dependabot[bot]
478422e010
Bump mheap/github-action-required-labels from 2 to 3
...
Bumps [mheap/github-action-required-labels](https://github.com/mheap/github-action-required-labels ) from 2 to 3.
- [Release notes](https://github.com/mheap/github-action-required-labels/releases )
- [Commits](https://github.com/mheap/github-action-required-labels/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: mheap/github-action-required-labels
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-02 07:04:00 +00:00
orklah
e81823e193
Merge pull request #9035 from othercorey/iterator-returns
...
Fix iterator and exception callmaps
2023-01-01 11:22:39 +01:00
Corey Taylor
e779c5f741
Fix iterator and exception callmaps
2022-12-31 11:34:48 -06:00
orklah
ef1264bd46
Merge pull request #9030 from kkmuffme/psalm-scope-this-doesnt-work-with-FQCN-leading-backslash
...
fix @psalm-scope-this not working with FQCN with leading backslash
2022-12-31 12:08:20 +01:00
kkmuffme
82f71a7ccb
add test
2022-12-31 00:18:08 +01:00
orklah
01078766bb
Merge pull request #9033 from danog/misc_fixes
...
Fix remaining markdown issues
2022-12-30 22:59:52 +01:00
0f7eed0dca
fixes
2022-12-30 21:51:27 +01:00
9b4857a606
Fix
2022-12-30 21:48:28 +01:00
2a7043a7fb
Fix remaining markdown header
2022-12-30 21:46:54 +01:00
orklah
406946d4c4
Merge pull request #9031 from danog/misc_fixes
...
Misc fixes
2022-12-30 21:28:11 +01:00
4b00095b31
cs-fix
2022-12-30 21:06:03 +01:00
9684be9d73
More markdown fixes
2022-12-30 21:02:59 +01:00
0b67844420
Improve variable naming and improve docs
2022-12-30 21:00:38 +01:00
kkmuffme
fcf42840f3
fix @psalm-scope-this not working with FQCN with leading backslash
2022-12-30 18:30:31 +01:00
orklah
6353143eaf
Merge pull request #9021 from orklah/nonempty-reconcile
...
Non empty reconciliation
2022-12-29 22:35:12 +01:00
orklah
2efa6aefac
Merge pull request #9025 from kkmuffme/fix-method-phpdoc-errors-reported-for-stubs-instead-of-files
...
fixes return type issues of methods reported for the wrong file
2022-12-29 20:13:38 +01:00
orklah
5a6e8cb8e7
Merge pull request #9023 from kkmuffme/fix-union-never-wrong-return-type
...
Fix never return union type wrong condition
2022-12-29 20:11:38 +01:00
orklah
0101a9f483
Merge pull request #9024 from kkmuffme/fix-never-method-calls
...
fix never return for MethodCalls
2022-12-29 20:11:10 +01:00
kkmuffme
9130ee2614
fixes return type issues of methods reported for the wrong file
...
fixes return type issues of methods reported for the wrong file
Fix #8457
See https://github.com/vimeo/psalm/pull/8503 which fixed this issue for functions
2022-12-29 18:55:15 +01:00
kkmuffme
ac8f892d13
Fix never return union type wrong condition
...
Fix never return union type wrong condition
Related https://github.com/vimeo/psalm/pull/8624
2022-12-29 18:50:58 +01:00
kkmuffme
efc87277d1
fix never return for MethodCalls
...
Related:
https://github.com/vimeo/psalm/pull/8902 https://github.com/vimeo/psalm/pull/8624
2022-12-29 18:49:58 +01:00
orklah
5bfb87c624
Merge pull request #9022 from Ocramius/fix/#8983-allow-large-union-types-in-array-type-inference
...
Better type inference and type checking for large union types used in array keys/values
2022-12-29 10:48:05 +01:00
orklah
790c30959d
Merge pull request #9016 from Ocramius/feature/#5039-more-refined-types-for-explode-core-function
...
Refined `explode()` types
2022-12-29 10:23:18 +01:00
Marco Pivetta
e6600fea21
Better type inference and type checking for large union types used in array keys/values
...
Fixes #8983
This patch adds a basic test showing that, when reaching a union type with 30 elements
or more, Psalm used to fail with an error, because the large union type got simplified
into a more general type as part of performance optimizations done in `TypeCombiner::combine()`.
This means that a type like `array<1|2|3|(etcetera...)|100, mixed>` was internally
simplified to `array<int, mixed>`, after reaching 30 elements or more, which in turn
led to problems and confusing errors when large union types are in play.
Such union types are relatively common in lookup-table-alike value objects.
By removing the hardcoded call-time limit of `30` types to be combined, we hereby
rely on the default `TypeCombiner::combine()` limit of `500` items, which is more
healthy.
This may come with some performance implications, but it is worth trying out, for
now.
Further parameters passed to `TypeCombiner::combine()` that were already matching
parameter default values were also omitted from the call-sites.
2022-12-29 10:05:23 +01:00
orklah
907729d83a
remove useless imports
2022-12-29 01:00:06 +01:00
orklah
ee98fac581
use Atomic to create the types
2022-12-29 00:51:09 +01:00
orklah
5a002c448b
fix non-empty reconciliation
2022-12-29 00:49:31 +01:00
orklah
9770e113c3
Merge pull request #9020 from orklah/isContainedbug
...
Is containedbug
2022-12-28 23:46:38 +01:00
orklah
a290729087
fix test
2022-12-28 23:33:28 +01:00
orklah
a8fd349e07
fix #7809
2022-12-28 23:29:33 +01:00
orklah
94f9d48bca
Merge pull request #9019 from mmcev106/prevent-erroneous-escapes
...
Prevent DB escaping functions from affecting non-sql taints
2022-12-28 21:32:12 +01:00
Mark McEver
53c3f1ebb3
Prevent other DB escaping functions from escaping non-sql taints
2022-12-28 14:19:01 -06:00
orklah
435acb823c
Merge pull request #9018 from orklah/TClosure
...
create proper TClosure instead of TNamedObject with a Closure value
2022-12-28 20:53:52 +01:00
orklah
a0a9d979d5
remove useless import
2022-12-28 20:47:50 +01:00
orklah
fa4891ce58
create proper TClosure instead of TNamedObject with a Closure value
2022-12-28 20:42:59 +01:00
Mark McEver
69f31dcd4a
Prevent mysqli escaping functions from escaping non-sql taints
2022-12-28 13:39:01 -06:00
orklah
1bd0644124
Merge pull request #9017 from orklah/isnotaclass
...
Add getAtomicType to IsNotAClass for proper negation Reconciliation
2022-12-28 19:22:48 +01:00
orklah
58853c00f8
add test
2022-12-28 19:13:03 +01:00
orklah
e52664deea
Add getAtomicType for IsNotAClass for proper negation Reconciliation
2022-12-28 19:04:23 +01:00
Marco Pivetta
45f743f851
Adjusted assertDifferentTypeOfArray
test to avoid intersecting incompatible string arrays
...
Getting one interesting failure caused by the `lowercase-string` refinement done before:
```
There was 1 error:
1) Psalm\Tests\AssertAnnotationTest::testValidCode with data set "assertDifferentTypeOfArray" ('<?php\n /*...ts[1];')
Psalm\Exception\CodeException: DocblockTypeContradiction - src/somefile.php:21:21 - Cannot resolve types for $parts - docblock-defined type list{0: lowercase-string, 1?: lowercase-string} does not contain list{string, string}
```
Happens on this bit:
```php
'assertDifferentTypeOfArray' => [
'code' => '<?php
/**
* @psalm-assert list{string, string} $value
* @param mixed $value
*/
function isStringTuple($value): void {
if (!is_array($value)
|| !isset($value[0])
|| !isset($value[1])
|| !is_string($value[0])
|| !is_string($value[1])
) {
throw new \Exception("bad");
}
}
$s = "";
$parts = explode(":", $s, 2);
isStringTuple($parts);
echo $parts[0];
echo $parts[1];',
],
```
If I change this to:
```
@psalm-assert list{lowercase-string, lowercase-string} $value
```
Then everything works: I'm wondering if this error has to do with array intersections, and whether suppressing it suffices.
For now, changing the input string, so it is not a `lowercase-string`, is sufficient.
2022-12-28 17:57:33 +01:00
Marco Pivetta
c0c0116809
Using list{0: string, 1?: string}
syntax for more precise array key types
...
Thanks to @orklah's feedback, the `explode()` return type is now much more precise too.
Ref: https://github.com/vimeo/psalm/pull/9016#discussion_r1058458616
2022-12-28 17:48:33 +01:00
Marco Pivetta
6341d7fef0
Adjusted existing tests to the new signature of explode()
...
Note how the signature became `array{0: string, 1?: string, 2?: string, array<int, string>}`,
which may be a side-effect of unions between a defined hashmap structure with array
keys, and `list<string>`.
2022-12-28 17:39:06 +01:00
Marco Pivetta
bfded43614
Ensure that explode($d, lowercase-string)
produces list<lowercase-string>
types
...
This specific distinction seems to be very important for Psalm, as `explode()` and
`lowercase-string` are used aggressively across the codebase.
Also, this change expands the baseline by a few entries, since some of the code locations
instide Psalm itself have un-checked list destructuring operations, as well as array
access calls on potentially undefined array keys produced by `explode()`, which were
previously just `list<string>`, and are now `array{0: string, 1?: string}`, which is
a bit more precise.
2022-12-28 17:26:25 +01:00
Marco Pivetta
04999b172a
Refined explode()
types
...
Fixes #5039
This patch removes the need for a custom function return type
provider for `explode()`, and instead replaces all that with a single
stub for the `explode()` function, which provides types for some of
the most common `$limit` input values.
With this change, the `$delimiter` is enforced to be a `non-empty-string`,
which will lead to downstream consumers having to adjust some code accordingly,
but that shouldn't affect the most common scenario of exploding a string
based with a constant `literal-string` delimiter, which most PHP devs tend to do.
