Bump phpstan/phpstan from 0.11.12 to 0.12.0 #38

dependabot-preview · 2019-12-04T07:55:56Z

Bumps phpstan/phpstan from 0.11.12 to 0.12.0.

Release notes

Sourced from phpstan/phpstan's releases.

0.12.0

This is a massive release! Check out the accompanying article on Medium.com for an overview of the major new features.

PHPStan 0.12 is brought to you by Gábor Hojtsy (@gaborhojtsy):

PHPStan has already been tremendous help in our preparation for Drupal 9 across the whole Drupal ecosystem, as a backbone of drupal-check, Upgrade Status and drupalci deprecation testing. It allows us to find common patterns in deprecated API use, make critical tooling decisions and rally the community. Thank you!

Major new features

Generics (huge thanks to @arnaud-lb!) See this article for more details on what they can do for you and how to start using them.

New level 6 - checking for missing typehints in function and method parameters and in properties. Previous level 6 is now level 7 and previous level 7 is now level 8.

Integer range types (#2484), thanks @JanTvrdik!

PHAR distribution by default - phpstan/phpstan Composer package now consists of a single PHAR file, similarly to the role previously handled by phpstan-shim repository which is now obsoleted. PHPStan development now happens at https://github.com/phpstan/phpstan-src.

Detection of methods and functions with no side effects called on separate lines - level 4. Functions like sprintf() and methods like DateTimeImmutable::setTime() called without reading the returned value are now detected.

Support for class-string and class-string<T> pseudotypes (phpstan/phpstan-src@77eb141, phpstan/phpstan-src@6262320)

Subtractable types - subtract subtypes from their supertype to find errors in code. mixed, object and concrete class objects now understand if their subtype is being subtracted from them. So for example a prior check for null on mixed now makes PHPStan understand that the type does not contain null anymore. This is especially useful for parent and child classes. See examples.

Check missing return in functions, methods, and closures - levels 0 and 3 (phpstan/phpstan-src@b149f8e)

Check for unreachable statements - level 4 (phpstan/phpstan-src@83078fe)

Check: new static() is safe only with final constructor or in final class - level 0 (phpstan/phpstan-src@3ebf508)

Check too wide return types on functions, closures and private methods (phpstan/phpstan-src@178953d, phpstan/phpstan-src@9155530, phpstan/phpstan@78e04aa)

Various yield and generators related checks (phpstan/phpstan-src@c952192, phpstan/phpstan-src@96c57c6, phpstan/phpstan-src@83e1163)

Detect invalid types and wrong variable names in @var annotation tag - level 2 (phpstan/phpstan-src@25101c4, phpstan/phpstan-src@42a8618, phpstan/phpstan-src@d17e459)

Wrong 3rd party PHPDocs can now be overriden with custom stub files. Create PHP stub files like this and register them in your phpstan.neon using stubFiles config option. This feature can also be used to make non-generic classes and interfaces generic. Only PHPDocs are read from those files right now, nothing else.

BC breaks

Resolving relative paths in NEON according to config file placement (0c17a5bac7ef0576b9899147407294ce5832123f)

This means you no longer have to use ugly %rootDir%/../../../ in paths, but can use a relative path which is resolved relatively to the config file placement. So if you have phpstan.neon in the root of your project, you can reference your src/Foo.php file simply by src/Foo.php, no matter what the current working directory in your CLI prompt is.

Docker image is based on official PHP Alpine image. See README on how to enable PHP extensions.

BC breaks for extension developers

Custom parameters have to be also mentioned in parametersSchema, to prevent accidental typos. See examples.

