51 lines
4.1 KiB
JSON
51 lines
4.1 KiB
JSON
{
|
|
"task_id": "2026-04-24-action-csrf-centralization-step4",
|
|
"plan_ref": ".agents/runs/2026-04-24-action-csrf-centralization-step4/plan.json",
|
|
"status": "done",
|
|
"changed_files": [
|
|
{ "path": "pages/lang().php", "summary": "Replaced direct CSRF check with actionRequireCsrf while preserving redirect + flash behavior." },
|
|
{ "path": "pages/flash/dismiss($id).php", "summary": "Replaced direct method + CSRF checks with actionRequirePost/actionRequireCsrf." },
|
|
{ "path": "pages/page/copy-language().php", "summary": "Added method guard via actionRequirePost and replaced direct CSRF check with helper call." },
|
|
{ "path": "pages/page/index($slug).php", "summary": "Replaced direct method/CSRF checks with helper-compatible request/isMethod and actionRequireCsrf." },
|
|
{ "path": "pages/auth/login().php", "summary": "Replaced direct method/CSRF checks with requestInput()->isMethod and actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "pages/auth/register().php", "summary": "Replaced direct CSRF check with actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "pages/auth/forgot().php", "summary": "Replaced direct CSRF check with actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "pages/auth/verify().php", "summary": "Replaced direct CSRF check with actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "pages/auth/verify-email().php", "summary": "Replaced direct CSRF check with actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "pages/auth/reset().php", "summary": "Replaced direct CSRF check with actionRequireCsrf (non-redirect mode)." },
|
|
{ "path": "tests/Architecture/CorePageRequestGuardContractTest.php", "summary": "Added non-admin regression guard contract test." }
|
|
],
|
|
"commands": [
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpunit tests/Architecture/CorePageRequestGuardContractTest.php tests/Architecture/AdminActionRequestGuardContractTest.php", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpunit tests/Architecture/PostEndpointCsrfContractTest.php tests/Architecture/PostRedirectGetContractTest.php", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpunit tests/Architecture/AuthzAdminSettingsContractTest.php tests/Architecture/AuthzAdminMasterDataContractTest.php tests/Architecture/AuthzAdminUsersContractTest.php", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpunit", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpstan analyse -c phpstan.neon --no-progress", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/phpunit tests/Architecture/CoreStarterkitContractTest.php", "result": "pass" },
|
|
{ "cmd": "docker compose exec -T php vendor/bin/php-cs-fixer fix --config=tools/php-cs-fixer/.php-cs-fixer.dist.php --dry-run --diff --verbose", "result": "pass" },
|
|
{ "cmd": "bin/docs-link-check.sh", "result": "pass" },
|
|
{ "cmd": "bin/docs-drift-check.sh", "result": "pass" },
|
|
{ "cmd": "bin/codex-skills-sync.sh --check", "result": "pass" }
|
|
],
|
|
"quality_gate_results": [
|
|
{ "gate_id": "QG-001", "result": "pass", "notes": "PHPUnit full run green: 2027 tests, 29637 assertions." },
|
|
{ "gate_id": "QG-002", "result": "pass", "notes": "PHPStan level 5: no errors." },
|
|
{ "gate_id": "QG-003", "result": "pass", "notes": "CoreStarterkitContractTest green: 13 tests, 6986 assertions." },
|
|
{ "gate_id": "QG-006", "result": "pass", "notes": "php-cs-fixer dry-run green." },
|
|
{ "gate_id": "QG-008", "result": "pass", "notes": "docs-link-check and docs-drift-check green." },
|
|
{ "gate_id": "QG-009", "result": "pass", "notes": "codex-skills-sync --check green." }
|
|
],
|
|
"metrics": {
|
|
"step4_target_files": 10,
|
|
"before_requestinput_method_calls": 3,
|
|
"after_requestinput_method_calls": 0,
|
|
"before_inline_session_csrf_checks": 10,
|
|
"after_inline_session_csrf_checks": 0,
|
|
"non_admin_inline_method_checks_total_after": 0,
|
|
"non_admin_inline_csrf_checks_total_after": 0
|
|
},
|
|
"open_items": [
|
|
"Module pages under modules/*/pages still contain inline method/csrf checks and are intentionally out-of-scope for this step."
|
|
]
|
|
}
|