Merge branch... (216ddd1b) · Commits · to be continuous... / PHP

README.md

+4 −4

Original line number	Diff line number	Diff line
		@@ -57,17 +57,17 @@ gd zip

		This job performs [PHPUnit](https://phpunit.readthedocs.io/) tests.

		It is bound to the `build` stage, and is automatically enabled if a PHPUnit [XML configuration file](https://phpunit.readthedocs.io/en/9.5/configuration.html#appendixes-configuration)
		It is bound to the `build` stage, and is automatically enabled if a PHPUnit [XML configuration file](https://docs.phpunit.de/en/10.2/configuration.html)
		is found in the project (`phpunit.xml` or `phpunit.xml.dist`).

		It uses the following variable:

		\| Name \| description \| default value \|
		\| --------------------- \| ---------------------------------------- \| ----------------- \|
		\| `PHP_UNIT_ARGS` \| Additional PHPUnit [options](https://phpunit.readthedocs.io/en/9.5/textui.html#command-line-options) \| _none_ \|
		\| `PHP_UNIT_ARGS` \| Additional PHPUnit [options](https://docs.phpunit.de/en/10.2/textui.html#command-line-options) \| _none_ \|
		\| `PHP_UNIT_DISABLED` \| Set to `true` to disable PHPUnit test (if some `phpunit.xml` or `phpunit.xml.dist` file unintentionally triggers the build) \| _none_ (auto based on presence of `phpunit.xml` or `phpunit.xml.dist` file) \|

		:warning: in order to be able to compute [code coverage](https://phpunit.readthedocs.io/en/9.5/code-coverage-analysis.html),
		:warning: in order to be able to compute [code coverage](https://docs.phpunit.de/en/10.2/code-coverage.html),
		your project shall have a (dev) dependency to [`php-code-coverage`](https://github.com/sebastianbergmann/php-code-coverage).

		In addition to a textual report in the console, this job produces the following reports, kept for one day:
		@@ -137,7 +137,7 @@ It is bound to the `test` stage, and uses the following variables:
		\| --------------------- \| -------------------------------------- \| ----------------- \|
		\| `PHP_SBOM_DISABLED` \| Set to `true` to disable this job \| _none_ \|
		\| `PHP_SBOM_VERSION` \| The version of @cyclonedx/cyclonedx-php used to emit SBOM \| _none_ (uses latest) \|
		\| `PHP_SBOM_OPTS` \| [@cyclonedx/cyclonedx-php options](https://github.com/CycloneDX/cyclonedx-php-composer#usage) used for SBOM analysis \| `--exclude-plugins --exclude-dev` \|
		\| `PHP_SBOM_OPTS` \| [@cyclonedx/cyclonedx-php options](https://github.com/CycloneDX/cyclonedx-php-composer#usage) used for SBOM analysis \| _none_ \|

		### `php-outdated` job

kicker.json

+0 −1

Original line number	Diff line number	Diff line
		@@ -57,7 +57,6 @@
		{
		"name": "PHP_SBOM_OPTS",
		"description": "[`cyclonedx/cyclonedx-php` options](https://github.com/CycloneDX/cyclonedx-php-composer#usage) used for SBOM analysis",
		"default": "--exclude-plugins --exclude-dev",
		"advanced": true
		}
		]

templates/gitlab-ci-php.yml

+1 −2

Original line number	Diff line number	Diff line
		@@ -64,7 +64,6 @@ variables:
		PHP_PROJECT_DIR: "."

		# Version of the cyclonedx/cyclonedx-php-composer used for SBOM analysis
		PHP_SBOM_OPTS: "--exclude-plugins --exclude-dev"
		PHP_OUTDATED_OPTS: "--direct"
		PHP_COMPOSER_AUDIT_OPTS: "--locked"

		@@ -369,7 +368,7 @@ php-sbom:
		- mkdir -p -m 777 reports
		- docomposer global config --no-plugins allow-plugins.cyclonedx/cyclonedx-php-composer true
		- docomposer global require "cyclonedx/cyclonedx-php-composer${PHP_SBOM_VERSION:+:$PHP_SBOM_VERSION}"
		- docomposer make-bom --output-file=reports/php-sbom.cyclonedx.json --output-format=JSON --no-interaction $PHP_SBOM_OPTS
		- docomposer CycloneDX:make-sbom --output-file=reports/php-sbom.cyclonedx.json --output-format=JSON --no-interaction $PHP_SBOM_OPTS
		- chmod a+r reports/php-sbom.cyclonedx.json
		artifacts:
		name: "SBOM for PHP from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"