From 9422b6d6d01bc5f533c86f4544ed4e5d1f68f6e5 Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <opensource@fthiessen.de>
Date: Wed, 28 May 2025 10:41:55 +0200
Subject: [PATCH 1/2] test: adjust library tests for PHPunit deprecations

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
---
 tests/lib/App/AppManagerTest.php          | 6 +++---
 tests/lib/Files/FilenameValidatorTest.php | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/lib/App/AppManagerTest.php b/tests/lib/App/AppManagerTest.php
index 2e1163cf9db3b..c8f7f2cb17259 100644
--- a/tests/lib/App/AppManagerTest.php
+++ b/tests/lib/App/AppManagerTest.php
@@ -159,15 +159,15 @@ public function testGetAppIcon($callback, ?bool $dark, ?string $expected): void
 		}
 	}
 
-	public function dataGetAppIcon(): array {
+	public static function dataGetAppIcon(): array {
 		$nothing = function ($appId) {
-			$this->assertEquals('test', $appId);
+			self::assertEquals('test', $appId);
 			throw new \RuntimeException();
 		};
 
 		$createCallback = function ($workingIcons) {
 			return function ($appId, $icon) use ($workingIcons) {
-				$this->assertEquals('test', $appId);
+				self::assertEquals('test', $appId);
 				if (in_array($icon, $workingIcons)) {
 					return '/path/' . $icon;
 				}
diff --git a/tests/lib/Files/FilenameValidatorTest.php b/tests/lib/Files/FilenameValidatorTest.php
index db7874b0bd5ea..a52971d109eb5 100644
--- a/tests/lib/Files/FilenameValidatorTest.php
+++ b/tests/lib/Files/FilenameValidatorTest.php
@@ -409,7 +409,7 @@ public function testSanitizeFilename(
 		$this->assertEquals($expected, $validator->sanitizeFilename($filename));
 	}
 
-	public function dataSanitizeFilename(): array {
+	public static function dataSanitizeFilename(): array {
 		return [
 			'valid name' => [
 				'a * b.txt', ['.htaccess'], [], [], [], 'a * b.txt'

From d0758fe6ac8c31a95b2dd655b40842a4b1d45071 Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <opensource@fthiessen.de>
Date: Wed, 28 May 2025 10:59:55 +0200
Subject: [PATCH 2/2] test(encryption): adjust test code for PHPUnit 10
 deprecations

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
---
 .../tests/Command/FixEncryptedVersionTest.php |  14 +-
 .../tests/Command/TestEnableMasterKey.php     |   2 +
 .../Controller/RecoveryControllerTest.php     |  29 ++--
 .../Controller/SettingsControllerTest.php     |  61 +++-----
 .../tests/Controller/StatusControllerTest.php |  23 ++-
 apps/encryption/tests/Crypto/CryptTest.php    |  85 +++++------
 .../tests/Crypto/DecryptAllTest.php           |  28 ++--
 .../tests/Crypto/EncryptAllTest.php           | 134 ++++++++----------
 .../tests/Crypto/EncryptionTest.php           |  46 +++---
 apps/encryption/tests/KeyManagerTest.php      | 116 +++++++--------
 apps/encryption/tests/RecoveryTest.php        |   2 +
 apps/encryption/tests/SessionTest.php         |  18 +--
 apps/encryption/tests/Settings/AdminTest.php  |  27 ++--
 apps/encryption/tests/Users/SetupTest.php     |  22 ++-
 apps/encryption/tests/UtilTest.php            |  28 ++--
 15 files changed, 266 insertions(+), 369 deletions(-)

diff --git a/apps/encryption/tests/Command/FixEncryptedVersionTest.php b/apps/encryption/tests/Command/FixEncryptedVersionTest.php
index 7a69b4bf90173..d0af359183b49 100644
--- a/apps/encryption/tests/Command/FixEncryptedVersionTest.php
+++ b/apps/encryption/tests/Command/FixEncryptedVersionTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2019 ownCloud GmbH
@@ -16,6 +18,7 @@
 use OCP\ITempManager;
 use OCP\IUserManager;
 use OCP\Server;
+use PHPUnit\Framework\MockObject\MockObject;
 use Psr\Log\LoggerInterface;
 use Symfony\Component\Console\Tester\CommandTester;
 use Test\TestCase;
@@ -34,16 +37,13 @@ class FixEncryptedVersionTest extends TestCase {
 	use EncryptionTrait;
 	use UserTrait;
 
-	private $userId;
+	private string $userId;
 
-	/** @var FixEncryptedVersion */
-	private $fixEncryptedVersion;
+	private FixEncryptedVersion $fixEncryptedVersion;
 
-	/** @var CommandTester */
-	private $commandTester;
+	private CommandTester $commandTester;
 
-	/** @var Util|\PHPUnit\Framework\MockObject\MockObject */
-	protected $util;
+	protected Util&MockObject $util;
 
 	public function setUp(): void {
 		parent::setUp();
diff --git a/apps/encryption/tests/Command/TestEnableMasterKey.php b/apps/encryption/tests/Command/TestEnableMasterKey.php
index c4678b778bc07..744bbaed6f8ea 100644
--- a/apps/encryption/tests/Command/TestEnableMasterKey.php
+++ b/apps/encryption/tests/Command/TestEnableMasterKey.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/apps/encryption/tests/Controller/RecoveryControllerTest.php b/apps/encryption/tests/Controller/RecoveryControllerTest.php
index 9de583b387c75..7eff312d6ceb2 100644
--- a/apps/encryption/tests/Controller/RecoveryControllerTest.php
+++ b/apps/encryption/tests/Controller/RecoveryControllerTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -13,26 +15,23 @@
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\IRequest;
+use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
 
