Add a --dump-ctags=basic flag to dump a tags file in the project root directory. (https://linux.die.net/man/1/ctags)
This is different from tool/make_ctags_for_phan_project - it has no external dependencies.
New features(Analysis):
Infer that the real type set of the key in foreach ($arrayVar as $key => ...) is definitely an int|string
in places where Phan previously inferred the empty union type, improving redundant condition detection. (#3789)
Bug fixes:
Fix a crash in phan --dead-code-detection when a trait defines a real method and phpdoc @method of the same name (#3796)
Miscellaneous:
Also allow netresearch/jsonmapper@^2.0 as a dependency when enforcing the minimum allowed version (#3801)
Mar 07 2020, Phan 2.6.0
New features(CLI, Configs):
Show empty union types as (empty union type) in issue messages instead of as an empty string.
Add a new CLI option --analyze-twice to run the analysis phase twice (#3743)
Phan infers additional type information for properties, return types, etc. while analyzing,
and this will help it detect more potential errors.
(on the first run, it would analyze files before some of those types were inferred)
Add a CLI option --analyze-all-files to analyze all files, ignoring exclude_analysis_file_list.
This is potentially useful if third party dependencies are missing type information (also see --analyze-twice).
Add --dump-analyzed-file-list to dump all files Phan would analyze to stdout.
Add allow_overriding_vague_return_types to allow Phan to add inferred return types to functions/closures/methods declared with @return mixed or @return object.
This is disabled by default.
When this is enabled, it can be disabled for individual methods by adding @phan-hardcode-return-type to the comment of the method.
(if the method has any type declarations such as @return mixed)
Previously, Phan would only add inferred return types if there was no return type declaration.
(also see --analyze-twice)
Also emit the code fragment for the argument in question in the PhanTypeMismatchArgument family of issue messages (#3779)
Render a few more AST node kinds in code fragments in issue messages.
New features(Analysis):
Support parsing php 8.0 union types (and the static return type) in the polyfill. (#3419, #3634)
Emit PhanCompatibleUnionType and PhanCompatibleStaticType when the target php version is less than 8.0 and union types or static return types are seen. (#3419, #3634)
Be more consistent about warning about issues in values of class constants, global constants, and property defaults.
Infer key and element types from iterator_to_array()
Infer that modification of or reading from static properties all use the same property declaration. (#3760)
Previously, Phan would track the static property's type separately for each subclass.
(static properties from traits become different instances, in each class using the trait)
Make assignments to properties of the declaring class affect type inference for those properties when accessed on subclasses (#3760)
... (truncated)
Commits
184c591 Merge pull request #3814 from TysonAndre/release-2.6.1
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps phan/phan from 2.3.1 to 2.6.1.
Changelog
Sourced from phan/phan's changelog.
Commits
184c591
Merge pull request #3814 from TysonAndre/release-2.6.1d80f82e
Release Phan 2.6.1738e2a4
Update composer.lock739f255
netresearch/jsonmapper ^2.081bf907
Merge pull request #3797 from TysonAndre/dead-code-detection-threw3e14dc1
Fix a crash in dead code detection for duplicated trait method81c079b
Merge pull request #3793 from TysonAndre/array_real_types881a99a
Fix false positives, fix ctags plugin7781d6b
Merge pull request #3790 from TysonAndre/ctags-generationa0dace9
Add CLI option--dump-ctags=basic
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)