Releases: spaze/phpstan-disallowed-calls
definedIn filter also works for `new Class`
Fixes
The definedIn
filter added in 2.15.0 now also works correctly and as expected for new Class()
statements (#203, thanks @BackEndTea)
Internal changes
New definedIn & exclude directives to limit selection
Can exclude some attributes, calls, namespaces (#197, #199)
Handy when you disallow items with wildcards but there's this one thing you'd like to leave out.
parameters:
disallowedFunctionCalls:
-
function: 'pcntl_*()'
exclude:
- 'pcntl_foo*()'
exclude
can be a string or an array/list of strings. Currently works for attributes, function & method calls, namespaces.
Add definedIn?:string|list<string>
config option (#198, #200)
To further specify/limit files where the function or method should be defined to be disallowed.
parameters:
disallowedFunctionCalls:
-
function: '*'
definedIn:
- 'vendor/foo/bar'
disallowedMethodCalls:
-
method: '*'
definedIn:
- 'vendor/foo/bar'
definedIn
can also be string or a list/array of strings. Currently works for function and method calls only. You may also need to set filesRootDir
, see the README.
Internal changes
Disallowing attributes with named params will work now
Re-allowing disallowed attributes didn't work properly when attributes parameters were involved. This release fixes it (#190, thanks @ruudk)
The disallowed attributes feature was added in v2.13.0 and was sponsored by @ruudk @TicketSwap, thank you!
Support constants on class-string<Foo>
Release 2.14.0 has introduced a regression (#189) and has been replaced with 2.14.1. Original release notes follow:
- Support
$foo::BAR
where$foo
is declared asclass-string<Foo>
, this partly fixes a very old issue (#186, thanks @eithed)
Internal change:
- Leading namespace separator is now removed consistently in one place (
\Name\Space
→Name\Space
) (#187)
Can disallow attributes
Can disallow attributes (#183)
This feature was sponsored by @ruudk @TicketSwap, thank you!
Can even re-allow them back with a config similar to re-allowing method calls (with allowIn
, allowParamsAnywhereAnyValue
, allowInMethods
etc.).
This may be most useful in the following cases:
- You don't want to use some attributes in your project for whatever reason you may have
- You want to use attributes but only with some parameters specified, for example you'd like all
Doctrine\ORM\Mapping\Entity
attributes to haverepositoryClass
specified - You want an attribute to be used only in some class
Attributes are available starting with PHP 8.0.
Smaller changes
- Update dev dependencies, support PHPUnit 10 (#181)
I've also added a sponsorship button so you can buy me a ☕ or a 🍺 if this extension helps you in any way (#182)
Arrays in param configs officially not supported
- Arrays in param configs (
allowParam*
,allowExceptParam*
etc.) not supported at the moment (#177, #165 thanks @mad-briller)
They never were and now it's official. It means that you can't for example allow a method call when a parameter ($message
in the case below) would be an array:
parameters:
disallowedMethodCalls:
-
method: 'Logger::log()'
allowParamsAnywhere:
-
position: 1
name: 'message'
value: ['foo', 'bar']
This would mean that Logger::log()
would be allowed only when it would be called like Logger::log(['foo', 'bar'])
. And allowing that is not supported at the moment, only scalar values may be used in value:
. It may change in the future though.
Also some internal changes too tiny to even list here:
Require PHPStan 1.10
PHPStan 1.10 has deprecated using instanceof *Type
for many Type
interface implementations, some of which were also used by this extension. I have refactored the code so the instanceof
checks are not used.
As a result of this:
- You may find some of the errors are now more precise which was also the case in one of the extension's own tests
- The newly released PHPStan 1.10 is now required
There are some other internal changes, too, but that's it.
What's Changed
Better Windows support
This release adds better Microsoft Windows support. Some extension functionality ("allow calls in") didn't work properly until now.
- It all started with Disable backslash escaping in "is allowed" helper (#169, thanks @mnastalski)
- Then I Make tests pass on Windows™ too #170
- And then I made an internal-only change Correct allow path in tests #171
Correctly process disallowed params
- Correctly process non-scalar params like
func($property . 'string')
which would be marked as disallowed even when they weren't (regression introduced in 2.11.3) (#167)
Union types in params
- Support union types in params so you can disallow
foo
param value and it will be found in param types like'foo'|'bar'
(#163)
Internal: