…elpers

Every explicit command method in Client.php previously repeated the same
~10 lines: check class_exists(Revolt\EventLoop), grab a Suspension if
needed, push the queue tuple, call process(), suspend if needed, return
null. Each copy was a maintenance hazard — bug fixes had to land in N
places, and adding new commands meant pasting the boilerplate again.

queueCommand(array $args, ?callable $cb, ?callable $format) collapses
the pattern. Every command method now reduces to one return statement.
__call() also routes through it, so the Revolt-vs-callback decision
lives in exactly one place.

dispatcher(string $prefix, array $args) is the corresponding helper for
multi-verb command families and dotted module commands. Two forms:
  - 'CLUSTER ' (trailing space)  -> emits ['CLUSTER','INFO',...]
  - 'JSON.'    (trailing dot)    -> emits ['JSON.SET',...]
The verb is auto-uppercased and any trailing callable in $args is
popped as the callback. This is the foundation for the upcoming
config(), acl(), slowLog(), memory(), command(), cluster(), json(),
bf(), cms(), topk(), and ft() methods.

Refactored to use queueCommand(): select(), auth(), set(), incr(),
decr(), sort(), mapCb(), keyMapCb(), hMGet(), hGetAll(), __call().
Net delta is -76 lines despite adding two helpers and their docblocks.

Also corrected the @param annotations on select() and auth() to say
'callable|null $cb' instead of 'null $cb' (the legacy form told PHPStan
$cb was strictly null, which made $cb ?: ... look like dead code).
Regenerated phpstan-baseline.neon — 36 errors instead of 44, since the
refactor naturally fixed eight typing nits that fell out with the dead
copies.

Verified: vendor/bin/pest still passes 9/9 (RESP encoder/decoder
suite), vendor/bin/phpstan analyse reports OK.

Workerman's Worker::runAll() takes over the process — forks, installs
signal handlers, prints a banner on stdout, and eventually exits — which
makes it impossible to run multiple async-client commands inline in a
single Pest process. The pragmatic answer is to push each integration
assertion into its own short-lived PHP child.

tests/RedisTestCase.php defines the runInWorker(string $snippet) helper.
It proc_open's a subprocess running tests/Support/run-in-worker.php with
the snippet on stdin and an extra pipe (fd 3) for the test result. The
snippet runs inside a Workerman worker with $redis, $emit($value), and
$fail($msg) in scope. Calling $emit() writes 'OK <json>\n' to fd 3 and
SIGTERM's the master so the whole subprocess tears down cleanly.

Design notes:
  - fd 3 is used instead of stdout because Workerman prints its boot
    banner on stdout and mixing it with the result protocol is fragile.
  - Each invocation sets a unique Worker::$pidFile/$logFile under
    sys_get_temp_dir() so repeat runs don't collide on the "already
    running" check.
  - The child calls posix_kill(getppid(), SIGTERM) + exit(0) after
    flushing the result — Worker::stopAll() alone leaves the master
    monitoring a child it will immediately try to respawn, leading to
    a tight emit loop.

Pest binds Feature/ closures to RedisTestCase via tests/Pest.php, so a
Feature test reads like:

    it('does X', function () {
        $result = $this->runInWorker(<<<'PHP'
            $redis->set('k','v');
            $redis->get('k', function ($v) use ($emit) { $emit($v); });
        PHP);
        expect($result)->toBe('v');
    });

tests/Feature/SmokeTest.php exercises the harness with a SET/GET round
trip and an __call dispatch through incr(). Each test completes in
under 200ms; the proc_open overhead is acceptable for an integration
suite that will grow to ~80 commands.

Verified: vendor/bin/pest reports 11 passed / 17 assertions (9 unit +
2 integration). vendor/bin/phpstan analyse reports OK.

Ignores tests/Support/*.log and *.pid to keep Workerman runtime
artifacts out of git.

CI runs Pest + PHPStan against PHP 8.1, 8.2, and 8.3 with a live
Dragonfly instance installed via the official APT repo. Dragonfly is
wire-compatible with Redis and is this fork's canonical compatibility
target — driving the per-command priority list in the implementation
plan.

Workflow shape:
  - shivammathur/setup-php@v2 brings up PHP with pcntl/posix/sockets/
    json extensions and PCOV for coverage.
  - APT recipe installs Dragonfly and waits up to 30 seconds for
    redis-cli ping to return PONG before continuing.
  - Composer cache is keyed off PHP version + composer.json hash to
    cut cold-cache runs roughly in half.
  - composer analyze (PHPStan) and pest --coverage --coverage-clover
    run sequentially; the clover file is uploaded as an artifact only
    on the 8.3 leg to avoid duplicate uploads.
  - codecov/codecov-action@v4 and codacy/codacy-coverage-reporter-action@v1
    consume CODECOV_TOKEN and CODACY_API_TOKEN repo secrets. Codacy
    upload is best-effort (continue-on-error) — Codecov is the canonical
    coverage source.

README badges added: CI status, Codecov coverage, Codacy grade,
Codacy coverage, Packagist version, Packagist downloads, license, and
PHP version constraint. Also added a Development section with the
composer scripts and a note about Dragonfly being the compatibility
target.

…redis.. added stopping and removing redis package to front of workflow.. if its related to startijng it twice added an echo to resolve that

SCAN was the highest-priority entry in the command-coverage backlog —
every non-trivial cache needs key iteration, and the previous
implementation just `throw new Exception('Not implemented')`. Adding it
exposed a deeper problem: the RESP decoder couldn't parse nested-array
replies at all. The fix touches both layers.

Protocol layer (src/Protocols/Redis.php)
  - Replaced the flat input()/decode() with recursive helpers
    measure()/decodeOne() that walk any RESP type at any nesting depth.
  - Added MAX_DEPTH = 64 to bound recursion; deeper replies surface as
    a protocol error rather than blowing PHP's stack — important now
    that the parser can be fed arbitrary array shapes by any server.
  - Null bulks ($-1) and null arrays (*-1) detect via $offset === strpos
    instead of 0 === strpos, so they decode correctly when nested
    (the old `0 ===` only matched at buffer offset 0, breaking nested
    nils inside MGET-style replies).
  - All existing flat-reply contracts preserved.

Client layer (src/Client.php)
  - scan($cursor, array $options = [], $cb = null) replaces the stub.
    MATCH/COUNT/TYPE options are case-insensitive; unknown keys are
    silently ignored. Format callback reshapes Redis's
    [cursor, [keys]] tuple into ['cursor' => string, 'keys' => array]
    so callers don't have to remember the order.
  - scanAll(array $options = [], $cb = null) drives the cursor loop,
    aggregates keys, supports both callback and Revolt coroutine modes,
    and accepts a 'limit' cap (default 100000) so a growing keyspace
    can't loop forever. On Redis-side error the user callback receives
    false (matches the rest of the client's error convention).
  - HSCAN/SSCAN/ZSCAN still throw 'Not implemented' — separate commits.

