Refactor core, update docs, add exceptions and scripts

Author: pedroac

.editorconfig

@@ -0,0 +1,42 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+
+# PHP files
+[*.php]
+indent_style = space
+indent_size = 4
+
+# Markdown files
+[*.md]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = false
+
+# JSON files
+[*.json]
+indent_style = space
+indent_size = 4
+
+# YAML files
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2
+
+# XML files
+[*.xml]
+indent_style = space
+indent_size = 4
+
+# Composer files
+[composer.json]
+indent_style = space
+indent_size = 4

.github/workflows/php.yml

@@ -10,36 +10,76 @@ permissions:
   contents: read
 
 jobs:
-  build:
-
+  test:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php-version: ['8.3', '8.4']
 
     steps:
     - uses: actions/checkout@v4
 
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-version }}
+        extensions: intl, xml
+        coverage: none
+
     - name: Validate composer.json and composer.lock
       run: composer validate --strict --no-check-lock
 
     - name: Cache Composer packages
       id: composer-cache
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: vendor
-        key: ${{ runner.os }}-php-${{ hashFiles('**/composer.json') }}
+        key: ${{ runner.os }}-php-${{ matrix.php-version }}-${{ hashFiles('**/composer.json') }}
         restore-keys: |
+          ${{ runner.os }}-php-${{ matrix.php-version }}-
           ${{ runner.os }}-php-
 
     - name: Install dependencies
       run: composer install --prefer-dist --no-progress
 
-    # Add a test script to composer.json, for instance: "test": "vendor/bin/phpunit"
-    # Docs: https://getcomposer.org/doc/articles/scripts.md
+    - name: Run PHP CS Fixer check
+      run: composer run-script cs-check
+
+    - name: Run PHPStan
+      run: composer run-script phpstan
 
     - name: Run test suite
       run: composer run-script test
 
-    - name: Install Xdebug
-      run: sudo apt-get install php-xdebug
+  coverage:
+    runs-on: ubuntu-latest
+    needs: test
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: '8.3'
+        extensions: intl, xml, xdebug
+        coverage: xdebug
+
+    - name: Validate composer.json and composer.lock
+      run: composer validate --strict --no-check-lock
+
+    - name: Cache Composer packages
+      id: composer-cache
+      uses: actions/cache@v4
+      with:
+        path: vendor
+        key: ${{ runner.os }}-php-8.3-${{ hashFiles('**/composer.json') }}
+        restore-keys: |
+          ${{ runner.os }}-php-8.3-
+          ${{ runner.os }}-php-
+
+    - name: Install dependencies
+      run: composer install --prefer-dist --no-progress
 
     - name: Run coverage
       run: composer run-script coverage

.php-cs-fixer.dist.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+$finder = PhpCsFixer\Finder::create()
+    ->in(__DIR__)
+    ->exclude('vendor')
+    ->exclude('coverage')
+    ->exclude('html-coverage')
+    ->exclude('xml-coverage')
+    ->exclude('tools')
+    ->exclude('doc')
+    ->name('*.php');
+
+$config = new PhpCsFixer\Config();
+return $config
+    ->setRiskyAllowed(true)
+    ->setPhpExecutable(PHP_BINARY)
+    ->setRules([
+        '@PSR12' => true,
+        'array_syntax' => ['syntax' => 'short'],
+        'ordered_imports' => ['sort_algorithm' => 'alpha'],
+        'no_unused_imports' => true,
+        'not_operator_with_successor_space' => true,
+        'trailing_comma_in_multiline' => true,
+        'phpdoc_scalar' => true,
+        'unary_operator_spaces' => true,
+        'binary_operator_spaces' => true,
+        'blank_line_before_statement' => [
+            'statements' => ['break', 'continue', 'declare', 'return', 'throw', 'try'],
+        ],
+        'phpdoc_single_line_var_spacing' => true,
+        'phpdoc_var_without_name' => true,
+    ])
+    ->setFinder($finder)
+    ->setRiskyAllowed(true);

CHANGELOG.md

@@ -0,0 +1,49 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [1.0.0] - 2026-01-31
+
+### Added
+- Complete PSR-7 HTTP message implementation
+- Full URI normalization, validation, and building
+- Automatic body parsing based on Content-Type headers
+- Secure file upload handling with path traversal protection
+- XXE attack prevention for XML/HTML parsing
+- Immutable message objects throughout
+- Comprehensive test suite (227 tests, 307 assertions)
+- Static analysis with PHPStan level 8
+- Code style enforcement with PSR-12
+
+### Features
+- `ServerRequest::fromGlobals()` - Easy instantiation from PHP superglobals
+- `Response::byContentType()` - Automatic content serialization
+- Smart URI handling with IDN support
+- Specialized exception types for better error handling
+- Zero dependencies (only requires `psr/http-message`)
+
+### Security
+- XXE protection in XML/HTML parsing
+- Path traversal protection in file uploads
+- Header injection prevention
+- Input validation and sanitization
+
+## [Unreleased]
+
+### Added
+- PHPStan static analysis tool for improved code quality
+- PHP CS Fixer for consistent code style enforcement
+- GitHub Actions workflow improvements with PHP version matrix testing
+- CHANGELOG.md for tracking project changes
+- CONTRIBUTING.md with detailed contribution guidelines
+- .editorconfig for consistent code formatting across editors
+
+### Changed
+- Updated GitHub Actions cache action from v3 to v4
+- Improved CI/CD workflow with separate test and coverage jobs
+- Optimized Xdebug installation to only run when needed for coverage
+
+[Unreleased]: https://github.com/pedroac/lean-http/compare/v0.1.0...HEAD