 class RecoveryControllerTest extends TestCase {
-	/** @var RecoveryController */
-	private $controller;
-	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
-	private $requestMock;
-	/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
-	private $configMock;
-	/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
-	private $l10nMock;
-	/** @var Recovery|\PHPUnit\Framework\MockObject\MockObject */
-	private $recoveryMock;
-
-	public function adminRecoveryProvider() {
+	protected RecoveryController $controller;
+
+	protected IRequest&MockObject $requestMock;
+	protected IConfig&MockObject $configMock;
+	protected IL10N&MockObject $l10nMock;
+	protected Recovery&MockObject $recoveryMock;
+
+	public static function adminRecoveryProvider(): array {
 		return [
 			['test', 'test', '1', 'Recovery key successfully enabled', Http::STATUS_OK],
 			['', 'test', '1', 'Missing recovery key password', Http::STATUS_BAD_REQUEST],
 			['test', '', '1', 'Please repeat the recovery key password', Http::STATUS_BAD_REQUEST],
-			['test', 'soimething that doesn\'t match', '1', 'Repeated recovery key password does not match the provided recovery key password', Http::STATUS_BAD_REQUEST],
+			['test', 'something that doesn\'t match', '1', 'Repeated recovery key password does not match the provided recovery key password', Http::STATUS_BAD_REQUEST],
 			['test', 'test', '0', 'Recovery key successfully disabled', Http::STATUS_OK],
 		];
 	}
@@ -63,7 +62,7 @@ public function testAdminRecovery($recoveryPassword, $passConfirm, $enableRecove
 		$this->assertEquals($expectedStatus, $response->getStatus());
 	}
 
-	public function changeRecoveryPasswordProvider() {
+	public static function changeRecoveryPasswordProvider(): array {
 		return [
 			['test', 'test', 'oldtestFail', 'Could not change the password. Maybe the old password was not correct.', Http::STATUS_BAD_REQUEST],
 			['test', 'test', 'oldtest', 'Password successfully changed.', Http::STATUS_OK],
@@ -98,7 +97,7 @@ public function testChangeRecoveryPassword($password, $confirmPassword, $oldPass
 		$this->assertEquals($expectedStatus, $response->getStatus());
 	}
 
-	public function userSetRecoveryProvider() {
+	public static function userSetRecoveryProvider(): array {
 		return [
 			['1', 'Recovery Key enabled', Http::STATUS_OK],
 			['0', 'Could not enable the recovery key, please try again or contact your administrator', Http::STATUS_BAD_REQUEST]
diff --git a/apps/encryption/tests/Controller/SettingsControllerTest.php b/apps/encryption/tests/Controller/SettingsControllerTest.php
index b676d57164f27..bee20f67cecdb 100644
--- a/apps/encryption/tests/Controller/SettingsControllerTest.php
+++ b/apps/encryption/tests/Controller/SettingsControllerTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -24,37 +26,18 @@
 
 class SettingsControllerTest extends TestCase {
 
-	/** @var SettingsController */
-	private $controller;
-
-	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
-	private $requestMock;
-
-	/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
-	private $l10nMock;
-
-	/** @var IUserManager|\PHPUnit\Framework\MockObject\MockObject */
-	private $userManagerMock;
-
-	/** @var IUserSession|\PHPUnit\Framework\MockObject\MockObject */
-	private $userSessionMock;
-
-	/** @var KeyManager|\PHPUnit\Framework\MockObject\MockObject */
-	private $keyManagerMock;
+	protected SettingsController $controller;
 
-	/** @var Crypt|\PHPUnit\Framework\MockObject\MockObject */
-	private $cryptMock;
-
-	/** @var Session|\PHPUnit\Framework\MockObject\MockObject */
-	private $sessionMock;
-	/** @var MockObject|IUser */
-	private $user;
-
-	/** @var ISession|\PHPUnit\Framework\MockObject\MockObject */
-	private $ocSessionMock;
-
-	/** @var Util|\PHPUnit\Framework\MockObject\MockObject */
-	private $utilMock;
+	protected IRequest&MockObject $requestMock;
+	protected IL10N&MockObject $l10nMock;
+	protected IUserManager&MockObject $userManagerMock;
+	protected IUserSession&MockObject $userSessionMock;
+	protected KeyManager&MockObject $keyManagerMock;
+	protected Crypt&MockObject $cryptMock;
+	protected Session&MockObject $sessionMock;
+	protected IUser&MockObject $user;
+	protected ISession&MockObject $ocSessionMock;
+	protected Util&MockObject $utilMock;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -171,21 +154,17 @@ public function testUpdatePrivateKeyPassword(): void {
 		$newPassword = 'new';
 
 		$this->ocSessionMock->expects($this->once())
-			->method('get')->with('loginname')->willReturn('testUser');
+			->method('get')
+			->with('loginname')
+			->willReturn('testUser');
 
 		$this->userManagerMock
 			->expects($this->exactly(2))
 			->method('checkPassword')
-			->withConsecutive(
-				['testUserUid', 'new'],
-				['testUser', 'new'],
-			)
-			->willReturnOnConsecutiveCalls(
-				false,
-				true,
-			);
-
-
+			->willReturnMap([
+				['testUserUid', 'new', false],
+				['testUser', 'new', true],
+			]);
 
 		$this->cryptMock
 			->expects($this->once())
diff --git a/apps/encryption/tests/Controller/StatusControllerTest.php b/apps/encryption/tests/Controller/StatusControllerTest.php
index fbe44f52fb789..616114927e822 100644
--- a/apps/encryption/tests/Controller/StatusControllerTest.php
+++ b/apps/encryption/tests/Controller/StatusControllerTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -12,24 +14,17 @@
 use OCP\Encryption\IManager;
 use OCP\IL10N;
 use OCP\IRequest;
+use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
 
 class StatusControllerTest extends TestCase {
 
-	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
-	private $requestMock;
-
-	/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
-	private $l10nMock;
-
-	/** @var Session|\PHPUnit\Framework\MockObject\MockObject */
-	protected $sessionMock;
-
-	/** @var IManager | \PHPUnit\Framework\MockObject\MockObject */
-	protected $encryptionManagerMock;
+	protected IRequest&MockObject $requestMock;
+	protected IL10N&MockObject $l10nMock;
+	protected Session&MockObject $sessionMock;
+	protected IManager&MockObject $encryptionManagerMock;
 
-	/** @var StatusController */
-	protected $controller;
+	protected StatusController $controller;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -68,7 +63,7 @@ public function testGetStatus($status, $expectedStatus): void {
 		$this->assertSame($expectedStatus, $data['status']);
 	}
 