Tests
  - tests/Feature/ScanTest.php: 12 integration tests covering happy
    path, COUNT/TYPE filters, empty keyspace, cursor pass-through,
    case-insensitive option keys, unknown-key tolerance, malformed
    cursor error path, scanAll aggregation, and the limit boundary.
  - tests/Unit/ProtocolTest.php: 7 new unit tests for the decoder
    rewrite — nested null bulk, nested null array, deeply-nested
    array within MAX_DEPTH, depth-overflow protocol-error path,
    truncated-frame input() returns 0, empty array reply, empty-string
    bulk encoding.

Docs
  - README.md gained a ## SCAN section with both single-call and
    iterator examples plus a note about the limit cap and error
    behavior.

phpstan-baseline.neon shrank by 35 entries (44 -> 9) because the
protocol rewrite naturally fixed several typing issues in the old
decoder.

Verified: vendor/bin/pest reports 31 passed / 191 assertions,
vendor/bin/phpstan analyse reports OK.

Restructures the Codacy upload per the action's recommended pattern: a
separate codacy-coverage-reporter job that needs: test, downloads the
coverage-clover artifact, and runs codacy/codacy-coverage-reporter-action
@v1.3.0 with api-token (the new name; the old project-token alias is
deprecated). The previous in-line step inside the matrix job was firing
before the artifact had any chance to be consumed elsewhere and used
the old parameter name.

Also drops the duplicate Codecov badge — the tokenized graph badge added
on the previous push already shows the same data, and two badges side by
side under the same name was noise.

Codecov upload stays as a step inside the test matrix (uploads only on
the 8.3 leg) since it doesn't benefit from being a separate job — the
codecov-action handles its own token-driven auth in a single network
call.

PHP 8.1's PHPStan flagged `/** @var \Tests\RedisTestCase $this */` inside
Pest test closures as "Variable $this in PHPDoc tag @var does not match
assigned variable $result" — 28 errors on the 8.1 leg of the CI matrix.
Newer PHP/PHPStan combinations accept the annotation; 8.1 does not.

Refactoring runInWorker() from a method on RedisTestCase to a free
function in tests/Pest.php side-steps the issue entirely: test closures
now call the helper as `runInWorker(...)` without any `$this->` ceremony,
so PHPStan has nothing to resolve via type-hint trickery.

RedisTestCase keeps its single remaining responsibility — skipping the
Feature suite via skipWithoutRedis() in setUp() — so feature tests still
degrade gracefully on hosts without Redis.

All 31 Pest tests still pass locally (PHP 8.3); PHPStan still reports OK.
Expecting the 8.1 CI leg to go green on the next run.

Pest 4 + PCOV + PHP 8.1 throws Pest\Exceptions\ShouldNotHappen
("Coverage not found in path: vendor/pestphp/pest/.temp/coverage.php")
when tests fork subprocess children — which every integration test
does via runInWorker(). The coverage merge step can't find the
per-fork coverage temp file and aborts the whole run.

We only ever uploaded the 8.3 coverage to Codecov/Codacy anyway, so
running with --coverage on the other matrix legs was pure waste. This
splits the Pest step into two: a plain `pest` invocation on 8.1/8.2
and the existing `pest --coverage --coverage-clover` on 8.3. The PHP
setup also drops PCOV on the non-8.3 legs since there's nothing for
it to capture.

HSCAN is the non-blocking analogue to HGETALL for large hashes — same
SCAN cursor semantics, scoped to a single key's fields. Replaces the
throwing stub at the bottom of Client.php with a real implementation
plus an iterator helper.

Client::hScan($key, $cursor, array $options = [], $cb = null)
  - Wire: HSCAN <key> <cursor> [MATCH pat] [COUNT n]. Case-insensitive
    option keys. Unknown keys silently ignored.
  - Format callback reshapes Redis's flat field/value pair list
    [cursor, [f1,v1,f2,v2,...]] into the more usable
    ['cursor' => string, 'fields' => assoc] — matching how hGetAll()
    handles its identical reply shape (Client.php:836). Non-array
    replies (errors) pass through unchanged.

Client::hScanAll($key, array $options = [], $cb = null)
  - Drives the cursor loop, aggregates all field=>value pairs into one
    assoc array, halts at cursor '0'.
  - 'limit' option caps total fields collected (default 100000) so an
    unbounded growing hash can't loop forever.
  - On Redis-side error: callback receives false; coroutine mode
    returns false. Mirrors scanAll()'s error contract.
  - Supports both callback and Revolt coroutine modes — same gating
    pattern as scanAll().

Duplicate field handling: hScanAll's accumulator silently overwrites
on collision, which is the correct semantic for hashes since SCAN can
revisit during a rehash but field names are unique by definition.
(Different from scanAll, which can yield duplicate key NAMES across
the keyspace — that's a documented caller responsibility.)

Tests (tests/Feature/HScanTest.php — 7 integration tests)
  - cursor+fields tuple round-trip
  - MATCH filter
  - COUNT hint accepted
  - hScanAll iterates a 150-field hash exactly once
  - 'limit' overshoot bounded (<= limit + COUNT batch)
  - empty hash returns cursor '0' + empty fields
  - malformed cursor surfaces as false to the callback

Drive-by: corrected the throwing-stub docblock summaries for sScan()
and zScan() — they both said 'hScan' from an earlier copy-paste. The
stubs still throw 'Not implemented'; those commands ship in their own
commits.

README gained a ## HSCAN section after ## SCAN.

Verified: vendor/bin/pest reports 38 passed / 218 assertions,
vendor/bin/phpstan analyse reports OK.

SSCAN is the non-blocking analogue to SMEMBERS for large sets. Replaces
the throwing stub at the bottom of Client.php with a real
implementation plus an iterator helper. Pattern mirrors SCAN's flat
member list (vs HSCAN's field/value pairs).

Client::sScan($key, $cursor, array $options = [], $cb = null)
  - Wire: SSCAN <key> <cursor> [MATCH pat] [COUNT n]. Case-insensitive
    option keys; unknown keys silently ignored.
  - Format callback reshapes [cursor, [m1, m2, ...]] into
    ['cursor' => string, 'members' => array]. Non-array replies (errors)
    pass through unchanged.

