Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the phpstan group with 5 updates #108

Merged
merged 1 commit into from
May 1, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2024

Updates the requirements on phpstan/phpstan, phpstan/phpstan-strict-rules, nepada/phpstan-nette-tester, spaze/phpstan-disallowed-calls and shipmonk/phpstan-rules to permit the latest version.
Updates phpstan/phpstan to 1.10.67

Release notes

Sourced from phpstan/phpstan's releases.

1.10.67

This is the last release, or one of the last releases, in 1.10.x series. The next one is going to be PHPStan 1.11, and it's going to be released at some point in May 2024.

Improvements 🔧

Bugfixes 🐛

Function signature fixes 🤖

Internals 🔍

  • composer-dependency-analyser: update to 1.5.0 (support functions) (#3011), thanks @​janedbal!
Commits
  • 16ddbe7 PHPStan 1.10.67
  • 7961f7a Updated PHPStan to commit 7961f7ae1fe815b0796e4d73717f1b117d4a7163
  • 7f8f9cc Updated PHPStan to commit 7f8f9cce7f3903e505916c7afe04b7912570b5e2
  • f71da02 Updated PHPStan to commit f71da02958da0dd6b40193c64fcb6da12daf7227
  • 074de75 Updated PHPStan to commit 074de75ff3bffd32e554e3ce8b0dbbde003e471e
  • 1453c3f Updated PHPStan to commit 1453c3f160075f299dc4fc3b3098e8b0b3739b85
  • 4a4c739 Updated PHPStan to commit 4a4c739f9ff85b6c73659c21f8f3b8b7af8c82c9
  • 28c5729 Updated PHPStan to commit 28c57296288b78707902fdb4cdf9313a60eff363
  • a80cd8a Update Larastan
  • 336ab5c Update baselines
  • Additional commits viewable in compare view

Updates phpstan/phpstan-strict-rules to 1.5.5

Release notes

Sourced from phpstan/phpstan-strict-rules's releases.

1.5.5

  • 2e193a0 - ArrayFilterStrictRule - get rid of different behavour with treatPhpDocTypesAsCertain: false
Commits
  • 2e193a0 ArrayFilterStrictRule - get rid of different behavour with `treatPhpDocTypesA...
  • 8afd4af Loosen up ArrayFilterStrictRule for unions with clearly truthy/falsey types
  • 568210b Introduce strict array_filter call (require callback method)
  • 4723149 Require PHPStan 1.10.60
  • 2fc12e5 Fix UselessCastRuleTest.
  • See full diff in compare view

Updates nepada/phpstan-nette-tester to 1.2.0

Release notes

Sourced from nepada/phpstan-nette-tester's releases.

1.2.0

  • Allow nikic/php-parser 5.x
Commits
  • 505821b Allow php-parser 5.x
  • e293a4c Drop old phpunit version
  • 6a39d1f Update php-parallel-lint/php-parallel-lint requirement (#75)
  • 7cccf91 Bump the phpstan group with 1 update (#74)
  • abe86cc Bump the phpstan group with 2 updates (#73)
  • 96ed840 Bump the phpstan group with 2 updates (#72)
  • 7703f34 Update nepada/coding-standard requirement from 7.13.0 to 7.14.0 (#71)
  • ff60501 Bump actions/github-script from 6 to 7 (#69)
  • ca2ac54 Bump the phpstan group with 1 update (#68)
  • e4b5667 Bump the phpstan group with 4 updates (#67)
  • Additional commits viewable in compare view

Updates spaze/phpstan-disallowed-calls to 3.2.0

Release notes

Sourced from spaze/phpstan-disallowed-calls's releases.

Add phpinfo() to dangerous calls config

Add phpinfo() to dangerous calls config (#255)

See

for reasons why (phpinfo() echoes cookie values like the session id, which may then be stolen with XSS for example, bypassing HttpOnly cookie flag), and use https://github.com/spaze/phpinfo instead of just calling phpinfo().

