ibexa · mnocon · Apr 23, 2026 · Apr 23, 2026 · Apr 23, 2026 · Apr 23, 2026
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -89,9 +89,10 @@ jobs:
                   TOKEN: ${{ secrets.EZROBOT_PAT }}
               run: |
                   curl -H "Authorization: token $TOKEN" -L https://github.com/ibexa/vale-styles/archive/refs/heads/main.zip -o vale.zip
-                  unzip vale.zip
+                  unzip vale.zip -d vale
                   rm vale.zip
-                  mv vale-styles-main/* vale-styles-main/.vale.ini .
+                  rm -rf vale/vale-styles-main/tests
+                  mv vale/vale-styles-main/* vale/vale-styles-main/.vale.ini .
 
             - name: Run Vale.sh
               uses: vale-cli/vale-action@v2

diff --git a/.github/workflows/code_samples.yaml b/.github/workflows/code_samples.yaml
@@ -60,14 +60,20 @@
               continue-on-error: true
               run: composer check-rector
 
+            - name: Run YAML snippet tests
+              id: check-yaml
+              continue-on-error: true
+              run: composer check-yaml
+
             - name: Fail job if any check failed
               if: always()
               run: |
-                  if [[ "${{ steps.phpstan.outcome }}" == "failure" || "${{ steps.deptrac.outcome }}" == "failure" || "${{ steps.rector.outcome }}" == "failure" ]]; then
-                      echo "One or more checks failed: PHPStan=${{ steps.phpstan.outcome }}, Deptrac=${{ steps.deptrac.outcome }}, Rector=${{ steps.rector.outcome }}"
+                  if [[ "${{ steps.phpstan.outcome }}" == "failure" || "${{ steps.deptrac.outcome }}" == "failure" || "${{ steps.rector.outcome }}" == "failure" || "${{ steps.check-yaml.outcome }}" == "failure" ]]; then
+                      echo "One or more checks failed: PHPStan=${{ steps.phpstan.outcome }}, Deptrac=${{ steps.deptrac.outcome }}, Rector=${{ steps.rector.outcome }}, YAML=${{ steps.check-yaml.outcome }}"
                       exit 1
                   fi
 
+
     code-samples-inclusion-check:
         name: Check code samples inclusion
         runs-on: ubuntu-latest
@@ -94,7 +100,7 @@
             -   name: Log target branch code_samples usage
                 if: steps.list.outputs.CODE_SAMPLES_CHANGE != ''
                 run: |
-                    git fetch origin
+                    git fetch origin --depth=1 ${{ github.head_ref }}
                     git checkout origin/${{ github.head_ref }} -- tools/code_samples/code_samples_usage.php
                     php tools/code_samples/code_samples_usage.php ${{ steps.list.outputs.CODE_SAMPLES_CHANGE }} > $HOME/code_samples_usage_target.txt
 

diff --git a/.gitignore b/.gitignore
@@ -12,3 +12,4 @@ auth.json
 yarn.lock
 docs/css/*.map
 .deptrac.cache
+.phpunit.result.cache
diff --git a/README.md b/README.md
@@ -44,6 +44,18 @@
 
 ## Testing the code samples
 
+### YAML configuration
+
+To test the YAML configuration, run the following commands:
+
+``` bash
+composer update
+composer check-yaml
+```
+
+To add an error into a baseline, run `composer yaml-update-baseline` and commit the result.
+Error added to the baseline are not reported again.
+
 ### markdownlint
 
 This repository uses [markdownlint-cli2](https://github.com/DavidAnson/markdownlint-cli2) to check Markdown formatting, including table syntax.

diff --git a/code_samples/back_office/components/twig_components.yaml b/code_samples/back_office/components/twig_components.yaml
@@ -12,7 +12,6 @@ ibexa_twig_components:
             priority: 0
             arguments:
                 content: '<b>Hello world!</b>'
-    admin-ui-user-menu:
         duplicated_user_menu:
             type: menu
             arguments:

diff --git a/code_samples/back_office/online_editor/config/packages/custom_plugin.yaml b/code_samples/back_office/online_editor/config/packages/custom_plugin.yaml
diff --git a/code_samples/front/shop/order-management/config/packages/ibexa.yaml b/code_samples/front/shop/order-management/config/packages/ibexa.yaml
@@ -65,7 +65,7 @@ framework:
                     to:
                         - dropped
 