Client::sScanAll($key, array $options = [], $cb = null)
  - Drives the cursor loop, halts at cursor '0'.
  - Dedupes via a member-keyed map (string-cast keys to defeat PHP's
    numeric-string-to-int coercion so "1" and 1 don't collide). SCAN
    can revisit members during a rehash; this guarantees uniqueness
    in the return value without forcing callers to array_unique() —
    matches set semantics (members are unique by definition).
  - Returns array_values($map) to give callers a numerically indexed
    array of distinct members.
  - 'limit' option caps total members collected (default 100000).
  - On Redis error: callback receives false; coroutine mode returns
    false. Mirrors scanAll/hScanAll error contract.
  - Supports callback + Revolt coroutine modes.

Tests (tests/Feature/SScanTest.php — 7 integration tests)
  - cursor + members tuple round-trip
  - MATCH glob filter
  - COUNT hint accepted
  - sScanAll iterates a 150-member set exactly once with no duplicates
  - 'limit' overshoot bounded (<= limit + COUNT batch)
  - empty / missing key returns cursor '0' + members []
  - malformed cursor surfaces as false to the callback

zScan() still throws — separate commit.

Verified: vendor/bin/pest reports 45 passed / 246 assertions,
vendor/bin/phpstan analyse reports OK.

ZSCAN closes out the SCAN family. Replaces the last throwing 'Not
implemented' stub in Client.php with a real implementation plus an
iterator helper. After this commit, every SCAN variant the client
exposes (SCAN, HSCAN, SSCAN, ZSCAN) has a working primitive and a
loop-aggregating counterpart.

Client::zScan($key, $cursor, array $options = [], $cb = null)
  - Wire: ZSCAN <key> <cursor> [MATCH pat] [COUNT n]. Case-insensitive
    option keys; unknown keys silently ignored.
  - Reshapes [cursor, [m1, s1, m2, s2, ...]] into
    ['cursor' => string, 'members' => ['m1' => 's1', 'm2' => 's2', ...]]
    — assoc with member as key, score AS STRING as value. Scores are
    kept as the raw bulk-string Redis returned rather than cast to
    float, so caller code that needs full precision (e.g. comparing
    against the exact ZADD input or persisting to another store) gets
    the lossless representation. Cast at the call site only when a
    numeric comparison is actually needed.

Client::zScanAll($key, array $options = [], $cb = null)
  - Drives the cursor loop, aggregates all member=>score pairs into
    one assoc array, halts at cursor '0'.
  - 'limit' caps total members (default 100000).
  - On Redis error: callback receives false; coroutine mode returns
    false. Mirrors scanAll/hScanAll/sScanAll.
  - Supports callback + Revolt coroutine modes.

Duplicate handling: members are unique in a sorted set by definition,
so a member re-yielded during a SCAN rehash just overwrites its
score in the accumulator — the correct semantic, no dedupe tracker
needed (different from sScanAll's string-keyed map which guarded
against PHP's numeric-string-to-int coercion on flat lists).

Tests (tests/Feature/ZScanTest.php — 8 integration tests)
  - cursor + member=>score round-trip
  - MATCH glob filter
  - COUNT hint accepted
  - zScanAll iterates a 150-member set exactly once
  - 'limit' overshoot bounded (<= limit + COUNT batch)
  - empty / missing key returns cursor '0' + members []
  - malformed cursor surfaces as false
  - score precision preserved as string ('1.5' round-trips exactly)

No more 'throw new Exception("Not implemented")' anywhere in
src/Client.php — verified with grep.

Verified: vendor/bin/pest reports 53 passed / 284 assertions,
vendor/bin/phpstan analyse reports OK.

The class has carried @method static mixed rawCommand(...$commandAndArgs,
$cb = null) since the original walkor implementation, but no explicit
method body backed it. Calls fell through to __call(), which strtoupper's
the method NAME and prepends it to the args — so $redis->rawCommand('GET',
'k') went on the wire as ['RAWCOMMAND', 'GET', 'k'], producing -ERR
unknown command 'RAWCOMMAND' from every Redis server in existence.

The fix is to intercept the call before __call() ever runs. The new
explicit rawCommand(...$args) pops a trailing callable as the callback
(matching __call()'s convention) and forwards the remaining args
verbatim through queueCommand() — no method-name prepend, no format
reshaping. Throws InvalidArgumentException when no command parts remain
(guards against rawCommand() or rawCommand($cb) with no command).

This re-establishes the documented contract: rawCommand is the escape
hatch for commands not yet wrapped in a dedicated method — new
Dragonfly features, custom modules, anything the wire format supports
that the typed surface hasn't caught up with.

Tests (tests/Feature/RawCommandTest.php — 5 integration tests)
  - arbitrary SET/GET round-trip via rawCommand
  - no-arg command (PING) returns PONG via the callback
  - binary-safe value containing \r\n round-trips byte-exact
  - unknown command surfaces as false to the callback
  - no-command-arg invocation throws InvalidArgumentException

Known sharp edge: is_callable() returns true for plain strings naming
globally-resolvable functions, so rawCommand('PING', 'time') would
treat 'time' as the callback. This matches the existing convention in
__call() and the dispatcher() helper — keeping it consistent rather
than diverging in just one place.

README gained a ## rawCommand section after ## ZSCAN.

Verified: vendor/bin/pest reports 58 passed / 297 assertions,
vendor/bin/phpstan analyse reports OK.

…ck bug

Client::__call() only extracts a trailing callable from $args when
count($args) > 1 OR the method is in the small ['randomKey','multi',
'exec','discard'] allowlist. Every no-arg-payload Redis command called
with just a callback — $redis->ping($cb), ping fails the count check
and isn't in the allowlist, so the closure goes on the wire as a PING
argument and Redis returns "wrong number of arguments". The bug
silently swallows callbacks for some of the most common operations.

Fixing __call() itself is risky: PHP's is_callable() returns true for
string function names ('phpinfo', 'system', etc.), so naively
extracting "last callable arg" in __call() would corrupt legitimate
single-string Redis commands. The safer fix is explicit methods that
intercept these specific calls before __call() ever runs.

This commit adds six such methods, all funnelling through queueCommand():

  ping($cb = null) - returns 'PONG' on success
  info($section = null, $cb = null) - optional section filter
  dbSize($cb = null) - integer count of keys in current DB
  time($cb = null) - [seconds, microseconds] array
  flushDb($async = false, $cb = null) - sync or FLUSHDB ASYNC
  flushAll($async = false, $cb = null) - sync or FLUSHALL ASYNC

info() and the two flush methods follow set()'s pattern: when the
first positional arg is callable, it's treated as the callback (so
$redis->info($cb) works without the section filter). flushDb/All
accept ASYNC via a boolean — defaults to synchronous to match
expectations of casual callers.

Tests (tests/Feature/ServerCommandsTest.php — 8 integration tests)
  - ping returns 'PONG' (the canonical fix proof)
  - info returns a non-empty server banner (accepts redis_version OR
    dragonfly_version so the suite works against either backend)
  - info with section filter returns scoped output
  - dbSize counts keys correctly
  - time returns two numeric strings
  - flushDb synchronous empties the current DB
  - flushDb ASYNC also empties it (with the ASYNC keyword on the wire)
  - flushAll empties all DBs

Flush tests SELECT a high index (14) before flushing so they can't
poison fixtures in DB 0. Each runInWorker subprocess gets its own
client, so the SELECT is naturally isolated.

A new @method block under "Connection / server methods" carries the
six declarations for IDE autocomplete.

README gained a ## Server commands section.

Verified: vendor/bin/pest reports 66 passed / 313 assertions,
vendor/bin/phpstan analyse reports OK.

Reformatted coverage graphs section into a table for better readability.

…ELLO

These nine commands already worked through Client::__call() because each
takes more than a single wire arg, so __call()'s count($args) > 1
callback-extraction branch picks up the trailing closure. The only thing
missing was the @method declaration that exposes them to IDE autocomplete
and PHPStan, plus integration tests that confirm the wire shape end to
end against a live server.

The exception is HELLO. With no required positional args,
$redis->hello($cb) puts count($args) at 1, falls into __call() without
extracting the trailing closure, and serializes the callback as a HELLO
argument — the RESP encoder then calls strlen() on a Closure object and
the subprocess crashes silently. Same shape as the PING/INFO/DBSIZE
no-arg-callback bug fixed in commit 3acd82f.

The fix mirrors info(): an explicit Client::hello() with a callable-as-
first-arg shortcut so hello($cb) folds the closure into the $cb slot
before __call() ever sees it. Sub-commands (AUTH user pass, SETNAME) can
be passed as a flat array which the RESP encoder flattens onto the wire:

  $redis->hello(2, $cb);
  $redis->hello(2, ['AUTH', 'user', 'pass'], $cb);

ECHO doesn't have this bug because the message arg is mandatory; left
as @method-only.

@method declarations added (under matching family headers):
  Strings:     getDel, getEx, substr
  Keys:        copy, touch, expireTime, pExpireTime
  Connection:  echo, hello

Tests (tests/Feature/StringsKeysExtraTest.php — 11 integration tests)
  - getDel returns the value and removes the key
  - getEx without options preserves no-TTL
  - getEx with EX sets a TTL between 1 and 60
  - substr returns a slice
  - copy duplicates a key
  - copy with REPLACE overwrites an existing destination
  - touch counts only existing keys (missing ones don't increment)
  - expireTime returns the absolute unix timestamp
  - pExpireTime returns the absolute millisecond timestamp
  - echo round-trips the message
  - hello returns an array reply (works against Dragonfly's no-arg form)

Verified: vendor/bin/pest reports 77 passed / 336 assertions,
vendor/bin/phpstan analyse reports OK.

QUIT tells the server to close the connection after replying +OK. The
existing client always auto-reconnects on socket close — fine for
unexpected drops, wrong for an intentional QUIT. The fix is a new
$_quitting flag set inside quit() and respected by the onClose handler.

What changed in src/Client.php:

  - New protected $_quitting = false instance var.
  - onClose handler in connect() learns to early-return when $_quitting
    is true, skipping both the immediate connect() retry and the
    5-second _reconnectTimer arming. closeConnection() still runs so
    the underlying socket and timers are cleaned up the same way.
  - New quit($cb = null) method, placed beside ping() in the
    Connection/server group. Sets $_quitting synchronously, then
    enqueues ['QUIT'] via queueCommand(). The user's callback is
    wrapped so the flag is set regardless of whether the caller
    provided one — important because the flag must be visible to
    onClose, which races against the +OK reply.
  - @method declaration added to the Connection/server PHPDoc section.

Without the explicit method, $redis->quit($cb) would hit the no-arg-
callback bug (the closure becomes a QUIT arg) AND the connection
would silently reopen 5 seconds later — both wrong.

Tests (tests/Feature/QuitTest.php — 2 integration tests)
  - quit returns +OK as boolean true (matches the client's
    existing simple-string convention)
  - 500ms after the reply, reflection on the Client shows
    $_quitting === true AND $_connection === null — proving the
    auto-reconnect was suppressed

Tier 1 now complete: SCAN/HSCAN/SSCAN/ZSCAN families, rawCommand,
ping/info/dbSize/time/flushDb/flushAll, the nine @method-documented
commands (getDel/getEx/substr/copy/touch/expireTime/pExpireTime/echo/
hello), and now quit. 79 pest tests passing, PHPStan OK.

These all already work through Client::__call() because each takes two
or more wire args, which the existing count($args) > 1 callback-
extraction branch handles. The only thing missing was the @method
declarations that expose them to IDE autocomplete and PHPStan, plus
integration tests that pin the wire shapes against a live server.

Added @method entries across the existing docblock sections:

  Lists (5):       lMove, lMPop, lPos, blMove, blMPop
  Sets (2):        sMIsMember, sInterCard
  Hashes (1):      hRandField
  Sorted sets (13): zRandMember, zMScore, zDiff, zDiffStore, zInter,
                   zInterCard, zUnion, zRangeStore, zMPop, bzMPop,
                   zRevRangeByLex, zRemRangeByLex, zLexCount
  Streams (2):     xAutoClaim, xSetId

Tests (tests/Feature/ModernCommandsTest.php — 23 integration tests)
  one test per command, each tagged with a unique pest:modern:tN:
  prefix so parallel/repeat runs can't collide.

Implementation notes baked into the tests:

  - Blocking variants (blMove, blMPop, bzMPop) use 100ms timeouts
    against pre-populated structures, so the server returns
    immediately and the suite isn't latency-bound.

  - zMScore scores come back as numeric strings from Dragonfly
    ('1' / '2'), not floats — the test asserts the string form.

  - zUnion/zInter member ordering isn't stable across
    implementations; zUnion sorts before compare, zInter uses a
    single-element intersection to avoid the ordering concern.

  - xSetId requires the new id to be >= the current top id; tests use
    a fixed seed id (1-1) then bump to 999-0.

  - xAutoClaim/xSetId setup uses rawCommand('XADD', ...) instead of
    Client::xAdd() because the existing @method signature for xAdd
    passes the message as ['k'=>'v'] which the RESP encoder flattens
    by value (dropping field names). That's a pre-existing client
    quirk worth its own commit later; for this doc-only round we side-
    stepped via rawCommand.

Verified: vendor/bin/pest reports 102 passed / 379 assertions,
vendor/bin/phpstan analyse reports OK.

Tier 1 complete after 8af9528 (quit); this commit closes out Tier 2.

Sharded pub/sub (Redis 7.0+) keeps publish/subscribe message delivery
local to a single hash slot in clustered deployments — bandwidth and
isolation win at scale. On a standalone Dragonfly the two commands
collapse to PUBLISH/SUBSCRIBE behaviorally, but the wire surface and
client wiring are independent commands and need their own pair of
entry points.

What changed in src/Client.php

  - sPublish: @method declaration only. It takes two wire args
    (channel + message) so __call()'s count($args) > 1 callback
    extraction already routes it correctly.

  - sSubscribe: explicit method placed next to pSubscribe(). Mirrors
    its structure exactly — wraps the user callback in an inner
    closure that pattern-matches the response frame type ('ssubscribe'
    ack vs 'smessage' delivery) and dispatches to the user with the
    same (channel, message, client) signature the existing subscribe()
    uses.

  - process(): extended to flip _subscribe = true on SSUBSCRIBE (not
    just SUBSCRIBE / PSUBSCRIBE). Without this the very next user
    command would race the subscription's first message and corrupt
    the per-connection state machine.

  - @method declaration for sSubscribe added in the Pub/sub section.

UNSUBSCRIBE / PUNSUBSCRIBE / SUNSUBSCRIBE deferred

These interrupt an active subscription. The current client design
locks process() once _subscribe is true, so any routed-via-__call
unsubscribe would silently queue forever — the wire frame never goes
out. A correct implementation needs a subscribe-lock bypass plus a
clean reset path to flip _subscribe back to false on the final
unsubscribe ack. That's its own commit. A TODO comment near
subscribe() in Client.php now flags this so the gap doesn't get lost.

Tests (tests/Feature/PubSubExtraTest.php — 3 integration tests)

  - sPublish to a channel with no subscribers returns 0
  - sSubscribe receives a message published via sPublish: two
    Workerman\Redis\Client instances in the same subprocess event
    loop, one subscribing, the other publishing on a 200ms delay.
    The subscribe callback emits the (channel, message) tuple.
  - pubSub('CHANNELS', 'pattern') regression check — a subscriber
    holds open a channel, the pubSub introspection returns it.

Dragonfly standalone supports SPUBLISH/SSUBSCRIBE as single-shard
variants, so the tests run green against the local server.

Verified: vendor/bin/pest reports 105 passed / 386 assertions,
vendor/bin/phpstan analyse reports OK.

Tier 4 added @method declarations for nine Redis commands across the
Bitmap, Geo, and Scripting families. Five of them ship on the wire with
an underscore in the verb (BITFIELD_RO, GEORADIUS_RO, GEORADIUSBYMEMBER_RO,
EVAL_RO, EVALSHA_RO) but the documented camelCase method names (bitFieldRo,
geoRadiusRo, ...) cannot reach those verbs through __call(), which only
strtoupper()s the method name — the resulting BITFIELDRO has no
underscore and Dragonfly responds with "ERR unknown command".

Bridging the gap: five thin explicit methods funnel the right wire verb
through queueCommand(). Each accepts the established callable-as-extra-
slot shortcut (the same trick info()/flushDb()/hello() use) so callers
can write either form:

  $redis->bitFieldRo('key', 'GET', 'i5', 0, fn ($r) => ...);
  $redis->evalRo('return ARGV[1]', ['x'], 0, fn ($r) => ...);

The four commands that route cleanly through __call (BITOP, BITPOS,
BITFIELD, GEOSEARCH) keep @method-only declarations.

@method declarations added (under family headers):
  Bitmap (4):  bitOp, bitPos, bitField, bitFieldRo
  Geocoding (3): geoSearch, geoRadiusRo, geoRadiusByMemberRo
  Scripting (2): evalRo, evalShaRo

Tests (tests/Feature/BitmapGeoEvalRoTest.php — 9 integration tests)
  - bitOp AND across two bitmaps, asserting the byte-level XOR pattern
  - bitPos finds the first set bit across a zero byte
  - bitField INCRBY with i5 signed counter, two calls = value 2
  - bitFieldRo GET reads the i5 value set above
  - geoSearch FROMLONLAT BYRADIUS returns near-coordinate members
  - geoRadiusRo returns members within a radius
  - geoRadiusByMemberRo returns members within a radius of another
    member (sorted assertion for stability)
  - evalRo literal-return script
  - evalShaRo round-trip through SCRIPT LOAD then evalShaRo

Verified: vendor/bin/pest reports 114 passed / 398 assertions,
vendor/bin/phpstan analyse reports OK.

Test infrastructure foundation for the coverage build-out.

Coverage measurement:
- Feature tests run each assertion in a proc_open Workerman worker child,
  so pcov in the parent never saw src/Client.php (false 0.0%). The worker
  now collects coverage inside the child (gated on COVERAGE_DIR) and dumps a
  unique cov-<uniq>.cov; bin/merge-coverage.php merges all .cov (Feature
  children + in-process Unit unit.cov) into coverage.xml + a text summary;
  bin/run-coverage.sh orchestrates. composer test:coverage now runs it.
- Real merged baseline: total 68.62% (Client.php 66.53%, Protocols/Redis
  90.22%), up from a misleading 7.6%.
- Coverage floor gate: merge-coverage.php --min / COVERAGE_MIN exits non-zero
  below the floor. Initial floor 65, to ratchet toward 95 in later groups.

Dual-backend testing (Dragonfly + Redis):
- CI matrix php:[8.1,8.2,8.3] x backend:[dragonfly,redis]; each leg starts one
  engine on 6379 (dragonfly image, or redis-stack-server for modules).
  Coverage collected on the 8.3+dragonfly leg only.
- Local: Makefile targets test-dragonfly/test-redis/test-all/coverage/analyze;
  scripts/start-redis.sh + start-dragonfly.sh (idempotent).
- Backend-aware skips: currentBackend()/skipOnBackend() free functions in
  tests/Pest.php; runInWorker() forwards REDIS_BACKEND. No silent skips.
- Fixed MonitorTest/PubSubExtraTest aux clients hardcoding the Dragonfly port
  (they silently tested Dragonfly even on the Redis leg).

Results: Dragonfly 201 passed/0 skipped; Redis 196 passed/5 skipped (FT family,
RediSearch divergence on the local build, logged reasons). PHPStan clean.

Plan and rationale in docs/TEST_COVERAGE_PLAN.md.

Added ~23 server-free unit tests to tests/Unit/ProtocolTest.php, taking
src/Protocols/Redis.php from ~90% to 100% line + method coverage:

- input()/measure() frame-length probe: every branch incl. the MAX_DEPTH
  sentinel, null bulk/array ($-1, *-1) fast paths, empty array, nested SCAN
  frame sizing, and incomplete-frame cases that must return 0 (need more bytes).
- decode()/decodeOne() edge branches: binary-safe bulk with embedded CRLF,
  null byte, multi-KB bulk, negative integer, protocol-error tuple for
  unknown/empty/no-CRLF input, depth-exceeded propagation, and nested
  element-without-CRLF propagation.

Added a protocolStubConnection() helper and refactored the pre-existing
input() test to use it. No src/ changes.

Total merged line coverage 68.62% -> 69.48%; coverage floor ratcheted to 69.
Both backends green (Dragonfly 224, Redis 219 +5 skipped); PHPStan clean.

Added 34 server-free Unit-tier tests driving src/Client.php command-shaping
and aggregation logic without the Workerman event loop, via
ReflectionClass::newInstanceWithoutConstructor() (commands queue instead of
send; queued wire arrays are asserted via reflection on _queue):

- ClientCommandShapingTest.php (20): __call trailing-callable popping incl. the
  lone-callable footgun and the randomKey/multi/exec/discard exception list;
  dispatcher dot-glue vs space-split; rawCommand verbatim + empty-args
  \InvalidArgumentException; select/auth arg shaping; error().
- ClientScanAllTest.php (9): scanAll/hScanAll/sScanAll/zScanAll callback-mode
  aggregation driven through the real stored formatter + step closures —
  cursor-'0' termination, multi-page accumulation, LIMIT cap, error abort,
  MATCH/COUNT/TYPE forwarding, hash overwrite, set dedup, zScanAll score-string
  precision.
- ClientUnsubscribeAckTest.php (5): handleUnsubscribeAck lock-clearing.

Client.php merged 66.53% -> 68.53%; total merged 69.48% -> 71.31%; coverage
floor ratcheted to 70. Both backends green (Dragonfly 258, Redis 253 +5
skipped); PHPStan clean; no src/ changes.

Coroutine-mode *ScanAll / suspenstion() branches remain for the Revolt group.

Added tests/Feature/ConnectionLifecycleTest.php (7 cases) for connection verbs
not covered elsewhere:
- auth no-password error path + auth not poisoning _auth after a rejected
  credential (both gated on the OBSERVED reply: skip when the server accepts
  AUTH with no password set, as Dragonfly does — robust under any invocation,
  not backend-name-based).
- select to a valid DB (tracks _db) and to an out-of-range index (error reply,
  no state advance).
- closeConnection() / close() teardown (connection nulled, queue emptied).
- hello(2, ...) handshake pinning the reply map (server/proto/role/version),
  exercising the previously-unhit $protover arg-shaping branch.

Added a skipTest() free helper in tests/Pest.php for behaviour-gated (non
backend-name) skips, kept PHPStan-clean via SkippedWithMessageException like
skipOnBackend.

Overlap audit confirmed ping/info/dbSize/time/flush*, save/lastSave/role/config/
acl/etc., bgSave, echo, quit are already covered (ServerCommandsTest /
ServerAdminTest / MiscTier9Test / StringsKeysExtraTest / QuitTest) — not
duplicated.

Client.php merged 68.5% -> 70.4%; total merged 71.3% -> 73.03%; floor stays 70.
Both backends green (Dragonfly 263 +2 skipped, Redis 260 +5 skipped); PHPStan
clean; no src/ changes.

Added 57 Feature cases across four files covering classic data-type and
keyspace verbs not already exercised by ModernCommandsTest / StringsKeysExtraTest
/ the SCAN-family tests:

- KeyspaceCommandsTest.php (13): type, rename/renameNx, persist, expire/pExpire,
  exists (multi+repeat), unlink, keys, randomKey, dump+restore (binary cross-key
  round-trip), object ENCODING/REFCOUNT, move.
- StringsCountersTest.php (13): append, strLen, setRange/getRange, getSet,
  incrBy/decrBy/incrByFloat, setEx/pSetEx/setNx, setBit/getBit, mSet/mGet, mSetNx.
- ListSetZsetExtraTest.php (19): classic lPush..lTrim/rPopLPush, sAdd..sDiffStore,
  zAdd..zPopMin/zPopMax families.
- HashStreamExtraTest.php (13): hSet..hStrLen, xAdd/xLen/xRange/xRevRange/xRead/
  xDel/xTrim.

Assertions pin real values (counts, members, scores-as-strings, hGetAll/hMGet
maps, dump->restore value equality). One backend-gated skip (OBJECT unknown on
Dragonfly; test runs on Redis); unique pest:g4:* key prefixes; move test
re-SELECTs db0 and leaves no db1 leak.

Client.php merged 70.4% -> 72.95%; total merged 73.03% -> 75.34%; floor stays 70.
Both backends green (Dragonfly 320 +3 skipped, Redis 318 +5 skipped); PHPStan
clean; no src/ changes.

Note: getMultiple() is a broken @method alias (no impl/__call mapping, sends
literal GETMULTIPLE which both engines reject) — reported for a src fix, no test
written for the broken behaviour.

Added tests/Feature/FtModuleTest.php (5 cases) covering the six RediSearch verbs
not previously asserted: ftAlter, ftConfig, ftTagVals, ftSynUpdate + ftSynDump
(synonym round-trip), ftProfile (asserts the embedded search result). The
JSON/Bloom/CMS/TopK families were already fully covered at the shortcut level
(JsonTest/BloomFilterTest/CmsTest/TopkTest) — not duplicated.

Removed the 5 stale skipOnBackend('redis', ...) gates in FtSearchTest.php. They
defended against an FT.SEARCH SEARCH_INDEX_NOT_FOUND divergence on an earlier
Redis build that no longer reproduces on Redis 8.8 + RediSearch 80800 — verified
FT.CREATE/SEARCH/AGGREGATE/INFO/CONFIG all work, stable across 3 consecutive
make test-redis runs. The FT family now runs on BOTH engines and the Redis leg
has ZERO skips (was 5).

Client.php merged 72.95% -> 75.26%; total merged 75.34% -> 77.45%; floor stays 70.
Dragonfly 325 +3 skipped; Redis 328 +0 skipped (was 318 +5). PHPStan clean; no
src/ changes.

Added tests/Feature/PubSubDeliveryTest.php (8 cases) covering the plain pub/sub
delivery paths not previously tested (existing tests covered the sharded family,
unsubscribe lock-clearing, and monitor):
- subscribe -> publish message delivery (channel + payload pinned)
- pSubscribe pattern delivery (pattern + channel + payload)
- publish receiver count: 0 with no subscriber, >=1 with one
- pubSub NUMSUB and NUMPAT introspection
- multi-channel subscribe([...]) delivery
- negative: message NOT delivered after unsubscribe (real 0.8s wait window)

Every streaming test is bounded: the 2nd client publishes from a Timer only
AFTER the subscribe ack (no register-race), the message callback emits once, and
a non-recurring Timer fails before the harness timeout. Verified flake-free
across 5 consecutive runs per engine (10/10 green, ~4.2s, zero timeouts).

Client.php merged 75.26% -> 75.79%; total merged 77.45% -> 77.93%; floor stays 70.
Dragonfly 333 +3 skipped; Redis 336 +0 skipped. PHPStan clean; no src/ changes.

Added two test files (22 cases) on both engines:

- SurfaceCompletenessTest.php (16): @method verbs with no prior assertion —
  bitCount; blPop/brPop/bRPopLPush + bzPopMax/bzPopMin (on PRE-POPULATED keys so
  the blocking path returns immediately, never hangs; verified no timeout across
  3 runs); zRangeByLex/zRevRangeByScore/zRemRangeByRank/zRemRangeByScore/
  zinterstore/zunionstore; pfAdd/pfCount/pfMerge (HLL); geoDist/geoHash/geoPos;
  watch/unwatch; xAck/xClaim/xInfo/xPending. Assertions pin real values.
- ErrorRepliesTest.php (6): the error-delivery contract end-to-end — WRONGTYPE,
  unknown command, wrong arg count, value-not-integer, syntax error all arrive as
  reply===false + non-empty error() (keyword-checked, wording-tolerant), plus
  error() resets to '' after a later success. Covers the onMessage error branch.

unwatch() is routed via rawCommand('UNWATCH', $cb) because the no-key single-arg
form hits the documented __call footgun (callable not popped) — a test workaround
for known client behaviour, not a bug.

Surface/contract coverage rather than new Client.php lines (new verbs route
through the already-covered queueCommand->encode->onMessage path), so merged
holds at ~77.9%; floor stays 70. Dragonfly 355 +3 skipped; Redis 358 +0 skipped.
PHPStan clean; no src/ changes.

Note: found 10 more unimplemented phpredis-compat accessor @method stubs
(getHost/getPort/isConnected/getAuth/getLastError/clearLastError/getDbNum/
getTimeout/getReadTimeout/getPersistentID) — same broken class as getMultiple;
reported for a src fix, no passing tests written for them.

The client's coroutine path — no callback + Revolt\EventLoop loaded => queueCommand
suspends the fiber and RETURNS the reply synchronously (suspenstion() + onMessage
resume) — was previously untested (all existing tests run callback mode).

- Added revolt/event-loop as a dev dependency.
- Added tests/Support/run-in-worker-coroutine.php: boots Workerman on its
  Revolt-backed Workerman\Events\Fiber driver so onWorkerStart runs inside a fiber
  and callback-less commands return their replies directly. Mirrors the fd-3
  protocol, coverage dump, and env forwarding of the callback worker.
- tests/Pest.php: added runInCoroutineWorker(); factored shared proc_open logic
  into runInWorkerScript(); runInWorker() behaviour unchanged.
- tests/Feature/CoroutineModeTest.php (4 cases): synchronous set/get/incr/del
  returns; scanAll full-keyset synchronous return; hScanAll/sScanAll/zScanAll
  coroutine aggregation; and the queueCommand guard that throws when a
  coroutine-mode command is issued while subscribe/monitor-locked.

Safety: the existing callback worker references no Revolt/EventLoop/Fiber symbols,
so class_exists(EventLoop::class, false) stays false there and the callback suite
is unchanged (verified: same counts/behaviour after adding the dep).

Client.php merged 75.79% -> 81.16%; total merged 77.93% -> 82.82%; floor stays 70.
Dragonfly 359 +3 skipped; Redis 362 +0 skipped. PHPStan clean; no src/ changes.
(composer.lock is gitignored project-wide; CI runs plain composer install so the
new require-dev resolves from composer.json.)

Added in-process unit + targeted feature tests for the genuinely-reachable
Client.php branches the integration suite couldn't hit cheaply:

- ClientShapingTier9Test.php (34): set/incr/decr second-form overloads
  (SETEX/INCRBY/DECRBY via func_get_args), sort/sortRo option flattening, xAdd
  empty-message guard + MAXLEN ~ shaping, dotted-dispatcher trailing-callable
  pops, formatter early-returns, shutdown _quitting flag.
- ClientSubscribeDispatchTest.php (12): the subscribe/pSubscribe/sSubscribe
  $new_cb dispatch arms — message/pmessage/smessage forwarding (exact arg order),
  error-bail, unknown-type diagnostic, unsubscribe-ack teardown, and the
  second-stream assertNoActiveStream throw.
- ReconnectPrependTest.php (1): dead-port connection failure reported through the
  connection callback (false + non-empty error()).

A t9Call() dynamic-dispatch helper routes the second-form overload calls (where an
int/callable rides in a $cb-typed slot) so PHPStan stays clean without weakening
the assertions or touching src.

Client.php merged 81.16% -> 92.32% (methods 65.85% -> 91.06%); total merged
82.82% -> 92.99%. Coverage floor ratcheted 70 -> 90.

The residual ~7% is documented in docs/TEST_COVERAGE_PLAN.md "Coverage close-out"
as genuinely impractical (socket fault injection, onClose auto-reconnect timing,
onMessage exception/reconnect, echo-Exception sinks, coroutine *ScanAll error
arms whose logic is proven in callback mode).

Dragonfly 406 +3 skipped; Redis 409 +0 skipped. PHPStan clean; no src/ changes.

Final documentation pass bringing user-facing docs to the completed state:

- README: updated the testing/coverage/CI/Compatibility sections to the final
  numbers — Dragonfly 406 passed/3 skipped, Redis 409 passed/0 skipped (Redis leg
  skip-free); total merged 92.99% (Client.php 92.32%, Protocols/Redis.php 100%,
  Exception 100%); coverage floor 90; added the subprocess-coverage-merge and
  Revolt coroutine-mode explanations and the documented-residual note. Removed the
  stale "FT skipped on Redis" text (un-gated in Group 5); the only divergences left
  are 3 Dragonfly behaviour-gated skips (auth-no-password x2, OBJECT unknown).
- CHANGELOG: added a build-out headline row to the Unreleased summary table.
- TEST_COVERAGE_PLAN: reconciled the close-out section to the final figures and
  flagged the §1 Group-0 baseline as interim.

No src/test/CI changes — docs only.

