Merge branch 'main' into lance/pint-fixes

app/Console/Commands/Egg/CheckEggUpdatesCommand.php

@@ -11,11 +11,8 @@ class CheckEggUpdatesCommand extends Command
 {
     protected $signature = 'p:egg:check-updates';
 
-    public function handle(): void
+    public function handle(EggExporterService $exporterService): void
     {
-        /** @var EggExporterService $exporterService */
-        $exporterService = app(EggExporterService::class);
-
         $eggs = Egg::all();
         foreach ($eggs as $egg) {
             try {

app/Console/Commands/Environment/EmailSettingsCommand.php

@@ -70,7 +70,7 @@ class EmailSettingsCommand extends Command
     /**
      * Handle variables for SMTP driver.
      */
-    private function setupSmtpDriverVariables()
+    private function setupSmtpDriverVariables(): void
     {
         $this->variables['MAIL_HOST'] = $this->option('host') ?? $this->ask(
             trans('command/messages.environment.mail.ask_smtp_host'),
@@ -101,7 +101,7 @@ class EmailSettingsCommand extends Command
     /**
      * Handle variables for mailgun driver.
      */
-    private function setupMailgunDriverVariables()
+    private function setupMailgunDriverVariables(): void
     {
         $this->variables['MAILGUN_DOMAIN'] = $this->option('host') ?? $this->ask(
             trans('command/messages.environment.mail.ask_mailgun_domain'),
@@ -122,7 +122,7 @@ class EmailSettingsCommand extends Command
     /**
      * Handle variables for mandrill driver.
      */
-    private function setupMandrillDriverVariables()
+    private function setupMandrillDriverVariables(): void
     {
         $this->variables['MANDRILL_SECRET'] = $this->option('password') ?? $this->ask(
             trans('command/messages.environment.mail.ask_mandrill_secret'),
@@ -133,7 +133,7 @@ class EmailSettingsCommand extends Command
     /**
      * Handle variables for postmark driver.
      */
-    private function setupPostmarkDriverVariables()
+    private function setupPostmarkDriverVariables(): void
     {
         $this->variables['MAIL_DRIVER'] = 'smtp';
         $this->variables['MAIL_HOST'] = 'smtp.postmarkapp.com';

app/Console/Commands/Schedule/ProcessRunnableCommand.php

@@ -51,7 +51,7 @@ class ProcessRunnableCommand extends Command
      * never throw an exception out, otherwise you'll end up killing the entire run group causing
      * any other schedules to not process correctly.
      */
-    protected function processSchedule(Schedule $schedule)
+    protected function processSchedule(Schedule $schedule): void
     {
         if ($schedule->tasks->isEmpty()) {
             return;

app/Console/Commands/UpgradeCommand.php

@@ -178,7 +178,7 @@ class UpgradeCommand extends Command
         $this->info(__('commands.upgrade.success'));
     }
 
-    protected function withProgress(ProgressBar $bar, \Closure $callback)
+    protected function withProgress(ProgressBar $bar, \Closure $callback): void
     {
         $bar->clear();
         $callback();

app/Exceptions/DisplayException.php

@@ -4,6 +4,8 @@ namespace App\Exceptions;
 
 use Exception;
 use Filament\Notifications\Notification;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Psr\Log\LoggerInterface;
 use Illuminate\Http\Response;
@@ -49,7 +51,7 @@ class DisplayException extends PanelException implements HttpExceptionInterface
      * and then redirecting them back to the page that they came from. If the
      * request originated from an API hit, return the error in JSONAPI spec format.
      */
-    public function render(Request $request)
+    public function render(Request $request): bool|RedirectResponse|JsonResponse
     {
         if ($request->is('livewire/update')) {
             Notification::make()
@@ -58,13 +60,14 @@ class DisplayException extends PanelException implements HttpExceptionInterface
                 ->danger()
                 ->send();
 
-            return;
+            return false;
         }
 
         if ($request->expectsJson()) {
             return response()->json(Handler::toArray($this), $this->getStatusCode(), $this->getHeaders());
         }
 
+        // @phpstan-ignore-next-line
         app(AlertsMessageBag::class)->danger($this->getMessage())->flash();
 
         return redirect()->back()->withInput();
@@ -76,10 +79,10 @@ class DisplayException extends PanelException implements HttpExceptionInterface
      *
      * @throws \Throwable
      */
-    public function report()
+    public function report(): void
     {
         if (!$this->getPrevious() instanceof \Exception || !Handler::isReportable($this->getPrevious())) {
-            return null;
+            return;
         }
 
         try {
@@ -88,6 +91,6 @@ class DisplayException extends PanelException implements HttpExceptionInterface
             throw $this->getPrevious();
         }
 
-        return $logger->{$this->getErrorLevel()}($this->getPrevious());
+        $logger->{$this->getErrorLevel()}($this->getPrevious());
     }
 }

app/Exceptions/Handler.php

@@ -273,6 +273,7 @@ class Handler extends ExceptionHandler
      */
     public static function toArray(\Throwable $e): array
     {
+        // @phpstan-ignore-next-line
         return (new self(app()))->convertExceptionToArray($e);
     }
 }

app/Extensions/Themes/Theme.php

@@ -4,17 +4,17 @@ namespace App\Extensions\Themes;
 
 class Theme
 {
-    public function js($path): string
+    public function js(string $path): string
     {
         return sprintf('<script src="%s"></script>' . PHP_EOL, $this->getUrl($path));
     }
 
-    public function css($path): string
+    public function css(string $path): string
     {
         return sprintf('<link media="all" type="text/css" rel="stylesheet" href="%s"/>' . PHP_EOL, $this->getUrl($path));
     }
 
-    protected function getUrl($path): string
+    protected function getUrl(string $path): string
     {
         return '/themes/panel/' . ltrim($path, '/');
     }

app/Filament/Pages/Dashboard.php

@@ -28,16 +28,20 @@ class Dashboard extends Page
 
     public string $activeTab = 'nodes';
 
+    private SoftwareVersionService $softwareVersionService;
+
+    public function mount(SoftwareVersionService $softwareVersionService): void
+    {
+        $this->softwareVersionService = $softwareVersionService;
+    }
+
     public function getViewData(): array
     {
-        /** @var SoftwareVersionService $softwareVersionService */
-        $softwareVersionService = app(SoftwareVersionService::class);
-
         return [
             'inDevelopment' => config('app.version') === 'canary',
-            'version' => $softwareVersionService->versionData()['version'],
-            'latestVersion' => $softwareVersionService->getPanel(),
-            'isLatest' => $softwareVersionService->isLatestPanel(),
+            'version' => $this->softwareVersionService->versionData()['version'],
+            'latestVersion' => $this->softwareVersionService->getPanel(),
+            'isLatest' => $this->softwareVersionService->isLatestPanel(),
             'eggsCount' => Egg::query()->count(),
             'nodesList' => ListNodes::getUrl(),
             'nodesCount' => Node::query()->count(),
@@ -67,7 +71,7 @@ class Dashboard extends Page
                 CreateAction::make()
                     ->label(trans('dashboard/index.sections.intro-support.button_donate'))
                     ->icon('tabler-cash')
-                    ->url($softwareVersionService->getDonations(), true)
+                    ->url($this->softwareVersionService->getDonations(), true)
                     ->color('success'),
             ],
             'helpActions' => [

app/Filament/Pages/Installer/PanelInstaller.php

@@ -2,6 +2,7 @@
 
 namespace App\Filament\Pages\Installer;
 