-	public function dataTestGetStatus() {
+	public static function dataTestGetStatus(): array {
 		return [
 			[Session::INIT_EXECUTED, 'interactionNeeded'],
 			[Session::INIT_SUCCESSFUL, 'success'],
diff --git a/apps/encryption/tests/Crypto/CryptTest.php b/apps/encryption/tests/Crypto/CryptTest.php
index 74afc6d44a1ab..345311da4d0e2 100644
--- a/apps/encryption/tests/Crypto/CryptTest.php
+++ b/apps/encryption/tests/Crypto/CryptTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -12,24 +14,17 @@
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\IUserSession;
+use PHPUnit\Framework\MockObject\MockObject;
 use Psr\Log\LoggerInterface;
 use Test\TestCase;
 
 class CryptTest extends TestCase {
-	/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
-	private $logger;
-
-	/** @var IUserSession|\PHPUnit\Framework\MockObject\MockObject */
-	private $userSession;
-
-	/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
-	private $config;
+	protected LoggerInterface&MockObject $logger;
+	protected IUserSession&MockObject $userSession;
+	protected IConfig&MockObject $config;
+	protected IL10N&MockObject $l;
 
-	/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
-	private $l;
-
-	/** @var Crypt */
-	private $crypt;
+	protected Crypt $crypt;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -113,10 +108,7 @@ public function testGenerateHeaderInvalid(): void {
 		$this->crypt->generateHeader('unknown');
 	}
 
-	/**
-	 * @return array
-	 */
-	public function dataTestGenerateHeader() {
+	public static function dataTestGenerateHeader(): array {
 		return [
 			[null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash2:encoding:binary:HEND'],
 			['password', 'HBEGIN:cipher:AES-128-CFB:keyFormat:password:encoding:binary:HEND'],
@@ -155,10 +147,8 @@ public function testGetCipher($configValue, $expected): void {
 
 	/**
 	 * data provider for testGetCipher
-	 *
-	 * @return array
 	 */
-	public function dataProviderGetCipher() {
+	public static function dataProviderGetCipher(): array {
 		return [
 			['AES-128-CFB', 'AES-128-CFB'],
 			['AES-256-CFB', 'AES-256-CFB'],
@@ -201,7 +191,7 @@ public function testSplitMetaData($data, $expected): void {
 		$this->assertSame($expected['signature'], $result['signature']);
 	}
 
-	public function dataTestSplitMetaData() {
+	public static function dataTestSplitMetaData(): array {
 		return [
 			['encryptedContent00iv001234567890123456xx',
 				['encrypted' => 'encryptedContent', 'iv' => '1234567890123456', 'signature' => false]],
@@ -222,7 +212,7 @@ public function testHasSignature($data, $expected): void {
 		);
 	}
 
-	public function dataTestHasSignature() {
+	public static function dataTestHasSignature(): array {
 		return [
 			['encryptedContent00iv001234567890123456xx', false],
 			['encryptedContent00iv00123456789012345600sig00e1992521e437f6915f9173b190a512cfc38a00ac24502db44e0ba10c2bb0cc86xxx', true]
@@ -239,7 +229,7 @@ public function testHasSignatureFail($cipher): void {
 		$this->invokePrivate($this->crypt, 'hasSignature', [$data, $cipher]);
 	}
 
-	public function dataTestHasSignatureFail() {
+	public static function dataTestHasSignatureFail(): array {
 		return [
 			['AES-256-CTR'],
 			['aes-256-ctr'],
@@ -270,10 +260,8 @@ public function testRemovePadding($data, $expected): void {
 
 	/**
 	 * data provider for testRemovePadding
-	 *
-	 * @return array
 	 */
-	public function dataProviderRemovePadding() {
+	public static function dataProviderRemovePadding(): array {
 		return [
 			['dataxx', 'data'],
 			['data', false]
@@ -357,10 +345,7 @@ public function testGetKeySizeFailure(): void {
 		$this->invokePrivate($this->crypt, 'getKeySize', ['foo']);
 	}
 
-	/**
-	 * @return array
-	 */
-	public function dataTestGetKeySize() {
+	public static function dataTestGetKeySize(): array {
 		return [
 			['AES-256-CFB', 32],
 			['AES-128-CFB', 16],
@@ -374,28 +359,25 @@ public function dataTestGetKeySize() {
 	 */
 	public function testDecryptPrivateKey($header, $privateKey, $expectedCipher, $isValidKey, $expected): void {
 		$this->config->method('getSystemValueBool')
-			->withConsecutive(['encryption.legacy_format_support', false],
-				['encryption.use_legacy_base64_encoding', false])
-			->willReturnOnConsecutiveCalls(true, false);
+			->willReturnMap([
+				['encryption.legacy_format_support', false, true],
+				['encryption.use_legacy_base64_encoding', false, false],
+			]);
 
 		/** @var Crypt|\PHPUnit\Framework\MockObject\MockObject $crypt */
 		$crypt = $this->getMockBuilder(Crypt::class)
-			->setConstructorArgs(
-				[
-					$this->logger,
-					$this->userSession,
-					$this->config,
-					$this->l
-				]
-			)
-			->setMethods(
-				[
-					'parseHeader',
-					'generatePasswordHash',
-					'symmetricDecryptFileContent',
-					'isValidPrivateKey'
-				]
-			)
+			->setConstructorArgs([
+				$this->logger,
+				$this->userSession,
+				$this->config,
+				$this->l
+			])
+			->onlyMethods([
+				'parseHeader',
+				'generatePasswordHash',
+				'symmetricDecryptFileContent',
+				'isValidPrivateKey'
+			])
 			->getMock();
 
 		$crypt->expects($this->once())->method('parseHeader')->willReturn($header);
@@ -416,10 +398,7 @@ public function testDecryptPrivateKey($header, $privateKey, $expectedCipher, $is
 		$this->assertSame($expected, $result);
 	}
 
