Merge pull request #705 from wayofdev/feat/infra-dx

ci: disable auto-merge of release PRs

Author: lotyp

.github/SECURITY.md

@@ -0,0 +1,37 @@
+# Security Policy
+
+Thank you for helping keep `wayofdev/laravel-cycle-orm-adapter` and its users safe. We greatly appreciate your efforts to disclose security vulnerabilities responsibly.
+
+<br>
+
+## 🙋‍♂️ Supported Versions
+
+Only certain versions of `wayofdev/laravel-cycle-orm-adapter` are currently being maintained with security updates. Please use or upgrade to one of these supported versions:
+
+| Version | Supported          |
+|---------|--------------------|
+| 4.x     | :white_check_mark: |
+
+Please ensure that you are using one of these supported versions before reporting a security issue.
+
+<br>
+
+## 🚨 Reporting a Vulnerability
+
+We take all security bugs in `wayofdev/laravel-cycle-orm-adapter` seriously. Please follow the instructions below to report security vulnerabilities.
+
+### → How to Report a Vulnerability
+
+1. **GitHub Security Advisories**: Please report security issues directly through our GitHub Security Advisories page: [https://github.com/wayofdev/laravel-cycle-orm-adapter/security/advisories/new](https://github.com/wayofdev/laravel-cycle-orm-adapter/security/advisories/new). This ensures that sensitive information is handled confidentially.
+
+2. **Empty Security Issue**: After submitting through GitHub Security Advisories, please also create an empty security issue to alert us, as GitHub Advisories do not send automatic notifications. This can be done [here](https://github.com/wayofdev/laravel-cycle-orm-adapter/issues/new?assignees=&labels=type%3A+bug%2Cpriority%3A+high%2Ctype%3A+security&projects=&template=5-security-report.yml&title=%5BSecurity%5D%3A+).
+
+3. **Direct Contact**: For highly sensitive information, in addition to the GitHub Security Advisories, please email us directly at `the@wayof.dev` with the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority.
+
+Please do not discuss potential security issues in public forums or through our public GitHub issues tracker.
+
+## ❌ Third-Party Bug Bounty Platforms
+
+At this moment, we DO NOT accept reports from third-party bug bounty platforms to minimize risk. All vulnerability reports should come through the specified channels above.
+
+<br>

.github/workflows/auto-merge-release.yaml

@@ -2,16 +2,15 @@
 
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v4.6.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: check-added-large-files
         args: ['--maxkb=600']
-      - id: fix-encoding-pragma
 
   - repo: https://github.com/commitizen-tools/commitizen
-    rev: v3.13.0
+    rev: v3.24.0
     hooks:
       - id: commitizen
         stages:

.pre-commit-config.yaml

@@ -1,32 +1,39 @@
 <br>
 
 <div align="center">
-<img width="456" src="https://raw.githubusercontent.com/wayofdev/laravel-cycle-orm-adapter/master/assets/logo.gh-light-mode-only.png#gh-light-mode-only" alt="Logo for Light Mode">
-<img width="456" src="https://raw.githubusercontent.com/wayofdev/laravel-cycle-orm-adapter/master/assets/logo.gh-dark-mode-only.png#gh-dark-mode-only" alt="Logo for Dark Mode">
+    <a href="https://laravel-cycle-orm-adapter.wayof.dev" target="_blank">
+        <picture>
+            <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/wayofdev/.github/master/assets/logo.gh-dark-mode-only.png">
+            <img width="400" src="https://raw.githubusercontent.com/wayofdev/.github/master/assets/logo.gh-light-mode-only.png" alt="WayOfDev Logo">
+        </picture>
+    </a>
 </div>
 
