Fix #9181: Incorrect assertion of value of object across function call boundary #25559
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://help.github.com/en/categories/automating-your-workflow-with-github-actions | |
| name: "Compile PHAR" | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - "2.1.x" | |
| tags: | |
| - '2.1.*' | |
| concurrency: | |
| group: phar-${{ github.ref }} # will be canceled on subsequent pushes in both branches and pull requests | |
| cancel-in-progress: true | |
| jobs: | |
| compiler-tests: | |
| name: "Compiler Tests" | |
| runs-on: "ubuntu-latest" | |
| timeout-minutes: 60 | |
| outputs: | |
| checksum: ${{ steps.checksum.outputs.md5 }} | |
| compiler_changed: ${{ steps.changes.outputs.compiler }} | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 | |
| with: | |
| egress-policy: audit | |
| - name: "Checkout" | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: "Install PHP" | |
| uses: "shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1" # v2 | |
| with: | |
| coverage: "none" | |
| php-version: "8.2" | |
| extensions: mbstring, intl | |
| - uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| # only sebastian/diff ^4 supports PHP 7.4 so we need that in the PHAR | |
| - name: "Downgrade PHPUnit" | |
| run: "composer require --dev phpunit/phpunit:^9.6 sebastian/diff:^4.0 doctrine/instantiator:^1.0 --update-with-dependencies --ignore-platform-reqs" | |
| - name: "Install compiler dependencies" | |
| uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| with: | |
| working-directory: "compiler" | |
| - name: "Compiler tests" | |
| working-directory: "compiler" | |
| run: "vendor/bin/phpunit -c tests/phpunit.xml tests" | |
| - name: "Compiler PHPStan" | |
| working-directory: "compiler" | |
| run: "vendor/bin/phpstan analyse -l 8 src tests" | |
| - name: "Prepare for PHAR compilation" | |
| working-directory: "compiler" | |
| run: "php bin/prepare" | |
| - name: "Dump autoloader one more time for attributes" | |
| run: "composer dump" | |
| - name: "Install Box dependencies" | |
| uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| with: | |
| working-directory: "compiler/box" | |
| - name: "Compile PHAR" | |
| working-directory: "compiler/build" | |
| run: "php ../box/vendor/bin/box compile --no-parallel --sort-compiled-files" | |
| - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: phar-file | |
| path: tmp/phpstan.phar | |
| - name: "Run PHAR" | |
| working-directory: "compiler" | |
| run: "../tmp/phpstan.phar list" | |
| - name: "Delete PHAR" | |
| run: "rm tmp/phpstan.phar" | |
| - name: "Set autoloader suffix" | |
| run: "composer config autoloader-suffix PHPStanChecksum" | |
| - uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| env: | |
| COMPOSER_ROOT_VERSION: "2.1.x-dev" | |
| - name: "Compile PHAR for checksum" | |
| working-directory: "compiler/build" | |
| run: "php ../box/vendor/bin/box compile --no-parallel --sort-compiled-files" | |
| env: | |
| PHAR_CHECKSUM: "1" | |
| COMPOSER_ROOT_VERSION: "2.1.x-dev" | |
| - name: "Re-sign PHAR" | |
| run: "php compiler/build/resign.php tmp/phpstan.phar" | |
| - name: "Unset autoloader suffix" | |
| run: "composer config autoloader-suffix --unset" | |
| - name: "Save checksum" | |
| id: "checksum" | |
| run: echo "md5=$(md5sum tmp/phpstan.phar | cut -d' ' -f1)" >> "$GITHUB_OUTPUT" | |
| - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: phar-file-checksum | |
| path: tmp/phpstan.phar | |
| - name: "Delete checksum PHAR" | |
| run: "rm tmp/phpstan.phar" | |
| - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
| id: changes | |
| with: | |
| filters: | | |
| compiler: | |
| - 'compiler/**' | |
| - '.github/workflows/phar.yml' | |
| - '.github/scripts/**' | |
| integration-tests: | |
| if: github.event_name == 'pull_request' | |
| needs: compiler-tests | |
| uses: phpstan/phpstan/.github/workflows/integration-tests.yml@2.1.x | |
| with: | |
| ref: 2.1.x | |
| phar-checksum: ${{needs.compiler-tests.outputs.checksum}} | |
| extension-tests: | |
| if: github.event_name == 'pull_request' | |
| needs: compiler-tests | |
| uses: phpstan/phpstan/.github/workflows/extension-tests.yml@2.1.x | |
| with: | |
| ref: 2.1.x | |
| phar-checksum: ${{needs.compiler-tests.outputs.checksum}} | |
| other-tests: | |
| if: github.event_name == 'pull_request' | |
