diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8514fe9cb7..cae51a7e27 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -32,6 +32,10 @@ jobs: phpstan: name: PHP Static Analysis runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + php: [7.3, 7.4, 8.0, 8.1] steps: - name: Checkout Code @@ -41,7 +45,7 @@ jobs: name: Set up PHP uses: shivammathur/setup-php@v2 with: - php-version: 7.4 + php-version: ${{ matrix.php }} tools: composer coverage: none @@ -55,8 +59,8 @@ jobs: uses: actions/cache@v3 with: path: ${{ steps.composer-cache.outputs.dir }} - key: ${{ runner.os }}-composer-${{ secrets.CACHE_VERSION }}-${{ hashFiles('**/composer.lock') }} - restore-keys: ${{ runner.os }}-composer-${{ secrets.CACHE_VERSION }}- + key: ${{ runner.os }}-composer-${{ matrix.php }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('**/composer.lock') }} + restore-keys: ${{ runner.os }}-composer-${{ matrix.php }}-${{ secrets.CACHE_VERSION }}- - name: Cache pip diff --git a/LibreNMS/Authentication/ADAuthorizationAuthorizer.php b/LibreNMS/Authentication/ADAuthorizationAuthorizer.php index 2ce3e7db4f..29e2b41d08 100644 --- a/LibreNMS/Authentication/ADAuthorizationAuthorizer.php +++ b/LibreNMS/Authentication/ADAuthorizationAuthorizer.php @@ -31,7 +31,7 @@ class ADAuthorizationAuthorizer extends MysqlAuthorizer // Set up connection to LDAP server $this->ldap_connection = @ldap_connect(Config::get('auth_ad_url')); if (! $this->ldap_connection) { - throw new AuthenticationException('Fatal error while connecting to AD url ' . Config::get('auth_ad_url') . ': ' . ldap_error($this->ldap_connection)); + throw new AuthenticationException('Fatal error while connecting to AD, uri not valid: ' . Config::get('auth_ad_url')); } // disable referrals and force ldap version to 3 diff --git a/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php b/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php index a3f897af74..e209a98a6f 100644 --- a/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php +++ b/LibreNMS/Authentication/ActiveDirectoryAuthorizer.php @@ -78,11 +78,10 @@ class ActiveDirectoryAuthorizer extends AuthorizerBase if ($result == false || $result['count'] !== 1) { if (Config::get('auth_ad_debug', false)) { if ($result == false) { - // FIXME: what went wrong? - throw new AuthenticationException("LDAP query failed for group '$groupname' using filter '$search_filter'"); - } elseif ($result['count'] == 0) { + throw new AuthenticationException("LDAP query failed for group '$groupname' using filter '$search_filter', last LDAP error: " . ldap_error($connection)); + } elseif ((int) $result['count'] == 0) { throw new AuthenticationException("Failed to find group matching '$groupname' using filter '$search_filter'"); - } elseif ($result['count'] > 1) { + } elseif ((int) $result['count'] > 1) { throw new AuthenticationException("Multiple groups returned for '$groupname' using filter '$search_filter'"); } } @@ -103,7 +102,7 @@ class ActiveDirectoryAuthorizer extends AuthorizerBase ); $entries = ldap_get_entries($connection, $search); - return $entries['count'] > 0; + return (int) $entries['count'] > 0; } public function userExists($username, $throw_exception = false) diff --git a/LibreNMS/Authentication/ActiveDirectoryCommon.php b/LibreNMS/Authentication/ActiveDirectoryCommon.php index 2fd436d48b..8cf262a122 100644 --- a/LibreNMS/Authentication/ActiveDirectoryCommon.php +++ b/LibreNMS/Authentication/ActiveDirectoryCommon.php @@ -71,7 +71,7 @@ trait ActiveDirectoryCommon $attributes ); $entries = ldap_get_entries($link_identifier, $result); - if ($entries['count'] > 0) { + if ((int) $entries['count'] > 0) { return $entries[0]['dn']; } else { return ''; @@ -115,7 +115,7 @@ trait ActiveDirectoryCommon $attributes ); $entries = ldap_get_entries($connection, $result); - if ($entries['count'] > 0) { + if ((int) $entries['count'] > 0) { $membername = $entries[0]['name'][0]; } else { $membername = $username; diff --git a/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php b/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php index d50ca8a592..cf09f5e426 100644 --- a/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php +++ b/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php @@ -47,7 +47,7 @@ class LdapAuthorizationAuthorizer extends AuthorizerBase */ $this->ldap_connection = @ldap_connect(Config::get('auth_ldap_server'), Config::get('auth_ldap_port')); if (! $this->ldap_connection) { - throw new AuthenticationException('Fatal error while connecting to LDAP server ' . Config::get('auth_ldap_server') . ':' . Config::get('auth_ldap_port') . ': ' . ldap_error($this->ldap_connection)); + throw new AuthenticationException('Fatal error while connecting to LDAP server, uri not valid: ' . Config::get('auth_ldap_server') . ':' . Config::get('auth_ldap_port')); } if (Config::get('auth_ldap_version')) { ldap_set_option($this->ldap_connection, LDAP_OPT_PROTOCOL_VERSION, Config::get('auth_ldap_version')); diff --git a/LibreNMS/Authentication/LdapAuthorizer.php b/LibreNMS/Authentication/LdapAuthorizer.php index 1141c3dbf7..5459759abc 100644 --- a/LibreNMS/Authentication/LdapAuthorizer.php +++ b/LibreNMS/Authentication/LdapAuthorizer.php @@ -330,7 +330,7 @@ class LdapAuthorizer extends AuthorizerBase * @internal * * @param bool $skip_bind do not attempt to bind on connection - * @return false|resource + * @return \LDAP\Connection * * @throws AuthenticationException */ @@ -366,7 +366,7 @@ class LdapAuthorizer extends AuthorizerBase ]; } - private function connect() + private function connect(): void { if ($this->ldap_connection) { return; diff --git a/LibreNMS/RRDRecursiveFilterIterator.php b/LibreNMS/RRDRecursiveFilterIterator.php index f3aaadb340..3d13399078 100644 --- a/LibreNMS/RRDRecursiveFilterIterator.php +++ b/LibreNMS/RRDRecursiveFilterIterator.php @@ -33,7 +33,7 @@ namespace LibreNMS; **/ class RRDRecursiveFilterIterator extends \RecursiveFilterIterator { - public function accept() + public function accept(): bool { $filename = $this->current()->getFilename(); if ($filename[0] === '.') { diff --git a/LibreNMS/Util/Proxy.php b/LibreNMS/Util/Proxy.php index 4b76f8960d..d99dcd7993 100644 --- a/LibreNMS/Util/Proxy.php +++ b/LibreNMS/Util/Proxy.php @@ -83,7 +83,7 @@ class Proxy /** * Set the proxy on a curl handle * - * @param resource $curl + * @param \CurlHandle $curl */ public static function applyToCurl($curl): void { diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index 0b1a711817..a4f22a81af 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -1060,11 +1060,6 @@ parameters: count: 1 path: LibreNMS/Authentication/ADAuthorizationAuthorizer.php - - - message: "#^Parameter \\#1 \\$link_identifier of function ldap_error expects resource, false given\\.$#" - count: 1 - path: LibreNMS/Authentication/ADAuthorizationAuthorizer.php - - message: "#^Property LibreNMS\\\\Authentication\\\\ADAuthorizationAuthorizer\\:\\:\\$AUTH_IS_EXTERNAL has no type specified\\.$#" count: 1 @@ -1290,11 +1285,6 @@ parameters: count: 1 path: LibreNMS/Authentication/LdapAuthorizationAuthorizer.php - - - message: "#^Parameter \\#1 \\$link_identifier of function ldap_error expects resource, false given\\.$#" - count: 1 - path: LibreNMS/Authentication/LdapAuthorizationAuthorizer.php - - message: "#^Property LibreNMS\\\\Authentication\\\\LdapAuthorizationAuthorizer\\:\\:\\$AUTH_IS_EXTERNAL has no type specified\\.$#" count: 1 @@ -1315,11 +1305,6 @@ parameters: count: 1 path: LibreNMS/Authentication/LdapAuthorizer.php - - - message: "#^Method LibreNMS\\\\Authentication\\\\LdapAuthorizer\\:\\:connect\\(\\) has no return type specified\\.$#" - count: 1 - path: LibreNMS/Authentication/LdapAuthorizer.php - - message: "#^Method LibreNMS\\\\Authentication\\\\LdapAuthorizer\\:\\:getFullDn\\(\\) has parameter \\$username with no type specified\\.