Skip to content

Commit da11ef5

Browse files
authored
Merge pull request #303 from Kit/tests-phpstan-php-version
Tests: Fix PHPStan Missing Stubs
2 parents 0e73d84 + 5d8dda2 commit da11ef5

13 files changed

Lines changed: 108 additions & 75 deletions

.github/workflows/coding-standards.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -181,4 +181,4 @@ jobs:
181181
# Run PHPStan for static analysis.
182182
- name: Run PHPStan Static Analysis
183183
working-directory: ${{ env.PLUGIN_DIR }}
184-
run: php vendor/bin/phpstan analyse --memory-limit=1024M
184+
run: php vendor/bin/phpstan analyse --memory-limit=2G

.github/workflows/test-backward-compat.yml

Lines changed: 17 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ jobs:
9696
steps:
9797
- name: Define Test Group Name
9898
id: test-group
99-
uses: mad9000/actions-find-and-replace-string@5
99+
uses: mad9000/actions-find-and-replace-string@6
100100
with:
101101
source: ${{ matrix.test-groups }}
102102
find: '/'
@@ -244,9 +244,6 @@ jobs:
244244
- name: Start nginx
245245
run: sudo systemctl start nginx.service
246246

247-
- name: Install chromedriver
248-
uses: nanasess/setup-chromedriver@master
249-
250247
- name: Start chromedriver
251248
run: |
252249
export DISPLAY=:99
@@ -270,24 +267,22 @@ jobs:
270267
271268
# Write any secrets, such as API keys, to the .env.testing file now.
272269
- name: Define GitHub Secrets in .env.dist.testing
273-
uses: DamianReeves/write-file-action@v1.3
274-
with:
275-
path: ${{ env.PLUGIN_DIR }}/.env.testing
276-
contents: |
277-
STRIPE_TEST_PUBLISHABLE_KEY=${{ env.STRIPE_TEST_PUBLISHABLE_KEY }}
278-
STRIPE_TEST_SECRET_KEY=${{ env.STRIPE_TEST_SECRET_KEY }}
279-
CONVERTKIT_API_KEY=${{ env.CONVERTKIT_API_KEY }}
280-
CONVERTKIT_API_SECRET=${{ env.CONVERTKIT_API_SECRET }}
281-
CONVERTKIT_API_KEY_NO_DATA=${{ env.CONVERTKIT_API_KEY_NO_DATA }}
282-
CONVERTKIT_API_SECRET_NO_DATA=${{ env.CONVERTKIT_API_SECRET_NO_DATA }}
283-
CONVERTKIT_OAUTH_ACCESS_TOKEN=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN }}
284-
CONVERTKIT_OAUTH_REFRESH_TOKEN=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN }}
285-
CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA }}
286-
CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA }}
287-
CONVERTKIT_OAUTH_CLIENT_ID=${{ env.CONVERTKIT_OAUTH_CLIENT_ID }}
288-
CONVERTKIT_OAUTH_REDIRECT_URI=${{ env.CONVERTKIT_OAUTH_REDIRECT_URI }}
289-
KIT_OAUTH_REDIRECT_URI=${{ env.KIT_OAUTH_REDIRECT_URI }}
290-
write-mode: overwrite
270+
run: |
271+
cat > ${{ env.PLUGIN_DIR }}/.env.testing << 'ENVEOF'
272+
STRIPE_TEST_PUBLISHABLE_KEY=${{ env.STRIPE_TEST_PUBLISHABLE_KEY }}
273+
STRIPE_TEST_SECRET_KEY=${{ env.STRIPE_TEST_SECRET_KEY }}
274+
CONVERTKIT_API_KEY=${{ env.CONVERTKIT_API_KEY }}
275+
CONVERTKIT_API_SECRET=${{ env.CONVERTKIT_API_SECRET }}
276+
CONVERTKIT_API_KEY_NO_DATA=${{ env.CONVERTKIT_API_KEY_NO_DATA }}
277+
CONVERTKIT_API_SECRET_NO_DATA=${{ env.CONVERTKIT_API_SECRET_NO_DATA }}
278+
CONVERTKIT_OAUTH_ACCESS_TOKEN=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN }}
279+
CONVERTKIT_OAUTH_REFRESH_TOKEN=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN }}
280+
CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA }}
281+
CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA }}
282+
CONVERTKIT_OAUTH_CLIENT_ID=${{ env.CONVERTKIT_OAUTH_CLIENT_ID }}
283+
CONVERTKIT_OAUTH_REDIRECT_URI=${{ env.CONVERTKIT_OAUTH_REDIRECT_URI }}
284+
KIT_OAUTH_REDIRECT_URI=${{ env.KIT_OAUTH_REDIRECT_URI }}
285+
ENVEOF
291286
292287
# Installs wp-browser, Codeception, PHP CodeSniffer and anything else needed to run tests.
293288
- name: Run Composer

