Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

composer(deps-dev): bump vimeo/psalm from 3.12.1 to 3.12.2 #171

Merged
merged 1 commit into from
Jul 4, 2020

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 4, 2020

Bumps vimeo/psalm from 3.12.1 to 3.12.2.

Release notes

Sourced from vimeo/psalm's releases.

3.12.2

Taint analysis bugfixes & features

  • allow taints to flow when no return type is given (#3652)
  • taint encapsulated strings based on their contents (#3655)
  • @TysonAndre added print, unserialize, create_function and more as sinks
  • allow taints to flow through unpacked arguments and mixed foreach (#3670)
  • taint property types for magic getters/setters even in the absence of a @property annotation (#3668)
  • add taints to filter_var (#3675)
  • preserve taints after is_string checks (#3680)
  • taint the contents of exit just as echo is (#3681)
  • @TysonAndre improved handling of preg_replace_callback
  • allow taints to flow through implied __toString methods (#3697)
  • specialize constructor taints as nececssary
  • allow any part of a taint path to be suppressed with @psalm-suppress TaintedInput

Other features

@olleharstedt added support for @psalm-self-out, which allows some typestate-oriented programming in Psalm (#3650)

Bugfixes

  • allow comparison of get_class($foo) === static::class
  • fix false-negative around missing property declarations (#3642)
  • improve treatment of comparisons after assignment in conditional (#3631)
  • @villfa improved reflection info for Redis (#3673)
  • PDO::query now allows two arguments (#3694)
  • @simPod improved reflection for RdKafka\ProducerTopic::producev (#3700)
  • @bdsl added a change that propagates @internal annotations on classes to their methods (#3698)
  • prevent crash with a Foo|? return type (#3716)
  • prevent crash on empty @method (#3721)
  • @jarstelfox fixed up the example TemplateChecker plugin
  • prevent crash when clone-ing undefined class (#3719)
  • infer template params from a class-string where appropriate (#3726)
  • improve handling of if conditionals inside do {...} while(); (#3685)
  • @lhchavez fixed a bug in docblock parsing where data was lost if a comment referred to a tag (#3776)
  • allow false to be removed from template params (#3737)
  • allow storing references to impure classes via the class names inside immutable classes (#3738)
Commits
  • 7c7ebd0 Make invalidation more robust
  • 5da2995 Use better replacement when analysing potentially-inherited templated type
  • 44d7f51 Generalise init vars inside for loops
  • 3d0a8c4 Fix #3738 - allow storing references to class-strings inside immutable
  • 6419788 Remove false from template param as necessary
  • ba63ccb Improve \Psalm\Internal\Scanner\DocblockParser::parse() (#3736)
  • 1745f5c Fix too-long line
  • cb94764 Prevent false-positive for Exception::__toString overriding
  • 0c582e9 Fix #3685 - improve handling of if conditionals inside do
  • cf1a8ac Suppress taints in instance properties
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependency label Jul 4, 2020
Bumps [vimeo/psalm](https://github.com/vimeo/psalm) from 3.12.1 to 3.12.2.
- [Release notes](https://github.com/vimeo/psalm/releases)
- [Commits](vimeo/psalm@3.12.1...3.12.2)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/composer/vimeo/psalm-3.12.2 branch from 59443d6 to d0970ce Compare July 4, 2020 16:57
@codecov
Copy link

codecov bot commented Jul 4, 2020

Codecov Report

Merging #171 into main will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff             @@
##                main      #171   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
  Complexity        20        20           
===========================================
  Files              1         1           
  Lines             53        53           
===========================================
  Hits              53        53           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b07f5dd...d0970ce. Read the comment docs.

@ergebnis-bot ergebnis-bot self-requested a review July 4, 2020 16:59
@ergebnis-bot ergebnis-bot self-assigned this Jul 4, 2020
@ergebnis-bot ergebnis-bot merged commit 3b58773 into main Jul 4, 2020
@ergebnis-bot ergebnis-bot deleted the dependabot/composer/vimeo/psalm-3.12.2 branch July 4, 2020 16:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant