Bump vimeo/psalm from 3.7.0 to 3.8.3

[dependabot-preview[bot]]

Bumps vimeo/psalm from 3.7.0 to 3.8.3.

Release notes

Sourced from vimeo/psalm's releases.

3.8.3

Features

• allow generation of stubs from the analysed files with a --generate-stubs=output.php command (#827)

Bugfixes

• Improve array function types (#2566)
• Improve remapping of template params (#2567. #2569)
• Prevent recursion infinite recursion when analysing @mixin in trait (#2565)
• Remove previous assertions after incrementing variable (#2574, #2591)
• Don't convert scalar terms in @method annotations like boolean (#2583)
• Allow null argument in DateTime when a second argument is passed (#2590)
• Don't crash when @param-out annotation is malformed (#2593)
• Allow list to be cast to array (#2577)
• Remove literal key values for known array shape when array_filter has a single arg (#2576)
• Improve isset checks on null values (#2594)
• Allow multiple inferred closure types (#2611)
• Prevent unnecessary crashes in language server mode
• Emit error on isset($someDefinedString) (#2614)
• numerous bugs around list and non-empty-array annotations

3.8.2

Features

Support for the @mixin docblock annotation, which allows a class to proxy the methods and properties of another.

I also made a slight change in how magic getters & setters are dealt with – Psalm will emit an UndefinedMagicProperty if you define a docblock @property string $foo and then request the unlisted property $bar. If you wanted this behaviour previously you had to also annotate your class with @psalm-seal-properties. This is now assumed if you provide a @mixin or @property annotation for the given class. In the event the property is missing, Psalm now emits an UndefinedMagicProperty issue that you can suppress in a more granular fashion.

Bugfixes

• Fix references to templates in other methods inside templated methods (#2532)
• Add better return types for PDOStatement::fetch - thanks @duskwuff (#2529 and #2553)
• Don't crash when attempting to analyse classes that weren't first scanned (#2505)
• Fix return types when return instances of anonymous classes (#2494)
• Allow unions inside array assertions (#2409)
• Preserve complex intersection templates (#2537)
• Prevent invalid argument issue when inheriting from a class_alias class (#2539)
• Verify variable variable assignment (#2541)
• Documentation updates from @mfn and @LeSuisse - thanks!
• Warn about posix inexistence before using threads (#2335)
• Register uses on variables set inside loops with break and continue (#2546)
• Refine type of (int) (bool) $foo – thanks @SignpostMarv (#2550)
• Improve reconciliation after assertion and function call in conditional (#2558)
• Fix templated class-string as a proper sub-type of class-string (#2554)
• Reconcile callable assertions better

Improve template handling between different templated functions

Bugfixes

... (truncated)

Commits

• 389af1b Fix #2618 setting list param from docblock
• 4a03c4a Fix impossible isset checks
• c3edbdb Allow checking $_SESSION for null without altering type
• 1202ba4 Fix blank line
• df8f208 Change constant type to be more forgiving
• de7a870 Add better mixed check
• 0f6b61d Clone isset type before contradicting
• 3fd70a9 Only set if non-null
• adc6589 Improve inference of constant() calls
• b09869b callmap changes (#2612)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)