Skip to content

Commit 5dd7176

Browse files
committed
Fix CI failures: PHPStan, tests, and CS fixer after recent guards
- Use strict base64_decode() in RenewalInfo::spkiDer() so PHPStan types it string|false - Initialise $isPublic = false before .pem block in FilesystemStorage (PHPStan) - Catch CryptoException from sans() in StatusCommand, fall back to [] - Update CertificateBundleDataTest to expect AcmeException on no-PEM response - Add blank line before throw in ShellDns01Handler (CS fixer)
1 parent f439745 commit 5dd7176

5 files changed

Lines changed: 13 additions & 8 deletions

File tree

src/Challenge/Dns/ShellDns01Handler.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ protected function run(string $cmdTemplate, string $domain, string $keyAuth): vo
9090

9191
if ($exitCode !== 0) {
9292
$detail = $stderr !== '' ? '' . $stderr : '';
93+
9394
throw new ChallengeException(
9495
sprintf('ShellDns01Handler: "%s" exited with code %d.%s', $cmdTemplate, $exitCode, $detail),
9596
);

src/Console/Command/StatusCommand.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,11 @@ private function renderStatus(StoredCertificate $cert, string $storagePath): voi
9696
$expiresStr = sprintf('%s (%d days remaining)', $expiresDate, $days);
9797
$issuedDate = $cert->issuedAt->format('M j, Y');
9898
$identifiersStr = implode(', ', $cert->domains);
99-
$sans = $cert->sans();
99+
try {
100+
$sans = $cert->sans();
101+
} catch (\CoyoteCert\Exceptions\CryptoException) {
102+
$sans = [];
103+
}
100104
$sansStr = empty($sans) ? $identifiersStr : implode(', ', $sans);
101105
$keyLabel = match ($cert->keyType) {
102106
KeyType::EC_P256 => 'EC P-256',

src/Endpoints/RenewalInfo.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ private function spkiDer(\OpenSSLAsymmetricKey $publicKey): string
7575
$decoded = base64_decode(implode('', array_map(
7676
'trim',
7777
array_filter(explode("\n", $pem), static fn(string $l): bool => !str_starts_with($l, '-----')),
78-
)));
78+
)), true);
7979

8080
if ($decoded === false) {
8181
throw new CryptoException('Failed to decode issuer public key DER.');

src/Storage/FilesystemStorage.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -195,6 +195,8 @@ private function writeFile(string $path, string $contents): void
195195
);
196196
}
197197

198+
$isPublic = false;
199+
198200
if (str_ends_with($path, '.pem')) {
199201
$isPublic = str_ends_with($path, 'certificate.pem')
200202
|| str_ends_with($path, 'fullchain.pem')

tests/Unit/DTO/CertificateBundleDataTest.php

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -29,13 +29,11 @@
2929
expect($bundle->caBundle)->not->toContain($certA);
3030
});
3131

32-
it('returns empty strings when no certificate is found', function () {
33-
$r = new Response([], '', 200, 'no cert here');
34-
$bundle = CertificateBundleData::fromResponse($r);
32+
it('throws when no certificate is found in the response', function () {
33+
$r = new Response([], '', 200, 'no cert here');
3534

36-
expect($bundle->certificate)->toBe('');
37-
expect($bundle->fullchain)->toBe('');
38-
expect($bundle->caBundle)->toBe('');
35+
expect(fn() => CertificateBundleData::fromResponse($r))
36+
->toThrow(\CoyoteCert\Exceptions\AcmeException::class);
3937
});
4038

4139
it('is readonly — properties cannot be changed', function () use ($certA) {

0 commit comments

Comments
 (0)