Unsupervised/unsupervised-scheduler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade PHPStan to 2.x and raise analysis level from 6 to 10
CI / No Debug Code (pull_request) Successful in 3s
Details
CI / Tests (PHP 8.2) (pull_request) Successful in 48s
Details
CI / Tests (PHP 8.3) (pull_request) Successful in 52s
Details
CI / Coding Standards (pull_request) Successful in 57s
Details
CI / Tests (PHP 8.1) (pull_request) Successful in 1m1s
Details
CI / PHPStan (pull_request) Successful in 1m11s
Details
CI / Build Plugin Zip (pull_request) Has been skipped
Details

Browse Source 
- Bump phpstan/phpstan ^2.0 and szepeviktor/phpstan-wordpress ^2.0
- Move the analysis level into phpstan.neon (single source) and raise it to 10
- Add Val, a runtime coercion helper that narrows untyped WordPress boundary
  values (wpdb rows, REST params, superglobals, options) with explicit checks
  instead of blind casts, plus unit tests
- Type value-object fromRow() params as stdClass (what wpdb returns) and map
  columns through Val so unexpected shapes degrade safely
- Use %i identifier placeholders for table names in all wpdb::prepare() calls
  so every query string is a literal and identifiers are escaped by WordPress;
  raises the minimum WordPress version to 6.2 where %i was introduced
- Guard wpdb::prepare() null result before wpdb::query() in updateTax()
- Fix nullable get_permalink()/strtotime() handling, list types at REST and
  capability call sites, dead null-coalescing on checked superglobals, and
  narrow get_users() results before mapping
- Register Val method names with the ValidatedSanitizedInput sniff so it
  validates the real sanitizer around each superglobal read
- Update repository unit tests for the %i placeholder arguments

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
James Griffin-Allwood
2026-06-12 13:42:50 -03:00
parent b23508f726
commit 1d6ac46ba3
67 changed files with 666 additions and 368 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Unit/Payment/PaymentRepositoryTest.php
+6 -6
View File
@@ -66,7 +66,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::pattern('/tax_amount = ROUND\( amount \* %f \/ 100, 2 \)/'), 13.0, 13.0, 50)
->with(Mockery::pattern('/tax_amount = ROUND\( amount \* %f \/ 100, 2 \)/'), 'wp_us_payments', 13.0, 13.0, 50)
->andReturn('UPDATE ...');
$this->db->shouldReceive('query')->once()->with('UPDATE ...')->andReturn(1);
@@ -78,7 +78,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::pattern('/status = %s AND paid_at >= %s AND paid_at < %s AND instructor_id = %d/'), ['paid', '2026-06-01 00:00:00', '2026-07-01 00:00:00', 3])
->with(Mockery::pattern('/status = %s AND paid_at >= %s AND paid_at < %s AND instructor_id = %d/'), ['wp_us_payments', 'paid', '2026-06-01 00:00:00', '2026-07-01 00:00:00', 3])
->andReturn('SELECT ...');
$this->db->shouldReceive('get_results')->andReturn([$this->row()]);
@@ -90,7 +90,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::on(static fn (string $sql): bool => ! str_contains($sql, 'instructor_id')), ['paid', '2026-06-01 00:00:00', '2026-07-01 00:00:00'])
->with(Mockery::on(static fn (string $sql): bool => ! str_contains($sql, 'instructor_id')), ['wp_us_payments', 'paid', '2026-06-01 00:00:00', '2026-07-01 00:00:00'])
->andReturn('SELECT ...');
$this->db->shouldReceive('get_results')->andReturn([]);
@@ -118,7 +118,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::pattern('/stripe_payment_intent_id = %s/'), 'pi_123')
->with(Mockery::pattern('/stripe_payment_intent_id = %s/'), 'wp_us_payments', 'pi_123')
->andReturn('SELECT ...');
$this->db->shouldReceive('get_row')->andReturn($this->row());
@@ -138,7 +138,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::pattern('/registration_type = %s AND registration_id = %d/'), Payment::REG_LESSON, 12)
->with(Mockery::pattern('/registration_type = %s AND registration_id = %d/'), 'wp_us_payments', Payment::REG_LESSON, 12)
->andReturn('SELECT ...');
$this->db->shouldReceive('get_row')->andReturn($this->row());
@@ -150,7 +150,7 @@ class PaymentRepositoryTest extends TestCase
{
$this->db->shouldReceive('prepare')
->once()
->with(Mockery::pattern('/status = %s/'), Payment::STATUS_PENDING)
->with(Mockery::pattern('/status = %s/'), 'wp_us_payments', Payment::STATUS_PENDING)
->andReturn('SELECT ...');
$this->db->shouldReceive('get_results')->andReturn([$this->row()]);