| needs: compiler-tests | |
| uses: phpstan/phpstan/.github/workflows/other-tests.yml@2.1.x | |
| with: | |
| ref: 2.1.x | |
| phar-checksum: ${{needs.compiler-tests.outputs.checksum}} | |
| download-base-sha-phar: | |
| name: "Download base SHA PHAR" | |
| needs: compiler-tests | |
| if: github.event_name == 'pull_request' && needs.compiler-tests.outputs.compiler_changed == 'true' | |
| runs-on: "ubuntu-latest" | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| - name: Get base commit SHA | |
| id: base | |
| run: echo "base_sha=${{ github.event.pull_request.base.sha }}" >> "$GITHUB_OUTPUT" | |
| - name: Set up Node.js | |
| uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 | |
| with: | |
| node-version: 20 | |
| - name: Install dependencies | |
| working-directory: .github/scripts | |
| run: npm ci | |
| - name: "Compile TS scripts" | |
| working-directory: .github/scripts | |
| run: npx tsc | |
| - name: Find phar-file-checksum from base commit | |
| id: find-artifact | |
| uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 | |
| env: | |
| BASE_SHA: ${{ steps.base.outputs.base_sha }} | |
| ARTIFACT_NAME: phar-file-checksum | |
| WORKFLOW_NAME: Compile PHAR | |
| with: | |
| script: | | |
| const script = require('./.github/scripts/dist/find-artifact.js'); | |
| await script({github, context, core}) | |
| # saved to phar-file-checksum/phpstan.phar | |
| - name: Download old artifact by ID | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| artifact-ids: ${{ steps.find-artifact.outputs.artifact_id }} | |
| run-id: ${{ steps.find-artifact.outputs.run_id }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Upload old artifact" | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: phar-file-checksum-base | |
| path: phar-file-checksum/phpstan.phar | |
| checksum-phar: | |
| name: "Checksum PHAR" | |
| needs: | |
| - compiler-tests | |
| - download-base-sha-phar | |
| runs-on: "ubuntu-latest" | |
| steps: | |
| # saved to phpstan.phar | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 | |
| with: | |
| egress-policy: audit | |
| - name: "Download base phpstan.phar" | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: phar-file-checksum-base | |
| - name: "Save old checksum" | |
| id: "old_checksum" | |
| run: echo "md5=$(md5sum phpstan.phar | cut -d' ' -f1)" >> "$GITHUB_OUTPUT" | |
| - name: "Assert checksum" | |
| run: | | |
| old_checksum=${{ steps.old_checksum.outputs.md5 }} | |
| new_checksum=${{needs.compiler-tests.outputs.checksum}} | |
| [[ "$old_checksum" == "$new_checksum" ]]; | |
| phar-prefix-diff: | |
| name: "PHAR Prefix Diff" | |
| needs: download-base-sha-phar | |
| runs-on: "ubuntu-latest" | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| # saved to phar-file-checksum/phpstan.phar | |
| - name: "Download phpstan.phar" | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: phar-file-checksum | |
| path: phar-file-checksum | |
| # saved to phar-file-checksum-base/phpstan.phar | |
| - name: "Download base phpstan.phar" | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: phar-file-checksum-base | |
| path: phar-file-checksum-base | |
| - name: "Install PHP" | |
| uses: "shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1" # v2 | |
| with: | |
| coverage: "none" | |
| php-version: "8.2" | |
| - uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| - name: "Install Box dependencies" | |
| uses: "ramsey/composer-install@3cf229dc2919194e9e36783941438d17239e8520" # v3 | |
| with: | |
| working-directory: "compiler/box" | |
| - name: "Extract old phpstan.phar" | |
| run: "php compiler/box/vendor/bin/box extract phar-file-checksum-base/phpstan.phar phar-old" | |
| - name: "Extract new phpstan.phar" | |
| run: "php compiler/box/vendor/bin/box extract phar-file-checksum/phpstan.phar phar-new" | |
| - name: "List prefix locations in old PHAR" | |
| run: "php .github/scripts/listPrefix.php ${{ github.workspace }}/phar-old > phar-old.txt" | |
| - name: "List prefix locations in new PHAR" | |
| run: "php .github/scripts/listPrefix.php ${{ github.workspace }}/phar-new > phar-new.txt" | |
| - name: "Diff locations" | |
| run: "diff -u phar-old.txt phar-new.txt > diff.txt || true" | |
| - name: "Diff files where prefix changed" | |
