 |
VOOZH | about |
|
VOOZH | about |
This document describes the comprehensive quality assurance infrastructure that protects the maho-composer-plugin codebase from defects and regressions. The system implements a multi-layered validation strategy combining static analysis, continuous integration workflows, and development environment safeguards to enforce code quality standards before any changes reach production.
For detailed information about specific components:
The quality assurance system implements four parallel validation layers that execute automatically on every push and pull request. Each layer focuses on a different quality dimension, creating comprehensive coverage that prevents common classes of defects.
Quality Gate Matrix
| Quality Gate | Configuration File | Validation Target | Blocking Failure |
|---|---|---|---|
| Static Analysis | .phpstan.dist.neon | Type safety, strict rules, deprecations | Yes |
| Composer Validation | .github/workflows/composer.yml | Package definition integrity | Yes |
| Line Ending Check | .github/workflows/line-endings.yml | CRLF consistency | Yes |
| PHP Syntax Check | .github/workflows/syntax-php.yml | Parse errors, syntax validity | Yes |
All quality gates must pass before code can be merged. The system is configured with fail-fast: false in workflows to provide complete feedback on all issues rather than stopping at the first failure.
Sources: .phpstan.dist.neon1-13 .github/workflows/composer.yml1-31 .github/workflows/phpstan.yml1-46
Diagram: Quality Assurance Pipeline Architecture
Sources: .github/workflows/composer.yml3-7 .github/workflows/phpstan.yml3-8 .phpstan.dist.neon10-12
The project enforces maximum strictness through PHPStan level 10 analysis with additional rule sets. The configuration file .phpstan.dist.neon1-13 includes four distinct rule collections that work together to catch potential defects.
PHPStan Rule Set Composition
| Rule Set | Source | Purpose |
|---|---|---|
| Bleeding Edge | vendor/phpstan/phpstan/conf/bleedingEdge.neon | Latest type inference improvements |
| Strict Rules | vendor/phpstan/phpstan-strict-rules/rules.neon | Enforce type strictness, disallow unsafe patterns |
| Deprecation Rules | vendor/phpstan/phpstan-deprecation-rules/rules.neon | Detect usage of deprecated PHP features |
| Composer Rules | vendor/composer/composer/phpstan/rules.neon | Composer-specific type definitions |
The analysis scope is limited to the src directory .phpstan.dist.neon11 and enforces PHP version compatibility between 8.2.0 and 8.4.99 .phpstan.dist.neon8-9 This range ensures the plugin remains compatible with current production PHP installations while preparing for future versions.
Sources: .phpstan.dist.neon1-13
Diagram: PHPStan Analysis Configuration and Execution
Sources: .phpstan.dist.neon1-13 .github/workflows/phpstan.yml9-46
The CI/CD system implements four independent GitHub Actions workflows that execute in parallel. Each workflow is triggered by the same event set: push, pull_request, workflow_call, and workflow_dispatch .github/workflows/composer.yml3-7 providing consistent validation across all code changes.
The composer.yml workflow validates package definition integrity without installing dependencies. The composer validate --strict --no-check-all command .github/workflows/composer.yml30 checks:
composer.jsoncomposer.jsonThe --no-check-all flag limits validation to repository-defined packages, avoiding false failures from transitive dependencies.
Sources: .github/workflows/composer.yml1-31
The phpstan.yml workflow implements a unique dual-analysis strategy through matrix execution .github/workflows/phpstan.yml14-18 For pull requests, it analyzes both:
main)This approach detects regressions introduced by the PR and prevents merging code that would fail analysis. The workflow uses shivammathur/setup-php@v2 to install the latest PHP version .github/workflows/phpstan.yml22-24 and runs analysis with verbose output: php vendor/bin/phpstan.phar analyze -vvv .github/workflows/phpstan.yml45
The XDEBUG_MODE=off prefix disables Xdebug during analysis to improve performance.
Sources: .github/workflows/phpstan.yml1-46
Diagram: Workflow Execution and Caching Strategy
Sources: .github/workflows/composer.yml18-27 .github/workflows/phpstan.yml30-45
Both workflows implement identical caching strategies to accelerate CI execution. The cache key uses three components:
${{ runner.os }} - Isolates caches by operating systemcomposer - Identifies cache purposehashFiles('**/composer.lock') - Invalidates on dependency changesThe cache stores the directory returned by composer config cache-files-dir .github/workflows/composer.yml20 which contains downloaded package archives. The restore-keys fallback .github/workflows/composer.yml27 allows partial cache hits when composer.lock changes but the OS remains the same.
Cache Key Structure
${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
| | |
| | └─ SHA-256 of composer.lock
| └─ Cache namespace
└─ Operating system (ubuntu, macos, windows)
Sources: .github/workflows/composer.yml24-27 .github/workflows/phpstan.yml34-39
The .gitignore file defines exclusion patterns for local development artifacts, ensuring clean version control history. The configuration implements a distributed-vs-local pattern for PHPStan configuration files.
Git Ignore Pattern Categories
| Pattern | Purpose | Files Ignored |
|---|---|---|
.idea | PhpStorm IDE metadata | All PhpStorm project files |
/vendor | Composer dependencies | All installed packages |
.phpstan*.neon | Local PHPStan overrides | .phpstan.neon, .phpstan.local.neon, etc. |
phpstan*.neon | Alternative PHPStan configs | phpstan.neon, phpstan-baseline.neon, etc. |
!.phpstan.dist.neon | Distribute default config | Negative pattern - include in repository |
!.phpstan.dist.*.neon | Distribute variant configs | Negative pattern - include variants |
The PHPStan patterns allow developers to create local configuration overrides (e.g., .phpstan.neon) for development purposes while ensuring the canonical .phpstan.dist.neon remains tracked in version control. This pattern supports:
.dist.neon file defines the official configurationSources: .gitignore1-12
Diagram: Development Environment File Organization
Sources: .gitignore1-12
The static analysis enforces PHP version compatibility through the phpVersion parameter in .phpstan.dist.neon7-9 The specified range (8.2.0 to 8.4.99) defines the supported PHP versions for the plugin.
PHP Version Compatibility Matrix
| PHP Version | Minimum | Maximum | Analysis Mode |
|---|---|---|---|
| 8.2 | 8.2.0 (80200) | 8.2.999 | Strict type checking |
| 8.3 | 8.3.0 | 8.3.999 | Strict type checking |
| 8.4 | 8.4.0 | 8.4.99 (80499) | Strict type checking |
The PHPStan workflow uses php-version: latest .github/workflows/phpstan.yml24 to run analysis with the newest available PHP version, ensuring forward compatibility. The composer install --ignore-platform-req=ext-* flag .github/workflows/phpstan.yml42 bypasses extension requirements during CI execution, allowing analysis to proceed even if optional PHP extensions are unavailable in the GitHub Actions environment.
Sources: .phpstan.dist.neon7-9 .github/workflows/phpstan.yml22-42
The GitHub Actions workflows implement strict enforcement through multiple mechanisms:
push and pull_request triggersfail-fast: false .github/workflows/phpstan.yml14 ensures all checks complete even if one failsThis multi-gate approach ensures that:
Any workflow failure blocks the pull request merge, requiring developer remediation before code integration.
Sources: .github/workflows/phpstan.yml14-18 .github/workflows/composer.yml29-30
Refresh this wiki