Release 1.3.0#62
Open
turegjorup wants to merge 128 commits into
Open
Conversation
no message
Release 1.2.2
no message
Adds CLAUDE.md, project-level .claude/ config, two agents (pr-readiness, reload-fixtures) and an update-api-spec skill, all targeted at this repo's Taskfile / Elasticsearch / API Platform setup. settings.local.json is gitignored. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
chore: add Claude Code setup adapted to this repo
Fix the Edit/Write hooks to read the file path from the tool payload via jq instead of the unset CLAUDE_FILE_PATH env var (the previous hooks silently no-oped), add a SessionStart jq prerequisite check, widen the PreToolUse blocklist (symfony.lock, config/reference.php, vendor, node_modules, var/cache), and add a Stop hook that warns when the shared Elasticsearch index contract (src/Model/IndexName.php) changes. Document the cross-repo relationship and the automation in CLAUDE.md.
Add two user-invocable skills (changelog-entry, new-resource), a filter-provider-reviewer subagent for the ES filter/provider layer, and a Stop hook that warns when an Api/Dto resource changed without regenerating public/spec.yaml (which CI's api-spec.yml would otherwise fail on). The Elasticsearch MCP from the automation review was intentionally left out: it is the only recommended item needing an external runtime, the sibling event-database-imports repo did not adopt one, and ad-hoc ES access via `docker compose exec phpfpm curl` covers the need with no new dependency.
The composer-audit CI job failed for two reasons: it ran `composer audit` in a fresh container with no install (so it errored with "No installed packages found"), and once running it reported 14 advisories across 6 packages (twig, symfony/*, guzzle) published after the last green run. Audit the lock file directly with `composer audit --locked` (matching the updated devops_itkdev-docker template) and update the vulnerable dependencies to patched versions within the existing constraints. All advisories clear; the API test suite passes.
fix: resolve composer audit failures
…de-setup-from-imports # Conflicts: # CHANGELOG.md
…laude-automations # Conflicts: # CHANGELOG.md
…mports chore: adapt Claude Code setup from event-database-imports
chore: add Claude Code automations (skills, subagent, spec-drift hook)
Bring the dev-tooling surface in line with the canonical event-database-imports setup (its PR #88 raised PHPStan and added strict rules): - PHPStan level 6 -> 8 with phpstan/phpstan-strict-rules, existing findings baselined (phpstan-baseline.neon) so new code is held to the higher bar. - Exclude the auto-generated config/reference.php; drop tests/ from analysis (matching importers) and use identifier-based ignores. - PHP 8.4 as the committed docker-compose default (dev override already used it). - twig-cs-fixer ^3.7 -> ^4.0 and PHPUnit ^12 -> ^13; php-cs-fixer follows to 3.95 (one else-after-return fix applied). phpstan (level 8), php-cs-fixer, twig-cs-fixer, composer audit, and the API test suite (19 tests) all pass.
chore: align dev tooling with event-database-imports
Fix the mechanical strict-rule findings so the baseline drops from 34 to 10 entries; the remaining 10 are genuine typing work left for a follow-up (offset-access null-safety on ES responses, provider return-type covariance, one dynamic enum-constant fetch, and a console suggestedValues closure). - Replace banned empty()/short-ternary/negated-array constructs with explicit comparisons (behaviour-preserving; filters skip unset/''/[] as before). - Pass the strict flag to in_array(). - Narrow the Elasticsearch client response with @var (as ElasticSearchIndex already does) and guard file_get_contents()/json_decode() in the fixture loader. - Annotate ApiUser::$username as non-empty-string; make the paginator count non-negative. phpstan (level 8 + strict), php-cs-fixer, and the API test suite (19 tests) all pass.
Add tests covering all seven API Platform resources, the API key auth boundary, pagination semantics, and filter error handling. - New traits: GetItemTestTrait (200 + JSON-schema + 401 + 404), CollectionShapeTrait via extended GetEntitiesTestTrait. - New per-resource tests for Occurrence, DailyOccurrence, Location and Organization mirroring the EventsTest/EventsFilterTest pattern. - New TagsFilterTest, VocabulariesFilterTest. - New AuthenticationTest, PaginationTest (data-provider across all seven resources) and FilterErrorTest. - Wire EventsTest, TagsTest, VocabulariesTest to GetItemTestTrait. - Tighten EventsFilterTest: drop duplicate yield, add 'updated' cases, fix namespace. FilterErrorTest is skipped pending a fix for a contract bug: the DateRangeFilter throws PHP's \InvalidArgumentException, which is not in api_platform.yaml's exception_to_status map, so malformed date ranges currently return 500 instead of 400. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…nges Lock the response contract independently of API Platform's self-generated schema, so the upcoming upgrade cannot silently change it: - Collection envelope + exact per-resource member field sets. - Item shape, including the current asymmetry: Event/Occurrence/ DailyOccurrence/Location/Organization items return a hydra:Collection wrapper of one, while Tag/Vocabulary return a flat item. - Error shape (hydra:Error for 401/404). - Content negotiation: only application/ld+json is accepted (json/html -> 406). - Datetime serialization (ISO 8601 with timezone offset).
test: mature the API test suite ahead of the API Platform upgrade
…line-paydown # Conflicts: # CHANGELOG.md
chore: pay down PHPStan baseline (34 → 10)
…ction-todo # Conflicts: # CHANGELOG.md
The fixture loader created indexes with no mappings, so Elasticsearch dynamic mapping (analysed text + .keyword subfields) drove filter behaviour. Production indexes (event-database-imports) use `dynamic: strict` with explicit types and no normalizer, so several filter tests passed for semantics production does not have — most starkly tag filtering (`?tags=itkdev` matched under dynamic mapping but `tags` is an exact, case-sensitive `keyword` in production). - Add production-parity mappings at tests/resources/mappings/*.json (dynamic: strict), hand-kept copies of the importer's src/Model/Indexing/Mappings. - FixtureLoader::createIndex() applies the mapping and fails loudly if missing; drop the now-obsolete `ignore_error` from the fixture Taskfile targets. - Reconcile the tag filter expectations to keyword semantics (ITKDev→2, itkdev→0, for-boern→1 whole-value, boern→0); only these cases needed changing — the rest of the suite was already production-accurate. - Index-contract Stop hook now also watches tests/resources/mappings/; the filter-provider-reviewer brief checks the mapped field type.
Cover the custom filters' apply() query DSL and getDescription() descriptors directly, without Elasticsearch or the kernel — the filters are constructed with inert stubs for the AbstractFilter metadata factories (never called once `properties` is set). - MatchFilter/BooleanFilter/TagFilter/IdFilter: exact term/match clauses, boost shape, comma-splitting, single-vs-list return; "0" reaches ES (guarding the strict-guard behaviour). - DateRangeFilter: fallback/explicit operators, `between` → exclusive gt/lt, and the two current error leaks (malformed `between` → \InvalidArgumentException, unknown operator → native \Error) plus the dead `throwOnInvalid` flag, pinned as current behaviour.
Compare effective schemas in oasdiff (flatten-allof)
# Conflicts: # CHANGELOG.md
The api-spec job posted a 🛑 "spec not up to date" comment on failure but never cleared it once the spec was fixed, leaving a stale failure comment on the PR. Give that comment a sticky marker and, mirroring the breaking-changes comment, edit it to ✅ when the committed spec matches the export again (find previous → upsert on drift → resolve on success).
Add Rector (relevant sets, aligned with PHPStan) and apply across the codebase
…-comment-selfheal # Conflicts: # CHANGELOG.md
Self-heal the "API spec up to date" PR comment
Every job pulled and started the whole compose stack (mariadb, phpfpm, nginx, mail, rabbit, elasticsearch, …). Scope each to its real deps: - api-spec export, PHPStan, Rector → phpfpm only, as one-off `docker compose run --rm --no-deps phpfpm …` (no lingering container, matching the templated composer/php/twig workflows) - API test → phpfpm + elasticsearch via `up --wait --no-deps` (ES must be a running service the tests connect to) Pull only the needed images; --no-deps stops phpfpm's mariadb/rabbit dependencies from dragging the rest of the stack in. The api-spec job now drives docker compose directly, dropping the Task setup that ran `site:update` (= pull/up everything). Verified: the full suite passes with mariadb and rabbit stopped; tests reference no Doctrine/DB and ApiTestCase uses the in-process kernel, so nginx is not needed either.
