Bump vimeo/psalm from 4.7.2 to 4.7.3
Created by: dependabot[bot]
Bumps vimeo/psalm from 4.7.2 to 4.7.3.
Release notes
Sourced from vimeo/psalm's releases.
Bugfixes galore
Improved unused property detection
Psalm emits
UnusedProperty
andPossiblyUnusedProperty
issues when properties are declared but never referenced. Previously Psalm would count a property assignment as a reference to a property, but this has now been fixed so a property is treated as unused unless it is explicitly read from (#5810). As before,UnusedProperty
is emitted for private properties, whilePossiblyUnusedProperty
is emitted for public and protected properties.More
ParamNameMismatch
strictnessWhen I originally implemented
ParamNameMismatch
I ignored methods with only one param, thinking that people would not call methods with a single param using named arguments, but in retrospect this was a little too liberal.@VincentLanglet
has restricted this appropriately (#5732)Other bugfixes
- Improved negation of complex conditionals containing assignments (#5685)
- combining
scalar
andempty-scalar
should result inscalar
(#5696)- Inherit class-level suppressions when checking methods (#5687, #3357) - thanks
@weirdan
- infer
never
types in more situations (#5777) — thanks@weirdan
- prevent notice for some invalid docblocks (#5709) - thanks
@weirdan
- prefer
@psalm-template
over@phpstan-template
(#5713) - thanks@weirdan
- add JSON schema link for SARIF output (#5718) - thanks
@weirdan
unpack
can returnfalse
— thanks@robchett
- improved
array_splice
inference (#5738) — thanks@orklah
- combining
never
andempty
should result innever
(#5756)- prevent OOM when using
array_merge
inside a loop (#4910)- prevent crash when templates cannot be resolved (#5073)
- all
opcache_*
functions are impure (#5761)- prevent OOM on very large conditionals (#5327)
- improved inference after a nullsafe method call has been made (#5771) - thanks
@orklah
- prevent crash with
class-string-map
usage (#5434)- improved inference of
array_fill
(#5770) — thanks@olsavmic
- fixed bug extending a
mixed
param (#5763) — thanks@orklah
- added link to GitHub Actions report format (#5759) — thanks
@sjparkinson
- call methods with proper params (#5768)
- preserve type after redundant cast to int (#5773) — thanks
@orklah
- improved return type of
htmlspecialchars
andstrlen
(#5785, #5793) — thanks@still-dreaming-1
and@orklah
- Psalm Refactor prevent trying to move synthetically-produced parts of the AST (#5780) — thanks
@pawel-slowik
- narrow possible types when two variables are compared (#5774) — thanks
@orklah
- Catch
nullref
inside__invoke
arguments (#5809)- allow
''|
at the start of a union type in docblocks (#5814) — thanks@orklah
- add stubs for
mongodb
(#5813) — thanks@franmomu
- improve generated assertions for
>= 0
(#5815) — thanks@orklah
- prevent incorrect templated array types (#5799)
- transform bad array offsets where necessary (#5817) — thanks
@orklah
Commits
-
38c452a
Add example given in ticket and ensure that works too -
c258303
Fix test -
8f33333
Fix #5804 - don’t choke on conditional return types when converting to callables -
67413c8
fix #5797 (#5822) -
aaab522
update baseline and fix issues (#5821) -
de1bb95
Handle the case where a switch return on each case (#5819) -
7354ec9
Fix #5298 - improve handling of method that may write properties -
350df11
Transform bad offsets (#5817) -
d1262b0
Fix #5799 — improve expansion of templated types -
89f815f
Add assertions for >=0 (#5815) - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)