+use App\Filament\Pages\Dashboard;
 use App\Filament\Pages\Installer\Steps\AdminUserStep;
 use App\Filament\Pages\Installer\Steps\CompletedStep;
 use App\Filament\Pages\Installer\Steps\DatabaseStep;
@@ -13,7 +14,6 @@ use App\Services\Users\UserCreationService;
 use App\Traits\CheckMigrationsTrait;
 use App\Traits\EnvironmentWriterTrait;
 use Exception;
-use Filament\Facades\Filament;
 use Filament\Forms\Components\Actions\Action;
 use Filament\Forms\Components\Wizard;
 use Filament\Forms\Concerns\InteractsWithForms;
@@ -24,6 +24,7 @@ use Filament\Notifications\Notification;
 use Filament\Pages\SimplePage;
 use Filament\Support\Enums\MaxWidth;
 use Filament\Support\Exceptions\Halt;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\HtmlString;
@@ -37,7 +38,7 @@ class PanelInstaller extends SimplePage implements HasForms
     use EnvironmentWriterTrait;
     use InteractsWithForms;
 
-    public $data = [];
+    public array $data = [];
 
     protected static string $view = 'filament.pages.installer';
 
@@ -54,7 +55,7 @@ class PanelInstaller extends SimplePage implements HasForms
         return env('APP_INSTALLED', true);
     }
 
-    public function mount()
+    public function mount(): void
     {
         abort_if(self::isInstalled(), 404);
 
@@ -93,7 +94,7 @@ class PanelInstaller extends SimplePage implements HasForms
         return 'data';
     }
 
-    public function submit()
+    public function submit(): RedirectResponse
     {
         // Disable installer
         $this->writeToEnvironment(['APP_INSTALLED' => 'true']);
@@ -103,7 +104,7 @@ class PanelInstaller extends SimplePage implements HasForms
         auth()->guard()->login($this->user, true);
 
         // Redirect to admin panel
-        return redirect(Filament::getPanel('admin')->getUrl());
+        return redirect(Dashboard::getUrl());
     }
 
     public function writeToEnv(string $key): void
@@ -159,12 +160,12 @@ class PanelInstaller extends SimplePage implements HasForms
         }
     }
 
-    public function createAdminUser(): void
+    public function createAdminUser(UserCreationService $userCreationService): void
     {
         try {
             $userData = array_get($this->data, 'user');
             $userData['root_admin'] = true;
-            $this->user = app(UserCreationService::class)->handle($userData);
+            $this->user = $userCreationService->handle($userData);
         } catch (Exception $exception) {
             report($exception);
 

app/Filament/Pages/Installer/Steps/AdminUserStep.php

@@ -3,6 +3,7 @@
 namespace App\Filament\Pages\Installer\Steps;
 
 use App\Filament\Pages\Installer\PanelInstaller;
+use App\Services\Users\UserCreationService;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Components\Wizard\Step;
 
@@ -28,6 +29,6 @@ class AdminUserStep
                     ->password()
                     ->revealable(),
             ])
-            ->afterValidation(fn () => $installer->createAdminUser());
+            ->afterValidation(fn (UserCreationService $service) => $installer->createAdminUser($service));
     }
 }

app/Filament/Pages/Installer/Steps/DatabaseStep.php

@@ -72,7 +72,7 @@ class DatabaseStep
             });
     }
 
-    private static function testConnection(string $driver, $host, $port, $database, $username, $password): bool
+    private static function testConnection(string $driver, string $host, string $port, string $database, string $username, string $password): bool
     {
         if ($driver === 'sqlite') {
             return true;

app/Filament/Pages/Installer/Steps/RedisStep.php

@@ -56,7 +56,7 @@ class RedisStep
             });
     }
 
-    private static function testConnection($host, $port, $username, $password): bool
+    private static function testConnection(string $host, string $port, string $username, string $password): bool
     {
         try {
             config()->set('database.redis._panel_install_test', [

app/Filament/Resources/ApiKeyResource.php

@@ -5,6 +5,7 @@ namespace App\Filament\Resources;
 use App\Filament\Resources\ApiKeyResource\Pages;
 use App\Models\ApiKey;
 use Filament\Resources\Resource;
+use Illuminate\Database\Eloquent\Model;
 
 class ApiKeyResource extends Resource
 {
@@ -21,7 +22,7 @@ class ApiKeyResource extends Resource
         return static::getModel()::where('key_type', '2')->count() ?: null;
     }
 
-    public static function canEdit($record): bool
+    public static function canEdit(Model $record): bool
     {
         return false;
     }

app/Filament/Resources/DatabaseHostResource/Pages/CreateDatabaseHost.php

@@ -4,6 +4,8 @@ namespace App\Filament\Resources\DatabaseHostResource\Pages;
 
 use App\Filament\Resources\DatabaseHostResource;
 use App\Services\Databases\Hosts\HostCreationService;
+use Closure;
+use Exception;
 use Filament\Forms;
 use Filament\Forms\Components\Section;
 use Filament\Forms\Components\Select;
@@ -16,6 +18,8 @@ use PDOException;
 
 class CreateDatabaseHost extends CreateRecord
 {
+    private HostCreationService $service;
+
     protected static string $resource = DatabaseHostResource::class;
 
     protected ?string $heading = 'Database Hosts';
@@ -24,6 +28,11 @@ class CreateDatabaseHost extends CreateRecord
 
     protected ?string $subheading = '(database servers that can have individual databases)';
 
+    public function boot(HostCreationService $service): void
+    {
+        $this->service = $service;
+    }
+
     public function form(Form $form): Form
     {
         return $form
@@ -94,10 +103,10 @@ class CreateDatabaseHost extends CreateRecord
 
     protected function handleRecordCreation(array $data): Model
     {
-        return resolve(HostCreationService::class)->handle($data);
+        return $this->service->handle($data);
     }
 
-    public function exception($e, $stopPropagation): void
+    public function exception(Exception $e, Closure $stopPropagation): void
     {
         if ($e instanceof PDOException) {
             Notification::make()

app/Filament/Resources/DatabaseHostResource/Pages/EditDatabaseHost.php

@@ -6,6 +6,8 @@ use App\Filament\Resources\DatabaseHostResource;
 use App\Filament\Resources\DatabaseHostResource\RelationManagers\DatabasesRelationManager;
 use App\Models\DatabaseHost;
 use App\Services\Databases\Hosts\HostUpdateService;
+use Closure;
+use Exception;
 use Filament\Actions;
 use Filament\Forms;
 use Filament\Forms\Components\Section;
@@ -21,6 +23,13 @@ class EditDatabaseHost extends EditRecord
 {
     protected static string $resource = DatabaseHostResource::class;
 
+    private HostUpdateService $hostUpdateService;
+
+    public function boot(HostUpdateService $hostUpdateService): void
+    {
+        $this->hostUpdateService = $hostUpdateService;
+    }
+
     public function form(Form $form): Form
     {
         return $form
@@ -97,12 +106,16 @@ class EditDatabaseHost extends EditRecord
         ];
     }
 
-    protected function handleRecordUpdate($record, array $data): Model
+    protected function handleRecordUpdate(Model $record, array $data): Model
     {
-        return resolve(HostUpdateService::class)->handle($record->id, $data);
+        if (!$record instanceof DatabaseHost) {
+            return $record;
+        }
+
+        return $this->hostUpdateService->handle($record, $data);
     }
 
-    public function exception($e, $stopPropagation): void
+    public function exception(Exception $e, Closure $stopPropagation): void
     {
         if ($e instanceof PDOException) {
             Notification::make()

app/Filament/Resources/DatabaseHostResource/RelationManagers/DatabasesRelationManager.php