.github/workflows/test.yml

Lines changed: 17 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ jobs:
107107
steps:
108108
- name: Define Test Group Name
109109
id: test-group
110-
uses: mad9000/actions-find-and-replace-string@5
110+
uses: mad9000/actions-find-and-replace-string@6
111111
with:
112112
source: ${{ matrix.test-groups }}
113113
find: '/'
@@ -263,9 +263,6 @@ jobs:
263263
- name: Start nginx
264264
run: sudo systemctl start nginx.service
265265

266-
- name: Install chromedriver
267-
uses: nanasess/setup-chromedriver@master
268-
269266
- name: Start chromedriver
270267
run: |
271268
export DISPLAY=:99
@@ -289,24 +286,22 @@ jobs:
289286
290287
# Write any secrets, such as API keys, to the .env.testing file now.
291288
- name: Define GitHub Secrets in .env.dist.testing
292-
uses: DamianReeves/write-file-action@v1.3
293-
with:
294-
path: ${{ env.PLUGIN_DIR }}/.env.testing
295-
contents: |
296-
STRIPE_TEST_PUBLISHABLE_KEY=${{ env.STRIPE_TEST_PUBLISHABLE_KEY }}
297-
STRIPE_TEST_SECRET_KEY=${{ env.STRIPE_TEST_SECRET_KEY }}
298-
CONVERTKIT_API_KEY=${{ env.CONVERTKIT_API_KEY }}
299-
CONVERTKIT_API_SECRET=${{ env.CONVERTKIT_API_SECRET }}
300-
CONVERTKIT_API_KEY_NO_DATA=${{ env.CONVERTKIT_API_KEY_NO_DATA }}
301-
CONVERTKIT_API_SECRET_NO_DATA=${{ env.CONVERTKIT_API_SECRET_NO_DATA }}
302-
CONVERTKIT_OAUTH_ACCESS_TOKEN=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN }}
303-
CONVERTKIT_OAUTH_REFRESH_TOKEN=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN }}
304-
CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA }}
305-
CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA }}
306-
CONVERTKIT_OAUTH_CLIENT_ID=${{ env.CONVERTKIT_OAUTH_CLIENT_ID }}
307-
CONVERTKIT_OAUTH_REDIRECT_URI=${{ env.CONVERTKIT_OAUTH_REDIRECT_URI }}
308-
KIT_OAUTH_REDIRECT_URI=${{ env.KIT_OAUTH_REDIRECT_URI }}
309-
write-mode: overwrite
289+
run: |
290+
cat > ${{ env.PLUGIN_DIR }}/.env.testing << 'ENVEOF'
291+
STRIPE_TEST_PUBLISHABLE_KEY=${{ env.STRIPE_TEST_PUBLISHABLE_KEY }}
292+
STRIPE_TEST_SECRET_KEY=${{ env.STRIPE_TEST_SECRET_KEY }}
293+
CONVERTKIT_API_KEY=${{ env.CONVERTKIT_API_KEY }}
294+
CONVERTKIT_API_SECRET=${{ env.CONVERTKIT_API_SECRET }}
295+
CONVERTKIT_API_KEY_NO_DATA=${{ env.CONVERTKIT_API_KEY_NO_DATA }}
296+
CONVERTKIT_API_SECRET_NO_DATA=${{ env.CONVERTKIT_API_SECRET_NO_DATA }}
297+
CONVERTKIT_OAUTH_ACCESS_TOKEN=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN }}
298+
CONVERTKIT_OAUTH_REFRESH_TOKEN=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN }}
299+
CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_ACCESS_TOKEN_NO_DATA }}
300+
CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA=${{ env.CONVERTKIT_OAUTH_REFRESH_TOKEN_NO_DATA }}
301+
CONVERTKIT_OAUTH_CLIENT_ID=${{ env.CONVERTKIT_OAUTH_CLIENT_ID }}
302+
CONVERTKIT_OAUTH_REDIRECT_URI=${{ env.CONVERTKIT_OAUTH_REDIRECT_URI }}
303+
KIT_OAUTH_REDIRECT_URI=${{ env.KIT_OAUTH_REDIRECT_URI }}
304+
ENVEOF
310305
311306
# Installs wp-browser, Codeception, PHP CodeSniffer and anything else needed to run tests.
312307
- name: Run Composer