-// ...
+# ...
 
 ibexa:
     repositories:

diff --git a/code_samples/front/shop/payment/src/bundle/Resources/config/services/payment_method.yaml b/code_samples/front/shop/payment/src/bundle/Resources/config/services/payment_method.yaml
@@ -8,7 +8,7 @@ services:
             $domain: <translation_domain>
         tags:
             - { name: ibexa.payment.payment_method.type, alias: new_payment_method_type }
-services:
+
     App\Payment\PaymentMethod\Voter\NewPaymentMethodTypeVoter:
         tags:
-            - { name: ibexa.payment.payment_method.voter, type: new_payment_method_type }
+            - { name: ibexa.payment.payment_method.voter, type: new_payment_method_type }
diff --git a/code_samples/mcp/config/packages/mcp.yaml b/code_samples/mcp/config/packages/mcp.yaml
@@ -10,7 +10,7 @@ ibexa:
                     discovery_cache: cache.tagaware.filesystem
                     session:
                         type: psr16
-                        directory: cache.tagaware.filesystem
+                        service: cache.tagaware.filesystem
     system:
         default:
             mcp:

diff --git a/code_samples/recommendations/config/packages/ibexa_connector_raptor.yaml b/code_samples/recommendations/config/packages/ibexa_connector_raptor.yaml
@@ -3,14 +3,14 @@ ibexa:
         <scope>:
             connector_raptor:
                 enabled:              true
-                customer_id:          ~ # Required
+                customer_id:          "12345" # Required
                 tracking_type:        client # One of: "client" or "server"
 
                 # Raptor Recommendations API key
-                recommendations_api_key: ~ # Required
+                recommendations_api_key: "your_api_key_here" # Required
 
-                # Raptor Recommendations API URL, optional, set by default
-                recommendations_api_url: '%ibexa.connector.raptor.recommendations.api_url%'
+                # Raptor Recommendations API URI, optional, set by default
+                recommendations_api_uri: '%ibexa.connector.raptor.recommendations.api_uri%'
 
                 # Cookie lifetime in days for server-side tracking identifier
                 # Default: 365 days. Minimum: 1 day.

diff --git a/composer.json b/composer.json
@@ -4,6 +4,9 @@
     "type": "library",
     "license": "GNU General Public License v2.0",
     "autoload-dev": {
+        "psr-4": {
+            "Ibexa\\Tests\\Documentation\\": "tests/"
+        }
     },
     "repositories": [
         {
@@ -15,6 +18,9 @@
         "php": "^8.3"
     },
     "require-dev": {
+        "phpunit/phpunit": "^11.0",
+        "symfony/yaml": "^7.0",
+        "ibexa/connector-gemini": "5.0.x-dev",
         "ibexa/automated-translation": "5.0.x-dev",
         "ibexa/code-style": "~2.0.0",
         "friendsofphp/php-cs-fixer": "^3.30",
@@ -52,7 +58,7 @@
         "ibexa/page-builder": "5.0.x-dev",
         "ibexa/order-management": "5.0.x-dev",
         "ibexa/calendar": "5.0.x-dev",
-        "ibexa/payment": "5.0.x-dev",
+        "ibexa/payment": "~5.0.x-dev",
         "ibexa/shipping": "5.0.x-dev",
         "ibexa/fieldtype-matrix": "5.0.x-dev",
         "ibexa/storefront": "5.0.x-dev",
@@ -86,21 +92,33 @@
         "ibexa/cdp": "~5.0.x-dev",
         "ibexa/connector-raptor": "~5.0.x-dev",
         "ibexa/image-editor": "~5.0.x-dev",
-        "ibexa/integrated-help": "~5.0.x-dev"
+        "ibexa/integrated-help": "~5.0.x-dev",
+        "ibexa/site-context": "~5.0.x-dev",
+        "ibexa/fieldtype-richtext-rte": "~5.0.x-dev",
+        "ibexa/site-factory": "~5.0.x-dev",
+        "ibexa/ckeditor-premium": "~5.0.x-dev",
+        "ibexa/measurement": "~5.0.x-dev",
+        "ibexa/connector-actito": "~5.0.x-dev",
+        "ibexa/fastly": "~5.0.x-dev"
     },
     "scripts": {
         "fix-cs": "php-cs-fixer fix --config=.php-cs-fixer.php -v --show-progress=dots",
         "check-cs": "@fix-cs --dry-run",
         "phpstan": "phpstan analyse",
         "deptrac": "deptrac analyse",
-        "check-rector": "rector process --dry-run --ansi"
+        "check-rector": "rector process --dry-run --ansi",
+        "check-yaml": "phpunit --group yaml",
+        "phpunit": "phpunit --exclude-group=yaml",
+        "yaml-update-baseline": "php tests/generate-yaml-baseline.php"
     },
     "scripts-descriptions": {
         "fix-cs": "Automatically fixes code style in all files",
         "check-cs": "Run code style checker for all files",
         "phpstan": "Run static code analysis",
         "deptrac": "Run Deptrac architecture testing",
-        "check-rector": "Check for code refactoring opportunities"
+        "check-rector": "Check for code refactoring opportunities",
+        "check-yaml": "Run PHPUnit tests (YAML validation)",
+        "yaml-update-baseline": "Regenerate tests/yaml-validation-baseline.yaml from current failures"
     },
     "config": {
         "allow-plugins": false

