fix(psalm): Enable findUnusedBaselineEntry

Signed-off-by: provokateurin <kate@provokateurin.de>
7 months ago · 6fd17994fb
parent 77c1db0cd6
commit 6fd17994fb
4 changed files with 2 additions and 123 deletions
--- a/.github/workflows/static-code-analysis.yml
+++ b/.github/workflows/static-code-analysis.yml
@ -66,7 +66,7 @@ jobs:
        run: composer i

      - name: Psalm taint analysis
-        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
+        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis --ignore-baseline

      - name: Upload Security Analysis results to GitHub
        if: always()
--- a/.github/workflows/update-psalm-baseline-approve-merge.yml
+++ b/.github/workflows/update-psalm-baseline-approve-merge.yml
@ -1,52 +0,0 @@
-# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: Auto approve psalm baseline update
-
-on:
-  pull_request_target:
-    branches:
-      - main
-      - master
-      - stable*
-
-permissions:
-  contents: read
-
-concurrency:
-  group: update-psalm-baseline-approve-merge-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  auto-approve-merge:
-    if: github.actor == 'nextcloud-command'
-    runs-on: ubuntu-latest-low
-    permissions:
-      # for hmarr/auto-approve-action to approve PRs
-      pull-requests: write
-      # for alexwilson/enable-github-automerge-action to approve PRs
-      contents: write
-
-    steps:
-      - name: Disabled on forks
-        if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
-        run: |
-          echo 'Can not approve PRs from forks'
-          exit 1
-
-      - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
-        id: branchname
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-
-      # GitHub actions bot approve
-      - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
-        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-
-      # Enable GitHub auto merge
-      - name: Auto merge
-        uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # main
-        if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-psalm-baseline')
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/update-psalm-baseline.yml
+++ b/.github/workflows/update-psalm-baseline.yml
@ -1,69 +0,0 @@
-# SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors
-# SPDX-License-Identifier: MIT
-name: Update Psalm baseline
-
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: "5 2 * * *"
-
-jobs:
-  update-psalm-baseline:
-    runs-on: ubuntu-latest
-
-    if: ${{ github.repository_owner != 'nextcloud-gmbh' }}
-
-    strategy:
-      fail-fast: false
-      matrix:
-        branches: ['master', 'stable30', 'stable29', 'stable28']
-
-    name: update-psalm-baseline-${{ matrix.branches }}
-
-    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
-        with:
-          ref: ${{ matrix.branches }}
-          submodules: true
-
-      - name: Set up php
-        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 #v2.31.1
-        with:
-          php-version: '8.1'
-          extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
-          coverage: none
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Composer install
-        run: composer install
-
-      - name: Psalm
-        run: composer run psalm:ci -- --monochrome --no-progress --output-format=text --update-baseline
-        continue-on-error: true
-
-      - name: Psalm OCP
-        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
-        continue-on-error: true
-
-      - name: Reset composer
-        run: |
-          git clean -f lib/composer
-          git checkout composer.json composer.lock lib/composer
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c
-        with:
-          token: ${{ secrets.COMMAND_BOT_PAT }}
-          commit-message: 'chore(tests): Update psalm baseline'
-          committer: GitHub <noreply@github.com>
-          author: nextcloud-command <nextcloud-command@users.noreply.github.com>
-          signoff: true
-          branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
-          title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
-          body: |
-            Auto-generated update psalm-baseline.xml with fixed psalm warnings
-          labels: |
-            automated pr
-            3. to review
-          team-reviewers: server-backend
--- a/psalm.xml
+++ b/psalm.xml
@ -10,7 +10,7 @@
 	xmlns="https://getpsalm.org/schema/config"
 	xsi:schemaLocation="https://getpsalm.org/schema/config https://getpsalm.org/schema/config"
 	errorBaseline="build/psalm-baseline.xml"
-	findUnusedBaselineEntry="false"
+	findUnusedBaselineEntry="true"
 	findUnusedCode="false"
 	phpVersion="8.1"
 >