CONTRIBUTING.md

@@ -0,0 +1,151 @@
+# Contributing to lean-http
+
+Thank you for your interest in contributing to lean-http! This document provides guidelines and instructions for contributing to the project.
+
+## Getting Started
+
+1. **Fork the repository** on GitHub
+2. **Clone your fork** locally:
+   ```bash
+   git clone https://github.com/your-username/lean-http.git
+   cd lean-http
+   ```
+3. **Install dependencies**:
+   ```bash
+   composer install
+   ```
+4. **Setup git hooks** (optional but recommended):
+   ```bash
+   chmod +x scripts/setup-git-hooks.sh
+   ./scripts/setup-git-hooks.sh
+   ```
+   
+   This will enable a pre-commit hook that automatically runs code style checks, static analysis, and tests before allowing commits. This helps catch issues early and keeps the codebase clean.
+
+## Development Workflow
+
+### Making Changes
+
+1. Create a new branch for your changes:
+   ```bash
+   git checkout -b feature/your-feature-name
+   ```
+   or
+   ```bash
+   git checkout -b fix/your-bug-fix
+   ```
+
+2. Make your changes following the coding standards (see below)
+
+3. Run the quality checks before committing:
+   ```bash
+   # Run tests
+   composer test
+   
+   # Check code style
+   composer cs-check
+   
+   # Run static analysis
+   composer phpstan
+   ```
+
+4. Fix any issues found by the tools:
+   ```bash
+   # Auto-fix code style issues
+   composer cs-fix
+   ```
+
+5. Commit your changes with a clear, descriptive commit message
+
+6. Push to your fork and create a pull request
+
+## Coding Standards
+
+### Code Style
+
+This project follows **PSR-12** coding standards. We use PHP CS Fixer to enforce code style consistency.
+
+- Run `composer cs-check` to check for style issues
+- Run `composer cs-fix` to automatically fix style issues
+
+### Static Analysis
+
+We use PHPStan for static analysis to catch potential bugs and type issues.
+
+- Run `composer phpstan` to check for issues
+- PHPStan is configured at level 8 (maximum strictness)
+
+### Testing
+
+- All new features should include tests
+- All bug fixes should include tests that demonstrate the fix
+- Run `composer test` to execute the test suite
+- Ensure all tests pass before submitting a pull request
+
+### Documentation
+
+- Update the README.md if you add new features or change existing behavior
+- Add PHPDoc comments for new classes, methods, and properties
+- Update CHANGELOG.md with your changes (see below)
+
+## Pull Request Process
+
+1. **Fork and PR:** Fork the repository and create a pull request for any changes
+2. **Include tests:** All changes should include relevant tests
+3. **Update documentation:** Update README.md and other documentation as needed
+4. **Update CHANGELOG:** Add an entry to CHANGELOG.md describing your changes
+5. **Ensure quality checks pass:** All tests, code style checks, and static analysis must pass
+
+### Pull Request Checklist
+
+- [ ] Code follows PSR-12 coding standards
+- [ ] All tests pass (`composer test`)
+- [ ] Code style is correct (`composer cs-check`)
+- [ ] Static analysis passes (`composer phpstan`)
+- [ ] Documentation is updated (README.md, PHPDoc)
+- [ ] CHANGELOG.md is updated
+- [ ] Commit messages are clear and descriptive
+
+## Issue Tracking
+
+Use GitHub issues to:
+- Report bugs
+- Suggest new features
+- Ask questions
+- Discuss improvements
+
+When reporting bugs, please include:
+- PHP version
+- Steps to reproduce
+- Expected behavior
+- Actual behavior
+- Any relevant error messages or stack traces
+
+## Using AI Tools
+
+Using AI tools like GitHub Copilot, ChatGPT, or similar tools is **encouraged** to:
+- Find issues faster
+- Ensure specifications are followed
+- Improve code quality
+- Generate test cases
+
+However, **always apply critical thinking** and carefully review AI-generated suggestions. AI tools are assistants, not replacements for human judgment.
+
+## Code Review
+
+All pull requests will be reviewed. Reviewers may:
+- Request changes
+- Ask questions
+- Suggest improvements
+- Approve the changes
+
+Please be patient and responsive to feedback. The goal is to maintain high code quality and consistency.
+
+## Questions?
+
+If you have questions about contributing, feel free to:
+- Open an issue on GitHub
+- Check existing issues and discussions
+- Review the README.md for project information
+
+Thank you for contributing to lean-http! 🎉