Saloon v4

[bob2021]

Updated saloonphp/saloon to v4 to resolve #9.

Added a TokenSerializer class as a drop in replacement for the serialization that was removed from saloon.

Summary by CodeRabbit

• Chores

  • Updated Saloon to v4.0 and related dependencies (rate-limit-plugin, SDK generator)

• New Features

  • Added token serialization and deserialization utilities for authentication tokens

• Tests

  • Added comprehensive test coverage for token serialization functionality

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 76f15248-965f-4a38-9d41-164da5318227

📥 Commits

Reviewing files that changed from the base of the PR and between 6a71eee and d709c7c.

📒 Files selected for processing (3)

• composer.json
• src/Auth/TokenSerializer.php
• tests/TokenSerializerTest.php

---

📝 Walkthrough

Walkthrough

Saloon v4 dependencies are upgraded to address two security vulnerabilities, and a new TokenSerializer utility class is added to provide serialization/deserialization helpers that Saloon v4 removed from AccessTokenAuthenticator. The implementation includes validation to reject invalid inputs and restrict deserialization to allowed types.

Changes

Saloon v4 Migration

Layer / File(s)	Summary
Dependency version updates composer.json	saloonphp/saloon upgraded from ^3.8 to ^4.0, saloonphp/rate-limit-plugin from ^2.1 to ^2.5, and dev dependency highsidelabs/saloon-sdk-generator from ^2.1 to ^2.1.8.
TokenSerializer implementation and tests src/Auth/TokenSerializer.php, tests/TokenSerializerTest.php	New TokenSerializer class with serialize() and unserialize() static methods, where unserialize() restricts deserialization to AccessTokenAuthenticator and DateTimeImmutable and returns null for invalid inputs. Tests cover round-trip serialization with and without optional fields, and verify null is returned for garbage input and non-authenticator objects.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 To Saloon v4 we hop with care,
Security patches now in the air,
Token serialization, bridged with grace,
Tests verify each edge case,
Version bumps and methods new—
A migration complete and true! 🚀

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'Saloon v4' is vague and generic, using a non-descriptive term that doesn't clearly convey the scope or nature of the changes beyond referencing a version number.	Use a more descriptive title like 'Upgrade saloonphp/saloon to v4 and add TokenSerializer' to better summarize the main changes.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The pull request successfully addresses all requirements from issue #9: saloonphp/saloon upgraded to ^4.0, rate-limit-plugin updated to ^2.5, and TokenSerializer added as a drop-in replacement for removed serialization methods.
Out of Scope Changes check	✅ Passed	All changes are within scope: dependency version updates directly address security advisories in issue #9, and TokenSerializer is a necessary supporting implementation for Saloon v4 compatibility.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch saloon-v4

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}