Recognize "New" Mimetype for Empty File

[oleibman]

Fix #4521. Reader/Csv (which can be invoked by IOFactory::read), checks the mimetype of files if they don't have a csv/tsv extension. It allows empty files, whose mimetype was set to inode/x-empty for Php5.3.11 through Php7.3.33 (except for 5.4.0). For 5.3.1-5.3.10, 5.4.0, and 7.4.0+, the mimetype is application/x-empty. Reader/Csv recognizes the inode version but not the application version, which this PR adds.

The person who issued the report also noted that, for a file consisting of cr-lf, Php8.1.* and Php8.2.* report the mimetype as application/octet-stream, whereas all other releases report it as text/plain. The behavior of Php8.1/2 seems to be a bug, and I cannot possibly guess all the conditions that might lead to that bug. So I will not fix that problem. Anyone who is adversely affected by it can either add a csv extension to the filename, or upgrade to Php8.3+, or pre-process the file (e.g. to make it truly empty) before passing it to PhpSpreadsheet. A test case to document the problem is added for documentary purposes; the test will be skipped for Php8.1/2, but run for all other releases.

This is:

• a bugfix
• a new feature
• refactoring
• additional unit tests

Checklist:

• Changes are covered by unit tests
  • Changes are covered by existing unit tests
  • New unit tests have been added
• Code style is respected
• Commit message explains why the change is made (see https://github.com/erlang/otp/wiki/Writing-good-commit-messages)
• CHANGELOG.md contains a short summary of the change and a link to the pull request if applicable
• Documentation is updated as necessary

Why this change is needed?

Provide an explanation of why this change is needed, with links to any Issues (if appropriate).
If this is a bugfix or a new feature, and there are no existing Issues, then please also create an issue that will make it easier to track progress with this PR.

[DanielRuf]

@oleibman thank you.

Regarding the releases and fixes, will this also be backported to v1 or are users encouraged to upgrade to v4? Unfortunately I found no clear overview, which major version should be used in which case. I can not even find a SECURITY.md or part in README.md that tells if and how each major version is actively supported, reached EOL or is for specific PHP versions.

At least it does not seem to be some sort of Semantic Versioning, otherwise new additions would mean a new minor version (because I can see only one addition at https://github.com/PHPOffice/PhpSpreadsheet/releases/tag/1.29.12).

[oleibman]

We encourage everyone to migrate to the latest release. Realizing that this isn't entirely practical, we currently support 4 earlier branches (these are documented in CONTRIBUTING.md). We currently backport all security fixes to all 4. We do not, however, backport most other changes. It makes the maintenance burden much too high for us.

[oleibman]

And, in case you are wondering about the latest minimal backports, they are precursors to a breaking security change which is going to get me in all kinds of trouble with people concerned about Semantic Versioning. I don't see an alternative other than dropping support for the backported releases altogether.

[DanielRuf]

Understood, thanks for the clarification.