[GH-ISSUE #130] Suggestion - stricter returns #529

New issue

Closed

opened 2026-03-14 12:07:28 +03:00 by kerem · 6 comments

kerem commented 2026-03-14 12:07:28 +03:00

Owner

Copy link

Originally created by @ghost on GitHub (Oct 18, 2019).
Original GitHub issue: https://github.com/antonioribeiro/google2fa/issues/130

Just some food for thought!

Wouldn't make more sense to avoid mixed returns? E.g. bool|int when using verifyKey

And is this correct? https://github.com/antonioribeiro/google2fa/blob/master/src/Google2FA.php#L54 (int $startingTimestamp)

I found it when phpstan was giving me a lot of errors because I was treating verifyKey as return bool.

Originally created by @ghost on GitHub (Oct 18, 2019). Original GitHub issue: https://github.com/antonioribeiro/google2fa/issues/130 Just some food for thought! Wouldn't make more sense to avoid mixed returns? E.g. bool|int when using verifyKey And is this correct? https://github.com/antonioribeiro/google2fa/blob/master/src/Google2FA.php#L54 (int $startingTimestamp) I found it when phpstan was giving me a lot of errors because I was treating verifyKey as return bool.

kerem closed this issue 2026-03-14 12:07:33 +03:00

kerem commented 2026-03-14 12:07:39 +03:00

Author

Owner

Copy link

@antonioribeiro commented on GitHub (Oct 21, 2019):

Should be fixed in 6.1.1. @Khyber3737 would you mind testing it again and closing this?

Thanks for reporting!

<!-- gh-comment-id:544542213 --> @antonioribeiro commented on GitHub (Oct 21, 2019): Should be fixed in 6.1.1. @Khyber3737 would you mind testing it again and closing this? Thanks for reporting!

kerem commented 2026-03-14 12:07:44 +03:00

Author

Owner

Copy link

@ghost commented on GitHub (Oct 21, 2019):

I have verified that with --level 4 there are no errors. With --level max I get the usual errors that, from a library standpoint (not targeting >= 7.4, strict), makes perfect sense since it's just casting/coersion or a design decision. In hindsight since this library is used everywhere and is battle tested it would be difficult to change methods like findValidOTP and verifyKey. I will deal with that in a more proper opinionated layer.
Thank you! :)

<!-- gh-comment-id:544592947 --> @ghost commented on GitHub (Oct 21, 2019): I have verified that with `--level 4` there are no errors. With `--level max` I get the usual errors that, from a library standpoint (not targeting >= 7.4, strict), makes perfect sense since it's just casting/coersion or a design decision. In hindsight since this library is used everywhere and is battle tested it would be difficult to change methods like findValidOTP and verifyKey. I will deal with that in a more proper opinionated layer. Thank you! :)

kerem commented 2026-03-14 12:07:49 +03:00

Author

Owner

Copy link

@antonioribeiro commented on GitHub (Oct 21, 2019):

Yeah, I tested it with level 4, sorry. I'm not really a PHPStan user, so I didn't know there were levels above it :/

<!-- gh-comment-id:544593623 --> @antonioribeiro commented on GitHub (Oct 21, 2019): Yeah, I tested it with level 4, sorry. I'm not really a PHPStan user, so I didn't know there were levels above it :/

kerem commented 2026-03-14 12:07:54 +03:00

Author

Owner

Copy link

@antonioribeiro commented on GitHub (Oct 21, 2019):

@Khyber3737 Would you please test 6.1.2, please? I think I managed to make them all pass. I had to make one change in code, but it should not break things. It doesn't make sense let people pass $secret as null here:

<!-- gh-comment-id:544617376 --> @antonioribeiro commented on GitHub (Oct 21, 2019): @Khyber3737 Would you please test 6.1.2, please? I think I managed to make them all pass. I had to make one change in code, but it should not break things. It doesn't make sense let people pass $secret as null here: 

kerem commented 2026-03-14 12:07:59 +03:00

Author

Owner

Copy link

@ghost commented on GitHub (Oct 21, 2019):

[OK] No errors

👍

<!-- gh-comment-id:544629899 --> @ghost commented on GitHub (Oct 21, 2019): >[OK] No errors 👍

kerem commented 2026-03-14 12:08:05 +03:00

Author

Owner

Copy link

@antonioribeiro commented on GitHub (Oct 21, 2019):

It's now on 7.0.0. I ended up causing a BC break, so I had to roll them back and draft a new major release.

<!-- gh-comment-id:544630833 --> @antonioribeiro commented on GitHub (Oct 21, 2019): It's now on 7.0.0. I ended up causing a BC break, so I had to roll them back and draft a new major release.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

9.x

fix-coverage

bump-to-version-9

10.x

reformat-code

add-linting

reorder-imports

8.x

install-php-84

test-on-php84

github-actions

master

7.x

pspstan

revert-124-123-google2fa_fix

v9.0.0

v8.0.3

v8.0.2

v8.0.1

8.0.0

v7.0.0

v6.1.3

v6.1.0

v6.0.1

v6.0.0

v4.0.2

v4.0.1

v5.0.0

v4.0.0

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.0.7

v2.0.6

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.0.1

v1.0.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.0

v0.1.0

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/google2fa#529

No description provided.