-	/**
-	 * @return array
-	 */
-	public function dataTestDecryptPrivateKey() {
+	public static function dataTestDecryptPrivateKey(): array {
 		return [
 			[['cipher' => 'AES-128-CFB', 'keyFormat' => 'password'], 'HBEGIN:HENDprivateKey', 'AES-128-CFB', true, 'key'],
 			[['cipher' => 'AES-256-CFB', 'keyFormat' => 'password'], 'HBEGIN:HENDprivateKey', 'AES-256-CFB', true, 'key'],
diff --git a/apps/encryption/tests/Crypto/DecryptAllTest.php b/apps/encryption/tests/Crypto/DecryptAllTest.php
index 0d8543153ef2e..83684b8be3201 100644
--- a/apps/encryption/tests/Crypto/DecryptAllTest.php
+++ b/apps/encryption/tests/Crypto/DecryptAllTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -12,28 +14,19 @@
 use OCA\Encryption\KeyManager;
 use OCA\Encryption\Session;
 use OCA\Encryption\Util;
+use PHPUnit\Framework\MockObject\MockObject;
 use Symfony\Component\Console\Helper\QuestionHelper;
 use Test\TestCase;
 
 class DecryptAllTest extends TestCase {
 
-	/** @var DecryptAll */
-	protected $instance;
-
-	/** @var Util | \PHPUnit\Framework\MockObject\MockObject */
-	protected $util;
-
-	/** @var KeyManager | \PHPUnit\Framework\MockObject\MockObject */
-	protected $keyManager;
-
-	/** @var Crypt | \PHPUnit\Framework\MockObject\MockObject */
-	protected $crypt;
-
-	/** @var Session | \PHPUnit\Framework\MockObject\MockObject */
-	protected $session;
+	protected DecryptAll $instance;
 
-	/** @var QuestionHelper | \PHPUnit\Framework\MockObject\MockObject */
-	protected $questionHelper;
+	protected Util&MockObject $util;
+	protected KeyManager&MockObject $keyManager;
+	protected Crypt&MockObject $crypt;
+	protected Session&MockObject $session;
+	protected QuestionHelper&MockObject $questionHelper;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -75,6 +68,7 @@ public function testGetPrivateKey($user, $recoveryKeyId, $masterKeyId): void {
 		$password = 'passwd';
 		$recoveryKey = 'recoveryKey';
 		$userKey = 'userKey';
+		$masterKey = 'userKey';
 		$unencryptedKey = 'unencryptedKey';
 
 		$this->keyManager->expects($this->any())->method('getRecoveryKeyId')
@@ -105,7 +99,7 @@ public function testGetPrivateKey($user, $recoveryKeyId, $masterKeyId): void {
 		);
 	}
 
-	public function dataTestGetPrivateKey() {
+	public static function dataTestGetPrivateKey() {
 		return [
 			['user1', 'recoveryKey', 'masterKeyId'],
 			['recoveryKeyId', 'recoveryKeyId', 'masterKeyId'],
diff --git a/apps/encryption/tests/Crypto/EncryptAllTest.php b/apps/encryption/tests/Crypto/EncryptAllTest.php
index d702c123b9b4d..45743ae733b89 100644
--- a/apps/encryption/tests/Crypto/EncryptAllTest.php
+++ b/apps/encryption/tests/Crypto/EncryptAllTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -20,6 +22,7 @@
 use OCP\Mail\IMailer;
 use OCP\Security\ISecureRandom;
 use OCP\UserInterface;
+use PHPUnit\Framework\MockObject\MockObject;
 use Symfony\Component\Console\Formatter\OutputFormatterInterface;
 use Symfony\Component\Console\Helper\ProgressBar;
 use Symfony\Component\Console\Helper\QuestionHelper;
@@ -29,50 +32,22 @@
 
 class EncryptAllTest extends TestCase {
 
-	/** @var \PHPUnit\Framework\MockObject\MockObject|KeyManager */
-	protected $keyManager;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|Util */
-	protected $util;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|IUserManager */
-	protected $userManager;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|Setup */
-	protected $setupUser;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|View */
-	protected $view;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|IConfig */
-	protected $config;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|IMailer */
-	protected $mailer;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|IL10N */
-	protected $l;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject | IFactory */
-	protected $l10nFactory;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject | \Symfony\Component\Console\Helper\QuestionHelper */
-	protected $questionHelper;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject | \Symfony\Component\Console\Input\InputInterface */
-	protected $inputInterface;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject | \Symfony\Component\Console\Output\OutputInterface */
-	protected $outputInterface;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|UserInterface */
-	protected $userInterface;
-
-	/** @var \PHPUnit\Framework\MockObject\MockObject|ISecureRandom */
-	protected $secureRandom;
-
-	/** @var EncryptAll */
-	protected $encryptAll;
+	protected KeyManager&MockObject $keyManager;
+	protected Util&MockObject $util;
+	protected IUserManager&MockObject $userManager;
+	protected Setup&MockObject $setupUser;
+	protected View&MockObject $view;
+	protected IConfig&MockObject $config;
+	protected IMailer&MockObject $mailer;
+	protected IL10N&MockObject $l;
+	protected IFactory&MockObject $l10nFactory;
+	protected \Symfony\Component\Console\Helper\QuestionHelper&MockObject $questionHelper;
+	protected \Symfony\Component\Console\Input\InputInterface&MockObject $inputInterface;
+	protected \Symfony\Component\Console\Output\OutputInterface&MockObject $outputInterface;
+	protected UserInterface&MockObject $userInterface;
+	protected ISecureRandom&MockObject $secureRandom;
+
+	protected EncryptAll $encryptAll;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -153,7 +128,7 @@ public function testEncryptAll(): void {
 					$this->secureRandom
 				]
 			)
-			->setMethods(['createKeyPairs', 'encryptAllUsersFiles', 'outputPasswords'])
+			->onlyMethods(['createKeyPairs', 'encryptAllUsersFiles', 'outputPasswords'])
 			->getMock();
 
 		$this->util->expects($this->any())->method('isMasterKeyEnabled')->willReturn(false);
@@ -182,7 +157,7 @@ public function testEncryptAllWithMasterKey(): void {
 					$this->secureRandom
 				]
 			)
-			->setMethods(['createKeyPairs', 'encryptAllUsersFiles', 'outputPasswords'])
+			->onlyMethods(['createKeyPairs', 'encryptAllUsersFiles', 'outputPasswords'])
 			->getMock();
 