This change didn't come with an accompanying test, since that would be a bit
wasteful, but it was verified locally with following script:
```php
<?php
$possible0 = explode(',', 'hello, world', -100);
$possible1 = explode(',', 'hello, world', -1);
$possible2 = explode(',', 'hello, world', 0);
$possible3 = explode(',', 'hello, world', 1);
$possible4 = explode(',', 'hello, world', 2);
$possible5 = explode(',', 'hello, world', 3);
$possible6 = explode(',', 'hello, world', 4);
try {
$impossible1 = explode('', '', -1);
} catch (Throwable $impossible1) {}
$traced = [$possible0, $possible1, $possible2, $possible3, $possible4, $possible5, $possible6, $impossible1];
/** @psalm-trace $traced */
var_dump($traced);
return $traced;
```
Running psalm locally, this produces:
```
psalm on feature/#5039-more-refined-types-for-explode-core-function [?] via 🐘 v8.1.13 via ❄️ impure (nix-shell)
❯ ./psalm --no-cache explode.php
Target PHP version: 7.4 (inferred from composer.json) Extensions enabled: dom, simplexml (unsupported extensions: ctype, json, libxml, mbstring, tokenizer)
Scanning files...
Analyzing files...
░
To whom it may concern: Psalm cannot detect unused classes, methods and properties
when analyzing individual files and folders. Run on the full project to enable
complete unused code detection.
ERROR: InvalidArgument - explode.php:11:28 - Argument 1 of explode expects non-empty-string, but '' provided (see https://psalm.dev/004 )
$impossible1 = explode('', '', -1);
ERROR: PossiblyUndefinedGlobalVariable - explode.php:14:96 - Possibly undefined global variable $impossible1 defined in try block (see https://psalm.dev/126 )
$traced = [$possible0, $possible1, $possible2, $possible3, $possible4, $possible5, $possible6, $impossible1];
ERROR: ForbiddenCode - explode.php:18:1 - Unsafe var_dump (see https://psalm.dev/002 )
/** @psalm-trace $traced */
var_dump($traced);
ERROR: Trace - explode.php:18:1 - $traced: list{0: array<never, never>, 1: non-empty-list<string>, 2: list{string}, 3: list{string}, 4: array{0: string, 1?: string}, 5: array{0: string, 1?: string, 2?: string}, 6: non-empty-list<string>, 7?: Throwable|non-empty-list<string>} (see https://psalm.dev/224 )
/** @psalm-trace $traced */
var_dump($traced);
------------------------------
4 errors found
------------------------------
Checks took 6.31 seconds and used 265.386MB of memory
Psalm was unable to infer types in the codebase
```
The actual runtime behavior on PHP 8.x: https://3v4l.org/0NKlW
```
array(8) {
[0]=>
array(0) {
}
[1]=>
array(1) {
[0]=>
string(5) "hello"
}
[2]=>
array(1) {
[0]=>
string(12) "hello, world"
}
[3]=>
array(1) {
[0]=>
string(12) "hello, world"
}
[4]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[5]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[6]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[7]=>
object(ValueError)#1 (7) {
["message":protected]=>
string(51) "explode(): Argument #1 ($separator) cannot be empty"
["string":"Error":private]=>
string(0) ""
["code":protected]=>
int(0)
["file":protected]=>
string(9) "/in/0NKlW"
["line":protected]=>
int(11)
["trace":"Error":private]=>
array(1) {
[0]=>
array(4) {
["file"]=>
string(9) "/in/0NKlW"
["line"]=>
int(11)
["function"]=>
string(7) "explode"
["args"]=>
array(3) {
[0]=>
string(0) ""
[1]=>
string(0) ""
[2]=>
int(-1)
}
}
}
["previous":"Error":private]=>
NULL
}
}
```
On PHP 7:
```
Warning: explode(): Empty delimiter in /in/0NKlW on line 11
array(8) {
[0]=>
array(0) {
}
[1]=>
array(1) {
[0]=>
string(5) "hello"
}
[2]=>
array(1) {
[0]=>
string(12) "hello, world"
}
[3]=>
array(1) {
[0]=>
string(12) "hello, world"
}
[4]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[5]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[6]=>
array(2) {
[0]=>
string(5) "hello"
[1]=>
string(6) " world"
}
[7]=>
bool(false)
}
```
2022-12-28 17:11:40 +01:00
orklah
7b8b44ca21
Merge pull request #9014 from theodorejb/patch-1
...
Fix PHPCS trailing comma
2022-12-28 16:55:51 +01:00
Theodore Brown
e4b0343f76
Fix PHPCS trailing comma
2022-12-28 09:35:34 -06:00
orklah
dbcfe62c52
Merge pull request #8987 from jack-worman/Always_check_unused_methods_and_properties
...
Add @psalm-api annotation
2022-12-28 15:20:48 +01:00
orklah
d338b00cb7
Merge pull request #8999 from VincentLanglet/union
...
Preserve from_docblock in TypeCombiner
2022-12-28 10:08:12 +01:00
Vincent Langlet
a263e5d42c
Simplify
2022-12-28 09:30:41 +01:00
orklah
41ae518800
Merge pull request #9001 from fluffycondor/http_response_header-non-empty-list
...
Make `$http_response_header` a non-empty-list
2022-12-28 00:27:30 +01:00