From 7b8e4aec080f0f8c5afa2ab75d0334ceb9ea7864 Mon Sep 17 00:00:00 2001
From: Clara <clara.leigh41@gmail.com>
Date: Mon, 10 Jun 2024 11:35:03 +1000
Subject: [PATCH] feature(presets): Add security preset Looks for functions
 often seen as insecure

---
 src/ArchPresets/Security.php | 29 +++++++++++++++++++++++++++++
 src/Preset.php               |  9 +++++++++
 tests/Arch.php               |  2 ++
 3 files changed, 40 insertions(+)
 create mode 100644 src/ArchPresets/Security.php

diff --git a/src/ArchPresets/Security.php b/src/ArchPresets/Security.php
new file mode 100644
index 00000000..8f756e44
--- /dev/null
+++ b/src/ArchPresets/Security.php
@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Pest\ArchPresets;
+
+/**
+ * @internal
+ */
+final class Security extends AbstractPreset
+{
+    /**
+     * Executes the arch preset.
+     */
+    public function execute(): void
+    {
+        $this->expectations[] = expect([
+            'md5',
+            'sha1',
+            'uniqid',
+            'rand',
+            'mt_rand',
+            'tempnam',
+            'str_shuffle',
+            'shuffle',
+            'array_rand'
+        ])->not->toBeUsed();
+    }
+}
diff --git a/src/Preset.php b/src/Preset.php
index a6ee3a66..75d4fcc8 100644
--- a/src/Preset.php
+++ b/src/Preset.php
@@ -8,6 +8,7 @@ use Pest\Arch\Support\Composer;
 use Pest\ArchPresets\AbstractPreset;
 use Pest\ArchPresets\Base;
 use Pest\ArchPresets\Strict;
+use Pest\ArchPresets\Security;
 use Pest\PendingCalls\TestCall;
 use stdClass;
 
@@ -47,6 +48,14 @@ final class Preset
         return $this->executePreset(new Strict($this->baseNamespaces()));
     }
 
+    /**
+     * Uses the Pest security preset and returns the test call instance.
+     */
+    public function security(): AbstractPreset
+    {
+        return $this->executePreset(new Security($this->baseNamespaces()));
+    }
+
     /**
      * Executes the given preset.
      *
diff --git a/tests/Arch.php b/tests/Arch.php
index cfddc837..891b99fd 100644
--- a/tests/Arch.php
+++ b/tests/Arch.php
@@ -9,6 +9,8 @@ arch()->preset()->base()->ignoring([
 
 arch()->preset()->strict();
 
+arch()->preset()->security();
+
 arch('globals')
     ->expect(['dd', 'dump', 'ray', 'die', 'var_dump', 'sleep'])
     ->not->toBeUsed()