Bump vimeo/psalm from 4.9.3 to 4.10.0
Created by: dependabot[bot]
Bumps vimeo/psalm from 4.9.3 to 4.10.0.
Release notes
Sourced from vimeo/psalm's releases.
Better infinite loop inference, some PHP 8.1 support and a bunch of fixes
Added
- (#6398)
array_is_list()
signature (@orklah
)- (#6386, #6392) Psalm now understands that
while(true)
is an infinite loop (@orklah
)- (#6403, #6421) PHP 8.1 signatures for ftp functions (
@weirdan
)Fixes
- (#6305, #6310) SimpleXMLIterator signatures no longer depend on runtime PHP version (
@weirdan
)- (#6309, #6311) Some assertions generated by
in_array()
were causing crashes (@weirdan
)- (#6312)
PhpToken::getAll()
was renamed toPhpToken::tokenize()
(@TysonAndre
)- (#6312)
fdiv()
argument names were corrected to match names used by PHP (@TysonAndre
)- (#6312)
ReflectionClass::getAttributes()
,ReflectionClassConstant::getAttributes()
,ReflectionFunctionAbstract::getAttributes()
,ReflectionParameter::getAttributes()
,ReflectionProperty::getAtributes()
,ReflectionUnionType::getTypes()
andReflectionNamedType::isBuiltin()
signatures were missing (@TysonAndre
)- (#6318, #6320)
socket_select()
'stv_sec
parameter is nullable (@Forceu
)- (#6323) Another case of crashes due to
in_array()
assertions (@boesing
)- (#6324)
str_split()
andmb_str_split()
return require positive-int andstr_split()
returns non-empty array (@VincentLanglet
)- (#6328) Corrected message for calls from root namespace to internal methods in a different namespace (
@bdsl
)- (#6325, #6327) Interface aliases were not recognized (
@boesing
)- (#4738)
is_subclass_of()
requires a class-string for its parent parameter (@BenMorel
)- (#5356, #6344)
UnusedSuppression
was sometimes reported in ignored folders (@orklah
)- (#6343, #6346)
@psalm-trace
was reporting keys that were unset (@orklah
)- (#5096, #6321) Constants accessed through object instance (e.g.
$obj::CONST
) were not inferred (@orklah
)- (#6359)
OuterIterator::getInnerIterator()
always returnIterator
(@drupol
)- (#6367, #6376) Variables used in backticks (
`ls $file`
) were reported as unused (@orklah
)- (#6358, #6375)
openssl_x509_parse()
andopenssl_x509_read()
signatures were outdated (@ThomasLandauer
)- (#6338, #6339)
array_walk()
andarray_walk_recursive()
accept object (and will triggerRawObjectIteration
when given one) (@niconoe
-,@weirdan
)- (#6330, #6335) Alias chains created with
class_alias()
(A -> B -> C
) were not understood (@boesing
)- (#6387, #6390) Type params can now be extracted from
Generator
argument passed toIterator
parameter (@orklah
)- (#6388, #6391)
empty()
could not be forbidden viaforbiddenFunctions
(@ro0NL
)- (#6333, #6317)
in_array()
did not produce correct assertions with non-literal types (@TysonAndre
)- (#6384, #6420) Variables reassigned in both branches of ternary operator were not correctly inferred (
@orklah
)Docs
- (#6409) Added a guide on how to edit callmaps (
@weirdan
)- (#6400) Added a section on taint analysis limitations (
@craigfrancis
)
Commits
-
916b098
Merge pull request #6421 from weirdan/ftp-resource-to-objects -
08155dc
AddedFTP\Connection
class -
36dfeed
Converted ftp functions to use link object instead of a resource -
5dfd157
Merge pull request #6420 from orklah/ternary-override-type -
b710aab
Merge pull request #6419 from TysonAndre/in_array-fix -
3a3fde3
Merge pull request #6392 from orklah/control-action-test -
de4b344
Merge pull request #6400 from craigfrancis/taint-limits -
e2b5948
fix test -
0825f22
allow ternary to override previous type when reassigning -
2e9a3cb
Merge pull request #6409 from weirdan/document-callmaps - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)