From 1981e3787f7791b5b8fab5c694abdeeab10cfeb5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Jul 2024 02:14:14 +0000 Subject: [PATCH 1/2] composer(deps-dev): bump the minor-patch-dependencies group with 4 updates Updates the requirements on [mimmi20/coding-standard](https://github.com/mimmi20/coding-standard), [phpstan/phpstan](https://github.com/phpstan/phpstan), [rector/rector](https://github.com/rectorphp/rector) and [tomasvotruba/unused-public](https://github.com/TomasVotruba/unused-public) to permit the latest version. Updates `mimmi20/coding-standard` to 5.2.38 - [Release notes](https://github.com/mimmi20/coding-standard/releases) - [Commits](https://github.com/mimmi20/coding-standard/compare/5.2.36...5.2.38) Updates `phpstan/phpstan` to 1.11.8 - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/1.12.x/CHANGELOG.md) - [Commits](https://github.com/phpstan/phpstan/compare/1.11.7...1.11.8) Updates `rector/rector` to 1.2.2 - [Release notes](https://github.com/rectorphp/rector/releases) - [Commits](https://github.com/rectorphp/rector/compare/1.2.1...1.2.2) Updates `tomasvotruba/unused-public` to 0.3.10 - [Commits](https://github.com/TomasVotruba/unused-public/compare/0.3.9...0.3.10) --- updated-dependencies: - dependency-name: mimmi20/coding-standard dependency-type: direct:development dependency-group: minor-patch-dependencies - dependency-name: phpstan/phpstan dependency-type: direct:development dependency-group: minor-patch-dependencies - dependency-name: rector/rector dependency-type: direct:development dependency-group: minor-patch-dependencies - dependency-name: tomasvotruba/unused-public dependency-type: direct:development dependency-group: minor-patch-dependencies ... Signed-off-by: dependabot[bot] --- composer.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/composer.json b/composer.json index 385fd28..4558764 100644 --- a/composer.json +++ b/composer.json @@ -30,19 +30,19 @@ "ext-xml": "*", "ext-xmlwriter": "*", "infection/infection": "^0.27.11 || ^0.28.1", - "mimmi20/coding-standard": "^5.2.36", + "mimmi20/coding-standard": "^5.2.38", "nikic/php-parser": "^4.19.1 || ^5.0.2", "phpstan/extension-installer": "^1.4.1", - "phpstan/phpstan": "^1.11.7", + "phpstan/phpstan": "^1.11.8", "phpstan/phpstan-deprecation-rules": "^1.2.0", "phpstan/phpstan-phpunit": "^1.4.0", "phpunit/phpunit": "^10.5.26", - "rector/rector": "^1.2.1", + "rector/rector": "^1.2.2", "rector/type-perfect": "^0.1.8", "symplify/phpstan-rules": "^13.0.0", "tomasvotruba/cognitive-complexity": "^0.2.3", "tomasvotruba/type-coverage": "^0.3.1", - "tomasvotruba/unused-public": "^0.3.9" + "tomasvotruba/unused-public": "^0.3.10" }, "minimum-stability": "stable", "prefer-stable": true, From a73eef528e38bd7cc9346223e9877d8086497a31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Tue, 30 Jul 2024 21:28:21 +0200 Subject: [PATCH 2/2] update workflows and configs --- .github/dependabot.yml | 39 ++++++++++++------- .github/renovate.json5 | 35 +++++++++++++++-- .github/workflows/cleanup-caches.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/continuous-integration.yml | 6 ++- .github/workflows/dependency-review.yml | 2 +- .github/workflows/labels.yml | 2 +- .github/workflows/lint-workflow-files.yml | 6 +-- .github/workflows/lock-closed-issues.yml | 2 +- .github/workflows/reactions.yml | 2 +- .github/workflows/release-drafter.yml | 2 +- .../workflows/renovate-config-validator.yml | 2 +- 12 files changed, 73 insertions(+), 29 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 98017a8..2573e4d 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,14 +16,24 @@ updates: timezone: "Europe/Berlin" groups: - # Specify a name for the group, which will be used in pull request titles - # and branch names - minor-patch-dependencies: + security-updates: + applies-to: "security-updates" + patterns: + - "*" + exclude-patterns: + - "friendsofphp/php-cs-fixer" + - "sirbrillig/phpcs-variable-analysis" + - "slevomat/coding-standard" + - "squizlabs/php_codesniffer" + version-updates: applies-to: "version-updates" - # Define patterns to include dependencies in the group (based on - # dependency name) patterns: - "*" + exclude-patterns: + - "friendsofphp/php-cs-fixer" + - "sirbrillig/phpcs-variable-analysis" + - "slevomat/coding-standard" + - "squizlabs/php_codesniffer" open-pull-requests-limit: 10 @@ -61,6 +71,7 @@ updates: - dependency-name: "laminas/laminas-diactoros" - dependency-name: "laminas/laminas-servicemanager" - dependency-name: "nikic/php-parser" + - dependency-name: "phpunit/phpunit" - dependency-name: "predis/predis" - dependency-name: "psr/container" - dependency-name: "psr/http-message" @@ -86,12 +97,12 @@ updates: timezone: "Europe/Berlin" groups: - # Specify a name for the group, which will be used in pull request titles - # and branch names - minor-patch-dependencies: + security-updates: + applies-to: "security-updates" + patterns: + - "*" + version-updates: applies-to: "version-updates" - # Define patterns to include dependencies in the group (based on - # dependency name) patterns: - "*" @@ -149,10 +160,12 @@ updates: groups: # Specify a name for the group, which will be used in pull request titles # and branch names - minor-patch-dependencies: + security-updates: + applies-to: "security-updates" + patterns: + - "*" + version-updates: applies-to: "version-updates" - # Define patterns to include dependencies in the group (based on - # dependency name) patterns: - "*" diff --git a/.github/renovate.json5 b/.github/renovate.json5 index ab90ad1..0eebd40 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -7,7 +7,7 @@ ":combinePatchMinorReleases", ":disableDependencyDashboard", ":disableRateLimiting", - ":enableRenovate", + ":disableRenovate", ":enableVulnerabilityAlertsWithLabel(security)", ":gitSignOff", ":ignoreUnstable", @@ -43,6 +43,7 @@ "Change": "[{{#if displayFrom}}`{{{displayFrom}}}` -> {{else}}{{#if currentValue}}`{{{currentValue}}}` -> {{/if}}{{/if}}{{#if displayTo}}`{{{displayTo}}}`{{else}}`{{{newValue}}}`{{/if}}]({{#if depName}}https://renovatebot.com/diffs/npm/{{replace '/' '%2f' depName}}/{{{currentVersion}}}/{{{newVersion}}}{{/if}})" }, "rangeStrategy": "bump", + "recreateWhen": "never", "rollbackPrs": true, "schedule": ["before 4am on Tuesday"], "packageRules": [ @@ -73,6 +74,7 @@ "laminas/laminas-diactoros", "laminas/laminas-servicemanager", "nikic/php-parser", + "phpunit/phpunit", "postcss-load-config", "predis/predis", "psr/container", @@ -91,28 +93,53 @@ { "matchPackageNames": [ "@csstools/postcss-color-function", + "@csstools/postcss-color-mix-function", + "@csstools/postcss-exponential-functions", + "@csstools/postcss-font-format-keywords", + "@csstools/postcss-gradients-interpolation-method", + "@csstools/postcss-initial", + "@csstools/postcss-is-pseudo-class", + "@csstools/postcss-media-minmax", + "@csstools/postcss-media-queries-aspect-ratio-number-values", + "@csstools/postcss-nested-calc", + "@csstools/postcss-progressive-custom-properties", "@csstools/postcss-text-decoration-shorthand", "@csstools/postcss-trigonometric-functions", "@types/node", "@vitest/coverage-istanbul", "@vitest/ui", + "autoprefixer", "aws/aws-sdk-php", "browserslist", + "eslint-plugin-prettier", "friendsofphp/php-cs-fixer", + "laminas/laminas-authentication", "laminas/laminas-form", "laminas/laminas-i18n", "laminas/laminas-validator", + "lilconfig", + "mezzio/mezzio", "mimmi20/coding-standard", "mimmi20/mezzio-setlocale-middleware", "phpstan/phpstan", - "phpunit/phpunit", "postcss", + "postcss-color-hex-alpha", + "postcss-color-rebeccapurple", "postcss-custom-media", "postcss-custom-properties", "postcss-custom-selectors", + "postcss-image-set-function", + "postcss-import", + "postcss-nested", + "postcss-nesting", + "postcss-place", + "postcss-prefix-selector", "postcss-prefixwrap", "postcss-preset-env", + "postcss-pseudo-class-any-link", + "postcss-selector-not", "prettier", + "prettier-eslint", "raven-actions/actionlint", "rector/rector", "rector/type-perfect", @@ -125,7 +152,9 @@ "stylelint-config-standard", "typescript", "vite", - "vitest" + "vitest", + "vite-plugin-dts", + "yaml" ], "enabled": false }, diff --git a/.github/workflows/cleanup-caches.yml b/.github/workflows/cleanup-caches.yml index 3872521..123fbc8 100644 --- a/.github/workflows/cleanup-caches.yml +++ b/.github/workflows/cleanup-caches.yml @@ -12,7 +12,7 @@ on: jobs: cleanup: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - name: "Checkout" uses: "actions/checkout@v4" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index feced3a..9145f86 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -30,7 +30,7 @@ on: jobs: analyze: name: "Analyze" - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" permissions: actions: read contents: read diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 7af1c25..4d76812 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -73,6 +73,7 @@ jobs: matrix: operating-system: - "ubuntu-22.04" + - "ubuntu-24.04" php-version: - "8.1" @@ -140,6 +141,7 @@ jobs: matrix: operating-system: - "ubuntu-22.04" + - "ubuntu-24.04" php-version: - "8.1" @@ -215,7 +217,7 @@ jobs: run: "vendor/bin/infection --show-mutations --only-covered --min-covered-msi=93 --min-msi=90 --coverage=.build/coverage --logger-github --no-progress -vv" finish-code-coverage: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" needs: "code-coverage" @@ -232,7 +234,7 @@ jobs: tests-status: name: "Unit & Integration Tests Status" - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" if: always() diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c64ee59..ca3feca 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -20,7 +20,7 @@ permissions: jobs: dependency-review: - runs-on: "ubuntu-latest" + runs-on: "ubuntu-24.04" steps: - name: "Checkout" uses: "actions/checkout@v4" diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index 5ab8235..b01b350 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -22,7 +22,7 @@ jobs: permissions: issues: write - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - name: "Checkout" diff --git a/.github/workflows/lint-workflow-files.yml b/.github/workflows/lint-workflow-files.yml index 9bb9e3f..108e847 100644 --- a/.github/workflows/lint-workflow-files.yml +++ b/.github/workflows/lint-workflow-files.yml @@ -7,7 +7,7 @@ on: jobs: actionlint: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - name: "Checkout" @@ -21,10 +21,10 @@ jobs: - name: "install libimagequant-dev" run: "sudo apt-get install libimagequant-dev -y" - - name: "Use Node.js 22" + - name: "Use Node.js 22.4" uses: "actions/setup-node@v4" with: - node-version: "22" + node-version: "22.4" - name: "Check workflow files" uses: "raven-actions/actionlint@v2" diff --git a/.github/workflows/lock-closed-issues.yml b/.github/workflows/lock-closed-issues.yml index bdfd090..9782f6e 100644 --- a/.github/workflows/lock-closed-issues.yml +++ b/.github/workflows/lock-closed-issues.yml @@ -11,7 +11,7 @@ on: jobs: lock: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - uses: "Dunning-Kruger/lock-issues@v1.1" with: diff --git a/.github/workflows/reactions.yml b/.github/workflows/reactions.yml index 5995497..a5f2a0e 100644 --- a/.github/workflows/reactions.yml +++ b/.github/workflows/reactions.yml @@ -21,7 +21,7 @@ permissions: jobs: action: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - uses: "dessant/reaction-comments@v4" with: diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 17e6027..12ecd42 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -31,7 +31,7 @@ jobs: # otherwise, read permission is required at least pull-requests: write - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: # Drafts your next Release notes as Pull Requests are merged into "master" diff --git a/.github/workflows/renovate-config-validator.yml b/.github/workflows/renovate-config-validator.yml index 04889b8..578bdc8 100644 --- a/.github/workflows/renovate-config-validator.yml +++ b/.github/workflows/renovate-config-validator.yml @@ -6,7 +6,7 @@ on: jobs: validate: - runs-on: "ubuntu-22.04" + runs-on: "ubuntu-24.04" steps: - name: "Checkout"