemberVarScope will now flag missing "read" visibility, when "write" visibility is set, under a separate error code `AsymReadMissing`. [#1122] - Thanks to [Juliette Reinders Folmer][@jrfnl] for the patch. @@ -45,6 +61,7 @@ _Nothing yet._ ### Other - The latest PHP_CodeSniffer XSD file is now available via the following permalink: . [#1094] Older XSD files can be referenced via permalinks based on their minor: `https://schema.phpcodesniffer.com/#.#/phpcs.xsd`. +- The GPG signature for the PHAR files has been rotated. The new fingerprint is: D91D86963AF3A29B6520462297B02DD8E5071466. [#1094]: https://github.com/PHPCSStandards/PHP_CodeSniffer/issues/1094 [#1116]: https://github.com/PHPCSStandards/PHP_CodeSniffer/pull/1116 @@ -7634,6 +7651,7 @@ Additionally, thanks to [Alexander Turek][@derrabus] for consulting on the repo --> [Unreleased]: https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/master...HEAD +[3.13.2]: https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.13.1...3.13.2 [3.13.1]: https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.13.0...3.13.1 [3.13.0]: https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.12.2...3.13.0 [3.12.2]: https://github.com/PHPCSStandards/PHP_CodeSniffer/compare/3.12.1...3.12.2 diff --git a/README.md b/README.md index eae643680a..6877929bc0 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ php phpcbf.phar -h ``` These Phars are signed with the official Release key for PHPCS with the -fingerprint `689D AD77 8FF0 8760 E046 228B A978 2203 05CD 5C32`. +fingerprint `D91D 8696 3AF3 A29B 6520 4622 97B0 2DD8 E507 1466`. As of PHP_CodeSniffer 3.10.3, the provenance of PHAR files associated with a release can be verified via [GitHub Artifact Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds) using the [GitHub CLI tool](https://cli.github.com/) with the following command: `gh attestation verify [phpcs|phpcbf].phar -o PHPCSStandards`. @@ -78,8 +78,8 @@ You will then be able to run PHP_CodeSniffer from the vendor bin directory: ### Phive If you use Phive, you can install PHP_CodeSniffer as a project tool using the following commands: ```bash -phive install --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32 phpcs -phive install --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32 phpcbf +phive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcs +phive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcbf ``` You will then be able to run PHP_CodeSniffer from the `tools` directory: ```bash diff --git a/licence.txt b/licence.txt index 9f95b67713..c7e8000d96 100644 --- a/licence.txt +++ b/licence.txt @@ -1,4 +1,5 @@ Copyright (c) 2012, Squiz Pty Ltd (ABN 77 084 670 600) +Copyright (c) 2023, PHPCSStandards and contributors All rights reserved. Redistribution and use in source and binary forms, with or without diff --git a/src/Config.php b/src/Config.php index 879e7e26a6..e9eeace0b1 100644 --- a/src/Config.php +++ b/src/Config.php @@ -85,7 +85,7 @@ class Config * * @var string */ - const VERSION = '3.13.1'; + const VERSION = '3.13.2'; /** * Package stability; either stable, beta or alpha. diff --git a/src/Filters/Filter.php b/src/Filters/Filter.php index 8376d15c3b..12cafa7d0a 100644 --- a/src/Filters/Filter.php +++ b/src/Filters/Filter.php @@ -247,13 +247,6 @@ protected function shouldIgnorePath($path) } foreach ($ignorePatterns as $pattern => $type) { - // Maintains backwards compatibility in case the ignore pattern does - // not have a relative/absolute value. - if (is_int($pattern) === true) { - $pattern = $type; - $type = 'absolute'; - } - $replacements = [ '\\,' => ',', '*' => '.*', diff --git a/src/Ruleset.php b/src/Ruleset.php index 8f04c8d7f8..d1ef2a4d75 100644 --- a/src/Ruleset.php +++ b/src/Ruleset.php @@ -332,7 +332,7 @@ public function explain() }//end foreach if (count($this->deprecatedSniffs) > 0) { - echo PHP_EOL.'* Sniffs marked with an asterix are deprecated.'.PHP_EOL; + echo PHP_EOL.'* Sniffs marked with an asterisk are deprecated.'