|
| 1 | +# Contributing to `initphp/encryption` |
| 2 | + |
| 3 | +This package follows the [InitPHP org-wide contribution guide](https://github.com/InitPHP/.github/blob/main/CONTRIBUTING.md). |
| 4 | +Please read it first — everything below is in addition to that guide, not a |
| 5 | +replacement for it. |
| 6 | + |
| 7 | +## Local Development |
| 8 | + |
| 9 | +```bash |
| 10 | +git clone https://github.com/InitPHP/Encryption.git |
| 11 | +cd Encryption |
| 12 | +composer install |
| 13 | +``` |
| 14 | + |
| 15 | +Required PHP extensions for the test suite: |
| 16 | + |
| 17 | +- `ext-openssl` |
| 18 | +- `ext-sodium` |
| 19 | + |
| 20 | +## Quality Gates |
| 21 | + |
| 22 | +The CI pipeline runs three checks. Run them locally before pushing — every PR |
| 23 | +must pass all three. |
| 24 | + |
| 25 | +| Command | What it does | |
| 26 | +| --- | --- | |
| 27 | +| `composer test` | Run the PHPUnit suite. | |
| 28 | +| `composer phpstan` | Static analysis at level 8. | |
| 29 | +| `composer cs-check` | Verify PSR-12 compliance (read-only). | |
| 30 | +| `composer cs-fix` | Apply PSR-12 fixes automatically. | |
| 31 | +| `composer qa` | Run cs-check, phpstan and tests in sequence. | |
| 32 | + |
| 33 | +## Writing Tests |
| 34 | + |
| 35 | +- Unit tests live in `tests/Unit/` and must not require any I/O or extension |
| 36 | + state beyond what `ext-openssl` and `ext-sodium` provide. |
| 37 | +- Integration tests live in `tests/Integration/` and may pin golden |
| 38 | + ciphertexts for backwards-compatibility verification. |
| 39 | +- A bug fix PR must include a regression test that fails on `main` and passes |
| 40 | + with the fix applied. |
| 41 | +- Cover both the happy path and the failure paths (tampered ciphertext, |
| 42 | + invalid configuration, missing key, etc.). |
| 43 | + |
| 44 | +## Security-Sensitive Changes |
| 45 | + |
| 46 | +Any change that affects cryptographic primitives, key derivation, ciphertext |
| 47 | +format, or the trust boundary between an attacker and the plaintext requires: |
| 48 | + |
| 49 | +1. An explicit reviewer note in the PR description describing the threat model. |
| 50 | +2. A test that exercises the failure path (e.g. tampered HMAC must be rejected). |
| 51 | +3. A `CHANGELOG.md` entry under the appropriate section. |
| 52 | + |
| 53 | +If you believe you have found a vulnerability, **do not open a public issue or |
| 54 | +PR.** Follow the [security policy](./SECURITY.md) instead. |
| 55 | + |
| 56 | +## Commit Messages |
| 57 | + |
| 58 | +We use [Conventional Commits](https://www.conventionalcommits.org/). Typical |
| 59 | +scopes for this repository: |
| 60 | + |
| 61 | +- `openssl` — changes to `OpenSSL` handler |
| 62 | +- `sodium` — changes to `Sodium` handler |
| 63 | +- `base` — changes to `BaseHandler` |
| 64 | +- `factory` — changes to `Encrypt` |
| 65 | +- `docs`, `test`, `ci`, `chore` — as in the org guide |
| 66 | + |
| 67 | +Example: |
| 68 | + |
| 69 | +``` |
| 70 | +fix(openssl): handle openssl_decrypt failure before unserialize |
| 71 | +
|
| 72 | +openssl_decrypt() returns false on failure, which then caused |
| 73 | +unserialize(false) to throw a TypeError on PHP 8.x. Detect the false |
| 74 | +return and throw EncryptionException with a meaningful message. |
| 75 | +
|
| 76 | +Closes #NN |
| 77 | +``` |
0 commit comments