PHP 8.4:
- Change implicit nullable type declaration to explicit
- Only set `session.sid_bits_per_character` for PHP < 8.4
PHP 8.5:
- Remove no-op `ReflectionProperty::setAccessible()` calls
- Replace backtick operator with `shell_exec()`
- Avoid passing `null` as key in `array_key_exists()`
- Avoid passing `null` to non-nullable parameters in built-in functions
- Use `Pdo\Mysql` driver-specific constants
Other compatibility fixes:
- Avoid passing `null` as `ipl\Html` form element `$name`
- Use latest PHPUnit version
Remove errors no longer reported. Since PHP 7.x is no longer supported, remove
the 7.x baseline. It is now no longer necessary to have multiple baseline
files.
Replace deprecated `PDO::MYSQL_*` constant usage with the driver-specific
`Pdo\Mysql::ATTR_*` constants introduced in PHP 8.4.
This prepares the code for PHP 8.5, where accessing MySQL driver constants
through the generic `PDO` class is deprecated.
This change requires a compatibility shim on older PHP versions to provide
`Pdo\Mysql` for runtimes that do not expose the driver-specific class yet. The
shim is provided in `ipl-sql`. As a consequence, the required version of the
Icinga PHP library has been raised.
Forward compatibility fix: `ipl\Html` will introduce strict types, which
declares `$name` as string. Passing `null` will result in a `TypeError` once
strict types are enforced.
PHP 8.4 has deprecated `session.sid_bits_per_character` along with
`session.sid_length`, as part of a broader effort to standardize session ID
generation for improved security and interoperability.
`ReflectionProperty::setAccessible()` has had no effect since PHP 8.1, as all
properties are accessible via reflection by default. The method is deprecated
as of PHP 8.5.
Since PHP 8.4 implicitly nullable parameter types are deprecated.
Normalize scoped PHPDoc for nullable-parameter updates: use `?Type` instead of
`Type|null`, remove column alignment, and indent continuation lines with 2
spaces.
Co-authored-by: "Eric Lippmann <eric.lippmann@icinga.com>"
"even if already authenticated in Icinga Web" already made one colleague
thinking `onLogin()` is called even during authentication from session.
Latter is not true and not desired by hook providers, e.g.
`icinga-notifications-web`.
Currently, as authenticated user, I can't even use
`/authentication/login`. It redirects me to the dashboard.
Introduces `LoginButtonHook`, a new hook for rendering additional buttons
below the login form. Extend this class to display custom buttons on the
Icinga Web login page — useful for alternative authentication flows such
as SSO. Register your implementation by calling
`YourLoginButtons::register()` during module initialization.
Replaced the unused `Zend_Config_Exception` with a more appropriate
`NotWritableError` in `IniWriter::write()`.
- The old `Zend_Config_Exception` was never caught anywhere in the
codebase.
- Changed to `NotWritableError` to better reflect file permission and
write issues.
- Added `@` suppression to the `file_put_contents()` call so that the
method can throw `NotWritableError` instead of crashing on PHP warnings.
This is preparation for a GitHub action to streamline tests, which
* expects the `phpunit.xml` configuration at the root level, and
* installs dependencies via `composer`.
Proof that the same number of tests are run after moving the
configuration file:
*
[main](https://github.com/Icinga/icingaweb2/actions/runs/18972121136/job/54182208796#step:6:243)
* [this
PR](https://github.com/Icinga/icingaweb2/actions/runs/19137281980/job/54692472598#step:6:243)
Rationale for introducing `composer`:
GitHub Actions for this repository and any other module that requires
Mockery must specify this dependency themselves. Module tests require
Icinga Web anyway, so all (development) dependencies and any changes to
them should be automatically applied instead of having to adjust each
individual module affected. If we eventually upload our library bundles
to Packagist as well, we could also specify them in `composer.json` once
instead of having to require them in every action.
PHP_CodeSniffer 4.0 renamed the class name NotCamelCaps to
NotPascalCase.
Reference:
https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Version-4.0-User-Upgrade-Guide#upgrading-5
Because of this change, our current configuration was no longer
compatible.
I tested the update inside a Docker container: after switching to the
new class name `NotPascalCase`, the error message disappeared and the
rules are applied as expected.