-
 <br>
 
 <br>
 
 <div align="center">
-<a href="https://github.com/wayofdev/laravel-cycle-orm-adapter/actions"><img alt="Build Status" src="https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Fwayofdev%2Flaravel-cycle-orm-adapter%2Fbadge&style=flat-square"/></a>
+<a href="https://github.com/wayofdev/laravel-cycle-orm-adapter/actions"><img alt="Build Status" src="https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Fwayofdev%2Flaravel-cycle-orm-adapter%2Fbadge&style=flat-square&label=github%20actions"/></a>
 <a href="https://packagist.org/packages/wayofdev/laravel-cycle-orm-adapter"><img src="https://img.shields.io/packagist/dt/wayofdev/laravel-cycle-orm-adapter?&style=flat-square&logo=packagist" alt="Total Downloads"></a>
 <a href="https://packagist.org/packages/wayofdev/laravel-cycle-orm-adapter"><img src="https://img.shields.io/packagist/v/wayofdev/laravel-cycle-orm-adapter?&style=flat-square&logo=packagist" alt="Latest Stable Version"></a>
 <a href="https://packagist.org/packages/wayofdev/laravel-cycle-orm-adapter"><img src="https://img.shields.io/packagist/l/wayofdev/laravel-cycle-orm-adapter?style=flat-square&color=blue&logo=packagist" alt="Software License"/></a>
 <a href="https://packagist.org/packages/wayofdev/laravel-cycle-orm-adapter"><img alt="Commits since latest release" src="https://img.shields.io/github/commits-since/wayofdev/laravel-cycle-orm-adapter/latest?style=flat-square"></a>
+<a href="https://packagist.org/packages/wayofdev/laravel-cycle-orm-adapter" target="_blank"><img alt="PHP Version Require" src="https://poser.pugx.org/wayofdev/laravel-cycle-orm-adapter/require/php?style=flat-square"></a>
 <a href="https://app.codecov.io/gh/wayofdev/laravel-cycle-orm-adapter"><img alt="Codecov" src="https://img.shields.io/codecov/c/github/wayofdev/laravel-cycle-orm-adapter?style=flat-square&logo=codecov"></a>
-<a href=""><img src="https://img.shields.io/badge/phpstan%20level-5%20of%209-yellowgreen?style=flat-square&logo=php"></a>
+<a href="https://dashboard.stryker-mutator.io/reports/github.com/wayofdev/laravel-cycle-orm-adapter/master" target="_blank"><img alt="Mutation testing badge" src="https://img.shields.io/endpoint?style=flat-square&label=mutation%20score&url=https%3A%2F%2Fbadge-api.stryker-mutator.io%2Fgithub.com%2Fwayofdev%2Flaravel-cycle-orm-adapter%2Fmaster"></a>
+<a href=""><img src="https://img.shields.io/badge/phpstan%20level-5%20of%209-yellowgreen?style=flat-square" alt="PHP Stan Level 5 of 9"></a>
+<a href="https://discord.gg/CE3TcCC5vr" target="_blank"><img alt="Codecov" src="https://img.shields.io/discord/1228506758562058391?style=flat-square&logo=discord&labelColor=7289d9&logoColor=white&color=39456d"></a>
+<a href="https://x.com/intent/follow?screen_name=wayofdev" target="_blank"><img alt="Follow on Twitter (X)" src="https://img.shields.io/badge/-Follow-black?style=flat-square&logo=X"></a>
 </div>
 
 <br>
 
 <br>
 
 <div align="center">
-<img width="320" src="assets/on-white-bg.png#gh-light-mode-only" alt="CycleORM + WayOfDev + Laravel Logo for Light GitHub Mode">
-<img width="320" src="assets/on-black-bg.png#gh-dark-mode-only" alt="CycleORM + WayOfDev + Laravel Logo for Dark GitHub Mode">
+<img width="300" src="assets/on-white-bg.png#gh-light-mode-only" alt="CycleORM + WayOfDev + Laravel Logo for Light GitHub Mode">
+<img width="300" src="assets/on-black-bg.png#gh-dark-mode-only" alt="CycleORM + WayOfDev + Laravel Logo for Dark GitHub Mode">
 </div>
 
 <br>

README.md

@@ -76,7 +76,12 @@
         "phpstan/phpstan-phpunit": "^1.3",
         "phpstan/phpstan-strict-rules": "^1.5",
         "phpunit/phpunit": "^10.5",
+        "psalm/plugin-laravel": "^2.11",
+        "psalm/plugin-phpunit": "~0.19.0",
+        "rector/rector": "^1.0",
+        "roave/infection-static-analysis-plugin": "^1.35",
         "roave/security-advisories": "dev-latest",
+        "vimeo/psalm": "^5.23.1",
         "wayofdev/cs-fixer-config": "^1.2"
     },
     "suggest": {
@@ -99,6 +104,7 @@
     "config": {
         "allow-plugins": {
             "ergebnis/composer-normalize": true,
+            "infection/extension-installer": true,
             "pestphp/pest-plugin": true,
             "phpstan/extension-installer": true
         },
@@ -124,8 +130,14 @@
         ],
         "cs:diff": "php vendor/bin/php-cs-fixer fix --dry-run -v --diff",
         "cs:fix": "php vendor/bin/php-cs-fixer fix -v",
-        "infect": "XDEBUG_MODE=coverage php vendor/bin/roave-infection-static-analysis-plugin --configuration=infection.json.dist",
-        "infect:ci": "XDEBUG_MODE=coverage php vendor/bin/roave-infection-static-analysis-plugin --ansi --configuration=infection.json.dist --logger-github --ignore-msi-with-no-mutations --only-covered",
+        "infect": [
+            "Composer\\Config::disableProcessTimeout",
+            "XDEBUG_MODE=coverage php vendor/bin/roave-infection-static-analysis-plugin --threads=2 --configuration=infection.json.dist"
+        ],
+        "infect:ci": [
+            "Composer\\Config::disableProcessTimeout",
+            "XDEBUG_MODE=coverage php vendor/bin/roave-infection-static-analysis-plugin --threads=2 --ansi --configuration=infection.json.dist --logger-github --ignore-msi-with-no-mutations --only-covered"
+        ],
         "psalm": "php vendor/bin/psalm --show-info=true",
         "psalm:baseline": "php vendor/bin/psalm --set-baseline=psalm-baseline.xml",
         "psalm:ci": "php vendor/bin/psalm --output-format=github --shepherd --show-info=false --stats --threads=4",