Bump vimeo/psalm from 4.9.3 to 4.10.0

Created by: dependabot[bot]

Bumps vimeo/psalm from 4.9.3 to 4.10.0.

Release notes

Sourced from vimeo/psalm's releases.

Better infinite loop inference, some PHP 8.1 support and a bunch of fixes

Added

• (#6398) array_is_list() signature (@​orklah)
• (#6386, #6392) Psalm now understands that while(true) is an infinite loop (@​orklah)
• (#6403, #6421) PHP 8.1 signatures for ftp functions (@​weirdan)

Fixes

• (#6305, #6310) SimpleXMLIterator signatures no longer depend on runtime PHP version (@​weirdan)
• (#6309, #6311) Some assertions generated by in_array() were causing crashes (@​weirdan)
• (#6312) PhpToken::getAll() was renamed to PhpToken::tokenize() (@​TysonAndre)
• (#6312) fdiv() argument names were corrected to match names used by PHP (@​TysonAndre)
• (#6312) ReflectionClass::getAttributes(), ReflectionClassConstant::getAttributes(), ReflectionFunctionAbstract::getAttributes(), ReflectionParameter::getAttributes(), ReflectionProperty::getAtributes(), ReflectionUnionType::getTypes() and ReflectionNamedType::isBuiltin() signatures were missing (@​TysonAndre)
• (#6318, #6320) socket_select()'s tv_sec parameter is nullable (@​Forceu)
• (#6323) Another case of crashes due to in_array() assertions (@​boesing)
• (#6324) str_split() and mb_str_split() return require positive-int and str_split() returns non-empty array (@​VincentLanglet)
• (#6328) Corrected message for calls from root namespace to internal methods in a different namespace (@​bdsl)
• (#6325, #6327) Interface aliases were not recognized (@​boesing)
• (#4738) is_subclass_of() requires a class-string for its parent parameter (@​BenMorel)
• (#5356, #6344) UnusedSuppression was sometimes reported in ignored folders (@​orklah)
• (#6343, #6346) @psalm-trace was reporting keys that were unset (@​orklah)
• (#5096, #6321) Constants accessed through object instance (e.g. $obj::CONST) were not inferred (@​orklah)
• (#6359) OuterIterator::getInnerIterator() always return Iterator (@​drupol)
• (#6367, #6376) Variables used in backticks (`ls $file`) were reported as unused (@​orklah)
• (#6358, #6375) openssl_x509_parse() and openssl_x509_read() signatures were outdated (@​ThomasLandauer)
• (#6338, #6339) array_walk() and array_walk_recursive() accept object (and will trigger RawObjectIteration when given one) (@​niconoe-, @​weirdan)
• (#6330, #6335) Alias chains created with class_alias() (A -> B -> C) were not understood (@​boesing)
• (#6387, #6390) Type params can now be extracted from Generator argument passed to Iterator parameter (@​orklah)
• (#6388, #6391) empty() could not be forbidden via forbiddenFunctions (@​ro0NL)
• (#6333, #6317) in_array() did not produce correct assertions with non-literal types (@​TysonAndre)
• (#6384, #6420) Variables reassigned in both branches of ternary operator were not correctly inferred (@​orklah)

Docs

• (#6409) Added a guide on how to edit callmaps (@​weirdan)
• (#6400) Added a section on taint analysis limitations (@​craigfrancis)

Commits

• 916b098 Merge pull request #6421 from weirdan/ftp-resource-to-objects
• 08155dc Added FTP\Connection class
• 36dfeed Converted ftp functions to use link object instead of a resource
• 5dfd157 Merge pull request #6420 from orklah/ternary-override-type
• b710aab Merge pull request #6419 from TysonAndre/in_array-fix
• 3a3fde3 Merge pull request #6392 from orklah/control-action-test
• de4b344 Merge pull request #6400 from craigfrancis/taint-limits
• e2b5948 fix test
• 0825f22 allow ternary to override previous type when reassigning
• 2e9a3cb Merge pull request #6409 from weirdan/document-callmaps
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)