You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add allowedDependencies feature to override forbidden dependencies (#27)
- Introduced new classes `AllowedOverride` and `StillForbidden` to demonstrate the functionality of overriding forbidden dependencies with a whitelist.
- Updated `ForbiddenDependenciesRule` to include an `allowedDependencies` parameter, allowing specific dependencies to bypass the forbidden rules.
- Enhanced documentation for the `Dependency-Constraints-Rule` to explain the new `allowedDependencies` feature.
- Added tests to validate the behavior of allowed dependencies and ensure that forbidden dependencies still trigger errors when not in the allowed list.
Co-authored-by: Florian Krämer <f.kraemer@clipmyhorse.tv>
Copy file name to clipboardExpand all lines: docs/rules/Dependency-Constraints-Rule.md
+47-1Lines changed: 47 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -82,6 +82,7 @@ In the example below nothing from `App\Domain` can depend on anything from `App\
82
82
-`forbiddenDependencies`: Array where keys are namespace patterns that should not depend on the namespace patterns in their value arrays.
83
83
-`checkFqcn` (optional, default: `false`): Enable checking of fully qualified class names in addition to use statements.
84
84
-`fqcnReferenceTypes` (optional, default: all types): Array of reference types to check when `checkFqcn` is enabled.
85
+
-`allowedDependencies` (optional, default: `[]`): Whitelist that overrides forbidden dependencies. If a dependency matches both a forbidden pattern and an allowed pattern, it will be allowed.
85
86
86
87
## FQCN Reference Types
87
88
@@ -147,6 +148,51 @@ If you only want to check specific reference types (e.g., to improve performance
147
148
- phpstan.rules.rule
148
149
```
149
150
151
+
### Whitelist with allowedDependencies
152
+
153
+
The `allowedDependencies` parameter lets you create a "forbid everything except X" pattern without complex regex. Dependencies matching both forbidden and allowed patterns will be allowed.
154
+
155
+
This example forbids all third-party/namespaced dependencies in the domain layer, except for `App\Shared`, `App\Capability`, and `Psr\*`:
Note: Root namespace classes (like `DateTime`, `Exception`) are not matched by the `/.*\\\\.*/'` pattern since they don't contain a backslash, so they are implicitly allowed.
By default, `checkFqcn` is `false`, so existing configurations will continue to work exactly as before, checking only `use` statements. The new FQCN checking feature must be explicitly enabled.
198
+
By default, `checkFqcn` is `false` and `allowedDependencies` is empty, so existing configurations will continue to work exactly as before, checking only `use` statements. The new FQCN checking and allowedDependencies features must be explicitly enabled.
0 commit comments