release: 5.0.0#41
Merged
Merged
Conversation
Analyse tests/ alongside src/, add the strict, deprecation, PHPUnit and Symfony PHPStan rule packs, and require a comment on every ignore via reportIgnoresWithoutComments. Pin phpstan/phpstan to ^2.1.41. Fixes the strict-rule findings this surfaces in src/ (empty() and base64_decode() hygiene) and types the test stub properties and fixtures so the analysis is trustworthy. No public-API or behavioural change. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The composer-audit workflow job ran `composer audit` with no prior install. Because this bundle does not commit composer.lock, the audit had no resolved dependency set to scan. Add a `composer install` step first (mirroring the composer-normalized job) so the audit runs against the actually-resolved packages. Note: .github/workflows/composer.yaml is generated from itk-dev/devops_itkdev-docker; this fix should be upstreamed there too, or it will be lost on the next workflow sync. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The strict base64_decode() fallback added to CliLoginHelper::decodeKey needs a test for the false return path, restoring 100% line coverage. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Every exception thrown from a public method now implements OpenIdConnectBundleExceptionInterface, which extends the upstream library marker OpenIdConnectExceptionInterface. Concrete exceptions extend the SPL type that best fits the failure category and no longer extend the abstract ItkOpenIdConnectBundleException (kept as a deprecated alias for 5.x). A consumer can now catch every OIDC failure from both packages with a single catch (OpenIdConnectExceptionInterface), or scope to the bundle with OpenIdConnectBundleExceptionInterface. - Bump itk-dev/openid-connect to ^5.0 for the matching upstream contract. - Widen @throws / catch types in the authenticator, manager, controller and CLI helper onto the marker interface; preserve the $previous chain. - Add ExceptionHierarchyTest locking marker inheritance, SPL parents and cross-package catch. BREAKING: catch (ItkOpenIdConnectBundleException) no longer matches any concrete thrown by the bundle. Catch OpenIdConnectBundleExceptionInterface. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add two project rules, registered via phpstan/exception-contract.neon and analysed as part of the suite: - ThrownExceptionImplementsBundleMarker: every exception thrown from src/ must implement the bundle or library marker, with documented carve-outs for Symfony HttpException (controllers) and AuthenticationException (authenticators). - WrappedExceptionChainsPrevious: an exception constructed inside a catch must chain the caught cause as $previous. Both ship with a README documenting the carve-outs and escape hatches. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Harden static analysis tooling
…ption-contract-phpstan-rules
CLAUDE.md is a local-only file (gitignored), so a committed test should not point at it. Reference the committed docs/adr/001-marker-interface-exception-hierarchy.md instead. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ption-contract-phpstan-rules
CLAUDE.md is local-only (gitignored); the committed rules, their README, and the rule error message now point at docs/adr/001-marker-interface-exception-hierarchy.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Rework exception hierarchy onto marker interfaces (5.0, BREAKING)
…n-rules Lock the exception contract with custom PHPStan rules
Roll up the [Unreleased] section into 5.0.0 dated 2026-06-02. MAJOR per SemVer — the bundle's exception hierarchy is reworked onto the marker interface OpenIdConnectBundleExceptionInterface (extending the upstream library marker), concrete exceptions re-parent onto SPL types and no longer extend the now-deprecated ItkOpenIdConnectBundleException, and the itk-dev/openid-connect requirement moves to ^5.0. Adds the marker, custom contract-locking PHPStan rules, hardened static analysis, and an UPGRADE-5.0.md consumer migration guide. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #41 +/- ##
===========================================
Coverage 100.00% 100.00%
- Complexity 60 62 +2
===========================================
Files 9 9
Lines 278 280 +2
===========================================
+ Hits 278 280 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cuts 5.0.0 (MAJOR) — the marker-interface exception contract migration.
Rolls the
[Unreleased]CHANGELOG section into5.0.0(dated 2026-06-02) and addsUPGRADE-5.0.md. All the implementation already landed ondevelopvia #38, #39, #40; this is the release branch intomain.Headline (BREAKING)
OpenIdConnectBundleExceptionInterface, which extends the upstream\ItkDev\OpenIdConnect\Exception\OpenIdConnectExceptionInterface. Onecatchhandles both packages.ItkOpenIdConnectBundleException(kept as a@deprecatedalias through 5.x, removed in 6.0).itk-dev/openid-connectrequirement bumped to^5.0.Also in 5.0
tests/analysed).UPGRADE-5.0.mdmigration guide.Migration
catch (ItkOpenIdConnectBundleException $e)→catch (OpenIdConnectBundleExceptionInterface $e). SPL-level catches (\InvalidArgumentException,\RuntimeException) keep working. Full details inUPGRADE-5.0.md.Release steps after merge
5.0.0onmain(triggers the Create-Github-Release workflow).develop.🤖 Generated with Claude Code