From 05895beecfb0969fca9006495637c58954e75c7d Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:11:47 +0200
Subject: [PATCH 1/7] fix cs

---
 src/Views/email_2fa_show.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/Views/email_2fa_show.php b/src/Views/email_2fa_show.php
index dc21e6ff1..77c8d283a 100644
--- a/src/Views/email_2fa_show.php
+++ b/src/Views/email_2fa_show.php
@@ -22,7 +22,6 @@
                 <div class="mb-2">
                     <input type="email" class="form-control" name="email"
                         inputmode="email" autocomplete="email" placeholder="<?= lang('Auth.email') ?>"
-                        <?php /** @var CodeIgniter\Shield\Entities\User $user */ ?>
                         value="<?= old('email', $user->email) ?>" required>
                 </div>
 

From 99d5d68111f09dcf09e71d68eb9132c91c329166 Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:28:49 +0200
Subject: [PATCH 2/7] phpstan - ignore all errors related to internal symbols

---
 phpstan.neon.dist | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/phpstan.neon.dist b/phpstan.neon.dist
index c878a54a5..c29c48cbc 100644
--- a/phpstan.neon.dist
+++ b/phpstan.neon.dist
@@ -34,3 +34,7 @@ parameters:
 		disallowedImplicitArrayCreation: true
 		disallowedShortTernary: true
 		matchingInheritedMethodNames: true
+	ignoreErrors:
+		- identifier: function.internal
+		- identifier: return.internalClass
+		- identifier: staticMethod.internal

From 981c85550388003abe4bfec5df4dad54ef9d5b0e Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:29:12 +0200
Subject: [PATCH 3/7] phpstan - apply suggestions

---
 src/Authentication/Authenticators/Session.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/Authentication/Authenticators/Session.php b/src/Authentication/Authenticators/Session.php
index 1d3f7886c..1e86c8685 100644
--- a/src/Authentication/Authenticators/Session.php
+++ b/src/Authentication/Authenticators/Session.php
@@ -824,10 +824,9 @@ public function logout(): void
         /** @var \CodeIgniter\Session\Session $session */
         $session     = session();
         $sessionData = $session->get();
-        if (isset($sessionData)) {
-            foreach (array_keys($sessionData) as $key) {
-                $session->remove($key);
-            }
+
+        foreach (array_keys($sessionData) as $key) {
+            $session->remove($key);
         }
 
         // Regenerate the session ID for a touch of added safety.

From 8d736ce44dc64be20c65f290f39c6b5b5cf354cc Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:29:34 +0200
Subject: [PATCH 4/7] phpstan - update baseline

---
 phpstan-baseline.php | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/phpstan-baseline.php b/phpstan-baseline.php
index 59cc29d60..85c254ca8 100644
--- a/phpstan-baseline.php
+++ b/phpstan-baseline.php
@@ -166,15 +166,15 @@
 	'path' => __DIR__ . '/src/Collectors/Auth.php',
 ];
 $ignoreErrors[] = [
-	'message' => '#^Cannot access property \\$id on array\\<string, string\\>\\|object\\.$#',
+	'message' => '#^Cannot access property \\$expires on array\\<string, string\\>\\|object\\.$#',
 	'identifier' => 'property.nonObject',
-	'count' => 9,
+	'count' => 3,
 	'path' => __DIR__ . '/src/Commands/Hmac.php',
 ];
 $ignoreErrors[] = [
-	'message' => '#^Cannot access property \\$expires on array\\<string, string\\>\\|object\\.$#',
+	'message' => '#^Cannot access property \\$id on array\\<string, string\\>\\|object\\.$#',
 	'identifier' => 'property.nonObject',
-	'count' => 3,
+	'count' => 9,
 	'path' => __DIR__ . '/src/Commands/Hmac.php',
 ];
 $ignoreErrors[] = [
@@ -492,6 +492,13 @@
 	'count' => 6,
 	'path' => __DIR__ . '/tests/Unit/Authentication/JWT/JWTManagerTest.php',
 ];
+$ignoreErrors[] = [
+	'message' => '#^Call to deprecated method __construct\\(\\) of class CodeIgniter\\\\HTTP\\\\Response\\:
+4\\.5\\.0 The param \\$config is no longer used\\.$#',
+	'identifier' => 'method.deprecated',
+	'count' => 3,
+	'path' => __DIR__ . '/tests/Unit/PwnedValidatorTest.php',
+];
 $ignoreErrors[] = [
 	'message' => '#^Call to an undefined method CodeIgniter\\\\Shield\\\\Models\\\\UserModel\\:\\:getLastQuery\\(\\)\\.$#',
 	'identifier' => 'method.notFound',

From 63710a1148fd625c6fa8a4170f4dff222eb7bfd8 Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:35:28 +0200
Subject: [PATCH 5/7] rector - update config

