Se cambia a PHP 8.5. Parche en phpstan.neon por problema con CoversClass. Se corrigen opciones obsoletas en helpers. Se agrega helper para IP y su test.

Author: estebandelaf

.github/workflows/ci.yml

@@ -17,7 +17,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest]
-        php-version: ['8.3', '8.4']
+        php-version: ['8.5']
 
     steps:
       - name: Check out repository

composer.json

@@ -25,17 +25,17 @@
         }
     },
     "require": {
-        "php": "^8.3"
+        "php": "^8.5"
     },
     "require-dev": {
         "ext-xdebug": "*",
-        "friendsofphp/php-cs-fixer": "^3.63",
+        "friendsofphp/php-cs-fixer": "^3.94",
         "phpstan/phpstan": "^1.12",
-        "phpunit/phpunit": "^11.4",
-        "league/csv": "^9.21",
-        "nesbot/carbon": "^3.8",
-        "symfony/mime": "^7.2",
-        "maennchen/zipstream-php": "^3.1"
+        "phpunit/phpunit": "^11.5",
+        "league/csv": "^9.28",
+        "nesbot/carbon": "^3.11",
+        "symfony/mime": "^7.4",
+        "maennchen/zipstream-php": "^3.2"
     },
     "scripts": {
         "docs": "php tools/phpdocumentor run --config=phpdoc.xml",

php-cs-fixer.php

@@ -3,7 +3,7 @@
 declare(strict_types=1);
 
 /**
- * Derafu: Foundation - Base for Derafu's Projects.
+ * Derafu: Support - Essential PHP Utilities.
  *
  * Copyright (c) 2025 Esteban De La Fuente Rubio / Derafu <https://www.derafu.dev>
  * Licensed under the MIT License.

phpstan.neon

@@ -5,3 +5,8 @@ parameters:
     paths:
         - src
         - tests
+    # PHPUnit's CoversClass is repeatable (Attribute::IS_REPEATABLE); PHPStan does not read it.
+    # Ignore only this message so real non-repeatable attribute errors are still reported.
+    ignoreErrors:
+        - message: '#CoversClass.*is not repeatable#'
+          identifier: attribute.nonRepeatable

src/Csv.php

@@ -51,7 +51,7 @@ public static function load(
                 $content = mb_convert_encoding($content, 'UTF-8', $encoding);
             }
 
-            $csv = Reader::createFromString($content);
+            $csv = Reader::fromString($content);
             $csv->setDelimiter($separator);
             $csv->setEnclosure($enclosure);
             $csv->setEscape($escape);
@@ -153,7 +153,7 @@ public static function generate(
         string $encoding = 'UTF-8'
     ): string {
         try {
-            $csv = Writer::createFromString('');
+            $csv = Writer::fromString('');
             $csv->setDelimiter($separator);
             $csv->setEnclosure($enclosure);
             $csv->setEscape($escape);

src/Date.php

@@ -255,10 +255,11 @@ public static function validateAndConvert(
     ): ?string {
         try {
             $carbonDate = Carbon::createFromFormat('Y-m-d', $date);
+            $lastErrors = $carbonDate->getLastErrors();
 
             if (!$carbonDate instanceof Carbon ||
                 $carbonDate->format('Y-m-d') !== $date ||
-                $carbonDate->getLastErrors()['error_count'] > 0) {
+                ($lastErrors !== false && $lastErrors['error_count'] > 0)) {
                 return null;
             }
 

src/Hydrator.php

@@ -92,7 +92,6 @@ private static function tryAssignValue(
         // Try direct property assignment.
         if ($reflection->hasProperty($attribute)) {
             $property = $reflection->getProperty($attribute);
-            $property->setAccessible(true);
             $property->setValue($instance, $value);
             return true;
         }

