Giter VIP home page Giter VIP logo

phpunit's Introduction

php-library-template

Provides a GitHub repository template for a Narrowspark PHP library, using GitHub actions.

Installation

๐Ÿ’ก This is a great place for showing how to install the package, see below:

Run

$ composer require narrowspark/php-library-template

Usage

๐Ÿ’ก This is a great place for showing a few usage examples!

Versioning

This library follows semantic versioning, and additions to the code ruleset are performed in major releases.

Changelog

Please have a look at CHANGELOG.md.

Contributing

Please have a look at CONTRIBUTING.md.

Code of Conduct

Please have a look at CODE_OF_CONDUCT.md.

License

This package is licensed using the MIT License.

Please have a look at LICENSE.md.

phpunit's People

Contributors

dependabot-preview[bot] avatar prisis avatar

Stargazers

avatar

Watchers

avatar avatar

Forkers

prisisforks

phpunit's Issues

Dependabot can't resolve your PHP dependency files

Dependabot can't resolve your PHP dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Your requirements could not be resolved to an installable set of packages.
  Problem 1
    - Root composer.json requires wikimedia/composer-merge-plugin ^1.4.1 -> satisfiable by wikimedia/composer-merge-plugin[v1.4.1].
    - wikimedia/composer-merge-plugin v1.4.1 requires composer-plugin-api ^1.0 -> found composer-plugin-api[2.0.0] but it does not match the constraint.

You are using Composer 2, which some of your plugins seem to be incompatible with. Make sure you update your plugins or report a plugin-issue to ask them to support Composer 2.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Workflows are referencing vulnerable actions

Hello, there!

As part of the university research we are currently doing regarding the security of Github Actions, we noticed that one or many of the workflows that are part of this repository are referencing vulnerable versions of the third-party actions. As part of a disclosure process, we decided to open issues to notify GitHub Community.

Please note that there are could be some false positives in our methodology, thus not all of the open issues could be valid. If that is the case, please let us know, so that we can improve on our approach. You can contact me directly using an email: ikoishy [at] ncsu.edu

Thanks in advance

  1. The workflow code-coverage.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  2. The workflow coding-standard.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  3. The workflow continuous-integration-linux.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  4. The workflow continuous-integration-windows.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  5. The workflow license-update.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  6. The workflow mutation.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  7. The workflow static-analyze.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.
  8. The workflow static-analyze.yml is referencing action shivammathur/setup-php using references 2.0.0. However this reference is missing the commit 7163319 which may contain fix to the vulnerability.

The vulnerability fix that is missing by actions' versions could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider updating the reference to the action.

If you end up updating the reference, please let us know. We need the stats for the paper :-)

Your .dependabot/config.yml contained invalid details

Dependabot encountered the following error when parsing your .dependabot/config.yml:

Automerging is not enabled for this account. You can enable it from the [account settings](https://app.dependabot.com/accounts/testomat/settings) screen in your Dependabot dashboard.

Please update the config file to conform with Dependabot's specification using our docs and online validator.

Dependabot can't resolve your PHP dependency files

Dependabot can't resolve your PHP dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Your requirements could not be resolved to an installable set of packages.
  Problem 1
    - wikimedia/composer-merge-plugin 1.5.x-dev is an alias of wikimedia/composer-merge-plugin dev-master and thus requires it to be installed too.
    - wikimedia/composer-merge-plugin v1.4.1 requires composer-plugin-api ^1.0 -> found composer-plugin-api[2.0.0] but it does not match the constraint.
    - wikimedia/composer-merge-plugin dev-master requires composer-plugin-api ^1.1 -> found composer-plugin-api[2.0.0] but it does not match the constraint.
    - Root composer.json requires wikimedia/composer-merge-plugin ^1.4.1 -> satisfiable by wikimedia/composer-merge-plugin[v1.4.1, 1.5.x-dev (alias of dev-master)].

You are using Composer 2, which some of your plugins seem to be incompatible with. Make sure you update your plugins or report a plugin-issue to ask them to support Composer 2.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Dependabot can't resolve your PHP dependency files

Dependabot can't resolve your PHP dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Your requirements could not be resolved to an installable set of packages.
  Problem 1
    - wikimedia/composer-merge-plugin dev-master requires composer-plugin-api ^1.1 -> found composer-plugin-api[2.0.0] but it does not match the constraint.
    - wikimedia/composer-merge-plugin v1.4.1 requires composer-plugin-api ^1.0 -> found composer-plugin-api[2.0.0] but it does not match the constraint.
    - wikimedia/composer-merge-plugin 1.5.x-dev is an alias of wikimedia/composer-merge-plugin dev-master and thus requires it to be installed too.
    - Root composer.json requires wikimedia/composer-merge-plugin ^1.4.1 -> satisfiable by wikimedia/composer-merge-plugin[v1.4.1, 1.5.x-dev (alias of dev-master)].

You are using Composer 2, which some of your plugins seem to be incompatible with. Make sure you update your plugins or report a plugin-issue to ask them to support Composer 2.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Relative paths for awesome console better DX

I'm using https://plugins.jetbrains.com/plugin/7677-awesome-console in PHPStorm.
It allows you to click on filepaths in CLI and open them in PHPStorm.

It only works reliably with relative paths to cwd() though and PHPUnit uses absolute by default.

E.g. instead of:

-/var/www/projects/my-project/tests/SomeFile.php
+tests/SomeFile.php

Saying that, 2 features might come handy:

1. Relative paths for data provider value, that is file path

Currently, the filename is truncated - see bett...ns.php:

image

It would be great if the bett...ns.php path would be full and relative.


2. Relative path of test case fail

When any assert fail, the path is now absolute (TagValueNodeReprintTest.php:33):

image

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.