From 07c1b862ced2d7205c90c8fee5c3048bbe9f92d8 Mon Sep 17 00:00:00 2001 From: Sven Mitt Date: Mon, 11 May 2026 11:06:14 +0300 Subject: [PATCH] build(deps): bump dependencies to most recent versions, fix 8.5 deprections, keep php 8.1 compatibility and add workflow to run tests using php 8.1-8.5 WE2-919 Signed-off-by: Sven Mitt --- .github/workflows/php.yml | 10 ++++++--- composer.json | 4 ++-- composer.lock | 22 +++++++++---------- example/composer.lock | 18 +++++++-------- src/exceptions/AuthTokenException.php | 2 +- src/exceptions/AuthTokenParseException.php | 2 +- .../CertificateNotTrustedException.php | 2 +- src/exceptions/OCSPCertificateException.php | 2 +- ...serCertificateOCSPCheckFailedException.php | 2 +- .../UserCertificateRevokedException.php | 2 +- src/validator/AuthTokenValidatorBuilder.php | 2 +- src/validator/AuthTokenValidatorImpl.php | 2 +- .../SubjectCertificateNotRevokedValidator.php | 2 +- .../SubjectCertificatePolicyValidator.php | 2 +- .../SubjectCertificatePurposeValidator.php | 2 +- .../SubjectCertificateTrustedValidator.php | 2 +- tests/ocsp/OcspRequestTest.php | 2 -- tests/ocsp/OcspResponseTest.php | 8 ------- tests/util/AsnUtilTest.php | 2 +- ...jectCertificateNotRevokedValidatorTest.php | 1 - 20 files changed, 42 insertions(+), 49 deletions(-) diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index 353dbc8..01bff87 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -14,12 +14,16 @@ jobs: runs-on: ubuntu-latest + strategy: + matrix: + php-version: [ '8.1', '8.2', '8.3', '8.4', '8.5' ] + steps: - uses: actions/checkout@v4 - uses: shivammathur/setup-php@v2 with: - php-version: '8.2' + php-version: ${{ matrix.php-version }} - name: Validate composer.json and composer.lock run: composer validate --strict @@ -29,9 +33,9 @@ jobs: uses: actions/cache@v4 with: path: vendor - key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} + key: ${{ runner.os }}-php-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }} restore-keys: | - ${{ runner.os }}-php- + ${{ runner.os }}-php-${{ matrix.php-version }}- - name: Install dependencies run: composer install --prefer-dist --no-progress diff --git a/composer.json b/composer.json index 1343370..6230679 100644 --- a/composer.json +++ b/composer.json @@ -10,7 +10,7 @@ } ], "require-dev": { - "phpunit/phpunit": "^10.5" + "phpunit/phpunit": "^10.5 || ^11.5 || ^12.5 || ^13" }, "autoload": { "psr-4": { @@ -26,7 +26,7 @@ } }, "require": { - "php": "^8.1.0", + "php": ">=8.1", "phpseclib/phpseclib": "^3.0.0", "guzzlehttp/psr7": "^2.6.0", "psr/log": "^3.0.0" diff --git a/composer.lock b/composer.lock index cf78847..ecd189a 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "e1dc891a146ebcf5e3d281ed1ee661ec", + "content-hash": "06a60bf5c664ea446c1588bc886b8552", "packages": [ { "name": "guzzlehttp/psr7", @@ -244,16 +244,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.51", + "version": "3.0.52", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2adaefc83df2ec548558307690f376dd7d4f4fce", + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce", "shasum": "" }, "require": { @@ -334,7 +334,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.52" }, "funding": [ { @@ -350,7 +350,7 @@ "type": "tidelift" } ], - "time": "2026-04-10T01:33:53+00:00" + "time": "2026-04-27T07:02:15+00:00" }, { "name": "psr/http-factory", @@ -2228,12 +2228,12 @@ ], "aliases": [], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": {}, "prefer-stable": false, "prefer-lowest": false, "platform": { - "php": "^8.1.0" + "php": ">=8.1" }, - "platform-dev": [], - "plugin-api-version": "2.2.0" + "platform-dev": {}, + "plugin-api-version": "2.9.0" } diff --git a/example/composer.lock b/example/composer.lock index 5b1c691..d4bf4ff 100644 --- a/example/composer.lock +++ b/example/composer.lock @@ -302,16 +302,16 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.51", + "version": "3.0.52", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748" + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/d59c94077f9c9915abb51ddb52ce85188ece1748", - "reference": "d59c94077f9c9915abb51ddb52ce85188ece1748", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/2adaefc83df2ec548558307690f376dd7d4f4fce", + "reference": "2adaefc83df2ec548558307690f376dd7d4f4fce", "shasum": "" }, "require": { @@ -392,7 +392,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.51" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.52" }, "funding": [ { @@ -408,7 +408,7 @@ "type": "tidelift" } ], - "time": "2026-04-10T01:33:53+00:00" + "time": "2026-04-27T07:02:15+00:00" }, { "name": "psr/http-factory", @@ -667,12 +667,12 @@ "packages-dev": [], "aliases": [], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": {}, "prefer-stable": false, "prefer-lowest": false, "platform": { "php": ">=8.1" }, - "platform-dev": [], - "plugin-api-version": "2.2.0" + "platform-dev": {}, + "plugin-api-version": "2.9.0" } diff --git a/src/exceptions/AuthTokenException.php b/src/exceptions/AuthTokenException.php index f615469..440c332 100644 --- a/src/exceptions/AuthTokenException.php +++ b/src/exceptions/AuthTokenException.php @@ -38,7 +38,7 @@ abstract class AuthTokenException extends Exception * @param int $code — [optional] The Exception code * @param \Throwable|null $cause */ - public function __construct($message, Throwable $cause = null) + public function __construct($message, ?Throwable $cause = null) { if (is_null($cause)) { diff --git a/src/exceptions/AuthTokenParseException.php b/src/exceptions/AuthTokenParseException.php index 27ba5df..e9cbb01 100644 --- a/src/exceptions/AuthTokenParseException.php +++ b/src/exceptions/AuthTokenParseException.php @@ -30,7 +30,7 @@ class AuthTokenParseException extends AuthTokenException { - public function __construct(string $message, Throwable $cause = null) + public function __construct(string $message, ?Throwable $cause = null) { parent::__construct($message, $cause); } diff --git a/src/exceptions/CertificateNotTrustedException.php b/src/exceptions/CertificateNotTrustedException.php index 005d17a..dedb33c 100644 --- a/src/exceptions/CertificateNotTrustedException.php +++ b/src/exceptions/CertificateNotTrustedException.php @@ -33,7 +33,7 @@ class CertificateNotTrustedException extends AuthTokenException { - public function __construct(X509 $certificate, Throwable $cause = null) + public function __construct(X509 $certificate, ?Throwable $cause = null) { parent::__construct("Certificate " . $certificate->getSubjectDN(X509::DN_STRING) . " is not trusted", $cause); } diff --git a/src/exceptions/OCSPCertificateException.php b/src/exceptions/OCSPCertificateException.php index c648259..b31d100 100644 --- a/src/exceptions/OCSPCertificateException.php +++ b/src/exceptions/OCSPCertificateException.php @@ -33,7 +33,7 @@ */ class OCSPCertificateException extends AuthTokenException { - public function __construct(string $message, Throwable $exception = null) + public function __construct(string $message, ?Throwable $exception = null) { parent::__construct($message, $exception); } diff --git a/src/exceptions/UserCertificateOCSPCheckFailedException.php b/src/exceptions/UserCertificateOCSPCheckFailedException.php index 41c1f91..1c2b8a8 100644 --- a/src/exceptions/UserCertificateOCSPCheckFailedException.php +++ b/src/exceptions/UserCertificateOCSPCheckFailedException.php @@ -31,7 +31,7 @@ */ class UserCertificateOCSPCheckFailedException extends AuthTokenException { - public function __construct(string $message, Throwable $cause = null) + public function __construct(string $message, ?Throwable $cause = null) { parent::__construct("User certificate revocation check has failed: " . $message, $cause); } diff --git a/src/exceptions/UserCertificateRevokedException.php b/src/exceptions/UserCertificateRevokedException.php index 37c0695..b6c0dc5 100644 --- a/src/exceptions/UserCertificateRevokedException.php +++ b/src/exceptions/UserCertificateRevokedException.php @@ -31,7 +31,7 @@ */ class UserCertificateRevokedException extends AuthTokenException { - public function __construct(string $message = null) + public function __construct(?string $message = null) { if (is_null($message)) { parent::__construct("User certificate has been revoked"); diff --git a/src/validator/AuthTokenValidatorBuilder.php b/src/validator/AuthTokenValidatorBuilder.php