@@ -8,6 +8,7 @@ use Filament\Forms\Components\Actions\Action;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Form;
 use Filament\Forms\Get;
+use Filament\Forms\Set;
 use Filament\Resources\RelationManagers\RelationManager;
 use Filament\Tables\Actions\DeleteAction;
 use Filament\Tables\Actions\ViewAction;
@@ -61,7 +62,7 @@ class DatabasesRelationManager extends RelationManager
             ]);
     }
 
-    protected function rotatePassword(DatabasePasswordService $service, Database $database, $set, $get): void
+    protected function rotatePassword(DatabasePasswordService $service, Database $database, Set $set, Get $get): void
     {
         $newPassword = $service->handle($database);
         $jdbcString = 'jdbc:mysql://' . $get('username') . ':' . urlencode($newPassword) . '@' . $database->host->host . ':' . $database->host->port . '/' . $get('database');

app/Filament/Resources/EggResource/Pages/EditEgg.php

@@ -280,10 +280,7 @@ class EditEgg extends EditRecord
                         ->contained(false),
 
                 ])
-                ->action(function (array $data, Egg $egg): void {
-                    /** @var EggImporterService $eggImportService */
-                    $eggImportService = resolve(EggImporterService::class);
-
+                ->action(function (array $data, Egg $egg, EggImporterService $eggImportService): void {
                     if (!empty($data['egg'])) {
                         try {
                             $eggImportService->fromFile($data['egg'], $egg);

app/Filament/Resources/EggResource/Pages/ListEggs.php

@@ -66,9 +66,10 @@ class ListEggs extends ListRecords
                     ->modalDescription('If you made any changes to the egg they will be overwritten!')
                     ->modalIconColor('danger')
                     ->modalSubmitAction(fn (Actions\StaticAction $action) => $action->color('danger'))
-                    ->action(function (Egg $egg) {
+                    ->action(function (Egg $egg, EggImporterService $eggImporterService) {
                         try {
-                            app(EggImporterService::class)->fromUrl($egg->update_url, $egg);
+                            $eggImporterService->fromUrl($egg->update_url, $egg);
+
                             cache()->forget("eggs.{$egg->uuid}.update");
                         } catch (Exception $exception) {
                             Notification::make()
@@ -130,10 +131,7 @@ class ListEggs extends ListRecords
                         ->contained(false),
 
                 ])
-                ->action(function (array $data): void {
-                    /** @var EggImporterService $eggImportService */
-                    $eggImportService = resolve(EggImporterService::class);
-
+                ->action(function (array $data, EggImporterService $eggImportService): void {
                     if (!empty($data['egg'])) {
                         /** @var TemporaryUploadedFile[] $eggFile */
                         $eggFile = $data['egg'];

app/Filament/Resources/NodeResource/Pages/CreateNode.php

@@ -398,7 +398,7 @@ class CreateNode extends CreateRecord
     protected function getRedirectUrlParameters(): array
     {
         return [
-            'tab' => '-configuration-tab',
+            'tab' => '-configuration-file-tab',
         ];
     }
 

app/Filament/Resources/NodeResource/Pages/EditNode.php

@@ -469,12 +469,12 @@ class EditNode extends EditRecord
         $this->fillForm();
     }
 
-    protected function getColumnSpan()
+    protected function getColumnSpan(): ?int
     {
         return null;
     }
 
-    protected function getColumnStart()
+    protected function getColumnStart(): ?int
     {
         return null;
     }

app/Filament/Resources/NodeResource/RelationManagers/AllocationsRelationManager.php

@@ -148,7 +148,7 @@ class AllocationsRelationManager extends RelationManager
                             ->splitKeys(['Tab', ' ', ','])
                             ->required(),
                     ])
-                    ->action(fn (array $data) => resolve(AssignmentService::class)->handle($this->getOwnerRecord(), $data)),
+                    ->action(fn (array $data, AssignmentService $service) => $service->handle($this->getOwnerRecord(), $data)),
             ])
             ->bulkActions([
                 BulkActionGroup::make([

app/Filament/Resources/ServerResource/Pages/CreateServer.php

@@ -50,6 +50,13 @@ class CreateServer extends CreateRecord
 
     public ?Node $node = null;
 
+    private ServerCreationService $serverCreationService;
+
+    public function boot(ServerCreationService $serverCreationService): void
+    {
+        $this->serverCreationService = $serverCreationService;
+    }
+
     public function form(Form $form): Form
     {
         return $form
@@ -119,8 +126,9 @@ class CreateServer extends CreateRecord
                                         ->hintIconTooltip('Providing a user password is optional. New user email will prompt users to create a password the first time they login.')
                                         ->password(),
                                 ])
-                                ->createOptionUsing(function ($data) {
-                                    resolve(UserCreationService::class)->handle($data);
+                                ->createOptionUsing(function ($data, UserCreationService $service) {
+                                    $service->handle($data);
+
                                     $this->refreshForm();
                                 })
                                 ->required(),
@@ -263,9 +271,9 @@ class CreateServer extends CreateRecord
                                         ->splitKeys(['Tab', ' ', ','])
                                         ->required(),
                                 ])
-                                ->createOptionUsing(function (array $data, Get $get): int {
+                                ->createOptionUsing(function (array $data, Get $get, AssignmentService $assignmentService): int {
                                     return collect(
-                                        resolve(AssignmentService::class)->handle(Node::find($get('node_id')), $data)
+                                        $assignmentService->handle(Node::find($get('node_id')), $data)
                                     )->first();
                                 })
                                 ->required(),
@@ -826,10 +834,7 @@ class CreateServer extends CreateRecord
     {
         $data['allocation_additional'] = collect($data['allocation_additional'])->filter()->all();
 
-        /** @var ServerCreationService $service */
-        $service = resolve(ServerCreationService::class);
-
-        return $service->handle($data);
+        return $this->serverCreationService->handle($data);
     }
 
     private function shouldHideComponent(Get $get, Component $component): bool

app/Filament/Resources/ServerResource/Pages/EditServer.php

@@ -750,8 +750,8 @@ class EditServer extends EditRecord
                 ->color('danger')
                 ->label('Delete')
                 ->requiresConfirmation()
-                ->action(function (Server $server) {
-                    resolve(ServerDeletionService::class)->handle($server);
+                ->action(function (Server $server, ServerDeletionService $service) {
+                    $service->handle($server);
 
                     return redirect(ListServers::getUrl());
                 })
@@ -815,7 +815,7 @@ class EditServer extends EditRecord
             ->all();
     }
 
-    protected function rotatePassword(DatabasePasswordService $service, $record, $set, $get): void
+    protected function rotatePassword(DatabasePasswordService $service, Database $record, Set $set, Get $get): void
     {
         $newPassword = $service->handle($record);
         $jdbcString = 'jdbc:mysql://' . $get('username') . ':' . urlencode($newPassword) . '@' . $record->host->host . ':' . $record->host->port . '/' . $get('database');

app/Filament/Resources/ServerResource/RelationManagers/AllocationsRelationManager.php

