fix PHPStan and apply Rector rules

michalsn · michalsn · commit 7e35a0c38f5b · 2026-02-07T11:49:21.000+01:00
diff --git a/phpstan-baseline.php b/phpstan-baseline.php
@@ -1,13 +1,6 @@
 <?php declare(strict_types = 1);
 
 $ignoreErrors = [];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to deprecated function random_string():
-The type \'basic\', \'md5\', and \'sha1\' are deprecated. They are not cryptographically secure.',
-	'identifier' => 'function.deprecated',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Actions/Email2FA.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
 	'identifier' => 'codeigniter.factoriesClassConstFetch',
@@ -20,13 +13,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Authentication/Actions/Email2FA.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to deprecated function random_string():
-The type \'basic\', \'md5\', and \'sha1\' are deprecated. They are not cryptographically secure.',
-	'identifier' => 'function.deprecated',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Authentication/Actions/EmailActivator.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\UserIdentityModel::class is discouraged.',
 	'identifier' => 'codeigniter.factoriesClassConstFetch',
@@ -195,13 +181,6 @@
 	'count' => 9,
 	'path' => __DIR__ . '/src/Commands/User.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to deprecated function random_string():
-The type \'basic\', \'md5\', and \'sha1\' are deprecated. They are not cryptographically secure.',
-	'identifier' => 'function.deprecated',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Controllers/MagicLinkController.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\LoginModel::class is discouraged.',
 	'identifier' => 'codeigniter.factoriesClassConstFetch',
@@ -388,20 +367,6 @@
 	'count' => 1,
 	'path' => __DIR__ . '/src/Filters/TokenAuth.php',
 ];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to deprecated function random_string():
-The type \'basic\', \'md5\', and \'sha1\' are deprecated. They are not cryptographically secure.',
-	'identifier' => 'function.deprecated',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Models/TokenLoginModel.php',
-];
-$ignoreErrors[] = [
-	'rawMessage' => 'Call to deprecated function random_string():
-The type \'basic\', \'md5\', and \'sha1\' are deprecated. They are not cryptographically secure.',
-	'identifier' => 'function.deprecated',
-	'count' => 1,
-	'path' => __DIR__ . '/src/Models/UserIdentityModel.php',
-];
 $ignoreErrors[] = [
 	'rawMessage' => 'Call to function model with CodeIgniter\\Shield\\Models\\GroupModel::class is discouraged.',
 	'identifier' => 'codeigniter.factoriesClassConstFetch',
@@ -462,6 +427,18 @@
 	'count' => 8,
 	'path' => __DIR__ . '/tests/Authentication/Authenticators/SessionAuthenticatorTest.php',
 ];
+$ignoreErrors[] = [
+	'rawMessage' => 'Parameter #1 $headers of method Tests\\Authentication\\Filters\\AbstractFilterTestCase::withHeaders() expects array<string, CodeIgniter\\HTTP\\Header|list<CodeIgniter\\HTTP\\Header>>, array{Authorization: non-falsy-string} given.',
+	'identifier' => 'argument.type',
+	'count' => 7,
+	'path' => __DIR__ . '/tests/Authentication/Filters/HmacFilterTest.php',
+];
+$ignoreErrors[] = [
+	'rawMessage' => 'Parameter #1 $headers of method Tests\\Authentication\\Filters\\JWTFilterTest::withHeaders() expects array<string, CodeIgniter\\HTTP\\Header|list<CodeIgniter\\HTTP\\Header>>, array{Authorization: non-falsy-string} given.',
+	'identifier' => 'argument.type',
+	'count' => 1,
+	'path' => __DIR__ . '/tests/Authentication/Filters/JWTFilterTest.php',
+];
 $ignoreErrors[] = [
 	'rawMessage' => 'Implicit array creation is not allowed - variable $users might not exist.',
 	'identifier' => 'variable.implicitArray',
diff --git a/src/Authentication/Passwords/PwnedValidator.php b/src/Authentication/Passwords/PwnedValidator.php
@@ -44,8 +44,7 @@ public function check(string $password, ?User $user = null): Result
     {
         $hashedPword = strtoupper(sha1($password));
         $rangeHash   = substr($hashedPword, 0, 5);
-        /** @var string $searchHash */
-        $searchHash = substr($hashedPword, 5);
+        $searchHash  = substr($hashedPword, 5);
 
         try {
             $client = Services::curlrequest([
diff --git a/src/Models/UserIdentityModel.php b/src/Models/UserIdentityModel.php
@@ -13,6 +13,7 @@
 
 namespace CodeIgniter\Shield\Models;
 
+use CodeIgniter\Database\RawSql;
 use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\Authenticators\AccessTokens;
 use CodeIgniter\Shield\Authentication\Authenticators\HmacSha256;
@@ -567,8 +568,8 @@ public function forceGlobalPasswordReset(): void
      * Override the Model's `update()` method.
      * Throws an Exception when it fails.
      *
-     * @param array|int|string|null $id
-     * @param array|object|null     $row
+     * @param int|list<int|string>|RawSql|string|null $id
+     * @param array|object|null                       $row
      *
      * @return true if the update is successful
      *
diff --git a/src/Models/UserModel.php b/src/Models/UserModel.php
@@ -14,6 +14,7 @@
 namespace CodeIgniter\Shield\Models;
 
 use CodeIgniter\Database\Exceptions\DataException;
+use CodeIgniter\Database\RawSql;
 use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\Authenticators\Session;
 use CodeIgniter\Shield\Entities\User;
@@ -416,8 +417,8 @@ public function insert($row = null, bool $returnID = true)
      * Override the BaseModel's `update()` method.
      * If you pass User object, also updates Email Identity.
      *
-     * @param array|int|string|null $id
-     * @param array|User            $row
+     * @param int|list<int|string>|RawSql|string|null $id
+     * @param array|User                              $row
      *
      * @return true if the update is successful
      *
diff --git a/tests/Unit/UserModelTest.php b/tests/Unit/UserModelTest.php
@@ -154,6 +154,7 @@ public function testSaveUpdateUserObjectWithUserDataToUpdate(): void
         $user->username = 'bar';
         $user->email    = 'bar@bar.com';
         $user->active   = true;
+        $this->assertInstanceOf(User::class, $user);
 
         $users->save($user);
 
@@ -178,6 +179,7 @@ public function testUpdateUserObjectWithUserDataToUpdate(): void
         $user->username = 'bar';
         $user->email    = 'bar@bar.com';
         $user->active   = true;
+        $this->assertInstanceOf(User::class, $user);
 
         $users->update($user->id, $user);
 
@@ -238,6 +240,7 @@ public function testSaveUpdateUserObjectWithoutUserDataToUpdate(): void
         $user = $users->findByCredentials(['email' => 'foo@bar.com']);
 
         $user->email = 'bar@bar.com';
+        $this->assertInstanceOf(User::class, $user);
 
         $users->save($user);
 
@@ -256,6 +259,7 @@ public function testUpdateUserObjectWithoutUserDataToUpdate(): void
         $user = $users->findByCredentials(['email' => 'foo@bar.com']);
 
         $user->email = 'bar@bar.com';
+        $this->assertInstanceOf(User::class, $user);
 
         $users->update(null, $user);
 

Original file line number	Diff line number	Diff line change
`@@ -44,8 +44,7 @@ public function check(string $password, ?User $user = null): Result`
`44`	`44`	`{`
`45`	`45`	`$hashedPword = strtoupper(sha1($password));`
`46`	`46`	`$rangeHash = substr($hashedPword, 0, 5);`
`47`		`- /** @var string $searchHash */`
`48`		`- $searchHash = substr($hashedPword, 5);`
	`47`	`+ $searchHash = substr($hashedPword, 5);`
`49`	`48`
`50`	`49`	`try {`
`51`	`50`	`$client = Services::curlrequest([`
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@`
`13`	`13`
`14`	`14`	`namespace CodeIgniter\Shield\Models;`
`15`	`15`
	`16`	`+use CodeIgniter\Database\RawSql;`
`16`	`17`	`use CodeIgniter\I18n\Time;`
`17`	`18`	`use CodeIgniter\Shield\Authentication\Authenticators\AccessTokens;`
`18`	`19`	`use CodeIgniter\Shield\Authentication\Authenticators\HmacSha256;`
`@@ -567,8 +568,8 @@ public function forceGlobalPasswordReset(): void`
`567`	`568`	* Override the Model's `update()` method.
`568`	`569`	`* Throws an Exception when it fails.`
`569`	`570`	`*`
`570`		`- * @param array\|int\|string\|null $id`
`571`		`- * @param array\|object\|null $row`
	`571`	`+ * @param int\|list<int\|string>\|RawSql\|string\|null $id`
	`572`	`+ * @param array\|object\|null $row`
`572`	`573`	`*`
`573`	`574`	`* @return true if the update is successful`
`574`	`575`	`*`
Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`	`namespace CodeIgniter\Shield\Models;`
`15`	`15`
`16`	`16`	`use CodeIgniter\Database\Exceptions\DataException;`
	`17`	`+use CodeIgniter\Database\RawSql;`
`17`	`18`	`use CodeIgniter\I18n\Time;`
`18`	`19`	`use CodeIgniter\Shield\Authentication\Authenticators\Session;`
`19`	`20`	`use CodeIgniter\Shield\Entities\User;`
`@@ -416,8 +417,8 @@ public function insert($row = null, bool $returnID = true)`
`416`	`417`	* Override the BaseModel's `update()` method.
`417`	`418`	`* If you pass User object, also updates Email Identity.`
`418`	`419`	`*`
`419`		`- * @param array\|int\|string\|null $id`
`420`		`- * @param array\|User $row`
	`420`	`+ * @param int\|list<int\|string>\|RawSql\|string\|null $id`
	`421`	`+ * @param array\|User $row`
`421`	`422`	`*`
`422`	`423`	`* @return true if the update is successful`
`423`	`424`	`*`