search

skaut / crdm-basic

A playful WordPress theme made for children's organizations
https://wordpress.org/themes/crdm-basic/
GNU General Public License v3.0
1 stars 0 forks source link

Bump phan/phan from 2.3.1 to 2.4.7 #197

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps phan/phan from 2.3.1 to 2.4.7.

Changelog

Sourced from phan/phan's changelog.

Jan 22 2020, Phan 2.4.7

New features(CLI, Configs):

  • Add an environment variable PHAN_NO_UTF8=1 to always avoid UTF-8 in progress bars. This may help with terminals or logs that have issues with UTF-8 output. Error messages will continue to include UTF-8 when part of the error.
  • Allow phan --init to complete even if composer.json has no configured autoload directories, as long as at least one directory or file was configured.
  • Add a setting error_prone_truthy_condition_detection that can be enabled to warn about error-prone truthiness/falsiness checks. New issue types:
    • PhanSuspiciousTruthyCondition (e.g. for if ($x) where $x is object|int)
    • PhanSuspiciousTruthyString (e.g. for ?string - '0' is also falsey in PHP)
  • Limit calculation of max memory usage to the running worker processes with --processes N (#3606)
  • Omit options that should almost always be on (e.g. analyze_signature_compatibility) from the output of phan --init (#3660)
  • Allow phan --init to create config file with target_php_version of '7.4' or '8.0' based on composer.json (#3671)

New Features(Analysis):

  • Infer that merging defined variables with possibly undefined variables is also possibly undefined. (#1942)
  • Add a fallback when some types of conditional check results in a empty union type in a loop: If all types assigned to the variable in a loop in a function are known, then try applying the condition to the union of those types. (#3614) (This approach was chosen because it needs to run only once per function)
  • Infer that assignment operations (e.g. +=) create variables if they were undefined.
  • Properly infer that class constants that weren't literal int/float/strings have real type sets in their union types.
  • Normalize union types of generic array elements after fetching $x[$offset]. (e.g. change bool|false|null to ?bool)
  • Normalize union types of result of ?? operator.
  • Fix false positives in redundant condition detection for the real types of array accesses. (#3638, #3645, #3650)
  • Support the non-empty-string type in phpdoc comments (neither '' nor '0'). Warn about redundant/impossible checks of non-empty-string.
  • Support the non-zero-int type in phpdoc comments. Infer it in real types and warn about redundant checks for zero/truthiness.
  • Support the the non-empty-mixed in phpdoc comments and in inferences.
  • Fix false positives possibly undefined variable warnings after conditions such as if (X || count($x = [])), if (X && preg_match(..., $matches)), etc.

Bug fixes:

  • Fix a crash analyzing assignment operations on $GLOBALS such as $GLOBALS['var'] += expr; (#3615)
  • Fix false positive Phan[Possibly]UndeclaredGlobalVariable after conditions such as assert($var instanceof MyClass when the variable was not assigned to within the file or previously analyzed files. (#3616)
  • Fix line number of 0 for some nodes when simplify_ast is enabled. (#3649)

Plugins:

  • Make Phan use the real type set of the return value of the function being analyzed when plugins return a union type without a real type set.

Maintenance:

  • Infer that explode() is possibly the empty list when $limit is possibly negative. (#3617)
  • Make Phan's code follow more PSR-12 style guidelines (<?php on its own line, function(): T instead of function() : T, declare visibility for class constants)
  • Internal: Check if strings are non-zero length in Phan's implementation instead of checking for variable truthiness. ('0' is falsey)
  • Show null as lowercase instead of uppercase (the way var_export renders it) in more places.
... (truncated)
Commits
  • a300b03 Merge pull request #3673 from TysonAndre/fix-false-positive-complex-condition
  • f070765 Release 2.4.7, fix false positive after condition with ||/&&
  • b85445b Allow phan --init to create target_php_version 7.4 or 8.0
  • 3416211 Update composer.lock
  • a24099e Merge pull request #3669 from TysonAndre/scalar_implicit_partial
  • 6315cb3 Make scalar_implicit_partial handle non-zero-int
  • b5240fa Merge pull request #3668 from TysonAndre/template-type-can-cast
  • ae53790 Allow template type to cast to real type in more ways
  • 6d796d4 Merge pull request #3667 from TysonAndre/config-init
  • a4cd1da Omit options that should usually be on from 'phan --init'
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 4 years ago

Superseded by #198.