index 4a50702..ce666b8 100644 --- a/src/validator/AuthTokenValidatorBuilder.php +++ b/src/validator/AuthTokenValidatorBuilder.php @@ -37,7 +37,7 @@ class AuthTokenValidatorBuilder private AuthTokenValidationConfiguration $configuration; private $logger; - public function __construct(LoggerInterface $logger = null) + public function __construct(?LoggerInterface $logger = null) { $this->configuration = new AuthTokenValidationConfiguration(); $this->logger = $logger; diff --git a/src/validator/AuthTokenValidatorImpl.php b/src/validator/AuthTokenValidatorImpl.php index 75ed84a..d03cb91 100644 --- a/src/validator/AuthTokenValidatorImpl.php +++ b/src/validator/AuthTokenValidatorImpl.php @@ -64,7 +64,7 @@ final class AuthTokenValidatorImpl implements AuthTokenValidator /** * @copyright 2022 Petr Muzikant pmuzikant@email.cz */ - public function __construct(AuthTokenValidationConfiguration $configuration, LoggerInterface $logger = null) + public function __construct(AuthTokenValidationConfiguration $configuration, ?LoggerInterface $logger = null) { $this->logger = $logger; $this->configuration = $configuration; diff --git a/src/validator/certvalidators/SubjectCertificateNotRevokedValidator.php b/src/validator/certvalidators/SubjectCertificateNotRevokedValidator.php index ca7391d..907d56f 100644 --- a/src/validator/certvalidators/SubjectCertificateNotRevokedValidator.php +++ b/src/validator/certvalidators/SubjectCertificateNotRevokedValidator.php @@ -54,7 +54,7 @@ public function __construct(SubjectCertificateTrustedValidator $trustValidator, OcspServiceProvider $ocspServiceProvider, int $allowedOcspResponseTimeSkew, int $maxOcspResponseThisUpdateAge, - LoggerInterface $logger = null) + ?LoggerInterface $logger = null) { $this->logger = $logger; $this->trustValidator = $trustValidator; diff --git a/src/validator/certvalidators/SubjectCertificatePolicyValidator.php b/src/validator/certvalidators/SubjectCertificatePolicyValidator.php index b1ccc70..9416507 100644 --- a/src/validator/certvalidators/SubjectCertificatePolicyValidator.php +++ b/src/validator/certvalidators/SubjectCertificatePolicyValidator.php @@ -33,7 +33,7 @@ final class SubjectCertificatePolicyValidator implements SubjectCertificateValid private $disallowedSubjectCertificatePolicyIds = []; private $logger; - public function __construct(array $disallowedSubjectCertificatePolicyIds, LoggerInterface $logger = null) + public function __construct(array $disallowedSubjectCertificatePolicyIds, ?LoggerInterface $logger = null) { $this->logger = $logger; $this->disallowedSubjectCertificatePolicyIds = $disallowedSubjectCertificatePolicyIds; diff --git a/src/validator/certvalidators/SubjectCertificatePurposeValidator.php b/src/validator/certvalidators/SubjectCertificatePurposeValidator.php index 9a94364..31d3d79 100644 --- a/src/validator/certvalidators/SubjectCertificatePurposeValidator.php +++ b/src/validator/certvalidators/SubjectCertificatePurposeValidator.php @@ -39,7 +39,7 @@ final class SubjectCertificatePurposeValidator implements SubjectCertificateVali private const EXTENDED_KEY_USAGE_CLIENT_AUTHENTICATION = "id-kp-clientAuth"; private $logger; - public function __construct(LoggerInterface $logger = null) + public function __construct(?LoggerInterface $logger = null) { $this->logger = $logger; } diff --git a/src/validator/certvalidators/SubjectCertificateTrustedValidator.php b/src/validator/certvalidators/SubjectCertificateTrustedValidator.php index 799e4c4..ef11874 100644 --- a/src/validator/certvalidators/SubjectCertificateTrustedValidator.php +++ b/src/validator/certvalidators/SubjectCertificateTrustedValidator.php @@ -36,7 +36,7 @@ final class SubjectCertificateTrustedValidator implements SubjectCertificateVali private X509 $subjectCertificateIssuerCertificate; private $logger; - public function __construct(TrustedCertificates $trustedCACertificates, LoggerInterface $logger = null) + public function __construct(TrustedCertificates $trustedCACertificates, ?LoggerInterface $logger = null) { $this->logger = $logger; $this->trustedCACertificates = $trustedCACertificates; diff --git a/tests/ocsp/OcspRequestTest.php