.PHP_EOL; } }//end explain() diff --git a/src/Standards/Generic/Sniffs/ControlStructures/DisallowYodaConditionsSniff.php b/src/Standards/Generic/Sniffs/ControlStructures/DisallowYodaConditionsSniff.php index 666b1916e7..17e81850cb 100644 --- a/src/Standards/Generic/Sniffs/ControlStructures/DisallowYodaConditionsSniff.php +++ b/src/Standards/Generic/Sniffs/ControlStructures/DisallowYodaConditionsSniff.php @@ -92,7 +92,7 @@ public function process(File $phpcsFile, $stackPtr) return; } - // If it is not an array check what is inside. + // If it is not an array, check what is inside. $found = $phpcsFile->findPrevious( T_VARIABLE, ($previousIndex - 1), diff --git a/src/Standards/Squiz/Docs/Classes/SelfMemberReferenceStandard.xml b/src/Standards/Squiz/Docs/Classes/SelfMemberReferenceStandard.xml index 4f982fa4ec..c4e2e52c99 100644 --- a/src/Standards/Squiz/Docs/Classes/SelfMemberReferenceStandard.xml +++ b/src/Standards/Squiz/Docs/Classes/SelfMemberReferenceStandard.xml @@ -1,44 +1,66 @@ self::foo(); +class Bar { + public function baz() { + self::foo(); + } +} ]]> SELF::foo(); +class Bar { + public function baz() { + SELF::foo(); + } +} ]]> + + + - + ::foo(); +class Bar { + public function baz() { + self::foo(); + } +} ]]> - + :: foo(); +class Bar { + public function baz() { + self :: foo(); + } +} ]]> + + + self::bar(); } } @@ -46,14 +68,10 @@ class Foo Foo -{ - public static function bar() - { - } +class Foo { + public function bar() {} - public static function baz() - { + public function baz() { Foo::bar(); } } diff --git a/src/Standards/Squiz/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php b/src/Standards/Squiz/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php index 1fd34fccb5..f33d19bc14 100644 --- a/src/Standards/Squiz/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php +++ b/src/Standards/Squiz/Sniffs/Functions/FunctionDeclarationArgumentSpacingSniff.php @@ -360,7 +360,7 @@ public function processBracket($phpcsFile, $openBracket) $spacesAfter, ]; - $fix = $phpcsFile->addFixableError($error, $visibilityToken, 'SpacingAfterSetVisbility', $data); + $fix = $phpcsFile->addFixableError($error, $visibilityToken, 'SpacingAfterSetVisibility', $data); if ($fix === true) { $phpcsFile->fixer->beginChangeset(); $phpcsFile->fixer->addContent($visibilityToken, ' '); diff --git a/tests/Core/Files/File/FindStartOfStatementTest.php b/tests/Core/Files/File/FindStartOfStatementTest.php index 3506cc137a..4e0916dd00 100644 --- a/tests/Core/Files/File/FindStartOfStatementTest.php +++ b/tests/Core/Files/File/FindStartOfStatementTest.php @@ -1,6 +1,6 @@ * @author Juliette Reinders Folmer @@ -15,7 +15,7 @@ use PHP_CodeSniffer\Util\Tokens; /** - * Tests for the \PHP_CodeSniffer\Files\File:findStartOfStatement method. + * Tests for the \PHP_CodeSniffer\Files\File::findStartOfStatement method. * * @covers \PHP_CodeSniffer\Files\File::findStartOfStatement */ diff --git a/tests/Core/Ruleset/ExplainTest.php b/tests/Core/Ruleset/ExplainTest.php index 3e52cef685..38c74be31f 100644 --- a/tests/Core/Ruleset/ExplainTest.php +++ b/tests/Core/Ruleset/ExplainTest.php @@ -200,7 +200,7 @@ public function testExplainWithDeprecatedSniffs() $expected .= ' TestStandard.SetProperty.PropertyTypeHandling'.PHP_EOL; $expected .= ' TestStandard.ValidSniffs.RegisterEmptyArray'.PHP_EOL.PHP_EOL; - $expected .= '* Sniffs marked with an asterix are deprecated.'.PHP_EOL; + $expected .= '* Sniffs marked with an asterisk are deprecated.'.PHP_EOL; $this->expectOutputString($expected); diff --git a/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.inc b/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.inc index 8df21a6c35..5a0debcd02 100644 --- a/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.inc +++ b/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.inc @@ -58,7 +58,7 @@ switch (true) { case CONSTANT: /* testCaseWithConstantAndIdenticalIsNotEnumCase */ case CONSTANT === 1: - /* testCaseWithAssigmentToConstantIsNotEnumCase */ + /* testCaseWithAssignmentToConstantIsNotEnumCase */ case CONSTANT = 1: /* testIsNotEnumCaseIsCaseInsensitive */ cAsE CONSTANT: diff --git a/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.php b/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.php index 51382d3c5d..ca70a34c13 100644 --- a/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.php +++ b/tests/Core/Tokenizers/Tokenizer/RecurseScopeMapCaseKeywordConditionsTest.php @@ -163,7 +163,7 @@ public static function dataNotEnumCases() 'testCloserMarker' => '/* testCaseConstantCloserMarker */', ], 'switch case with constant, assignment' => [ - 'testMarker' => '/* testCaseWithAssigmentToConstantIsNotEnumCase */', + 'testMarker' => '/* testCaseWithAssignmentToConstantIsNotEnumCase */', 'expectedTokens' => [ 'scope_opener' => T_COLON, 'scope_closer' => T_CLOSE_CURLY_BRACKET,