…pulls # Conflicts: # CHANGELOG.md
Scope CI image pulls to each job's real dependencies
Mirror event-database-imports#107's Claude integration for Rector (the CI gate and Taskfile targets already landed in the Rector PR): - PostToolUse hook runs `rector process` on the edited src/tests PHP file before php-cs-fixer, so single-file edits are modernized then formatted. - pr-readiness agent gains a Rector (dry-run) check mirroring the CI gate. - CLAUDE.md notes Rector in the PostToolUse list.
Mirror devops_itkdev-docker#116: the phpfpm service runs as
${COMPOSE_USER:-deploy}, so the release job's `--user=root` (and the
`COMPOSER_ALLOW_SUPERUSER` that paired with it) are redundant. Set
`COMPOSE_USER: runner` at the workflow level and drop both, keeping
APP_ENV inline via `-e APP_ENV=prod`.
Run Rector from the Claude Code setup; drop redundant root user from the release workflow
Refresh composer.lock to the latest in-constraint releases — the Symfony 7.4.8→7.4.14 patch train plus dev tooling (phpunit 13.2.4, php-cs-fixer, phpstan-symfony, phpdoc-parser, composer-normalize, flex). No constraint changes. Regenerate config/reference.php (a framework-bundle psalm-type annotation moved with the Symfony bump). Full suite, PHPStan, Rector, php-cs-fixer green; public/spec.yaml unchanged.
Update dependencies (in-constraint)
Audited the docs against the code. Corrections: - Stack: API Platform 4.1 → 4.3, image itkdev/php8.3-fpm → php8.4-fpm. - PHPStan level 6 → 8 (pr-readiness agent + the code-analysis comment, which also now notes Rector). - Drop the stale `ignore_error: true` fixtures rationale from the reload-fixtures agent (removed from the Taskfile in the mappings PR). - Note the CI-enforced index-mapping-drift gate (not just the local Stop hook) and document the test-suite layout (Contract/Consumer/Unit + tests/schemas) that has grown since CLAUDE.md was written. README is accurate (pins no versions) and left as-is.
Refresh CLAUDE.md and agent docs for current tooling/versions
Bump the local Elasticsearch dev image 8.13.0 -> 8.19.18 (latest 8.x) and tighten the elasticsearch/elasticsearch client constraint ^8.13 -> ^8.19 (client already resolves to 8.19.0; composer.lock changes only its content-hash). Coordinated with the shared cluster (event-database-services) and the write side (event-database-imports). PHPStan clean.
chore: upgrade Elasticsearch to 8.19.18
The changelog step's "spec changed?" guard grepped for the literal "no changes", but oasdiff v0.1.x emits "No changelog changes" when the spec is unchanged — the substring never matched, so has_changes was always true and a "⚠️ non-breaking changes" comment posted (body: "No changelog changes") even for PRs that don't touch the spec (e.g. the Elasticsearch bump #60). Match both wordings with a regex so the no-change path is taken and the sticky comment resolves to ✅.
Fix api-spec no-change detection for oasdiff v0.1.x
🛑 API specification — breaking changes detectedAPI changesAPI Changelog 2.0.0 vs. 2.0.0API ChangesGET /api/v2/daily_occurrences
GET /api/v2/daily_occurrences/{id}
GET /api/v2/events
GET /api/v2/events/{id}
GET /api/v2/locations
GET /api/v2/locations/{id}
GET /api/v2/occurrences
GET /api/v2/occurrences/{id}
GET /api/v2/organizations
GET /api/v2/organizations/{id}
GET /api/v2/tags
GET /api/v2/tags/{slug}
GET /api/v2/vocabularies
GET /api/v2/vocabularies/{slug}
|
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #62 +/- ##
=======================================
Coverage ? 72.89%
Complexity ? 232
=======================================
Files ? 29
Lines ? 653
Branches ? 0
=======================================
Hits ? 476
Misses ? 177
Partials ? 0
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release 1.3.0 — cut the accumulated
developbacklog (PR-27…PR-61) as a minor release.Changes
[Unreleased]backlog to## [1.3.0] - 2026-07-10and open a fresh[Unreleased]section.[Unreleased]→1.3.0...HEAD, add[1.3.0]from1.2.2).[1.2.2]/[1.2.1]footer reference links (tagged offmainand never linked here).Why
Follows gitflow: the release branch freezes the changelog for 1.3.0 before merging to
mainand tagging. Carries the API Platform 4.3 upgrade, the problem+json error contract, Rector, PHPStan level 8, and the expanded consumer/contract test suites.