update stan

.phive/phars.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phive xmlns="https://phar.io/phive">
-  <phar name="phpstan" version="1.11.9" installed="1.11.9" location="./tools/phpstan" copy="false"/>
-  <phar name="psalm" version="5.25.0" installed="5.25.0" location="./tools/psalm" copy="false"/>
+  <phar name="phpstan" version="2.0.1" installed="2.0.1" location="./tools/phpstan" copy="false"/>
+  <phar name="psalm" version="5.26.1" installed="5.26.1" location="./tools/psalm" copy="false"/>
 </phive>

phpstan-baseline.neon

@@ -1,6 +1,7 @@
 parameters:
 	ignoreErrors:
 		-
-			message: "#^Strict comparison using \\=\\=\\= between string and false will always evaluate to false\\.$#"
+			message: '#^Strict comparison using \=\=\= between string and false will always evaluate to false\.$#'
+			identifier: identical.alwaysFalse
 			count: 1
 			path: src/Authenticator/HttpDigestAuthenticator.php

psalm-baseline.xml

@@ -1,64 +1,2 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="5.20.0@3f284e96c9d9be6fe6b15c79416e1d1903dcfef4">
-  <file src="src/AuthenticationService.php">
-    <RiskyTruthyFalsyComparison>
-      <code><![CDATA[empty($parsed['host'])]]></code>
-      <code><![CDATA[empty($parsed['scheme'])]]></code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/CookieAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($identity)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/EnvironmentAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($data)</code>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/FormAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/HttpDigestAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($digest)</code>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/JwtAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/Result.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($data)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/SessionAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($user)</code>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Authenticator/TokenAuthenticator.php">
-    <RiskyTruthyFalsyComparison>
-      <code>empty($headerLine)</code>
-      <code>empty($queryParam)</code>
-      <code>empty($user)</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Identifier/IdentifierCollection.php">
-    <RiskyTruthyFalsyComparison>
-      <code>$result</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-  <file src="src/Middleware/AuthenticationMiddleware.php">
-    <RiskyTruthyFalsyComparison>
-      <code>$url</code>
-    </RiskyTruthyFalsyComparison>
-  </file>
-</files>
+<files psalm-version="5.26.1@d747f6500b38ac4f7dfc5edbcae6e4b637d7add0"/>

psalm.xml

@@ -27,5 +27,6 @@
 
         <InvalidStringClass errorLevel="info" />
         <MissingClassConstType errorLevel="info" />
+        <RiskyTruthyFalsyComparison errorLevel="info" />
     </issueHandlers>
 </psalm>

src/AuthenticationService.php

@@ -492,8 +492,10 @@ public function isImpersonating(ServerRequestInterface $request): bool
      */
     protected function getImpersonationProvider(): ImpersonationInterface
     {
-        /** @var \Authentication\Authenticator\ImpersonationInterface $provider */
         $provider = $this->getAuthenticationProvider();
+        if ($provider === null) {
+            throw new InvalidArgumentException('No AuthenticationProvider present.');
+        }
         if (!($provider instanceof ImpersonationInterface)) {
             $className = get_class($provider);
             throw new InvalidArgumentException(

src/Authenticator/CookieAuthenticator.php

@@ -184,6 +184,7 @@ protected function _createPlainToken(ArrayAccess|array $identity): string
      *
      * @param \ArrayAccess|array $identity Identity data.
      * @return string
+     * @throws \JsonException
      */
     protected function _createToken(ArrayAccess|array $identity): string
     {
@@ -192,8 +193,7 @@ protected function _createToken(ArrayAccess|array $identity): string
 
         $usernameField = $this->getConfig('fields.username');
 
-        /** @var string */
-        return json_encode([$identity[$usernameField], $hash]);
+        return json_encode([$identity[$usernameField], $hash], JSON_THROW_ON_ERROR);
     }
 
     /**

src/Identity.php

@@ -52,7 +52,6 @@ class Identity implements IdentityInterface
      *
      * @param \ArrayAccess|array $data Identity data
      * @param array $config Config options
-     * @throws \InvalidArgumentException When invalid identity data is passed.
      */
     public function __construct(ArrayAccess|array $data, array $config = [])
     {

src/Middleware/AuthenticationMiddleware.php

@@ -56,7 +56,6 @@ class AuthenticationMiddleware implements MiddlewareInterface
      *
      * @param \Authentication\AuthenticationServiceInterface|\Authentication\AuthenticationServiceProviderInterface $subject Authentication service or application instance.
      * @param \Cake\Core\ContainerInterface|null $container The container instance from the application.
-     * @throws \InvalidArgumentException When invalid subject has been passed.
      */
     public function __construct(
         AuthenticationServiceInterface|AuthenticationServiceProviderInterface $subject,