 		$this->util->expects($this->any())->method('isMasterKeyEnabled')->willReturn(true);
@@ -212,7 +187,7 @@ public function testCreateKeyPairs(): void {
 					$this->secureRandom
 				]
 			)
-			->setMethods(['setupUserFS', 'generateOneTimePassword'])
+			->onlyMethods(['setupUserFS', 'generateOneTimePassword'])
 			->getMock();
 
 
@@ -245,7 +220,7 @@ function ($user) {
 	}
 
 	public function testEncryptAllUsersFiles(): void {
-		/** @var EncryptAll | \PHPUnit\Framework\MockObject\MockObject  $encryptAll */
+		/** @var EncryptAll&MockObject $encryptAll */
 		$encryptAll = $this->getMockBuilder(EncryptAll::class)
 			->setConstructorArgs(
 				[
@@ -262,7 +237,7 @@ public function testEncryptAllUsersFiles(): void {
 					$this->secureRandom
 				]
 			)
-			->setMethods(['encryptUsersFiles'])
+			->onlyMethods(['encryptUsersFiles'])
 			->getMock();
 
 		$this->util->expects($this->any())->method('isMasterKeyEnabled')->willReturn(false);
@@ -271,17 +246,22 @@ public function testEncryptAllUsersFiles(): void {
 		$this->invokePrivate($encryptAll, 'output', [$this->outputInterface]);
 		$this->invokePrivate($encryptAll, 'userPasswords', [['user1' => 'pwd1', 'user2' => 'pwd2']]);
 
-		$encryptAll->expects($this->exactly(2))->method('encryptUsersFiles')
-			->withConsecutive(
-				['user1'],
-				['user2'],
-			);
+		$encryptAllCalls = [];
+		$encryptAll->expects($this->exactly(2))
+			->method('encryptUsersFiles')
+			->willReturnCallback(function ($uid) use (&$encryptAllCalls) {
+				$encryptAllCalls[] = $uid;
+			});
 
 		$this->invokePrivate($encryptAll, 'encryptAllUsersFiles');
+		self::assertEquals([
+			'user1',
+			'user2',
+		], $encryptAllCalls);
 	}
 
 	public function testEncryptUsersFiles(): void {
-		/** @var EncryptAll | \PHPUnit\Framework\MockObject\MockObject  $encryptAll */
+		/** @var EncryptAll&MockObject $encryptAll */
 		$encryptAll = $this->getMockBuilder(EncryptAll::class)
 			->setConstructorArgs(
 				[
@@ -298,24 +278,31 @@ public function testEncryptUsersFiles(): void {
 					$this->secureRandom
 				]
 			)
-			->setMethods(['encryptFile', 'setupUserFS'])
+			->onlyMethods(['encryptFile', 'setupUserFS'])
 			->getMock();
 
 		$this->util->expects($this->any())->method('isMasterKeyEnabled')->willReturn(false);
 
 		$this->view->expects($this->exactly(2))->method('getDirectoryContent')
-			->withConsecutive(
-				['/user1/files'],
-				['/user1/files/foo'],
-			)->willReturnOnConsecutiveCalls(
+			->willReturnMap([
 				[
-					['name' => 'foo', 'type' => 'dir'],
-					['name' => 'bar', 'type' => 'file'],
+					'/user1/files',
+					'',
+					null,
+					[
+						['name' => 'foo', 'type' => 'dir'],
+						['name' => 'bar', 'type' => 'file'],
+					],
 				],
 				[
-					['name' => 'subfile', 'type' => 'file']
-				]
-			);
+					'/user1/files/foo',
+					'',
+					null,
+					[
+						['name' => 'subfile', 'type' => 'file']
+					],
+				],
+			]);
 
 		$this->view->expects($this->any())->method('is_dir')
 			->willReturnCallback(
@@ -327,11 +314,12 @@ function ($path) {
 				}
 			);
 
-		$encryptAll->expects($this->exactly(2))->method('encryptFile')
-			->withConsecutive(
-				['/user1/files/bar'],
-				['/user1/files/foo/subfile'],
-			);
+		$encryptAllCalls = [];
+		$encryptAll->expects($this->exactly(2))
+			->method('encryptFile')
+			->willReturnCallback(function (string $path) use (&$encryptAllCalls) {
+				$encryptAllCalls[] = $path;
+			});
 
 		$outputFormatter = $this->createMock(OutputFormatterInterface::class);
 		$outputFormatter->method('isDecorated')->willReturn(false);
@@ -341,6 +329,10 @@ function ($path) {
 		$progressBar = new ProgressBar($this->outputInterface);
 
 		$this->invokePrivate($encryptAll, 'encryptUsersFiles', ['user1', $progressBar, '']);
+		self::assertEquals([
+			'/user1/files/bar',
+			'/user1/files/foo/subfile',
+		], $encryptAllCalls);
 	}
 
 	public function testGenerateOneTimePassword(): void {
@@ -378,7 +370,7 @@ public function testEncryptFile($isEncrypted): void {
 		);
 	}
 
-	public function dataTestEncryptFile() {
+	public static function dataTestEncryptFile(): array {
 		return [
 			[true],
 			[false],
diff --git a/apps/encryption/tests/Crypto/EncryptionTest.php b/apps/encryption/tests/Crypto/EncryptionTest.php
index 7f3d9d1f348c4..999c6242f0c49 100644
--- a/apps/encryption/tests/Crypto/EncryptionTest.php
+++ b/apps/encryption/tests/Crypto/EncryptionTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -26,34 +28,18 @@
 use Test\TestCase;
 
 class EncryptionTest extends TestCase {
-	/** @var Encryption */
-	private $instance;
-
-	/** @var KeyManager|\PHPUnit\Framework\MockObject\MockObject */
-	private $keyManagerMock;
-
-	/** @var EncryptAll|\PHPUnit\Framework\MockObject\MockObject */
-	private $encryptAllMock;
-
-	/** @var DecryptAll|\PHPUnit\Framework\MockObject\MockObject */
-	private $decryptAllMock;
-
-	/** @var Session|\PHPUnit\Framework\MockObject\MockObject */
-	private $sessionMock;
-
-	/** @var Crypt|\PHPUnit\Framework\MockObject\MockObject */
-	private $cryptMock;
-
-	/** @var Util|\PHPUnit\Framework\MockObject\MockObject */
-	private $utilMock;
-
-	/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
-	private $loggerMock;
 