diff --git a/docs/administration/back_office/customize_search_suggestion.md b/docs/administration/back_office/customize_search_suggestion.md
@@ -17,8 +17,9 @@ ibexa:
     system:
         <scope>:
             search:
-                min_query_length: 3
-                result_limit: 5
+                suggestion:
+                    min_query_length: 3
+                    result_limit: 5
 ```
 
 ## Add custom suggestion source

diff --git a/docs/administration/configuration/dynamic_configuration.md b/docs/administration/configuration/dynamic_configuration.md
@@ -18,7 +18,7 @@ parameters:
     # Internal configuration
     ibexa.site_access.config.default.content.default_ttl: 60
     ibexa.site_access.config.site_group.content.default_ttl: 3600
- 
+
     # Here "myapp" is the namespace, followed by the SiteAccess name as the parameter scope
     # Parameter "my_param" will have a different value in site_group and admin_group
     myapp.site_group.my_param: value

diff --git a/docs/api/graphql/graphql_customization.md b/docs/api/graphql/graphql_customization.md
@@ -68,9 +68,9 @@ Mutation:
             createSomething:
                 builder: Mutation
                 builderConfig:
-                        inputType: CreateSomethingInput
-                        payloadType: SomethingPayload
-                        mutateAndGetPayload: '@=mutation('CreateSomething', [value])'
+                    inputType: CreateSomethingInput
+                    payloadType: SomethingPayload
+                    mutateAndGetPayload: "@=mutation('CreateSomething', [value])"
 
 CreateSomethingInput:
     type: relay-mutation-input

diff --git a/docs/api/rest_api/rest_api_authentication.md b/docs/api/rest_api/rest_api_authentication.md
@@ -337,10 +337,15 @@ For more information, see [HTTP Authentication: Basic and Digest Access Authenti
 If the installation has a dedicated host for REST, you can enable HTTP basic authentication only on this host by setting a firewall like in the following example before the `ibexa_front` one:
 
 ```yaml
+security:
+    firewalls:
+        # ...
         ibexa_rest:
             host: ^api\.example\.com$
             http_basic:
                 realm: Ibexa DXP REST API
+        #ibexa_front:
+        # ...
 ```
 
 !!! caution "Back office uses REST API"

diff --git a/docs/cdp/cdp_installation.md b/docs/cdp/cdp_installation.md
@@ -27,11 +27,14 @@ Symfony Flex installs and activates the package.
 After an installation process is finished, go to `config/packages/security.yaml` and uncomment `ibexa_cdp` rule.
 
 ```yaml
-ibexa_cdp:
-    pattern: /cdp/webhook
-    guard:
-        authenticator: 'Ibexa\Cdp\Security\CdpRequestAuthenticator'
-    stateless: true
+security:
+    firewalls:
+        # ...
+        ibexa_cdp:
+            request_matcher: Ibexa\Cdp\Security\RequestMatcher
+            custom_authenticators:
+                - 'Ibexa\Cdp\Security\CdpRequestAuthenticator'
+            stateless: true
 ```
 
 Now, you can configure [[= product_name_cdp =]].

diff --git a/docs/commerce/checkout/reorder.md b/docs/commerce/checkout/reorder.md
@@ -54,11 +54,11 @@ framework:
             places:
                 !php/const Ibexa\OrderManagement\Value\Status::COMPLETED_PLACE:
                     metadata:
-                        ...
+                        # ...
                         can_be_reordered: true
                 !php/const Ibexa\OrderManagement\Value\Status::CANCELLED_PLACE:
                     metadata:
-                        ...
+                        # ...
                         can_be_reordered: true
 