@@ -144,7 +144,7 @@ class AllocationsRelationManager extends RelationManager
                             ->splitKeys(['Tab', ' ', ','])
                             ->required(),
                     ])
-                    ->action(fn (array $data) => resolve(AssignmentService::class)->handle($this->getOwnerRecord()->node, $data, $this->getOwnerRecord())),
+                    ->action(fn (array $data, AssignmentService $service) => $service->handle($this->getOwnerRecord()->node, $data, $this->getOwnerRecord())),
                 AssociateAction::make()
                     ->multiple()
                     ->associateAnother(false)

app/Filament/Resources/UserResource/Pages/EditProfile.php

@@ -13,7 +13,9 @@ use chillerlan\QRCode\Common\EccLevel;
 use chillerlan\QRCode\Common\Version;
 use chillerlan\QRCode\QRCode;
 use chillerlan\QRCode\QROptions;
+use Closure;
 use DateTimeZone;
+use Exception;
 use Filament\Forms\Components\Actions\Action;
 use Filament\Forms\Components\Grid;
 use Filament\Forms\Components\Placeholder;
@@ -38,6 +40,13 @@ use Illuminate\Validation\Rules\Password;
  */
 class EditProfile extends \Filament\Pages\Auth\EditProfile
 {
+    private ToggleTwoFactorService $toggleTwoFactorService;
+
+    public function boot(ToggleTwoFactorService $toggleTwoFactorService): void
+    {
+        $this->toggleTwoFactorService = $toggleTwoFactorService;
+    }
+
     protected function getForms(): array
     {
         return [
@@ -106,7 +115,7 @@ class EditProfile extends \Filament\Pages\Auth\EditProfile
 
                                 Tab::make('2FA')
                                     ->icon('tabler-shield-lock')
-                                    ->schema(function () {
+                                    ->schema(function (TwoFactorSetupService $setupService) {
                                         if ($this->getUser()->use_totp) {
                                             return [
                                                 Placeholder::make('2fa-already-enabled')
@@ -124,8 +133,6 @@ class EditProfile extends \Filament\Pages\Auth\EditProfile
                                                     ->helperText('Enter your current 2FA code to disable Two Factor Authentication'),
                                             ];
                                         }
-                                        /** @var TwoFactorSetupService */
-                                        $setupService = app(TwoFactorSetupService::class);
 
                                         ['image_url_data' => $url, 'secret' => $secret] = cache()->remember(
                                             "users.{$this->getUser()->id}.2fa.state",
@@ -274,23 +281,21 @@ class EditProfile extends \Filament\Pages\Auth\EditProfile
         ];
     }
 
-    protected function handleRecordUpdate($record, $data): Model
+    protected function handleRecordUpdate(Model $record, array $data): Model
     {
-        if ($token = $data['2facode'] ?? null) {
-            /** @var ToggleTwoFactorService $service */
-            $service = resolve(ToggleTwoFactorService::class);
+        if (!$record instanceof User) {
+            return $record;
+        }
 
-            $tokens = $service->handle($record, $token, true);
+        if ($token = $data['2facode'] ?? null) {
+            $tokens = $this->toggleTwoFactorService->handle($record, $token, true);
             cache()->set("users.$record->id.2fa.tokens", implode("\n", $tokens), now()->addSeconds(15));
 
             $this->redirectRoute('filament.admin.auth.profile', ['tab' => '-2fa-tab']);
         }
 
         if ($token = $data['2fa-disable-code'] ?? null) {
-            /** @var ToggleTwoFactorService $service */
-            $service = resolve(ToggleTwoFactorService::class);
-
-            $service->handle($record, $token, false);
+            $this->toggleTwoFactorService->handle($record, $token, false);
 
             cache()->forget("users.$record->id.2fa.state");
         }
@@ -298,7 +303,7 @@ class EditProfile extends \Filament\Pages\Auth\EditProfile
         return parent::handleRecordUpdate($record, $data);
     }
 
-    public function exception($e, $stopPropagation): void
+    public function exception(Exception $e, Closure $stopPropagation): void
     {
         if ($e instanceof TwoFactorAuthenticationTokenInvalid) {
             Notification::make()

app/Filament/Resources/UserResource/Pages/ListUsers.php

@@ -111,13 +111,11 @@ class ListUsers extends ListRecords
                         ]),
                 ])
                 ->successRedirectUrl(route('filament.admin.resources.users.index'))
-                ->action(function (array $data) {
+                ->action(function (array $data, UserCreationService $creationService) {
                     $roles = $data['roles'];
                     $roles = collect($roles)->map(fn ($role) => Role::findById($role));
                     unset($data['roles']);
 
-                    /** @var UserCreationService $creationService */
-                    $creationService = resolve(UserCreationService::class);
                     $user = $creationService->handle($data);
 
                     $user->syncRoles($roles);

app/Filament/Resources/UserResource/RelationManagers/ServersRelationManager.php

@@ -32,18 +32,18 @@ class ServersRelationManager extends RelationManager
                     )
                     ->label('Suspend All Servers')
                     ->color('warning')
-                    ->action(function () use ($user) {
+                    ->action(function (SuspensionService $suspensionService) use ($user) {
                         foreach ($user->servers()->whereNot('status', ServerState::Suspended)->get() as $server) {
-                            resolve(SuspensionService::class)->toggle($server);
+                            $suspensionService->toggle($server);
                         }
                     }),
                 Actions\Action::make('toggleUnsuspend')
                     ->hidden(fn () => $user->servers()->where('status', ServerState::Suspended)->count() === 0)
                     ->label('Unsuspend All Servers')
                     ->color('primary')
-                    ->action(function () use ($user) {
+                    ->action(function (SuspensionService $suspensionService) use ($user) {
                         foreach ($user->servers()->where('status', ServerState::Suspended)->get() as $server) {
-                            resolve(SuspensionService::class)->toggle($server, SuspensionService::ACTION_UNSUSPEND);
+                            $suspensionService->toggle($server, SuspensionService::ACTION_UNSUSPEND);
                         }
                     }),
             ])

app/Http/Controllers/Admin/ServersController.php

@@ -70,7 +70,7 @@ class ServersController extends Controller
      * @throws \App\Exceptions\DisplayException
      * @throws \App\Exceptions\Model\DataValidationException
      */
-    public function toggleInstall(Server $server)
+    public function toggleInstall(Server $server): void
     {
         if ($server->status === ServerState::InstallFailed) {
             throw new DisplayException(trans('admin/server.exceptions.marked_as_failed'));
@@ -84,8 +84,6 @@ class ServersController extends Controller
             ->body(trans('admin/server.alerts.install_toggled'))
             ->success()
             ->send();
-
-        return null;
     }
 
     /**
@@ -94,7 +92,7 @@ class ServersController extends Controller
      * @throws \App\Exceptions\DisplayException
      * @throws \App\Exceptions\Model\DataValidationException
      */
-    public function reinstallServer(Server $server)
+    public function reinstallServer(Server $server): void
     {
         $this->reinstallService->handle($server);
 

app/Http/Controllers/Api/Application/ApplicationApiController.php

@@ -40,7 +40,7 @@ abstract class ApplicationApiController extends Controller
      * Perform dependency injection of certain classes needed for core functionality
      * without littering the constructors of classes that extend this abstract.
      */
-    public function loadDependencies(Fractal $fractal, Request $request)
+    public function loadDependencies(Fractal $fractal, Request $request): void
     {
         $this->fractal = $fractal;
         $this->request = $request;

app/Http/Controllers/Api/Remote/ActivityProcessingController.php

@@ -14,7 +14,7 @@ use App\Http\Requests\Api\Remote\ActivityEventRequest;
 
 class ActivityProcessingController extends Controller
 {
-    public function __invoke(ActivityEventRequest $request)
+    public function __invoke(ActivityEventRequest $request): void
     {
         $tz = Carbon::now()->getTimezone();
 