SECURITY.md

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
# Security Policy
2+
3+
This security policy applies to public projects under the [Kit organization](https://github.com/kit) on GitHub.
4+
5+
## Reporting a Vulnerability
6+
7+
If you discover a security vulnerability, please report via any of the below:
8+
9+
- [Kit](https://kit.com/report-vulnerability)
10+
- [PatchStack](https://patchstack.com/database/vdp/b599634b-6960-4d4b-bb14-bd00c08392b0)
11+
- [GitHub](https://github.com/Kit/convertkit-woocommerce/security/advisories)
12+
- [Email](mailto:security@kit.com)
13+
14+
Please do **not** report security issues publicly via GitHub issues or discussions. Security reports sent via the above channels be acknowledged within 48 hours.
15+
16+
## Security Disclosure Process
17+
18+
When reporting a security vulnerability, please include:
19+
20+
1. **Description** - A clear description of the vulnerability
21+
2. **Impact** - What kind of vulnerability it is and who it impacts
22+
3. **Reproduction** - Detailed steps to reproduce the issue
23+
4. **Proof of Concept** - If applicable, include proof-of-concept code
24+
5. **Suggested Fix** - If you have ideas for how to fix the issue
25+
26+
## Security Response Timeline
27+
28+
- **Initial Response**: Within 48 hours of receiving the report
29+
- **Investigation**: We will investigate and validate the reported vulnerability
30+
- **Fix Development**: Development of a patch or mitigation strategy
31+
- **Release**: Coordinated disclosure and release of security update
32+
- **Public Disclosure**: After users have had time to upgrade

composer.json

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,16 @@
44
"type": "project",
55
"license": "GPLv3",
66
"require": {
7-
"convertkit/convertkit-wordpress-libraries": "2.1.6"
7+
"convertkit/convertkit-wordpress-libraries": "2.1.7"
88
},
99
"require-dev": {
1010
"php-webdriver/webdriver": "^1.0",
1111
"wp-coding-standards/wpcs": "^3.0.0",
1212
"phpstan/phpstan": "^1.0 || ^2.0",
1313
"szepeviktor/phpstan-wordpress": "^1.0 || ^2.0",
1414
"lucatume/wp-browser": "^3.0 || ^4.0",
15-
"wp-cli/wp-cli": "^2.12"
15+
"wp-cli/wp-cli": "^2.12",
16+
"php-stubs/woocommerce-stubs": "^10.9"
1617
},
1718
"minimum-stability": "dev",
1819
"prefer-stable": true,
@@ -31,7 +32,7 @@
3132
"fix-css": "npm run fix:css",
3233
"lint-js": "npm run lint:js",
3334
"fix-js": "npm run fix:js",
34-
"phpstan": "vendor/bin/phpstan analyse --memory-limit=1250M",
35+
"phpstan": "vendor/bin/phpstan analyse --memory-limit=2G",
3536
"php-coding-standards": "vendor/bin/phpcs ./ -s -v",
3637
"fix-php-coding-standards": "vendor/bin/phpcbf ./ -s -v",
3738
"php-coding-standards-on-tests": "vendor/bin/phpcs ./tests --standard=phpcs.tests.xml -s -v",
@@ -40,7 +41,7 @@
4041
"fix-css-coding-standards": "npm run fix:css",
4142
"js-coding-standards": "npm run lint:js",
4243
"fix-js-coding-standards": "npm run fix:js",
43-
"php-static-analysis": "vendor/bin/phpstan analyse --memory-limit=1250M",
44+
"php-static-analysis": "vendor/bin/phpstan analyse --memory-limit=2G",
4445
"test": [
4546
"vendor/bin/codecept build @no_additional_args",
4647
"vendor/bin/codecept run EndToEnd @additional_args --fail-fast"