| run: "php .github/scripts/diffPrefixes.php ${{ github.workspace }}/diff.txt ${{ github.workspace }}/phar-old ${{ github.workspace }}/phar-new" | |
| commit: | |
| name: "Commit PHAR" | |
| if: "github.repository_owner == 'phpstan' && (github.ref == 'refs/heads/2.1.x' || startsWith(github.ref, 'refs/tags/'))" | |
| needs: compiler-tests | |
| runs-on: "ubuntu-latest" | |
| timeout-minutes: 60 | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 | |
| with: | |
| egress-policy: audit | |
| - | |
| name: Import GPG key | |
| id: import-gpg | |
| uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PHPSTANBOT_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.GPG_PHPSTANBOT_KEY_PASSPHRASE }} | |
| git_config_global: true | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| - name: "Checkout phpstan-dist" | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| repository: phpstan/phpstan | |
| path: phpstan-dist | |
| token: ${{ secrets.PHPSTAN_BOT_TOKEN }} | |
| ref: 2.1.x | |
| - name: "Get previous pushed dist commit" | |
| id: previous-commit | |
| working-directory: phpstan-dist | |
| run: echo "sha=$(sed -n '2p' .phar-checksum)" >> "$GITHUB_OUTPUT" | |
| - name: "Checkout phpstan-src" | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| fetch-depth: 0 | |
| path: phpstan-src | |
| - name: "Get Git log" | |
| id: git-log | |
| working-directory: phpstan-src | |
| run: | | |
| echo "log<<MESSAGE" >> "$GITHUB_OUTPUT" | |
| git log ${{ steps.previous-commit.outputs.sha }}..${{ github.event.after }} --reverse --pretty='https://github.com/phpstan/phpstan-src/commit/%H %s' >> "$GITHUB_OUTPUT" | |
| echo 'MESSAGE' >> "$GITHUB_OUTPUT" | |
| - name: "Get short phpstan-src SHA" | |
| id: short-src-sha | |
| working-directory: phpstan-src | |
| run: echo "sha=$(git rev-parse --short=7 HEAD)" >> "$GITHUB_OUTPUT" | |
| - name: "Check PHAR checksum" | |
| id: checksum-difference | |
| working-directory: phpstan-dist | |
| run: | | |
| checksum="${{needs.compiler-tests.outputs.checksum}}" | |
| if [[ $(head -n 1 .phar-checksum) != "$checksum" ]]; then | |
| echo "result=different" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "result=same" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: "Download phpstan.phar" | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| name: phar-file | |
| - name: "mv PHAR" | |
| run: mv phpstan.phar phpstan-dist/phpstan.phar | |
| - name: "chmod PHAR" | |
| run: chmod 755 phpstan-dist/phpstan.phar | |
| - name: "Update checksum" | |
| run: | | |
| echo ${{needs.compiler-tests.outputs.checksum}} > phpstan-dist/.phar-checksum | |
| echo ${{ github.event.head_commit.id }} >> phpstan-dist/.phar-checksum | |
| - name: "Sign PHAR" | |
| working-directory: phpstan-dist | |
| run: rm phpstan.phar.asc && gpg --command-fd 0 --pinentry-mode loopback -u "$GPG_ID" --batch --detach-sign --armor --output phpstan.phar.asc phpstan.phar | |
| env: | |
| GPG_ID: ${{ steps.import-gpg.outputs.fingerprint }} | |
| - name: "Verify PHAR" | |
| working-directory: phpstan-dist | |
| run: "gpg --verify phpstan.phar.asc" | |
| - name: "Install lucky_commit" | |
| uses: baptiste0928/cargo-install@f204293d9709061b7bc1756fec3ec4e2cd57dec0 # v3.4.0 | |
| with: | |
| crate: lucky_commit | |
| args: --no-default-features | |
| - name: "Commit PHAR - development" | |
| if: "!startsWith(github.ref, 'refs/tags/') && steps.checksum-difference.outputs.result == 'different'" | |
| working-directory: phpstan-dist | |
| env: | |
| INPUT_LOG: ${{ steps.git-log.outputs.log }} | |
| run: | | |
| git config --global user.name "phpstan-bot" | |
| git config --global user.email "ondrej+phpstanbot@mirtes.cz" | |
| git add . | |
| git commit --gpg-sign -m "Updated PHPStan to commit ${{ github.event.after }}" -m "$INPUT_LOG" --author "phpstan-bot <ondrej+phpstanbot@mirtes.cz>" | |
| lucky_commit ${{ steps.short-src-sha.outputs.sha }} | |
| git push | |
| - name: "Commit PHAR - tag" | |
| if: "startsWith(github.ref, 'refs/tags/')" | |
| uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 | |
| with: | |
| commit_user_name: "phpstan-bot" | |
| commit_user_email: "ondrej+phpstanbot@mirtes.cz" | |
| commit_author: "phpstan-bot <ondrej+phpstanbot@mirtes.cz>" | |
| commit_options: "--gpg-sign" | |
| repository: phpstan-dist | |
| commit_message: "PHPStan ${{github.ref_name}}" | |
| tagging_message: ${{github.ref_name}} |