src/Ip.php

@@ -0,0 +1,141 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * Derafu: Support - Essential PHP Utilities.
+ *
+ * Copyright (c) 2025 Esteban De La Fuente Rubio / Derafu <https://www.derafu.dev>
+ * Licensed under the MIT License.
+ * See LICENSE file for more details.
+ */
+
+namespace Derafu\Support;
+
+/**
+ * IP utilities.
+ *
+ * Provides functionality to get the real client IP address from various headers
+ * and validate if it is private or reserved.
+ */
+final class Ip
+{
+    /**
+     * Gets the real client IP address from various headers.
+     *
+     * @return string The real client IP address.
+     */
+    public static function getRealClientIp(): string
+    {
+        // Headers to check in order of priority.
+        $headers = [
+            'HTTP_X_FORWARDED_FOR',
+            'HTTP_X_REAL_IP',
+            'HTTP_CF_CONNECTING_IP', // Cloudflare.
+            'HTTP_X_CLIENT_IP',
+            'HTTP_X_FORWARDED',
+            'HTTP_FORWARDED_FOR',
+            'HTTP_FORWARDED',
+            'HTTP_X_CLUSTER_CLIENT_IP',
+            'HTTP_X_FORWARDED_FOR_IP',
+            'HTTP_VIA',
+            'HTTP_X_VIA',
+            'HTTP_X_COMING_FROM',
+            'HTTP_COMING_FROM',
+            'HTTP_X_COMING_FROM_IP',
+        ];
+
+        foreach ($headers as $header) {
+            if (!empty($_SERVER[$header])) {
+                $ip = $_SERVER[$header];
+
+                // If there are multiple IPs (separated by comma), take the first one.
+                if (str_contains($ip, ',')) {
+                    $ips = explode(',', $ip);
+                    $ip = trim($ips[0]);
+                }
+
+                // Validate that it is a valid IP address.
+                $isValid = filter_var(
+                    $ip,
+                    FILTER_VALIDATE_IP,
+                    FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE
+                );
+                if ($isValid !== false) {
+                    return $ip;
+                }
+            }
+        }
+
+        // Fallback to REMOTE_ADDR.
+        return $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
+    }
+
+    /**
+     * Gets the real client IP address (alias for compatibility).
+     *
+     * @return string The real client IP address.
+     */
+    public static function getClientIp(): string
+    {
+        return self::getRealClientIp();
+    }
+
+    /**
+     * Checks if the IP is private.
+     *
+     * @param string $ip The IP address to check.
+     * @return bool True if the IP is private.
+     */
+    public static function isPrivateIp(string $ip): bool
+    {
+        return !filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE);
+    }
+
+    /**
+     * Checks if the IP is reserved.
+     *
+     * @param string $ip The IP address to check.
+     * @return bool True if the IP is reserved.
+     */
+    public static function isReservedIp(string $ip): bool
+    {
+        return !filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE);
+    }
+
+    /**
+     * Gets detailed information about the client IP address.
+     *
+     * Formatted as:
+     *
+     * ```php
+     * [
+     *     'real_ip' => string,
+     *     'remote_addr' => string,
+     *     'is_private' => bool,
+     *     'is_reserved' => bool,
+     *     'headers' => array<string,string|null>,
+     * ]
+     * ```
+     *
+     * @return array<string,mixed> Detailed information about the client IP address.
+     */
+    public static function getClientIpInfo(): array
+    {
+        $realIp = self::getRealClientIp();
+        $remoteAddr = $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
+
+        return [
+            'real_ip' => $realIp,
+            'remote_addr' => $remoteAddr,
+            'is_private' => self::isPrivateIp($realIp),
+            'is_reserved' => self::isReservedIp($realIp),
+            'headers' => [
+                'X-Forwarded-For' => $_SERVER['HTTP_X_FORWARDED_FOR'] ?? null,
+                'X-Real-IP' => $_SERVER['HTTP_X_REAL_IP'] ?? null,
+                'CF-Connecting-IP' => $_SERVER['HTTP_CF_CONNECTING_IP'] ?? null,
+                'X-Client-IP' => $_SERVER['HTTP_X_CLIENT_IP'] ?? null,
+            ],
+        ];
+    }
+}

src/Str.php

@@ -352,7 +352,8 @@ public static function utf8decode(string $string): string
 
         $result = mb_convert_encoding($string, 'ISO-8859-1', 'UTF-8');
 
-        return $result !== false ? $result : $string;
+        // $result always is a string. Maybe just return $result in the future.
+        return $result ?: $string;
     }
 
     /**
@@ -371,7 +372,8 @@ public static function utf8encode(string $string): string
 
         $result = mb_convert_encoding($string, 'UTF-8', 'ISO-8859-1');
 
-        return $result !== false ? $result : $string;
+        // $result always is a string. Maybe just return $result in the future.
+        return $result ?: $string;
     }
 
     /**