app/Http/Controllers/Auth/AbstractLoginController.php

@@ -51,7 +51,7 @@ abstract class AbstractLoginController extends Controller
      *
      * @throws \App\Exceptions\DisplayException
      */
-    protected function sendFailedLoginResponse(Request $request, ?Authenticatable $user = null, ?string $message = null)
+    protected function sendFailedLoginResponse(Request $request, ?Authenticatable $user = null, ?string $message = null): never
     {
         $this->incrementLoginAttempts($request);
         $this->fireFailedLoginEvent($user, [
@@ -99,7 +99,7 @@ abstract class AbstractLoginController extends Controller
     /**
      * Fire a failed login event.
      */
-    protected function fireFailedLoginEvent(?Authenticatable $user = null, array $credentials = [])
+    protected function fireFailedLoginEvent(?Authenticatable $user = null, array $credentials = []): void
     {
         Event::dispatch(new Failed('auth', $user, $credentials));
     }

app/Http/Controllers/Auth/ForgotPasswordController.php

@@ -16,7 +16,7 @@ class ForgotPasswordController extends Controller
     /**
      * Get the response for a failed password reset link.
      */
-    protected function sendResetLinkFailedResponse(Request $request, $response): JsonResponse
+    protected function sendResetLinkFailedResponse(Request $request, string $response): JsonResponse
     {
         // As noted in #358 we will return success even if it failed
         // to avoid pointing out that an account does or does not
@@ -31,7 +31,7 @@ class ForgotPasswordController extends Controller
      *
      * @param  string  $response
      */
-    protected function sendResetLinkResponse(Request $request, $response): JsonResponse
+    protected function sendResetLinkResponse(Request $request, string $response): JsonResponse
     {
         return response()->json([
             'status' => trans($response),

app/Http/Controllers/Auth/LoginCheckpointController.php

@@ -72,7 +72,7 @@ class LoginCheckpointController extends AbstractLoginController
             }
         }
 
-        return $this->sendFailedLoginResponse($request, $user, !empty($recoveryToken) ? 'The recovery token provided is not valid.' : null);
+        $this->sendFailedLoginResponse($request, $user, !empty($recoveryToken) ? 'The recovery token provided is not valid.' : null);
     }
 
     /**

app/Http/Controllers/Auth/LoginController.php

@@ -4,11 +4,13 @@ namespace App\Http\Controllers\Auth;
 
 use App\Filament\Pages\Installer\PanelInstaller;
 use Carbon\CarbonImmutable;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Str;
 use Illuminate\Http\Request;
 use App\Models\User;
 use Illuminate\Http\JsonResponse;
 use App\Facades\Activity;
+use Illuminate\View\View;
 
 class LoginController extends AbstractLoginController
 {
@@ -17,7 +19,7 @@ class LoginController extends AbstractLoginController
      * base authentication view component. React will take over at this point and
      * turn the login area into an SPA.
      */
-    public function index()
+    public function index(): View|RedirectResponse
     {
         if (!PanelInstaller::isInstalled()) {
             return redirect('/installer');

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -69,7 +69,7 @@ class ResetPasswordController extends Controller
      *
      * @throws \App\Exceptions\Model\DataValidationException
      */
-    protected function resetPassword($user, $password)
+    protected function resetPassword($user, $password): void
     {
         /** @var User $user */
         $user->password = $this->hasher->make($password);

app/Http/Middleware/EnsureStatefulRequests.php

@@ -15,7 +15,7 @@ class EnsureStatefulRequests extends EnsureFrontendRequestsAreStateful
      * We don't want to support API usage using the cookies, except for requests stemming
      * from the front-end we control.
      */
-    public static function fromFrontend($request)
+    public static function fromFrontend($request): bool
     {
         if (parent::fromFrontend($request)) {
             return true;

app/Http/Middleware/VerifyReCaptcha.php

@@ -3,23 +3,26 @@
 namespace App\Http\Middleware;
 
 use GuzzleHttp\Client;
+use Illuminate\Foundation\Application;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use App\Events\Auth\FailedCaptcha;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 
-class VerifyReCaptcha
+readonly class VerifyReCaptcha
 {
-    /**
-     * Handle an incoming request.
-     */
+    public function __construct(private Application $app)
+    {
+
+    }
+
     public function handle(Request $request, \Closure $next): mixed
     {
         if (!config('recaptcha.enabled')) {
             return $next($request);
         }
 
-        if (app()->isLocal()) {
+        if ($this->app->isLocal()) {
             return $next($request);
         }
 

app/Http/Requests/Admin/Egg/EggFormRequest.php

@@ -3,6 +3,7 @@
 namespace App\Http\Requests\Admin\Egg;
 
 use App\Http\Requests\Admin\AdminFormRequest;
+use Illuminate\Validation\Validator;
 
 class EggFormRequest extends AdminFormRequest
 {
@@ -25,7 +26,7 @@ class EggFormRequest extends AdminFormRequest
         return $rules;
     }
 
-    public function withValidator($validator)
+    public function withValidator(Validator $validator): void
     {
         $validator->sometimes('config_from', 'exists:eggs,id', function () {
             return (int) $this->input('config_from') !== 0;

app/Http/Requests/Api/Application/DatabaseHosts/UpdateDatabaseHostRequest.php

@@ -11,6 +11,6 @@ class UpdateDatabaseHostRequest extends StoreDatabaseHostRequest
         /** @var DatabaseHost $databaseHost */
         $databaseHost = $this->route()->parameter('database_host');
 
-        return $rules ?? DatabaseHost::getRulesForUpdate($databaseHost->id);
+        return $rules ?? DatabaseHost::getRulesForUpdate($databaseHost);
     }
 }

app/Http/Requests/Api/Application/Mounts/UpdateMountRequest.php

@@ -14,6 +14,6 @@ class UpdateMountRequest extends StoreMountRequest
         /** @var Mount $mount */
         $mount = $this->route()->parameter('mount');
 
-        return Mount::getRulesForUpdate($mount->id);
+        return Mount::getRulesForUpdate($mount);
     }
 }

app/Http/Requests/Api/Application/Nodes/UpdateNodeRequest.php

@@ -15,6 +15,6 @@ class UpdateNodeRequest extends StoreNodeRequest
         /** @var Node $node */
         $node = $this->route()->parameter('node');
 
-        return parent::rules(Node::getRulesForUpdate($node->id));
+        return parent::rules(Node::getRulesForUpdate($node));
     }
 }

app/Http/Requests/Api/Application/Users/UpdateUserRequest.php

@@ -11,8 +11,8 @@ class UpdateUserRequest extends StoreUserRequest
      */
     public function rules(?array $rules = null): array
     {
-        $userId = $this->parameter('user', User::class)->id;
+        $user = $this->parameter('user', User::class);
 
-        return parent::rules(User::getRulesForUpdate($userId));
+        return parent::rules(User::getRulesForUpdate($user));
     }
 }

app/Http/Requests/Api/Client/Servers/Subusers/SubuserRequest.php

@@ -49,7 +49,7 @@ abstract class SubuserRequest extends ClientApiRequest
      *
      * @throws \Illuminate\Contracts\Container\BindingResolutionException
      */
-    protected function validatePermissionsCanBeAssigned(array $permissions)
+    protected function validatePermissionsCanBeAssigned(array $permissions): void
     {
         $user = $this->user();
         /** @var \App\Models\Server $server */

app/Jobs/Schedule/RunTaskJob.php

@@ -90,7 +90,7 @@ class RunTaskJob extends Job implements ShouldQueue
     /**
      * Handle a failure while sending the action to the daemon or otherwise processing the job.
      */
-    public function failed(?\Exception $exception = null)
+    public function failed(?\Exception $exception = null): void
     {
         $this->markTaskNotQueued();
         $this->markScheduleComplete();
@@ -99,7 +99,7 @@ class RunTaskJob extends Job implements ShouldQueue
     /**
      * Get the next task in the schedule and queue it for running after the defined period of wait time.
      */
-    private function queueNextTask()
+    private function queueNextTask(): void
     {
         /** @var \App\Models\Task|null $nextTask */
         $nextTask = Task::query()->where('schedule_id', $this->task->schedule_id)
@@ -121,7 +121,7 @@ class RunTaskJob extends Job implements ShouldQueue
     /**
      * Marks the parent schedule as being complete.
      */
-    private function markScheduleComplete()
+    private function markScheduleComplete(): void
     {
         $this->task->schedule()->update([
             'is_processing' => false,
@@ -132,7 +132,7 @@ class RunTaskJob extends Job implements ShouldQueue
     /**
      * Mark a specific task as no longer being queued.
      */
-    private function markTaskNotQueued()
+    private function markTaskNotQueued(): void
     {
         $this->task->update(['is_queued' => false]);
     }

app/Livewire/NodeSystemInformation.php

@@ -3,6 +3,7 @@
 namespace App\Livewire;
 
 use App\Models\Node;
+use Illuminate\View\View;
 use Livewire\Component;
 
 class NodeSystemInformation extends Component
@@ -11,12 +12,12 @@ class NodeSystemInformation extends Component
 
     public string $sizeClasses;
 