-	/** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */
-	private $l10nMock;
+	protected Encryption $instance;
 
-	private IStorage&MockObject $storageMock;
+	protected KeyManager&MockObject $keyManagerMock;
+	protected EncryptAll&MockObject $encryptAllMock;
+	protected DecryptAll&MockObject $decryptAllMock;
+	protected Session&MockObject $sessionMock;
+	protected Crypt&MockObject $cryptMock;
+	protected Util&MockObject $utilMock;
+	protected LoggerInterface&MockObject $loggerMock;
+	protected IL10N&MockObject $l10nMock;
+	protected IStorage&MockObject $storageMock;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -175,7 +161,7 @@ public function testGetPathToRealFile($path, $expected): void {
 		);
 	}
 
-	public function dataProviderForTestGetPathToRealFile() {
+	public static function dataProviderForTestGetPathToRealFile(): array {
 		return [
 			['/user/files/foo/bar.txt', '/user/files/foo/bar.txt'],
 			['/user/files/foo.txt', '/user/files/foo.txt'],
@@ -228,7 +214,7 @@ public function testBegin($mode, $header, $legacyCipher, $defaultCipher, $fileKe
 		}
 	}
 
-	public function dataTestBegin() {
+	public static function dataTestBegin(): array {
 		return [
 			['w', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'defaultCipher'],
 			['r', ['cipher' => 'myCipher'], 'legacyCipher', 'defaultCipher', 'fileKey', 'myCipher'],
@@ -305,7 +291,7 @@ public function testUpdate($fileKey, $expected): void {
 		);
 	}
 
-	public function dataTestUpdate() {
+	public static function dataTestUpdate(): array {
 		return [
 			['', false],
 			['fileKey', true]
@@ -387,7 +373,7 @@ public function testShouldEncrypt($path, $shouldEncryptHomeStorage, $isHomeStora
 		);
 	}
 
-	public function dataTestShouldEncrypt() {
+	public static function dataTestShouldEncrypt(): array {
 		return [
 			['/user1/files/foo.txt', true, true, true],
 			['/user1/files_versions/foo.txt', true, true, true],
diff --git a/apps/encryption/tests/KeyManagerTest.php b/apps/encryption/tests/KeyManagerTest.php
index 8f5c9a78faf3a..187c21bc6873a 100644
--- a/apps/encryption/tests/KeyManagerTest.php
+++ b/apps/encryption/tests/KeyManagerTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -28,41 +30,19 @@
 use Test\TestCase;
 
 class KeyManagerTest extends TestCase {
-	/**
-	 * @var KeyManager
-	 */
-	private $instance;
-	/**
-	 * @var string
-	 */
-	private $userId;
-
-	/** @var string */
-	private $systemKeyId;
-
-	/** @var \OCP\Encryption\Keys\IStorage|\PHPUnit\Framework\MockObject\MockObject */
-	private $keyStorageMock;
-
-	/** @var Crypt|\PHPUnit\Framework\MockObject\MockObject */
-	private $cryptMock;
-
-	/** @var IUserSession|\PHPUnit\Framework\MockObject\MockObject */
-	private $userMock;
-
-	/** @var Session|\PHPUnit\Framework\MockObject\MockObject */
-	private $sessionMock;
-
-	/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
-	private $logMock;
-
-	/** @var Util|\PHPUnit\Framework\MockObject\MockObject */
-	private $utilMock;
 
-	/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
-	private $configMock;
+	protected KeyManager $instance;
 
-	/** @var ILockingProvider|MockObject */
-	private $lockingProviderMock;
+	protected string $userId;
+	protected string $systemKeyId;
+	protected IStorage&MockObject $keyStorageMock;
+	protected Crypt&MockObject $cryptMock;
+	protected IUserSession&MockObject $userMock;
+	protected Session&MockObject $sessionMock;
+	protected LoggerInterface&MockObject $logMock;
+	protected Util&MockObject $utilMock;
+	protected IConfig&MockObject $configMock;
+	protected ILockingProvider&MockObject $lockingProviderMock;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -201,7 +181,7 @@ public function testUserHasKeys($key, $expected): void {
 		);
 	}
 
-	public function dataTestUserHasKeys() {
+	public static function dataTestUserHasKeys(): array {
 		return [
 			['key', true],
 			['', false]
@@ -246,7 +226,7 @@ public function testUserHasKeysMissingPublicKey(): void {
 	 * @param bool $useMasterKey
 	 */
 	public function testInit($useMasterKey): void {
-		/** @var KeyManager|\PHPUnit\Framework\MockObject\MockObject $instance */
+		/** @var KeyManager&MockObject $instance */
 		$instance = $this->getMockBuilder(KeyManager::class)
 			->setConstructorArgs(
 				[
@@ -259,17 +239,18 @@ public function testInit($useMasterKey): void {
 					$this->utilMock,
 					$this->lockingProviderMock
 				]
-			)->setMethods(['getMasterKeyId', 'getMasterKeyPassword', 'getSystemPrivateKey', 'getPrivateKey'])
+			)->onlyMethods(['getMasterKeyId', 'getMasterKeyPassword', 'getSystemPrivateKey', 'getPrivateKey'])
 			->getMock();
 
 		$this->utilMock->expects($this->once())->method('isMasterKeyEnabled')
 			->willReturn($useMasterKey);
 
-		$this->sessionMock->expects($this->exactly(2))->method('setStatus')
-			->withConsecutive(
-				[Session::INIT_EXECUTED],
-				[Session::INIT_SUCCESSFUL],
-			);
+		$sessionSetStatusCalls = [];
+		$this->sessionMock->expects($this->exactly(2))
+			->method('setStatus')
+			->willReturnCallback(function (string $status) use (&$sessionSetStatusCalls) {
+				$sessionSetStatusCalls[] = $status;
+			});
 
 		$instance->expects($this->any())->method('getMasterKeyId')->willReturn('masterKeyId');
 		$instance->expects($this->any())->method('getMasterKeyPassword')->willReturn('masterKeyPassword');
@@ -290,9 +271,13 @@ public function testInit($useMasterKey): void {
 			->with('key');
 
 		$this->assertTrue($instance->init($this->userId, 'pass'));
+		self::assertEquals([
+			Session::INIT_EXECUTED,
+			Session::INIT_SUCCESSFUL,
+		], $sessionSetStatusCalls);
 	}
 
-	public function dataTestInit() {
+	public static function dataTestInit(): array {
 		return [
 			[true],
 			[false]
@@ -349,7 +334,7 @@ public function testGetEncryptedFileKey(): void {
 		$this->assertTrue($this->instance->getEncryptedFileKey('/'));
 	}
 
-	public function dataTestGetFileKey() {
+	public static function dataTestGetFileKey(): array {
 		return [
 			['user1', false, 'privateKey', 'legacyKey', 'multiKeyDecryptResult'],
 			['user1', false, 'privateKey', '', 'multiKeyDecryptResult'],
@@ -395,14 +380,10 @@ public function testGetFileKey($uid, $isMasterKeyEnabled, $privateKey, $encrypte
 
 		$this->keyStorageMock->expects($this->exactly(2))
 			->method('getFileKey')
-			->withConsecutive(
-				[$path, 'fileKey', 'OC_DEFAULT_MODULE'],
-				[$path, $expectedUid . '.shareKey', 'OC_DEFAULT_MODULE'],
-			)
-			->willReturnOnConsecutiveCalls(
-				$encryptedFileKey,
-				'fileKey',
-			);
+			->willReturnMap([
+				[$path, 'fileKey', 'OC_DEFAULT_MODULE', $encryptedFileKey],
+				[$path, $expectedUid . '.shareKey', 'OC_DEFAULT_MODULE', 'fileKey'],
+			]);
 
 		$this->utilMock->expects($this->any())->method('isMasterKeyEnabled')
 			->willReturn($isMasterKeyEnabled);
@@ -515,7 +496,7 @@ public function testAddSystemKeys($accessList, $publicKeys, $uid, $expectedKeys)
 	 *
 	 * @return array
 	 */
-	public function dataTestAddSystemKeys() {
+	public static function dataTestAddSystemKeys(): array {
 		return [
 			[['public' => true],[], 'user1', ['publicShareKey', 'recoveryKey']],
 			[['public' => false], [], 'user1', ['recoveryKey']],
@@ -563,7 +544,7 @@ public function testGetMasterKeyPasswordException(): void {
 	 * @param $masterKey
 	 */
 	public function testValidateMasterKey($masterKey): void {
-		/** @var KeyManager|\PHPUnit\Framework\MockObject\MockObject $instance */
+		/** @var KeyManager&MockObject $instance */
 		$instance = $this->getMockBuilder(KeyManager::class)
 			->setConstructorArgs(
 				[
@@ -576,7 +557,7 @@ public function testValidateMasterKey($masterKey): void {
 					$this->utilMock,
 					$this->lockingProviderMock
 				]
-			)->setMethods(['getPublicMasterKey', 'setSystemPrivateKey', 'getMasterKeyPassword'])
+			)->onlyMethods(['getPublicMasterKey', 'setSystemPrivateKey', 'getMasterKeyPassword'])
 			->getMock();
 
 		$this->utilMock->expects($this->once())->method('isMasterKeyEnabled')
@@ -611,20 +592,19 @@ public function testValidateMasterKey($masterKey): void {
 	}
 
 	public function testValidateMasterKeyLocked(): void {
-		/** @var KeyManager|\PHPUnit_Framework_MockObject_MockObject $instance */
+		/** @var KeyManager&MockObject $instance */
 		$instance = $this->getMockBuilder(KeyManager::class)
-			->setConstructorArgs(
-				[
-					$this->keyStorageMock,
-					$this->cryptMock,
-					$this->configMock,
-					$this->userMock,
-					$this->sessionMock,
-					$this->logMock,
-					$this->utilMock,
-					$this->lockingProviderMock
-				]
-			)->setMethods(['getPublicMasterKey', 'getPrivateMasterKey', 'setSystemPrivateKey', 'getMasterKeyPassword'])
+			->setConstructorArgs([
+				$this->keyStorageMock,
+				$this->cryptMock,
+				$this->configMock,
+				$this->userMock,
+				$this->sessionMock,
+				$this->logMock,
+				$this->utilMock,
+				$this->lockingProviderMock
+			])
+			->onlyMethods(['getPublicMasterKey', 'getPrivateMasterKey', 'setSystemPrivateKey', 'getMasterKeyPassword'])
 			->getMock();
 
 		$this->utilMock->expects($this->once())->method('isMasterKeyEnabled')
@@ -646,7 +626,7 @@ public function testValidateMasterKeyLocked(): void {
 		$instance->validateMasterKey();
 	}
 
-	public function dataTestValidateMasterKey() {
+	public static function dataTestValidateMasterKey(): array {
 		return [
 			['masterKey'],
 			['']
diff --git a/apps/encryption/tests/RecoveryTest.php b/apps/encryption/tests/RecoveryTest.php
index 17ad385eca001..0627724a8568f 100644
--- a/apps/encryption/tests/RecoveryTest.php
+++ b/apps/encryption/tests/RecoveryTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
diff --git a/apps/encryption/tests/SessionTest.php b/apps/encryption/tests/SessionTest.php
index 3072bc6ef3bc2..9e38f857e7355 100644
--- a/apps/encryption/tests/SessionTest.php
+++ b/apps/encryption/tests/SessionTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -10,17 +12,14 @@
 use OCA\Encryption\Exceptions\PrivateKeyMissingException;
 use OCA\Encryption\Session;
 use OCP\ISession;
+use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
 
 class SessionTest extends TestCase {
 	private static $tempStorage = [];
-	/**
-	 * @var Session
-	 */
-	private $instance;
-	/** @var ISession|\PHPUnit\Framework\MockObject\MockObject */
-	private $sessionMock;
 