---
 rector.php | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/rector.php b/rector.php
index 824d8dfaa..82f12653b 100644
--- a/rector.php
+++ b/rector.php
@@ -44,10 +44,8 @@
 use Rector\EarlyReturn\Rector\Return_\PreparedValueToEarlyReturnRector;
 use Rector\Php55\Rector\String_\StringClassNameToClassConstantRector;
 use Rector\Php73\Rector\FuncCall\StringifyStrNeedlesRector;
-use Rector\Php81\Rector\ClassMethod\NewInInitializerRector;
 use Rector\PHPUnit\AnnotationsToAttributes\Rector\Class_\AnnotationWithValueToAttributeRector;
 use Rector\PHPUnit\CodeQuality\Rector\Class_\YieldDataProviderRector;
-use Rector\PHPUnit\CodeQuality\Rector\MethodCall\AssertCountWithZeroToAssertEmptyRector;
 use Rector\PHPUnit\CodeQuality\Rector\MethodCall\AssertEmptyNullableObjectToAssertInstanceofRector;
 use Rector\PHPUnit\Set\PHPUnitSetList;
 use Rector\Privatization\Rector\Property\PrivatizeFinalClassPropertyRector;
@@ -135,15 +133,7 @@
             __DIR__ . '/src/Commands/Setup.php',
         ],
 
-        // Ignore for some existing classes to prevent BC break
-        NewInInitializerRector::class => [
-            __DIR__ . '/src/Authentication/JWT/JWSEncoder.php',
-            __DIR__ . '/src/Authentication/JWT/JWSDecoder.php',
-            __DIR__ . '/src/Authentication/JWTManager.php',
-        ],
-
         // Ignore some PHPUnit rules
-        AssertCountWithZeroToAssertEmptyRector::class,
         AssertEmptyNullableObjectToAssertInstanceofRector::class,
     ]);
 

From 13fc765be82774276072529a6bab847454db58c3 Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Fri, 4 Jul 2025 18:35:59 +0200
Subject: [PATCH 6/7] rector - apply suggestions

---
 tests/Commands/UserTest.php  | 8 ++++++++
 tests/Unit/UserModelTest.php | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/tests/Commands/UserTest.php b/tests/Commands/UserTest.php
index 4ab6a275b..51cc6ec5d 100644
--- a/tests/Commands/UserTest.php
+++ b/tests/Commands/UserTest.php
@@ -592,6 +592,7 @@ public function testAddgroup(): void
 
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user10@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $this->assertTrue($user->inGroup('admin'));
     }
 
@@ -632,6 +633,7 @@ public function testAddgroupCancel(): void
 
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user10@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $this->assertFalse($user->inGroup('admin'));
     }
 
@@ -644,6 +646,7 @@ public function testRemovegroup(): void
         ]);
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $user->addGroup('admin');
         $this->assertTrue($user->inGroup('admin'));
 
@@ -658,6 +661,7 @@ public function testRemovegroup(): void
 
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $this->assertFalse($user->inGroup('admin'));
     }
 
@@ -670,6 +674,7 @@ public function testRemovegroupWithInvalidGroup(): void
         ]);
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $user->addGroup('admin');
         $this->assertTrue($user->inGroup('admin'));
 
@@ -684,6 +689,7 @@ public function testRemovegroupWithInvalidGroup(): void
 
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $this->assertTrue($user->inGroup('admin'));
     }
 
@@ -696,6 +702,7 @@ public function testRemovegroupCancel(): void
         ]);
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $user->addGroup('admin');
         $this->assertTrue($user->inGroup('admin'));
 
@@ -710,6 +717,7 @@ public function testRemovegroupCancel(): void
 
         $users = model(UserModel::class);
         $user  = $users->findByCredentials(['email' => 'user11@example.com']);
+        $this->assertInstanceOf(UserEntity::class, $user);
         $this->assertTrue($user->inGroup('admin'));
     }
 }
diff --git a/tests/Unit/UserModelTest.php b/tests/Unit/UserModelTest.php
index 77c71ea59..47de1d219 100644
--- a/tests/Unit/UserModelTest.php
+++ b/tests/Unit/UserModelTest.php
@@ -207,6 +207,8 @@ public function testUpdateUserArrayWithUserDataToUpdate(): void
 
         $user = $users->findByCredentials(['email' => 'foo@bar.com']);
 
+        $this->assertInstanceOf(User::class, $user);
+
         $user->username = 'bar';
         $user->email    = 'bar@bar.com';
         $user->active   = true;

From 0e1e7b1a70b37ef04aa4efa3afec733d621d8e1e Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Sat, 5 Jul 2025 07:04:28 +0200
Subject: [PATCH 7/7] cs - fix style by replacing FQCN with import

---
 src/Views/email_2fa_show.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/Views/email_2fa_show.php b/src/Views/email_2fa_show.php
index 77c8d283a..adf0a39af 100644
--- a/src/Views/email_2fa_show.php
+++ b/src/Views/email_2fa_show.php
@@ -1,3 +1,9 @@
+<?php
+
+use CodeIgniter\Shield\Entities\User;
+
+?>
+
 <?= $this->extend(config('Auth')->views['layout']) ?>
 
 <?= $this->section('title') ?><?= lang('Auth.email2FATitle') ?> <?= $this->endSection() ?>
@@ -22,6 +28,7 @@
                 <div class="mb-2">
                     <input type="email" class="form-control" name="email"
                         inputmode="email" autocomplete="email" placeholder="<?= lang('Auth.email') ?>"
+                        <?php /** @var User $user */ ?>
                         value="<?= old('email', $user->email) ?>" required>
                 </div>