ErrorFormatter uses our own PHPStan\Command\Output interface (phpstan/phpstan-src@9d54899)

PhpMethodReflection - made all constructor parameters required (phpstan/phpstan-src@beda6ea)

Scope is an interface, MutatingScope is the implementation (phpstan/phpstan-src@24fa3bc)

Remove Scope::isNegated() (phpstan/phpstan-src@7efe347)

Remove Scope::getInFunctionCall() (phpstan/phpstan-src@164e195)

Drop optional reflection interfaces (https://github-redirect.dependabot.com/phpstan/phpstan/pull/2307), phpstan/phpstan-src@e13c685

MethodReflection now has to implement: isDeprecated(), getDeprecatedDescription(), isFinal(), isInternal(), getThrowType()

PropertyReflection now has to implement: isDeprecated(), getDeprecatedDescription(), isInternal()

TrinaryLogic in reflection (https://github-redirect.dependabot.com/phpstan/phpstan/pull/2307), phpstan/phpstan-src@98362bc

Existing implementations of above methods on concrete classes now return TrinaryLogic instead of bool.

Remove deprecated BrokerAwareClassReflectionExtension, use BrokerAwareExtension instead (phpstan/phpstan-src@33a8798)

Remove deprecated AnalysisResult::getCurrentDirectory() (phpstan/phpstan-src@38babb7)

ContainerFactory returns PHPStan\DependencyInjection\Container (phpstan/phpstan-src@68797a5)

Wrap bootstrap code in bin/phpstan in closure to prevent global variable leakage (phpstan/phpstan-src@1f3ecf8)

... (truncated)

Commits

1cc06d8 PHPStan 0.12.0
5ca8370 Updated PHPStan to commit fd8f0a852207a1724ae4a262f47d9a449de70da4
dab07d5 Updated PHPStan to commit 2ca5859c0d1660d8ddd93243090bd093f27af4f7
2abeb1f Updated PHPStan to commit 088b9fab470632cea07f08a936fb0923a59b2ecb
743f7a6 Updated PHPStan to commit 2d69ac7b6c27f304975cdd6cbe78538c97c05b97
4de5a8a Updated PHPStan to commit 66ae16bd5effa39bac94ad1043cc1b8541cf2008
4e65d37 Updated PHPStan to commit a70dce9dfdcacb8e7a9d5c14fdf01ad754070597
014d8e1 Updated PHPStan to commit f671a85b57e3b323068907c5e843311e4e53e465
adc3350 Updated PHPStan to commit 49380f04ae600c2c1da04fff3ec514ba91b4bd66
b264ac9 Updated PHPStan to commit d6e7784f163a94f3f1366bab3d348267a4408979
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Pull request limits (per update run and/or open at any time)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

Bumps [phpstan/phpstan](https://github.com/phpstan/phpstan) from 0.11.12 to 0.12.0. - [Release notes](https://github.com/phpstan/phpstan/releases) - [Commits](phpstan/phpstan@0.11.12...0.12.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

dependabot-preview · 2019-12-09T08:50:36Z

Superseded by #40.

dependabot-preview bot added the dependencies Pull requests that update a dependency file label Dec 4, 2019

dependabot-preview bot mentioned this pull request Dec 4, 2019

Bump phpstan/phpstan from 0.11.12 to 0.11.19 #37

Closed

dependabot-preview bot closed this Dec 9, 2019

dependabot-preview bot deleted the dependabot/composer/phpstan/phpstan-0.12.0 branch December 9, 2019 08:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump phpstan/phpstan from 0.11.12 to 0.12.0 #38

Bump phpstan/phpstan from 0.11.12 to 0.12.0 #38

Uh oh!

dependabot-preview bot commented Dec 4, 2019

Uh oh!

dependabot-preview bot commented Dec 9, 2019

Uh oh!

Uh oh!

Uh oh!

Bump phpstan/phpstan from 0.11.12 to 0.12.0 #38

Bump phpstan/phpstan from 0.11.12 to 0.12.0 #38

Uh oh!

Conversation

dependabot-preview bot commented Dec 4, 2019

0.12.0

Major new features

BC breaks

BC breaks for extension developers

Uh oh!

dependabot-preview bot commented Dec 9, 2019

Uh oh!

Uh oh!