Merge pull request #8 from BitsHost/feature/phase-3-hardening

Feature/phase 3 hardening

Author: BitsHost

.github/workflows/ci.yml

@@ -0,0 +1,83 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, refactor-phase-2, feature/** ]
+  pull_request:
+    branches: [ main, refactor-phase-2 ]
+
+jobs:
+  build-test:
+    runs-on: ubuntu-latest
+    services:
+      mysql:
+        image: mysql:8.0
+        env:
+          MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
+          MYSQL_DATABASE: test
+          MYSQL_ROOT_PASSWORD: ""
+        ports:
+          - 3306:3306
+        options: >-
+          --health-cmd="mysqladmin ping -h 127.0.0.1 --silent"
+          --health-interval=10s
+          --health-timeout=5s
+          --health-retries=30
+    strategy:
+      matrix:
+        php: [ '8.2', '8.3' ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: mbstring, json, pdo, pdo_mysql
+          coverage: none
+
+      - name: Validate composer.json and composer.lock
+        run: composer validate --no-check-publish
+
+      - name: Install dependencies
+        run: composer install --no-interaction --no-progress --prefer-dist
+
+      - name: Install MySQL client
+        run: sudo apt-get update && sudo apt-get install -y mysql-client
+
+      - name: Wait for MySQL
+        run: |
+          for i in {1..60}; do
+            mysqladmin ping -h 127.0.0.1 --silent && break
+            sleep 2
+          done
+          mysql -h 127.0.0.1 -uroot -e "SHOW DATABASES;"
+
+      - name: Generate autoload
+        run: composer dump-autoload -o
+
+      - name: PHPStan
+        run: |
+          if [ -f phpstan.neon ] || [ -f phpstan.neon.dist ]; then \
+            vendor/bin/phpstan analyse --no-progress; \
+          else \
+            echo "Skipping PHPStan"; \
+          fi
+
+      - name: PHPCS
+        run: |
+          if [ -f phpcs.xml ] || [ -f phpcs.xml.dist ]; then \
+            vendor/bin/phpcs; \
+          else \
+            echo "Skipping PHPCS"; \
+          fi
+
+      - name: PHPUnit
+        run: |
+          if [ -f phpunit.xml ] || [ -f phpunit.xml.dist ]; then \
+            vendor/bin/phpunit -c phpunit.xml; \
+          else \
+            echo "Skipping PHPUnit"; \
+          fi

.gitignore

@@ -29,4 +29,8 @@ private-vault/**
 # IDE and OS
 .DS_Store
 .idea/
-/tests/output/
+/tests/output/
+
+# Tool caches (do not commit)
+/.phpstan/
+/.phpunit.cache/

.phpunit.cache/test-results

@@ -1,5 +1,32 @@
 # Changelog
 
+## 2.0.1 - Type Safety & CI Hardening (2025-11-12)
+
+### ✅ What changed
+- Static analysis: Reduced PHPStan issues to zero with precise generics, array-shape docs, and guards across core modules.
+- App hardening: Cleaned up Router, RBAC, Cache, Authenticator, ApiController, Monitor, and middlewares for stricter typing and better error handling.
+- Tests cleanup: Modernized tests to remove always-true assertions, add return types, guard glob/file reads, and align with updated return shapes.
+- CI ready: Ensured the test suite runs green on clean environments.
+
+### 🔧 Highlights
+- RBAC: Normalized user roles mapping and removed unused state.
+- ApiController: Simplified cache-key logic and removed redundant checks; consistent return tuples.
+- Monitor & RequestLogger: Safer I/O guards; added minimal reads to satisfy analyzer without behavior change.
+- Cache: Tightened typing in manager and drivers; safer key generation and headers handling.
+- Middlewares: Fixed unreachable code in rate limiting; typed CORS config.
+- Config: Added explicit types and normalizations in `ApiConfig` and `CacheConfig` getters.
+
+### 🧪 CI (GitHub Actions)
+- Added workflow to run Composer install, PHPStan, and PHPUnit on pushes/PRs.
+- Provisioned MySQL service (database: `test`) so DB-backed tests run reliably in CI.
+- Matrix on PHP 8.2 and 8.3.
+
+### Result
+- PHPStan: 0 errors.
+- PHPUnit: All tests passing.
+
+---
+
 ## 2.0.0 - Performance & Architecture Revolution (2025-11-10)
 
 ### 🚀 Major New Features

CHANGELOG.md

@@ -0,0 +1,7 @@
+> Deprecated — Removed in v2.0.0-dev
+
+This migration guide was used during the transition to the new canonical namespaces.
+As of v2.0.0-dev, legacy wrappers were removed and migration tooling is no longer
+part of the repository. Please refer to README.md for the current architecture.
+
+Note: This file remains only to avoid broken links; it may be deleted in a later release.

MIGRATION.md

@@ -432,9 +432,36 @@ The `list` action endpoint now supports advanced query parameters:
 
 ---
 
-### 📝 OpenAPI Path Example
+### 📝 OpenAPI Documentation (Swagger)
 
-For `/index.php?action=list&table={table}`:
+**Your API automatically generates OpenAPI 3.0 documentation!**
+
+#### Get the OpenAPI Specification (JSON)
+
+```bash
+# Access the auto-generated OpenAPI spec
+curl http://localhost:8000/index.php?action=openapi
+
+# Or visit in browser:
+http://localhost:8000/index.php?action=openapi
+```
+
+#### View Interactive Documentation (Swagger UI)
+
+**Option 1: Online Swagger Editor** (Quick & Easy)
+1. Copy JSON from: `http://localhost:8000/index.php?action=openapi`
+2. Paste into: https://editor.swagger.io/
+3. See beautiful interactive documentation!
+
+**Option 2: Use dashboard.html** (Recommended)
+Your project includes `dashboard.html` which has API documentation built-in:
+```
+http://localhost:8000/dashboard.html
+```
+
+#### Example OpenAPI Path Structure
+
+This is what the specification includes for `/index.php?action=list&table={table}`:
 
 ```yaml
 get:
@@ -486,6 +513,8 @@ get:
                   pages: { type: integer }
 ```
 
+**Note:** The YAML above is just an example of the structure. The actual API returns JSON format.
+
 ## 🛡️ Security Notes
 
 - **Enable authentication for any public deployment!**
@@ -598,4 +627,8 @@ MIT
 
 ## 🙌 Credits
 
-Built by [BitHost](https://github.com/BitsHost). PRs/issues welcome!
+Built by [BitHost](https://github.com/BitsHost). PRs/issues welcome!
+
+---
+
+ 

README.md

@@ -1,4 +1,5 @@
 {
+  "version": "2.0.0-dev",
   "name": "bitshost/php-crud-api-generator",
   "description": "Instant REST API for MySQL/MariaDB with JWT auth, rate limiting, monitoring, and zero code generation",
   "type": "library",
@@ -24,10 +25,12 @@
     }
   },
   "require-dev": {
-    "phpunit/phpunit": "^10.0"
+    "phpunit/phpunit": "^10.0",
+    "phpstan/phpstan": "^2.1",
+    "squizlabs/php_codesniffer": "^4.0"
   },
   "support": {
     "issues": "https://github.com/BitsHost/php-crud-api-generator/issues",
     "source": "https://github.com/BitsHost/php-crud-api-generator"
   }
-}
+}