Bump phan/phan from 2.2.9 to 2.2.11 #89

dependabot-preview · 2019-08-19T05:54:04Z

Bumps phan/phan from 2.2.9 to 2.2.11.

Changelog

Aug 18 2019, Phan 2.2.11

New features(Analysis):

Add a @phan-real-return annotation for functions/methods/closure (#3099),
to make Phan act as if that method has the specified union type
when analyzing callers for redundant conditions, etc. (if there was no real type).
This can be used for multiple types, e.g. @phan-real-return string|false.

Improve union type inferred for clone() - It must be an object if clone() doesn't throw.
Emit PhanTypePossiblyInvalidCloneNotObject for cloning possible non-objects when strict param checking is enabled.

Infer that new $expr() has a real type of object in all cases, not just common ones.

Improve real type inferred for +(expr)/-(expr)/~(expr) and warn about redundant conditions.
This does not attempt to account for custom behavior for objects provided by PECL extensions.

Show argument names and types in issue messages for functions/methods for PhanParamTooFew and PhanParamTooMany.

Show more accurate columns for PhanSyntaxError for unexpected tokens in more cases.

Ignore scalar and null type casting config settings when checking for redundant or impossible conditions. (#3105)

Infer that empty($x) implies that the value of $x is null, an empty scalar, or the empty array.

Avoid false positives with if (empty($x['first']['second'])) - Do not infer any types for the offset 'first' if there weren't any already. (#3112)

Avoid some bad inferences when using the value of expressions of the form A || B.

Improve redundant condition detection for empty/falsey/truthy checks, self, and internal functions building or processing arrays.

Include strings that are suffixes of variable names, classes, methods, properties, etc. in issue suggestions for undeclared elements. (#2342)

Emit PhanTypeNonVarReturnByRef when an invalid expression is returned by a function declared to return a reference.

Support manually annotating that functions/methods/closures are pure with /** [@phan-pure](https://github.com/phan-pure) */.
This is automatically inherited by overriding methods.
Also see UseReturnValuePlugin and 'plugin_config' => ['infer_pure_methods' => true].

Plugins:

In UseReturnValuePlugin, support inferring whether closures, functions, and methods are pure
when 'plugin_config' => ['infer_pure_methods' => true] is enabled.
(they're expected to not have side effects and should have their results used)

This is a best-effort heuristic.
This is done only for the functions and methods that are not excluded from analysis,
and it isn't done for methods that override or are overridden by other methods.

Note that functions such as fopen() are not pure due to side effects.
UseReturnValuePlugin also warns about those because their results should be used.

Automatic inference of function purity is done recursively.

Add EmptyMethodAndFunctionPlugin to warn about functions/methods/closures with empty statement lists. (#3110)
This does not warn about functions or methods that are deprecated, overrides, or overridden.

Fix false positive in InvalidVariableIssetPlugin for expressions such as isset(self::$prop['field']) (#3089)

Maintenance:

Add example vim syntax highlighting snippet for Phan's custom phpdoc annotations to plugins/vim/syntax/phan.vim
This makes it easier to tell if annotations were correctly typed.

Bug fixes:

Don't scan over folders that would be excluded by 'exclude_file_regex' while parsing. (#3088)
That adds additional time and may cause unnecessary permissions errors.

... (truncated)

Commits

ce6cb62 Merge pull request #3124 from TysonAndre/release-2.2.11
87ac460 Release 2.2.11
e069394 Merge pull request #3123 from TysonAndre/update-docs
cca9066 Update documentation
f430bb9 Merge pull request #3122 from TysonAndre/phan-pure-annotation
ed515be Add vim snippet, warn about using phan-pure outside functions
c489295 Add @phan-pure annotation for functionlikes.
3f0659d Merge pull request #3121 from TysonAndre/clone-context-fix
93ea8ca Fix wrong line number for PhanUnreferencedPublicMethod
0f1a413 Merge pull request #3119 from TysonAndre/fix-array-keys
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Automerge options (never/patch/minor, and dev/runtime dependencies)
Pull request limits (per update run and/or open at any time)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

Bumps [phan/phan](https://github.com/phan/phan) from 2.2.9 to 2.2.11. - [Release notes](https://github.com/phan/phan/releases) - [Changelog](https://github.com/phan/phan/blob/master/NEWS.md) - [Commits](phan/phan@2.2.9...2.2.11) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

dependabot-preview bot added the dependencies Pull requests that update a dependency file label Aug 19, 2019

dependabot-preview bot merged commit 00e469b into master Aug 19, 2019

dependabot-preview bot deleted the dependabot/composer/phan/phan-2.2.11 branch August 19, 2019 05:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump phan/phan from 2.2.9 to 2.2.11 #89

Bump phan/phan from 2.2.9 to 2.2.11 #89

Uh oh!

dependabot-preview bot commented Aug 19, 2019

Uh oh!

Uh oh!

Bump phan/phan from 2.2.9 to 2.2.11 #89

Bump phan/phan from 2.2.9 to 2.2.11 #89

Uh oh!

Conversation

dependabot-preview bot commented Aug 19, 2019

Aug 18 2019, Phan 2.2.11

Uh oh!

Uh oh!