 ```

diff --git a/docs/commerce/payment/enable_stripe_payments.md b/docs/commerce/payment/enable_stripe_payments.md
@@ -43,5 +43,4 @@ ibexa:
         type:
             strp_checkout:
                 name: "Translated Stripe Checkout name"
-
 ```
diff --git a/docs/commerce/payment/payum_integration.md b/docs/commerce/payment/payum_integration.md
@@ -43,7 +43,7 @@ ibexa_connector_payum:
         refunded: cancelled
         captured: pending
         authorized: authorized
-[...]
+# ...
 ```
 
 ## Payment service name translations

diff --git a/docs/commerce/storefront/configure_storefront.md b/docs/commerce/storefront/configure_storefront.md
@@ -92,9 +92,10 @@ Settings for a Storefront user are configured under the `ibexa.system.<scope>.st
 ibexa:
     system:
         site_group:
-            user_settings_groups:
-                - location
-                - custom_group
+            storefront:
+                user_settings_groups:
+                    - location
+                    - custom_group
 ```
 
 By default, only the `location` user settings is provided:

diff --git a/docs/content_management/collaborative_editing/configure_collaborative_editing.md b/docs/content_management/collaborative_editing/configure_collaborative_editing.md
@@ -57,14 +57,15 @@ security:
 ```yaml
 security:
     # ...
-    ibexa_shareable_link:
-        request_matcher: Ibexa\Collaboration\Security\RequestMatcher\ShareableLinkRequestMatcher
-        pattern: ^/
-        provider: shared
-        stateless: true
-        user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker
-        custom_authenticators:
-            - Ibexa\Collaboration\Security\Authenticator\ShareableLinkAuthenticator
+    firewalls:
+        ibexa_shareable_link:
+            request_matcher: Ibexa\Collaboration\Security\RequestMatcher\ShareableLinkRequestMatcher
+            pattern: ^/
+            provider: shared
+            stateless: true
+            user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker
+            custom_authenticators:
+                - Ibexa\Collaboration\Security\Authenticator\ShareableLinkAuthenticator
 ```
 
 ### Configuration

diff --git a/docs/content_management/data_migration/managing_migrations.md b/docs/content_management/data_migration/managing_migrations.md
@@ -50,7 +50,7 @@ You can configure a different folder by using the following settings:
 
 ``` yaml
 ibexa_migrations:
-    migration_directory: %kernel.project_dir%/src/Migrations/MyMigrations/
+    migration_directory: '%kernel.project_dir%/src/Migrations/MyMigrations/'
     migrations_files_subdir: migration_files
 ```
 
@@ -64,7 +64,6 @@ ibexa_migrations:
     ``` yaml
     ibexa_migrations:
         migration_directory: '%kernel.project_dir%/data/<repository>'
-        ...
     ```
 
     Then, when you run the migration command, you must use the [`--siteaccess` option](exporting_data.md#siteaccess) and provide the name of the SiteAccess that you want to migrate.

diff --git a/docs/content_management/field_types/field_type_storage.md b/docs/content_management/field_types/field_type_storage.md
@@ -147,7 +147,7 @@ services:
         autoconfigure: true
         public: false
 
-    App\FieldType\MyField\Storage\MyFieldStorage: ~
+    App\FieldType\MyField\Storage\MyFieldStorage:
         tags:
             - {name: ibexa.field_type.storage.external.handler, alias: myfield}
 ```

diff --git a/docs/content_management/field_types/form_and_template.md b/docs/content_management/field_types/form_and_template.md
@@ -189,7 +189,7 @@ If you don't use the design engine, apply the following configuration:
 
 ``` yaml
 ibexa:
-    systems:
+    system:
         admin_group:
             field_templates:
                 - { template: 'adminui/field/custom_field_view.html.twig', priority: 10 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -65,7 +65,7 @@ framework: @@
                         to:
                             - dropped
-    // ...
+    # ...
     ibexa:
         repositories:
@@ Expand Down @@