b/tests/ocsp/OcspRequestTest.php index cbcc705..1198a83 100644 --- a/tests/ocsp/OcspRequestTest.php +++ b/tests/ocsp/OcspRequestTest.php @@ -75,7 +75,6 @@ public function testWhenAddCertificateIdSuccess(): void $reflection = new ReflectionClass(get_class($request)); $property = $reflection->getProperty('ocspRequest'); - $property->setAccessible(true); $this->assertEquals($this->getExpectedRequestWithCertID(), $property->getValue($request)); } @@ -87,7 +86,6 @@ public function testWhenAddNonceExtensionSuccess(): void $reflection = new ReflectionClass(get_class($request)); $property = $reflection->getProperty('ocspRequest'); - $property->setAccessible(true); $this->assertEquals($this->getExpectedWithNonce(), $property->getValue($request)); } diff --git a/tests/ocsp/OcspResponseTest.php b/tests/ocsp/OcspResponseTest.php index 1c3e108..d936315 100644 --- a/tests/ocsp/OcspResponseTest.php +++ b/tests/ocsp/OcspResponseTest.php @@ -130,7 +130,6 @@ public function testWhenResponseTypeNotBasicResponseThrows(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['responseType'] = "responseType"; $property->setValue($response, $mockResponse); @@ -147,7 +146,6 @@ public function testWhenMissingResponseThrows(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response'] = null; $property->setValue($response, $mockResponse); @@ -168,7 +166,6 @@ public function testWhenNoCertificatesInResponseThrows(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['certs'] = []; @@ -190,7 +187,6 @@ public function testWhenResponseSignatureIsNotValidThrows(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['signature'] = "somesignature"; @@ -205,7 +201,6 @@ public function testWhenSignatureAlgorithmIsSha3(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['signatureAlgorithm']['algorithm'] = "NNNsha3-256NNN"; $property->setValue($response, $mockResponse); @@ -225,7 +220,6 @@ public function testWhenSignatureAlgorithmIsNotSupportedThenThrows(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['signatureAlgorithm']['algorithm'] = "someAlgo"; $property->setValue($response, $mockResponse); @@ -241,7 +235,6 @@ public function testWhenNextUpdateInResponse(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['tbsResponseData']['responses'][0]['nextUpdate'] = 'Fri, 17 Sep 2021 18:25:24 +0000'; $property->setValue($response, $mockResponse); @@ -258,7 +251,6 @@ public function testWhenNonceExtensionDoesNotExistNullShouldReturned(): void $reflection = new ReflectionClass(get_class($response)); $property = $reflection->getProperty('ocspResponse'); - $property->setAccessible(true); $mockResponse = $property->getValue($response); $mockResponse['responseBytes']['response']['tbsResponseData']['responseExtensions'][0]['extnId'] = "id-pkix-ocsp-nonce1"; $property->setValue($response, $mockResponse); diff --git a/tests/util/AsnUtilTest.php b/tests/util/AsnUtilTest.php index 8e0bff4..5861a98 100644 --- a/tests/util/AsnUtilTest.php +++ b/tests/util/AsnUtilTest.php @@ -35,7 +35,7 @@ public function testTranscodeSignatureToDer(): void $result = AsnUtil::transcodeSignatureToDER($decodedSignature); $valueArr = []; for ($i = 0; $i < strlen($result); $i++) { - $valueArr[$i] = ord(substr($result, $i)); + $valueArr[$i] = ord($result[$i]); } // First byte value $this->assertEquals($valueArr[0], 48); diff --git a/tests/validator/certvalidators/SubjectCertificateNotRevokedValidatorTest.php b/tests/validator/certvalidators/SubjectCertificateNotRevokedValidatorTest.php index d4eebe0..5bb86ec 100644 --- a/tests/validator/certvalidators/SubjectCertificateNotRevokedValidatorTest.php +++ b/tests/validator/certvalidators/SubjectCertificateNotRevokedValidatorTest.php @@ -373,7 +373,6 @@ private function getSubjectCertificateNotRevokedValidator(OcspServiceProvider $o private static function setSubjectCertificateIssuerCertificate(SubjectCertificateTrustedValidator $trustedValidator): void { $reflector = new ReflectionProperty(SubjectCertificateTrustedValidator::class, 'subjectCertificateIssuerCertificate'); - $reflector->setAccessible(true); $reflector->setValue($trustedValidator, Certificates::getTestEsteid2018CA()); } }