Bump vimeo/psalm from 3.12.1 to 3.12.2
Created by: dependabot[bot]
Bumps vimeo/psalm from 3.12.1 to 3.12.2.
Release notes
Sourced from vimeo/psalm's releases.
3.12.2
Taint analysis bugfixes & features
- allow taints to flow when no return type is given (#3652)
- taint encapsulated strings based on their contents (#3655)
- @TysonAndre added
unserialize,create_functionand more as sinks- allow taints to flow through unpacked arguments and mixed
foreach(#3670)- taint property types for magic getters/setters even in the absence of a
@propertyannotation (#3668)- add taints to
filter_var(#3675)- preserve taints after
is_stringchecks (#3680)- taint the contents of
exitjust asechois (#3681)- @TysonAndre improved handling of
preg_replace_callback- allow taints to flow through implied
__toStringmethods (#3697)- specialize constructor taints as nececssary
- allow any part of a taint path to be suppressed with
@psalm-suppress TaintedInputOther features
@olleharstedt added support for
@psalm-self-out, which allows some typestate-oriented programming in Psalm (#3650)Bugfixes
- allow comparison of
get_class($foo) === static::class- fix false-negative around missing property declarations (#3642)
- improve treatment of comparisons after assignment in conditional (#3631)
- @villfa improved reflection info for
Redis(#3673)PDO::querynow allows two arguments (#3694)- @simPod improved reflection for
RdKafka\ProducerTopic::producev(#3700)- @bdsl added a change that propagates
@internalannotations on classes to their methods (#3698)- prevent crash with a
Foo|?return type (#3716)- prevent crash on empty
@method(#3721)- @jarstelfox fixed up the example
TemplateCheckerplugin- prevent crash when
clone-ing undefined class (#3719)- infer template params from a class-string where appropriate (#3726)
- improve handling of
ifconditionals insidedo {...} while();(#3685)- @lhchavez fixed a bug in docblock parsing where data was lost if a comment referred to a tag (#3776)
- allow
falseto be removed from template params (#3737)- allow storing references to impure classes via the class names inside immutable classes (#3738)
Commits
-
7c7ebd0Make invalidation more robust -
5da2995Use better replacement when analysing potentially-inherited templated type -
44d7f51Generalise init vars inside for loops -
3d0a8c4Fix #3738 - allow storing references to class-strings inside immutable -
6419788Remove false from template param as necessary -
ba63ccbImprove \Psalm\Internal\Scanner\DocblockParser::parse() (#3736) -
1745f5cFix too-long line -
cb94764Prevent false-positive for Exception::__toString overriding -
0c582e9Fix #3685 - improve handling of if conditionals inside do -
cf1a8acSuppress taints in instance properties - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)