core/php-framework
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
52 commits 2 branches 0 tags 9.8 MiB
Commit graph

9 commits

Author SHA1 Message Date
Snider
94ce7bc1e7 feat: add QA pipeline with security and mutation testing tools 
Add comprehensive PHP quality assurance tooling:

**New tools:**
- roave/security-advisories - Blocks packages with known CVEs
- infection/infection - Mutation testing for test quality
- rector/rector - Automated refactoring and PHP upgrades
- psalm/plugin-laravel - Better Laravel support in Psalm

**New config files:**
- qa.yaml - QA pipeline definition for `core php qa` command
- infection.json5 - Mutation testing configuration
- rector.php - Automated refactoring rules

**QA Pipeline stages:**
1. Quick: security audit, code style, PHPStan
2. Standard: Psalm, tests
3. Full: Rector dry-run, mutation testing

**Current status:**
- Security: No vulnerabilities
- Pint: Pass
- PHPStan: Level 1, 0 errors
- Psalm: Level 8, 0 errors, 93% type inference
- Tests: 197 passing
- Rector: 225 files with potential improvements

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 23:21:12 +00:00
Snider
1ab03b7c59 fix: resolve static analysis errors in PHPStan and Psalm 
- Configure PHPStan at level 0 with suppressions for optional dependencies
- Configure Psalm at level 8 with issue handlers for:
  - Optional packages (Bunny, FFMpeg, Imagick, Intervention, Predis, Flux, Horizon)
  - Runtime class aliases (App\Support\*, App\Traits\*)
  - Cross-package dependencies (Core\Tenant\*, Core\Config\Workspace)
  - Laravel HasFactory template param and NoValue false positives
- Fix StorageMetrics::increment() accessibility by adding public wrapper
- Add autoload-dev mappings for test fixture namespaces

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 22:58:44 +00:00
Snider
8d2ace98cf fix: resolve all test failures 
- Add ActivitylogServiceProvider to activity tests
- Configure spatie activitylog settings in test environment
- Use spatie's withoutLogs() for disabling activity logging
- Check if Livewire is available before registering components
- Add PSR-4 autoload mapping for test fixtures (Core\TestCore, App\Custom)
- Fix ModuleScannerTest to scan correct fixture path (Website not Mod)
- Fix ModuleRegistryTest assertion to check ['method'] key

All 197 tests now pass.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 22:42:19 +00:00
Snider
b05e3a0c13 feat(components): add new Blade components for Flux UI including icons, charts, and form elements 2026-01-26 21:21:53 +00:00
Snider
36f524cc5c feat(api): add API versioning support with middleware for version parsing and sunset headers 2026-01-26 16:59:47 +00:00
Snider
f1c4c8f46d feat: add initial framework files including API, console, and web routes; set up testing structure 2026-01-26 14:25:55 +00:00
Snider
606176585c Fix critical and high severity issues from code review 
Security fixes:
- Fix XSS in JSON-LD output via JSON_HEX_TAG (Seo module)
- Fix SQL injection via LIKE wildcards (Config module)
- Fix regex injection in env updates (Console module)
- Fix weak token hashing with HMAC-SHA256 (CDN module)
- Mask database credentials in install output (Console module)

New features:
- Add MakeModCommand, MakePlugCommand, MakeWebsiteCommand scaffolds
- Add event prioritization via array syntax in $listens
- Add EventAuditLog for tracking handler execution and failures
- Add ServiceVersion with semver and deprecation support
- Add HealthCheckable interface with HealthCheckResult
- Add ServiceStatus enum for service health states
- Add DynamicMenuProvider for uncached menu items
- Add LangServiceProvider with auto-discovery and fallback chains

Improvements:
- Add retry logic with exponential backoff (CDN uploads)
- Add file size validation before uploads (100MB default)
- Add key rotation mechanism for LthnHash
- Add Unicode NFC normalization to Sanitiser
- Add configurable filter rules per field (Input)
- Add menu caching with configurable TTL (Admin)
- Add Redis fallback alerting via events (Storage)
- Add Predis support alongside phpredis (Storage)
- Add memory safety checks for image processing (Media)
- Add SchemaValidator for schema.org validation (SEO)
- Add translation key validation in dev environments

Bug fixes:
- Fix nested array filtering returning null (Sanitiser)
- Fix race condition in EmailShieldStat increment
- Fix stack overflow on deep JSON nesting (ConfigResolver)
- Fix missing table existence check (BlocklistService)
- Fix missing class_exists guards (Search, Media)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 20:20:14 +00:00
Snider
b26c430cd6 Add core components and initial setup for the PHP framework 2026-01-21 14:11:45 +00:00
Snider
392678e68a Initial release: Core PHP modular monolith framework 
- Event-driven architecture with lazy module loading
- ModuleScanner, ModuleRegistry, LazyModuleListener for module discovery
- 7 lifecycle events: Web, Admin, API, Client, Console, MCP, FrameworkBooted
- AdminMenuProvider and ServiceDefinition contracts
- Artisan commands: make:mod, make:website, make:plug
- Module stubs for rapid scaffolding
- Comprehensive test suite with Orchestra Testbench
- GitHub Actions CI for PHP 8.2-8.4 / Laravel 11-12
- EUPL-1.2 license

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-20 17:02:28 +00:00