…-file leak

Two source/harness fixes surfaced during the test build-out:

1. 11 phpredis-compat @method stubs (getHost/getPort/getDbNum/getAuth/getTimeout/
   getReadTimeout/isConnected/getLastError/clearLastError/getPersistentID/
   getMultiple) had no implementation, so calling them sent a bogus uppercased
   verb (GETHOST, GETMULTIPLE, ...) that both engines reject. Replaced with real
   public methods: synchronous local accessors derived from client state
   (getTimeout/getReadTimeout read the actual connect_timeout/wait_timeout option
   keys; isConnected is null-safe), and getMultiple as a real MGET alias via
   queueCommand (byte-identical wire output to mGet; works in callback +
   coroutine modes). Also fixed the malformed rawCommand @method PHPDoc (named
   param after a variadic) and the same pattern across all other @method lines.
   Tests: ClientAccessorsTest.php (20) + GetMultipleTest.php (1).

2. The Feature-test subprocess runners leaked a wm-redis-test-*.{pid,log} pair
   per invocation (~25k files/run) because the bottom-of-file cleanup never ran
   before Workerman exits. Scoped the files into a wm-redis-tests/ subdir and
   added register_shutdown_function + in-handler unlink before each child exit(),
   with a start-of-run sweep in bin/run-coverage.sh. A full run now leaves zero
   residue (verified 0/0 across runs).

Client.php merged 92.32% -> 92.44% (methods 91.06% -> 91.79%); total 92.99% ->
93.09%; floor 90 holds. Dragonfly 427 +3 skipped; Redis 430 +0 skipped. PHPStan
clean (no baseline changes).

…rs, re-home global helpers to tests/helpers.php with PHP7 polyfills, dual phpunit configs, composer dep swap Pest->PHPUnit)

…rtions, global-namespace final classes, assertThrows for multi-throw cases); baseline 2 trivially-true narrowing artifacts from conversion

…al-namespace final classes extends RedisTestCase, heredoc bodies preserved); CoroutineModeTest self-skips below PHP 8.1 via coroutineSupported() guard. Green on both engines (dragonfly+redis); assertions preserved 695->696, no drops.

…s/Pest.php (Pest fully gone). Coverage holds at 93.09% line (>= floor 90); analyze clean; zero Pest references in tests/.

…across 4 test files. Arrow fns are 7.4+ and would parse-error on the 7.2/7.3 legs; the plan's floor is >=7.2. Suites green (Unit 145, scan 34 both engines).

…trips phpstan+revolt on 7.x -> PHPUnit 9 + Workerman 4; PHPStan gated to 8.x; 7.x uses phpunit9.xml.dist). Fix tests/helpers.php skip helpers to use cross-version Assert::markTestSkipped (SkippedWithMessageException doesn't exist in PHPUnit 9). Validated locally: Workerman v4 (281 non-coroutine green), PHPUnit 9 (285 Feature, 3 skip), both engines under PHPUnit 12 (430).

…E + TEST_COVERAGE_PLAN Pest->PHPUnit, document PHP 7.2-8.3 12-leg CI matrix, coroutine-skip rule, and lockfile policy; fix stale Pest references in RedisTestCase/helpers/merge-coverage comments.

…eturn' on the 3 subscribe-family assertThrows closures (sSubscribe() is void; assertThrows never uses the return). PHPStan clean.

…de 24

- ProtocolTest ConnectionInterface stub: mixed/bool|null -> untyped/?bool
  (7.1-safe, LSP-compatible with Workerman v4 untyped + v5 typed interfaces),
  the only PHP-8.0 syntax that broke the 7.x legs.
- phpunit/phpunit range gains ^8.5 so PHP 7.2 resolves PHPUnit 8.5 (9.6 needs
  >=7.3); 7.3/7.4 -> 9.6; 8.x -> 10-12.
- phpunit9.xml.dist drops <coverage> (testsuites+env only) so it validates under
  PHPUnit 8.5 and 9 alike; the 7.x legs don't run coverage.
- CI matrix adds 8.5: {7.2,7.3,7.4,8.1,8.2,8.3,8.5} x {dragonfly,redis}.
- checkout@v4->v6, cache@v5, FORCE_JAVASCRIPT_ACTIONS_TO_NODE24 to clear Node 20
  deprecation warnings.

Validated locally: stub green under v4 and v5; full 7.2-leg combo (PHPUnit 8.5 +
Workerman v4 + phpunit9.xml.dist) green (Unit 145, Feature 281 non-coroutine +
3 skips); 7.3/7.4 combo (PHPUnit 9 + v4) green; 8.x (v5 + PHPUnit 12) Unit 145 +
PHPStan clean.

…floor

The 18 module-command arg builders used PHP 7.4 array-literal spread
(['CMD', $k, ...$args, $cb]), which parse-errors on 7.2/7.3 — so the library
could not actually run on its advertised php: >=7.2 floor. Rewrote each to the
behavior-identical array_merge(['CMD', $k], $args, [$cb]) (all are numeric-
indexed command-arg lists, so the result is byte-identical). No behavior change:
both engines 430 green, coverage 93.09%, PHPStan clean.

…lls)

- De-flex all 285 flexible-heredoc closers across the 35 Feature files: move
  the closing 'PHP' marker to column 0 and the trailing ');'/', N);' to the
  next line. Flexible/indented heredoc syntax is PHP 7.3+; column-0 closers
  parse on 7.2 too. Snippet bodies unchanged; 430 green both engines.
- tests/helpers.php: build the proc_open command as a shell-escaped string
  (array form is PHP 7.4+; string works on 7.2/7.3 too), and add a guarded
  array_key_first() polyfill (the fn is PHP 7.3+; 6 call sites unchanged).

Verified on 8.3: 430 green (dragonfly 3-skip / redis 0-skip), coverage 93.09%,
PHPStan clean.

Test code intentionally diverges from production style (snake_case test_*
method names, long inline fixtures, reflection seams, heredoc worker snippets),
so Codacy's production-code rules flag it as noise. Coverage reporting is
unaffected. Clears the 'new issues' static-analysis gate on the PR.

Match the file's existing convention (\array_merge, \call_user_func, etc. —
namespaced code qualifies global functions). The array_merge backport had
introduced the only unqualified array_merge() calls in src/, which Codacy flags.

Merge the two adjacent note blockquotes with a '>'-prefixed blank line
(markdownlint MD028 — the only Codacy issue left after excluding tests/).
Also correct the now-stale runner detail: PHPUnit 8.5 on 7.2, 9.6 on 7.3/7.4,
12 on 8.1-8.5.

Convert Pest → PHPUnit + add PHP 7.2/7.3/7.4 CI legs