+	protected Session $instance;
+	protected ISession&MockObject $sessionMock;
 
 	public function testThatGetPrivateKeyThrowsExceptionWhenNotSet(): void {
 		$this->expectException(PrivateKeyMissingException::class);
@@ -122,10 +121,11 @@ public function testSetAndGetStatusWillSetAndReturn(): void {
 	 * @param bool $expected
 	 */
 	public function testIsReady($status, $expected): void {
-		/** @var Session | \PHPUnit\Framework\MockObject\MockObject $instance */
+		/** @var Session&MockObject $instance */
 		$instance = $this->getMockBuilder(Session::class)
 			->setConstructorArgs([$this->sessionMock])
-			->setMethods(['getStatus'])->getMock();
+			->onlyMethods(['getStatus'])
+			->getMock();
 
 		$instance->expects($this->once())->method('getStatus')
 			->willReturn($status);
@@ -133,7 +133,7 @@ public function testIsReady($status, $expected): void {
 		$this->assertSame($expected, $instance->isReady());
 	}
 
-	public function dataTestIsReady() {
+	public static function dataTestIsReady(): array {
 		return [
 			[Session::INIT_SUCCESSFUL, true],
 			[Session::INIT_EXECUTED, false],
diff --git a/apps/encryption/tests/Settings/AdminTest.php b/apps/encryption/tests/Settings/AdminTest.php
index 4ddaeb1b84dd9..5ae9e7eb3c618 100644
--- a/apps/encryption/tests/Settings/AdminTest.php
+++ b/apps/encryption/tests/Settings/AdminTest.php
@@ -1,4 +1,7 @@
 <?php
+
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
@@ -12,24 +15,20 @@
 use OCP\ISession;
 use OCP\IUserManager;
 use OCP\IUserSession;
+use PHPUnit\Framework\MockObject\MockObject;
 use Psr\Log\LoggerInterface;
 use Test\TestCase;
 
 class AdminTest extends TestCase {
-	/** @var Admin */
-	private $admin;
-	/** @var IL10N */
-	private $l;
-	/** @var LoggerInterface */
-	private $logger;
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IConfig */
-	private $config;
-	/** @var IUserManager */
-	private $userManager;
-	/** @var ISession */
-	private $session;
+
+	protected Admin $admin;
+
+	protected IL10N&MockObject $l;
+	protected LoggerInterface&MockObject $logger;
+	protected IUserSession&MockObject $userSession;
+	protected IConfig&MockObject $config;
+	protected IUserManager&MockObject $userManager;
+	protected ISession&MockObject $session;
 
 	protected function setUp(): void {
 		parent::setUp();
diff --git a/apps/encryption/tests/Users/SetupTest.php b/apps/encryption/tests/Users/SetupTest.php
index 7a6beaf359498..b2abfcba1dbe3 100644
--- a/apps/encryption/tests/Users/SetupTest.php
+++ b/apps/encryption/tests/Users/SetupTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -10,21 +12,15 @@
 use OCA\Encryption\Crypto\Crypt;
 use OCA\Encryption\KeyManager;
 use OCA\Encryption\Users\Setup;
+use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
 
 class SetupTest extends TestCase {
-	/**
-	 * @var KeyManager|\PHPUnit\Framework\MockObject\MockObject
-	 */
-	private $keyManagerMock;
-	/**
-	 * @var Crypt|\PHPUnit\Framework\MockObject\MockObject
-	 */
-	private $cryptMock;
-	/**
-	 * @var Setup
-	 */
-	private $instance;
+
+	protected Setup $instance;
+
+	protected KeyManager&MockObject $keyManagerMock;
+	protected Crypt&MockObject $cryptMock;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -72,7 +68,7 @@ public function testSetupUser($hasKeys, $expected): void {
 		);
 	}
 
-	public function dataTestSetupUser() {
+	public static function dataTestSetupUser(): array {
 		return [
 			[true, true],
 			[false, true]
diff --git a/apps/encryption/tests/UtilTest.php b/apps/encryption/tests/UtilTest.php
index 711564af5bddf..3556b9e34c155 100644
--- a/apps/encryption/tests/UtilTest.php
+++ b/apps/encryption/tests/UtilTest.php
@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
@@ -20,22 +22,14 @@
 use Test\TestCase;
 
 class UtilTest extends TestCase {
-	private static $tempStorage = [];
-
-	/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
-	private $configMock;
-
-	/** @var View|\PHPUnit\Framework\MockObject\MockObject */
-	private $filesMock;
-
-	/** @var IUserManager|\PHPUnit\Framework\MockObject\MockObject */
-	private $userManagerMock;
 
-	/** @var IMountPoint|\PHPUnit\Framework\MockObject\MockObject */
-	private $mountMock;
+	protected Util $instance;
+	protected static $tempStorage = [];
 
-	/** @var Util */
-	private $instance;
+	protected IConfig&MockObject $configMock;
+	protected View&MockObject $filesMock;
+	protected IUserManager&MockObject $userManagerMock;
+	protected IMountPoint&MockObject $mountMock;
 
 	public function testSetRecoveryForUser(): void {
 		$this->instance->setRecoveryForUser('1');
@@ -134,7 +128,7 @@ public function testIsMasterKeyEnabled($value, $expect): void {
 		);
 	}
 
-	public function dataTestIsMasterKeyEnabled() {
+	public static function dataTestIsMasterKeyEnabled(): array {
 		return [
 			['0', false],
 			['1', true]
@@ -155,7 +149,7 @@ public function testShouldEncryptHomeStorage($returnValue, $expected): void {
 			$this->instance->shouldEncryptHomeStorage());
 	}
 
-	public function dataTestShouldEncryptHomeStorage() {
+	public static function dataTestShouldEncryptHomeStorage(): array {
 		return [
 			['1', true],
 			['0', false]
@@ -173,7 +167,7 @@ public function testSetEncryptHomeStorage($value, $expected): void {
 		$this->instance->setEncryptHomeStorage($value);
 	}
 
-	public function dataTestSetEncryptHomeStorage() {
+	public static function dataTestSetEncryptHomeStorage(): array {
 		return [
 			[true, '1'],
 			[false, '0']