includes/class-ckwc-checkout.php

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -255,12 +255,18 @@ public function save_opt_in_checkbox_additional_field( $key, $value, $group, $wc
255255
return $value;
256256
}
257257

258-
// Store the value of the opt in checkbox in the `ckwc_opt_in` meta key,
259-
// as we do for the block and shortcode methods.
260-
$this->save_opt_in_for_order(
261-
$wc_object,
262-
(bool) $value
263-
);
258+
// Store the value of the opt in checkbox in the `ckwc_opt_in` meta key.
259+
// We can't use save_opt_in_for_order() here: this action fires while WooCommerce is
260+
// building the Store API Checkout Block order, before the order has been assigned an ID,
261+
// so that method's `OrderUtil::get_order_type( $order->get_id() )` guard would bail on a
262+
// zero ID. Instead set the meta directly on the order object. If the order already has an
263+
// ID we persist immediately; otherwise WooCommerce saves the order after additional fields
264+
// are set, which persists the meta for us.
265+
$wc_object->update_meta_data( 'ckwc_opt_in', ( (bool) $value ) ? 'yes' : 'no' );
266+
267+
if ( $wc_object->get_id() ) {
268+
$wc_object->save();
269+
}
264270

265271
// Return original value.
266272
return $value;

includes/class-ckwc-order.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -108,14 +108,14 @@ public function maybe_subscribe_customer( $order_id, $status_old = 'new', $statu
108108
// Get WooCommerce Order.
109109
$order = wc_get_order( $order_id );
110110

111-
// Bail if the Order does not require that we subscribe the Customer,
112-
// or the Customer was already subscribed.
113-
if ( ! $this->should_opt_in_customer( $order ) ) {
111+
// If no Order could be fetched, bail.
112+
if ( ! $order ) {
114113
return;
115114
}
116115

117-
// If no Order could be fetched, bail.
118-
if ( ! $order ) {
116+
// Bail if the Order does not require that we subscribe the Customer,
117+
// or the Customer was already subscribed.
118+
if ( ! $this->should_opt_in_customer( $order ) ) {
119119
return;
120120
}
121121

phpstan-dev.neon

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ parameters:
2929
# Location of constants, Kit helper functions and Kit WordPress Libraries for PHPStan to scan, building symbols.
3030
scanFiles:
3131
- /wp/wp-config.php
32+
- vendor/php-stubs/woocommerce-stubs/woocommerce-stubs.php
3233

3334
# Don't report unmatched ignored errors on older PHP versions (7.2, 7.3)
3435
reportUnmatchedIgnoredErrors: false

phpstan.neon.dist

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ parameters:
2929
# Location of constants for PHPStan to scan, building symbols.
3030
scanFiles:
3131
- /home/runner/work/convertkit-woocommerce/convertkit-woocommerce/wordpress/wp-config.php
32+
- vendor/php-stubs/woocommerce-stubs/woocommerce-stubs.php
3233

3334
# Don't report unmatched ignored errors on older PHP versions (7.2, 7.3)
3435
reportUnmatchedIgnoredErrors: false

phpstan.neon.example

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ parameters:
2121
# Files that include Plugin-specific PHP constants
2222
bootstrapFiles:
2323
- woocommerce-convertkit.php
24+
- vendor/php-stubs/woocommerce-stubs/woocommerce-stubs.php
2425

2526
# Location of WordPress Plugins for PHPStan to scan, building symbols.
2627
scanDirectories:

0 commit comments

Comments
 (0)