$#" count: 1 @@ -1431,12 +1416,12 @@ parameters: path: LibreNMS/Authentication/SSOAuthorizer.php - - message: "#^Parameter \\#1 \\$input of function str_pad expects string, int given\\.$#" + message: "#^Parameter \\#1 \\$string of function str_pad expects string, int given\\.$#" count: 1 path: LibreNMS/Authentication/TwoFactor.php - - message: "#^Parameter \\#1 \\$number of function base_convert expects string, int given\\.$#" + message: "#^Parameter \\#1 \\$num of function base_convert expects string, int given\\.$#" count: 1 path: LibreNMS/Authentication/TwoFactor.php diff --git a/phpstan.neon b/phpstan.neon index aa5922d44a..dfde96b3e2 100644 --- a/phpstan.neon +++ b/phpstan.neon @@ -1,12 +1,10 @@ includes: - phpstan-baseline.neon + - tests/phpstan/ignore-by-php-version.neon.php - vendor/nunomaduro/larastan/extension.neon - vendor/phpstan/phpstan-mockery/extension.neon parameters: - - phpVersion: 70300 - paths: - app - config @@ -15,6 +13,9 @@ parameters: - resources - tests + excludePaths: + - tests/phpstan/ + scanDirectories: - includes diff --git a/tests/phpstan/ignore-by-php-version.neon.php b/tests/phpstan/ignore-by-php-version.neon.php new file mode 100644 index 0000000000..292c805f7d --- /dev/null +++ b/tests/phpstan/ignore-by-php-version.neon.php @@ -0,0 +1,24 @@ +load(__DIR__ . '/phpstan-php7.neon')); +} + +if (PHP_VERSION_ID < 80100) { + $config = array_merge_recursive($config, $adapter->load(__DIR__ . '/phpstan-php80.neon')); +} + +// If we loaded any extra config +if (sizeof($config) > 0) { + $config['parameters']['reportUnmatchedIgnoredErrors'] = false; +} + +return $config; diff --git a/tests/phpstan/phpstan-php7.neon b/tests/phpstan/phpstan-php7.neon new file mode 100644 index 0000000000..88bde77384 --- /dev/null +++ b/tests/phpstan/phpstan-php7.neon @@ -0,0 +1,66 @@ +parameters: + ignoreErrors: + + - "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource given\\.$#" + + - "#^Parameter \\#1 \\$link_identifier of function ldap_.* expects (array\\|)?resource, LDAP\\\\Connection given\\.$#" + + - + message: "#^Parameter \\#1 \\$input of function str_pad expects string, int given\\.$#" + count: 1 + path: ../../LibreNMS/Authentication/TwoFactor.php + + - + message: "#^Parameter \\#1 \\$number of function base_convert expects string, int given\\.$#" + count: 1 + path: ../../LibreNMS/Authentication/TwoFactor.php + + - + message: "#^Parameter \\#1 \\$ch of function curl_setopt expects resource, CurlHandle given\\.$#" + count: 1 + path: ../../LibreNMS/Util/Proxy.php + + - + message: "#^Parameter \\$curl of method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) has invalid type CurlHandle\\.$#" + count: 1 + path: ../../LibreNMS/Util/Proxy.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Clickatell.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Googlechat.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Playsms.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Pushbullet.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Signalwire.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Smseagle.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Smsfeedback.php + + - + message: "#^Parameter \\#1 \\$curl of static method LibreNMS\\\\Util\\\\Proxy\\:\\:applyToCurl\\(\\) expects CurlHandle, resource\\|false given\\.$#" + count: 1 + path: ../../LibreNMS/Alert/Transport/Twilio.php diff --git a/tests/phpstan/phpstan-php80.neon b/tests/phpstan/phpstan-php80.neon new file mode 100644 index 0000000000..ec6411bae9 --- /dev/null +++ b/tests/phpstan/phpstan-php80.neon @@ -0,0 +1,6 @@ +parameters: + ignoreErrors: + + - "#^Method LibreNMS\\\\Authentication\\\\LdapAuthorizer\\:\\:getLdapConnection\\(\\) has invalid return type LDAP\\\\Connection\\.$#" + + - "#^Parameter \\#1 \\$ldap of function ldap_.* expects (array\\|)?resource, LDAP\\\\Connection given\\.$#"