-    public function render()
+    public function render(): View
     {
         return view('livewire.node-system-information');
     }
 
-    public function placeholder()
+    public function placeholder(): string
     {
         return <<<'HTML'
         <div>

app/Models/ActivityLog.php

@@ -123,7 +123,7 @@ class ActivityLog extends Model
      *
      * @see https://laravel.com/docs/9.x/eloquent#pruning-models
      */
-    public function prunable()
+    public function prunable(): Builder
     {
         if (is_null(config('activity.prune_days'))) {
             throw new \LogicException('Cannot prune activity logs: no "prune_days" configuration value is set.');
@@ -136,7 +136,7 @@ class ActivityLog extends Model
      * Boots the model event listeners. This will trigger an activity log event every
      * time a new model is inserted which can then be captured and worked with as needed.
      */
-    protected static function boot()
+    protected static function boot(): void
     {
         parent::boot();
 
@@ -149,7 +149,7 @@ class ActivityLog extends Model
         });
     }
 
-    public function htmlable()
+    public function htmlable(): string
     {
         $user = $this->actor;
         if (!$user instanceof User) {

app/Models/ActivityLogSubject.php

@@ -3,8 +3,9 @@
 namespace App\Models;
 
 use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Database\Eloquent\Relations\Pivot;
-use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Database\Eloquent\SoftDeletingScope;
 
 /**
  * \App\Models\ActivityLogSubject.
@@ -37,15 +38,8 @@ class ActivityLogSubject extends Pivot
         return $this->belongsTo(ActivityLog::class);
     }
 
-    public function subject()
+    public function subject(): MorphTo
     {
-        $morph = $this->morphTo();
-
-        if (in_array(SoftDeletes::class, class_uses_recursive($morph::class))) {
-            /** @var self|Backup|UserSSHKey $morph - cannot use traits in doc blocks */
-            return $morph->withTrashed();
-        }
-
-        return $morph;
+        return $this->morphTo()->withoutGlobalScope(SoftDeletingScope::class);
     }
 }

app/Models/Filters/AdminServerFilter.php

@@ -13,7 +13,7 @@ class AdminServerFilter implements Filter
      *
      * @param  string  $value
      */
-    public function __invoke(Builder $query, $value, string $property)
+    public function __invoke(Builder $query, $value, string $property): void
     {
         if ($query->getQuery()->from !== 'servers') {
             throw new \BadMethodCallException('Cannot use the AdminServerFilter against a non-server model.');

app/Models/Filters/MultiFieldServerFilter.php

@@ -21,7 +21,7 @@ class MultiFieldServerFilter implements Filter
      *
      * @param  string  $value
      */
-    public function __invoke(Builder $query, $value, string $property)
+    public function __invoke(Builder $query, $value, string $property): void
     {
         if ($query->getQuery()->from !== 'servers') {
             throw new \BadMethodCallException('Cannot use the MultiFieldServerFilter against a non-server model.');

app/Models/Model.php

@@ -38,7 +38,7 @@ abstract class Model extends IlluminateModel
      *
      * @throws \Illuminate\Contracts\Container\BindingResolutionException
      */
-    protected static function boot()
+    protected static function boot(): void
     {
         parent::boot();
 
@@ -69,7 +69,7 @@ abstract class Model extends IlluminateModel
         return 'uuid';
     }
 
-    protected function asDateTime($value)
+    protected function asDateTime($value): Carbon
     {
         $timezone = auth()->user()?->timezone ?? config('app.timezone', 'UTC');
 
@@ -135,11 +135,9 @@ abstract class Model extends IlluminateModel
      * Returns the rules associated with the model, specifically for updating the given model
      * rather than just creating it.
      */
-    public static function getRulesForUpdate($model, string $column = 'id'): array
+    public static function getRulesForUpdate(self $model): array
     {
-        if ($model instanceof Model) {
-            [$id, $column] = [$model->getKey(), $model->getKeyName()];
-        }
+        [$id, $column] = [$model->getKey(), $model->getKeyName()];
 
         $rules = static::getRules();
         foreach ($rules as $key => &$data) {

app/Models/Mount.php

@@ -70,7 +70,7 @@ class Mount extends Model
     /**
      * Blacklisted source paths.
      */
-    public static $invalidSourcePaths = [
+    public static array $invalidSourcePaths = [
         '/etc/pelican',
         '/var/lib/pelican/volumes',
         '/srv/daemon-data',
@@ -79,7 +79,7 @@ class Mount extends Model
     /**
      * Blacklisted target paths.
      */
-    public static $invalidTargetPaths = [
+    public static array $invalidTargetPaths = [
         '/home/container',
     ];
 

app/Models/Node.php

@@ -8,6 +8,7 @@ use Exception;
 use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Database\Eloquent\Relations\HasManyThrough;
 use Illuminate\Notifications\Notifiable;
+use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Str;
 use Symfony\Component\Yaml\Yaml;
@@ -271,7 +272,7 @@ class Node extends Model
         return true;
     }
 
-    public static function getForServerCreation()
+    public static function getForServerCreation(): Collection
     {
         return self::with('allocations')->get()->map(function (Node $item) {
             $filtered = $item->getRelation('allocations')->where('server_id', null)->map(function ($map) {
@@ -297,6 +298,7 @@ class Node extends Model
     {
         return once(function () {
             try {
+                // @phpstan-ignore-next-line
                 return resolve(DaemonConfigurationRepository::class)
                     ->setNode($this)
                     ->getSystemInformation(connectTimeout: 3);
@@ -333,7 +335,7 @@ class Node extends Model
         return $statuses;
     }
 
-    public function statistics()
+    public function statistics(): array
     {
         $default = [
             'memory_total' => 0,

app/Models/Server.php

@@ -367,7 +367,7 @@ class Server extends Model
      *
      * @throws ServerStateConflictException
      */
-    public function validateCurrentState()
+    public function validateCurrentState(): void
     {
         if (
             $this->isSuspended() ||
@@ -386,7 +386,7 @@ class Server extends Model
      * sure the server can be transferred and is not currently being transferred
      * or installed.
      */
-    public function validateTransferState()
+    public function validateTransferState(): void
     {
         if (
             !$this->isInstalled() ||

app/Models/User.php

@@ -236,7 +236,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
      *
      * @param  string  $token
      */
-    public function sendPasswordResetNotification($token)
+    public function sendPasswordResetNotification($token): void
     {
         Activity::event('auth:reset-password')
             ->withRequestMetadata()
@@ -249,7 +249,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
     /**
      * Store the username as a lowercase string.
      */
-    public function setUsernameAttribute(string $value)
+    public function setUsernameAttribute(string $value): void
     {
         $this->attributes['username'] = mb_strtolower($value);
     }

app/PHPStan/ForbiddenGlobalFunctionsRule.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\PHPStan;
+
+use PhpParser\Node;
+use PhpParser\Node\Expr\FuncCall;
+use PHPStan\Analyser\Scope;
+use PHPStan\Rules\Rule;
+
+class ForbiddenGlobalFunctionsRule implements Rule
+{
+    private array $forbiddenFunctions;
+
+    public function __construct(array $forbiddenFunctions = ['app', 'resolve'])
+    {
+        $this->forbiddenFunctions = $forbiddenFunctions;
+    }
+
+    public function getNodeType(): string
+    {
+        return FuncCall::class;
+    }
+
+    public function processNode(Node $node, Scope $scope): array
+    {
+        /** @var FuncCall $node */
+        if ($node->name instanceof Node\Name) {
+            $functionName = (string) $node->name;
+            if (in_array($functionName, $this->forbiddenFunctions, true)) {
+                return [
+                    sprintf('Usage of global function "%s" is forbidden.', $functionName),
+                ];
+            }
+        }
+
+        return [];
+    }
+}

app/Policies/ServerPolicy.php

@@ -41,7 +41,7 @@ class ServerPolicy
      * not call the before() function if there isn't a function matching the
      * policy permission.
      */
-    public function __call(string $name, mixed $arguments)
+    public function __call(string $name, mixed $arguments): void
     {
         // do nothing
     }

app/Providers/AppServiceProvider.php

@@ -13,6 +13,7 @@ use Dedoc\Scramble\Support\Generator\SecurityScheme;
 use Filament\Support\Colors\Color;
 use Filament\Support\Facades\FilamentColor;
 use Illuminate\Database\Eloquent\Relations\Relation;
+use Illuminate\Foundation\Application;
 use Illuminate\Pagination\Paginator;
 use Illuminate\Support\Facades\Broadcast;
 use Illuminate\Support\Facades\Event;
@@ -29,7 +30,7 @@ class AppServiceProvider extends ServiceProvider
     /**
      * Bootstrap any application services.
      */
-    public function boot(): void
+    public function boot(Application $app): void
     {
         // TODO: remove when old admin area gets yeeted
         View::share('appVersion', config('app.version'));
@@ -64,7 +65,7 @@ class AppServiceProvider extends ServiceProvider
                 ->asJson()
                 ->withToken($node->daemon_token)
                 ->withHeaders($headers)
-                ->withOptions(['verify' => (bool) app()->environment('production')])
+                ->withOptions(['verify' => (bool) $app->environment('production')])
                 ->timeout(config('panel.guzzle.timeout'))
                 ->connectTimeout(config('panel.guzzle.connect_timeout'))
                 ->baseUrl($node->getConnectionAddress())

app/Providers/Filament/AdminPanelProvider.php

@@ -9,6 +9,7 @@ use Filament\Http\Middleware\DisableBladeIconComponents;
 use Filament\Http\Middleware\DispatchServingFilamentEvent;
 use Filament\Panel;
 use Filament\PanelProvider;
+use Filament\Support\Enums\MaxWidth;
 use Filament\Support\Facades\FilamentAsset;
 use Filament\Widgets;
 use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
@@ -21,7 +22,7 @@ use Illuminate\View\Middleware\ShareErrorsFromSession;
 
 class AdminPanelProvider extends PanelProvider
 {
-    public function boot()
+    public function boot(): void
     {
         FilamentAsset::registerCssVariables([
             'sidebar-width' => '16rem !important',
@@ -43,6 +44,8 @@ class AdminPanelProvider extends PanelProvider
             ->brandLogo(config('app.logo'))
             ->brandLogoHeight('2rem')
             ->profile(EditProfile::class, false)
+            ->maxContentWidth(MaxWidth::ScreenTwoExtraLarge)
+            ->spa()
             ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources')
             ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages')
             ->discoverClusters(in: app_path('Filament/Clusters'), for: 'App\\Filament\\Clusters')

app/Repositories/Daemon/DaemonBackupRepository.php

@@ -2,6 +2,7 @@
 
 namespace App\Repositories\Daemon;
 
+use Illuminate\Http\Client\Response;
 use Webmozart\Assert\Assert;
 use App\Models\Backup;
 use App\Models\Server;
@@ -27,7 +28,7 @@ class DaemonBackupRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function backup(Backup $backup)
+    public function backup(Backup $backup): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -50,7 +51,7 @@ class DaemonBackupRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function restore(Backup $backup, ?string $url = null, bool $truncate = false)
+    public function restore(Backup $backup, ?string $url = null, bool $truncate = false): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -73,7 +74,7 @@ class DaemonBackupRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function delete(Backup $backup)
+    public function delete(Backup $backup): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 

app/Repositories/Daemon/DaemonConfigurationRepository.php

@@ -5,6 +5,7 @@ namespace App\Repositories\Daemon;
 use App\Models\Node;
 use GuzzleHttp\Exception\TransferException;
 use App\Exceptions\Http\Connection\DaemonConnectionException;
+use Illuminate\Http\Client\Response;
 
 class DaemonConfigurationRepository extends DaemonRepository
 {
@@ -13,7 +14,7 @@ class DaemonConfigurationRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function getSystemInformation(?int $version = null, $connectTimeout = 5): array
+    public function getSystemInformation(?int $version = null, int $connectTimeout = 5): array
     {
         try {
             $response = $this
@@ -34,7 +35,7 @@ class DaemonConfigurationRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function update(Node $node)
+    public function update(Node $node): Response
     {
         try {
             return $this->getHttpClient()->post(

app/Repositories/Daemon/DaemonFileRepository.php

@@ -3,6 +3,7 @@
 namespace App\Repositories\Daemon;
 
 use Carbon\CarbonInterval;
+use Illuminate\Http\Client\Response;
 use Webmozart\Assert\Assert;
 use App\Models\Server;
 use GuzzleHttp\Exception\ClientException;
@@ -48,7 +49,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function putContent(string $path, string $content)
+    public function putContent(string $path, string $content): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -88,7 +89,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function createDirectory(string $name, string $path)
+    public function createDirectory(string $name, string $path): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -110,7 +111,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function renameFiles(?string $root, array $files)
+    public function renameFiles(?string $root, array $files): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -132,7 +133,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function copyFile(string $location)
+    public function copyFile(string $location): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -153,7 +154,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function deleteFiles(?string $root, array $files)
+    public function deleteFiles(?string $root, array $files): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -203,7 +204,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function decompressFile(?string $root, string $file)
+    public function decompressFile(?string $root, string $file): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -229,7 +230,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function chmodFiles(?string $root, array $files)
+    public function chmodFiles(?string $root, array $files): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 
@@ -251,7 +252,7 @@ class DaemonFileRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function pull(string $url, ?string $directory, array $params = [])
+    public function pull(string $url, ?string $directory, array $params = []): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 

app/Repositories/Daemon/DaemonPowerRepository.php

@@ -2,6 +2,7 @@
 
 namespace App\Repositories\Daemon;
 
