From 5c8036a841cc173c027b72dea58f33ee84d3e3ab Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:11:30 -0400 Subject: [PATCH 1/7] Update CI configuration, dependencies --- .github/workflows/ci.yml | 14 +++----------- .github/workflows/psalm.yml | 34 ++++++++++++++++++++++++++++++++++ composer.json | 2 +- 3 files changed, 38 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/psalm.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 486d244..8f0bd99 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ jobs: phpunit-versions: ['7.5.20'] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup PHP uses: shivammathur/setup-php@v2 @@ -37,11 +37,11 @@ jobs: strategy: matrix: operating-system: ['ubuntu-latest'] - php-versions: ['7.1', '7.2', '7.3', '7.4', '8.0', '8.1'] + php-versions: ['7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] phpunit-versions: ['latest'] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup PHP uses: shivammathur/setup-php@v2 @@ -58,11 +58,3 @@ jobs: uses: php-actions/phpunit@v2 with: memory_limit: 256M - - - name: Install Psalm - if: contains(['7.4', '8.0], ${{ matrix.php-version }}) - run: composer require --dev vimeo/psalm:^4 - - - name: Static Analysis - if: contains(['7.4', '8.0], ${{ matrix.php-version }}) - run: composer static-analysis diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml new file mode 100644 index 0000000..f560011 --- /dev/null +++ b/.github/workflows/psalm.yml @@ -0,0 +1,34 @@ +name: Psalm + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + psalm: + name: Psalm on PHP ${{ matrix.php-versions }} + runs-on: ${{ matrix.operating-system }} + strategy: + matrix: + operating-system: ['ubuntu-latest'] + php-versions: ['8.3'] + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ matrix.php-versions }} + tools: psalm:4 + coverage: none + + - name: Install Composer dependencies + uses: "ramsey/composer-install@v1" + with: + composer-options: --no-dev + + - name: Static Analysis + run: psalm diff --git a/composer.json b/composer.json index 7bbc535..fe4ce98 100644 --- a/composer.json +++ b/composer.json @@ -34,7 +34,7 @@ "ext-json": "*", "ext-openssl": "*", "paragonie/constant_time_encoding": "^1.0.4|^2", - "paragonie/sodium_compat": ">= 1.17 <2" + "paragonie/sodium_compat": "^1|^2" }, "require-dev": { "phpunit/phpunit": "^4|^5|^6|^7|^8|^9" From ce477c0981f97c0f32a65c7604904e5204496e10 Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:13:00 -0400 Subject: [PATCH 2/7] We don't need 11 --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8f0bd99..c287017 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,6 @@ jobs: matrix: operating-system: ['ubuntu-latest'] php-versions: ['7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4'] - phpunit-versions: ['latest'] steps: - name: Checkout uses: actions/checkout@v4 @@ -49,7 +48,7 @@ jobs: php-version: ${{ matrix.php-versions }} extensions: mbstring, intl, sodium ini-values: post_max_size=256M, max_execution_time=180 - tools: psalm, phpunit:${{ matrix.phpunit-versions }} + tools: psalm, phpunit - name: Install dependencies run: composer install From 7a4e26acf54a33c255708c9499fcc5e384e56a80 Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:14:39 -0400 Subject: [PATCH 3/7] Don't use phpunit tool --- .github/workflows/ci.yml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c287017..02270bc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,9 +27,7 @@ jobs: run: composer self-update --1; composer install - name: PHPUnit tests - uses: php-actions/phpunit@v2 - with: - memory_limit: 256M + run: vendor/bin/phpunit modern: name: PHP ${{ matrix.php-versions }} Test on ${{ matrix.operating-system }} @@ -47,13 +45,11 @@ jobs: with: php-version: ${{ matrix.php-versions }} extensions: mbstring, intl, sodium - ini-values: post_max_size=256M, max_execution_time=180 - tools: psalm, phpunit + ini-values: error_reporting=-1, display_errors=On + coverage: none - - name: Install dependencies - run: composer install + - name: Install Composer dependencies + uses: "ramsey/composer-install@v2" - name: PHPUnit tests - uses: php-actions/phpunit@v2 - with: - memory_limit: 256M + run: vendor/bin/phpunit From 71c6a2230d65b9257bfd53521ed6e0151a604791 Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:15:14 -0400 Subject: [PATCH 4/7] We aren't on master --- .github/workflows/psalm.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index f560011..8874569 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -2,9 +2,9 @@ name: Psalm on: push: - branches: [ master ] + branches: [ v3.x ] pull_request: - branches: [ master ] + branches: [ v3.x ] jobs: psalm: From 0e6aafd27f22cee050a6348317c201e36295aa13 Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:16:32 -0400 Subject: [PATCH 5/7] Remove return type --- src/EncryptedFile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/EncryptedFile.php b/src/EncryptedFile.php index dccb05c..c0937a3 100644 --- a/src/EncryptedFile.php +++ b/src/EncryptedFile.php @@ -356,7 +356,7 @@ public function getStreamForFile($fileName = 'php://temp', $mode = 'wb') * * @throws CipherSweetException */ - public function setActiveTenant($tenant, $dontError = false): static + public function setActiveTenant($tenant, $dontError = false) { if (!$this->getEngine()->isMultiTenantSupported()) { if (!$dontError) { From 2689ae5e3edc49d8efe234563951348c8a5d6e59 Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:17:44 -0400 Subject: [PATCH 6/7] Only support sodium_compat v1 from ciphersweet v3 --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index fe4ce98..fb89b65 100644 --- a/composer.json +++ b/composer.json @@ -34,7 +34,7 @@ "ext-json": "*", "ext-openssl": "*", "paragonie/constant_time_encoding": "^1.0.4|^2", - "paragonie/sodium_compat": "^1|^2" + "paragonie/sodium_compat": "^1" }, "require-dev": { "phpunit/phpunit": "^4|^5|^6|^7|^8|^9" From ffc160e0e7fbb9075d17e365a3dcc035c9d44d0e Mon Sep 17 00:00:00 2001 From: "Paragon Initiative Enterprises, LLC" Date: Fri, 19 Apr 2024 19:19:39 -0400 Subject: [PATCH 7/7] crc32 for PHP < 7.4 apparently --- src/JsonFieldMap.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/JsonFieldMap.php b/src/JsonFieldMap.php index efbdf4b..4cfa326 100644 --- a/src/JsonFieldMap.php +++ b/src/JsonFieldMap.php @@ -23,9 +23,9 @@ public static function fromString($string) { $crc32 = Binary::safeSubstr($string, 0, 8); $json = Binary::safeSubstr($string, 8); - $calc = hash('crc32c', $json); + $calc = hash('crc32', $json); if (!Util::hashEquals($calc, $crc32)) { - throw new CipherSweetException("CRC32C invalid; was config corrupted?"); + throw new CipherSweetException("CRC32 invalid; was config corrupted?"); } $decoded = \json_decode($json, true); @@ -193,7 +193,7 @@ public function getMapping() public function toString() { $json = \json_encode(['fields' => $this->fields]); - $crc = \hash('crc32c', $json); + $crc = \hash('crc32', $json); return $crc . $json; }