Internal changes

  • It's already a list, no need to call array_values() (#253, this is a new bleeding edge rule added in PHPStan 1.10.59)
  • Update dev dependencies (#254)
Commits
  • 6d5ce7e Add phpinfo() to dangerous calls config (#255)
  • a28a1e6 Add phpinfo() to dangerous calls config
  • bcd693f Update dev dependencies (#254)
  • e3f6e67 Move the flag config type check to paramFactory()
  • 104dc95 Add attributes in addition to docblocks
  • 75d9f4c Allow nikic/php-parser 5
  • d363d00 It's already a list, no need to call array_values() (#253)
  • d0f8166 It's already a list, no need to call array_values()
  • See full diff in compare view

Updates shipmonk/phpstan-rules to 2.12.0

Release notes

Sourced from shipmonk/phpstan-rules's releases.

2.12.0

New features

Commits
  • db342d8 Readme: whitelist what forbidNotNormalizedType supports (#233)
  • a919257 ForbidNotNormalizedTypeRule: support also @​throws (#232)
  • 7769c17 ForbidNotNormalizedTypeRule: check even multi-catch statements (#231)
  • 32002c4 Bump the prod-dependencies group with 1 update (#230)
  • 10afe5f Bump the dev-dependencies group with 4 updates (#229)
  • e36bdd2 Bump the prod-dependencies group with 1 update (#228)
  • 613df6f dependabot: use groups to avoid clutter (#227)
  • 7738dab Readme: suggest reportAnyTypeWideningInVarTag along enforceListReturn (#226)
  • 66c30cb Readme: link czech talk about checked exceptions (#225)
  • 1814da4 Readme: mention reportAnyTypeWideningInVarTag extra strictness (#224)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @xificurk.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Updates the requirements on [phpstan/phpstan](https://github.com/phpstan/phpstan), [phpstan/phpstan-strict-rules](https://github.com/phpstan/phpstan-strict-rules), [nepada/phpstan-nette-tester](https://github.com/nepada/phpstan-nette-tester), [spaze/phpstan-disallowed-calls](https://github.com/spaze/phpstan-disallowed-calls) and [shipmonk/phpstan-rules](https://github.com/shipmonk-rnd/phpstan-rules) to permit the latest version.

Updates `phpstan/phpstan` to 1.10.67
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/1.11.x/CHANGELOG.md)
- [Commits](phpstan/phpstan@1.10.66...1.10.67)

Updates `phpstan/phpstan-strict-rules` to 1.5.5
- [Release notes](https://github.com/phpstan/phpstan-strict-rules/releases)
- [Commits](phpstan/phpstan-strict-rules@1.5.2...1.5.5)

Updates `nepada/phpstan-nette-tester` to 1.2.0
- [Release notes](https://github.com/nepada/phpstan-nette-tester/releases)
- [Commits](nepada/phpstan-nette-tester@v1.1.0...v1.2.0)

Updates `spaze/phpstan-disallowed-calls` to 3.2.0
- [Release notes](https://github.com/spaze/phpstan-disallowed-calls/releases)
- [Commits](spaze/phpstan-disallowed-calls@v3.1.2...v3.2.0)

Updates `shipmonk/phpstan-rules` to 2.12.0
- [Release notes](https://github.com/shipmonk-rnd/phpstan-rules/releases)
- [Commits](shipmonk-rnd/phpstan-rules@2.11.3...2.12.0)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  dependency-group: phpstan
- dependency-name: phpstan/phpstan-strict-rules
  dependency-type: direct:development
  dependency-group: phpstan
- dependency-name: nepada/phpstan-nette-tester
  dependency-type: direct:development
  dependency-group: phpstan
- dependency-name: spaze/phpstan-disallowed-calls
  dependency-type: direct:development
  dependency-group: phpstan
- dependency-name: shipmonk/phpstan-rules
  dependency-type: direct:development
  dependency-group: phpstan
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels May 1, 2024
@xificurk
Copy link
Contributor

xificurk commented May 1, 2024

@dependabot squash and merge

@dependabot dependabot bot merged commit 214bd42 into master May 1, 2024
17 checks passed
@dependabot dependabot bot deleted the dependabot/composer/phpstan-87856b2d7c branch May 1, 2024 04:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file php Pull requests that update Php code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant