Make library compatible with PHPStan 2.x (#25)

dependabot[bot] · jbelien · web-flow · commit 6a21162f6102 · 2025-02-07T09:32:44.000+01:00
* Bump phpstan/phpstan from 1.12.3 to 2.0.3 Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 1.12.3 to 2.0.3. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Changelog](https://github.com/phpstan/phpstan/blob/2.0.x/CHANGELOG.md) - [Commits](phpstan/phpstan@1.12.3...2.0.3) --- updated-dependencies: - dependency-name: phpstan/phpstan dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Update composer.json * Update SarifErrorFormatter.php * Update tests.yml * Update README.md * Update tests.yml * Update tests.yml * Update tests.yml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jonathan Beliën <1150563+jbelien@users.noreply.github.com>
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -10,8 +10,8 @@ permissions:
   contents: read
 
 jobs:
-  local:
-    name: Local (${{ matrix.php-version }})
+  local-phpstant-1x:
+    name: Local PHPStan 1.x (${{ matrix.php-version }})
     runs-on: ubuntu-latest
     permissions:
       contents: read # for checkout to fetch code
@@ -20,7 +20,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['8.1', '8.2']
+        php-version: [8.1, 8.2, 8.3, 8.4]
     steps:
       - uses: actions/checkout@v4
       - name: Use PHP ${{ matrix.php-version }}
@@ -30,13 +30,46 @@ jobs:
       - name: Validate composer.json and composer.lock
         run: composer validate --strict
       - name: Install dependencies
-        run: composer install --prefer-dist --no-progress
+        run: composer update --prefer-lowest --no-progress
       - name: Run PHPStan
         continue-on-error: true
         run: vendor/bin/phpstan analyze --configuration=tests/phpstan.neon --error-format=sarif --xdebug "tests/" > local-results.sarif
       - uses: actions/upload-artifact@v4
         with:
-          name: local-${{ matrix.php-version }}
+          name: local-v1-${{ matrix.php-version }}
+          path: local-results.sarif
+      - name: Upload analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: local-results.sarif
+          wait-for-processing: true
+  local-phpstant-2x:
+    name: Local PHPStan 2.x (${{ matrix.php-version }})
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read # for checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    strategy:
+      fail-fast: false
+      matrix:
+        php-version: [8.1, 8.2, 8.3, 8.4]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Use PHP ${{ matrix.php-version }}
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-version }}
+      - name: Validate composer.json and composer.lock
+        run: composer validate --strict
+      - name: Install dependencies
+        run: composer update --prefer-dist --no-progress
+      - name: Run PHPStan
+        continue-on-error: true
+        run: vendor/bin/phpstan analyze --configuration=tests/phpstan.neon --error-format=sarif --xdebug "tests/" > local-results.sarif
+      - uses: actions/upload-artifact@v4
+        with:
+          name: local-v2-${{ matrix.php-version }}
           path: local-results.sarif
       - name: Upload analysis results to GitHub
         uses: github/codeql-action/upload-sarif@v3
@@ -54,8 +87,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['8.1', '8.2']
-        version: ['dev-master', '1.0']
+        php-version: [8.1, 8.2, 8.3, 8.4]
+        version: ['dev-master', 1.0, 1.1]
     steps:
       - uses: actions/checkout@v4
       - name: Use PHP ${{ matrix.php-version }}
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
 /vendor/
+composer.lock
diff --git a/README.md b/README.md
@@ -1,5 +1,7 @@
 # SARIF formatter for PHPStan
 
+🔖 **Compatible with PHPStan 1.x and 2.x**
+
 ## PHPStan
 
 PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line.
diff --git a/composer.json b/composer.json
@@ -5,7 +5,7 @@
   "require": {
     "php": "^8.1",
     "nette/utils": "^3.0 || ^4.0",
-    "phpstan/phpstan": "^1.9"
+    "phpstan/phpstan": "^1.9 || ^2.0"
   },
   "autoload": {
     "psr-4": {
diff --git a/composer.lock b/composer.lock
diff --git a/src/SarifErrorFormatter.php b/src/SarifErrorFormatter.php
@@ -27,14 +27,16 @@ public function formatErrors(AnalysisResult $analysisResult, Output $output): in
   {
     $phpstanVersion = ComposerHelper::getPhpStanVersion();
 
+    $rules = [];
+
     $tool = [
       'driver' => [
         'name' => 'PHPStan',
         'fullName' => 'PHP Static Analysis Tool',
         'informationUri' => 'https://phpstan.org',
         'version' => $phpstanVersion,
         'semanticVersion' => $phpstanVersion,
-        'rules' => [],
+        'rules' => $rules,
       ],
     ];
 
@@ -48,7 +50,7 @@ public function formatErrors(AnalysisResult $analysisResult, Output $output): in
 
     foreach ($analysisResult->getFileSpecificErrors() as $fileSpecificError) {
       $result = [
-        'level' => 'error',
+        'level' => $fileSpecificError->canBeIgnored() ? 'warning' : 'error',
         'message' => [
           'text' => $fileSpecificError->getMessage(),
         ],
@@ -67,11 +69,25 @@ public function formatErrors(AnalysisResult $analysisResult, Output $output): in
         ],
         'properties' => [
           'ignorable' => $fileSpecificError->canBeIgnored(),
-          // 'identifier' => $fileSpecificError->getIdentifier(),
-          // 'metadata' => $fileSpecificError->getMetadata(),
         ],
       ];
 
+      if ($fileSpecificError->getIdentifier() !== null) {
+        $result['ruleId'] = $fileSpecificError->getIdentifier();
+
+        $ruleID = $fileSpecificError->getIdentifier();
+        $rules[$ruleID] = [
+          'id' => $ruleID,
+          'shortDescription' => [
+            'text' => $fileSpecificError->getMessage()
+          ],
+        ];
+
+        if ($fileSpecificError->getTip() !== null) {
+          $rules[$ruleID]['help']['text'] = $fileSpecificError->getTip();
+        }
+      }
+
       if ($fileSpecificError->getTip() !== null) {
         $result['properties']['tip'] = $fileSpecificError->getTip();
       }
@@ -97,6 +113,8 @@ public function formatErrors(AnalysisResult $analysisResult, Output $output): in
       ];
     }
 
+    $tool['driver']['rules'] = array_values($rules);
+
     $sarif = [
       '$schema' => 'https://json.schemastore.org/sarif-2.1.0.json',
       'version' => '2.1.0',