+use Illuminate\Http\Client\Response;
 use Webmozart\Assert\Assert;
 use App\Models\Server;
 use GuzzleHttp\Exception\TransferException;
@@ -14,7 +15,7 @@ class DaemonPowerRepository extends DaemonRepository
      *
      * @throws \App\Exceptions\Http\Connection\DaemonConnectionException
      */
-    public function send(string $action)
+    public function send(string $action): Response
     {
         Assert::isInstanceOf($this->server, Server::class);
 

app/Services/Activity/ActivityLogService.php

@@ -168,7 +168,7 @@ class ActivityLogService
      *
      * @throws \Throwable
      */
-    public function transaction(\Closure $callback)
+    public function transaction(\Closure $callback): mixed
     {
         return $this->connection->transaction(function () use ($callback) {
             $response = $callback($this);

app/Services/Deployment/FindViableNodesService.php

@@ -17,7 +17,7 @@ class FindViableNodesService
      * are tossed out, as are any nodes marked as non-public, meaning automatic
      * deployments should not be done against them.
      */
-    public function handle(int $memory = 0, int $disk = 0, int $cpu = 0, $tags = []): Collection
+    public function handle(int $memory = 0, int $disk = 0, int $cpu = 0, array $tags = []): Collection
     {
         $nodes = Node::query()
             ->withSum('servers', 'memory')

app/Services/Servers/SuspensionService.php

@@ -28,7 +28,7 @@ class SuspensionService
      *
      * @throws \Throwable
      */
-    public function toggle(Server $server, string $action = self::ACTION_SUSPEND)
+    public function toggle(Server $server, string $action = self::ACTION_SUSPEND): void
     {
         Assert::oneOf($action, [self::ACTION_SUSPEND, self::ACTION_UNSUSPEND]);
 
@@ -37,7 +37,9 @@ class SuspensionService
         // suspended in the database. Additionally, nothing needs to happen if the server
         // is not suspended, and we try to un-suspend the instance.
         if ($isSuspending === $server->isSuspended()) {
-            return Notification::make()->danger()->title('Failed!')->body('Server is already suspended!')->send();
+            Notification::make()->danger()->title('Failed!')->body('Server is already suspended!')->send();
+
+            return;
         }
 
         // Check if the server is currently being transferred.

app/Services/Servers/TransferServerService.php

@@ -106,7 +106,7 @@ class TransferServerService
     /**
      * Assigns the specified allocations to the specified server.
      */
-    private function assignAllocationsToServer(Server $server, int $node_id, int $allocation_id, array $additional_allocations)
+    private function assignAllocationsToServer(Server $server, int $node_id, int $allocation_id, array $additional_allocations): void
     {
         $allocations = $additional_allocations;
         $allocations[] = $allocation_id;

app/Traits/CheckMigrationsTrait.php

@@ -12,7 +12,7 @@ trait CheckMigrationsTrait
     protected function hasCompletedMigrations(): bool
     {
         /** @var Migrator $migrator */
-        $migrator = app()->make('migrator');
+        $migrator = app()->make('migrator'); // @phpstan-ignore-line
 
         $files = $migrator->getMigrationFiles(database_path('migrations'));
 

app/Traits/Controllers/PlainJavascriptInjection.php

@@ -9,7 +9,7 @@ trait PlainJavascriptInjection
     /**
      * Injects statistics into javascript.
      */
-    public function injectJavascript($data)
+    public function injectJavascript($data): void
     {
         \JavaScript::put($data);
     }

app/Traits/Helpers/AvailableLanguages.php

@@ -51,6 +51,7 @@ trait AvailableLanguages
      */
     private function getFilesystemInstance(): Filesystem
     {
+        // @phpstan-ignore-next-line
         return $this->filesystem = $this->filesystem ?: app()->make(Filesystem::class);
     }
 }

app/Transformers/Api/Application/BaseTransformer.php

@@ -54,6 +54,7 @@ abstract class BaseTransformer extends TransformerAbstract
      */
     public static function fromRequest(Request $request): self
     {
+        // @phpstan-ignore-next-line
         return app(static::class)->setRequest($request);
     }
 

app/Transformers/Api/Application/EggVariableTransformer.php

@@ -15,7 +15,7 @@ class EggVariableTransformer extends BaseTransformer
         return Egg::RESOURCE_NAME;
     }
 
-    public function transform(EggVariable $model)
+    public function transform(EggVariable $model): array
     {
         return $model->toArray();
     }

app/Transformers/Api/Application/MountTransformer.php

@@ -22,7 +22,7 @@ class MountTransformer extends BaseTransformer
         return Mount::RESOURCE_NAME;
     }
 
-    public function transform(Mount $model)
+    public function transform(Mount $model): array
     {
         return $model->toArray();
     }

app/Transformers/Api/Application/ServerTransformer.php

@@ -30,7 +30,7 @@ class ServerTransformer extends BaseTransformer
     /**
      * Perform dependency injection.
      */
-    public function handle(EnvironmentService $environmentService)
+    public function handle(EnvironmentService $environmentService): void
     {
         $this->environmentService = $environmentService;
     }

app/Transformers/Api/Client/ActivityLogTransformer.php

@@ -6,6 +6,7 @@ use Illuminate\Support\Str;
 use App\Models\User;
 use App\Models\ActivityLog;
 use Illuminate\Database\Eloquent\Model;
+use League\Fractal\Resource\ResourceAbstract;
 
 class ActivityLogTransformer extends BaseClientTransformer
 {
@@ -34,7 +35,7 @@ class ActivityLogTransformer extends BaseClientTransformer
         ];
     }
 
-    public function includeActor(ActivityLog $model)
+    public function includeActor(ActivityLog $model): ResourceAbstract
     {
         if (!$model->actor instanceof User) {
             return $this->null();

database/Seeders/DatabaseSeeder.php

@@ -10,7 +10,7 @@ class DatabaseSeeder extends Seeder
     /**
      * Run the database seeds.
      */
-    public function run()
+    public function run(): void
     {
         $this->call(EggSeeder::class);
 

database/Seeders/EggSeeder.php

@@ -34,7 +34,7 @@ class EggSeeder extends Seeder
     /**
      * Run the egg seeder.
      */
-    public function run()
+    public function run(): void
     {
         foreach (static::$imports as $import) {
             /* @noinspection PhpParamsInspection */
@@ -45,7 +45,7 @@ class EggSeeder extends Seeder
     /**
      * Loop through the list of egg files and import them.
      */
-    protected function parseEggFiles($name)
+    protected function parseEggFiles($name): void
     {
         $files = new \DirectoryIterator(database_path('Seeders/eggs/' . kebab_case($name)));
 

phpstan.neon

@@ -1,20 +1,20 @@
 includes:
     - vendor/larastan/larastan/extension.neon
 
+rules:
+    - App\PHPStan\ForbiddenGlobalFunctionsRule
+
 parameters:
 
     paths:
-        - app/
+        - app
 
-    # Level 9 is the highest level
-    level: 5
+    level: 6
 
     ignoreErrors:
         # Prologue\Alerts defines its methods from its configuration file dynamically
         - '#^Call to an undefined method Prologue\\Alerts\\AlertsMessageBag::(danger|success|info|warning)\(\)\.$#'
 
-#    excludePaths:
-#        - ./*/*/FileToBeExcluded.php
-#
-#    checkMissingIterableValueType: false
-
+        - '#no value type specified in iterable#'
+        - '#Unable to resolve the template type#'
+        - '#does not specify its types#'

tests/Integration/Api/Client/ClientApiIntegrationTestCase.php

@@ -76,7 +76,7 @@ abstract class ClientApiIntegrationTestCase extends IntegrationTestCase
      * Asserts that the data passed through matches the output of the data from the transformer. This
      * will remove the "relationships" key when performing the comparison.
      */
-    protected function assertJsonTransformedWith(array $data, Model|EloquentModel $model)
+    protected function assertJsonTransformedWith(array $data, Model|EloquentModel $model): void
     {
         $reflect = new \ReflectionClass($model);
         $transformer = sprintf('\\App\\Transformers\\Api\\Client\\%sTransformer', $reflect->getShortName());