search

yiisoft / yii-captcha

Yii Framework Captcha widget Extension
https://www.yiiframework.com/
BSD 3-Clause "New" or "Revised" License
18 stars 6 forks source link

Update phan/phan requirement from ^4.0 to ^5.2 #31

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Updates the requirements on phan/phan to permit the latest version.

Changelog

Sourced from phan/phan's changelog.

Aug 26 2021, Phan 5.2.0

Plugins

  • Add AddNeverReturnTypePlugin`` which will suggest adding a phpdoc return type of @​return never`. (#4468)

Bug fixes:

  • When using the polyfill parser, properly parse nullable class property declarations as nullable. (#4492)
  • Don't emit PhanIncompatibleRealPropertyType for private base property. (#4426)
  • Fix false positive where a method overriding an existing method could be treated as having overrides. (#4502)
  • Consistently support numeric-string in all phpdoc
  • Fix false positive PhanTypeMismatchPropertyDefaultReal warning for literal integer and float typed property. (#4507)
  • Fix false positive warnings such as PhanImpossibleTypeComparison about string subtypes not casting to other string subtypes (#4514)

Maintenance:

  • Change internal representation of FunctionSignatureMap delta files.
  • Add a new exit status bit flag to BlockExitStatusChecker to indicate that a function will exit or infinitely loop (STATUS_NORETURN) (#4468)
  • Internally represent the base function map using php 8.0 signatures instead of php 7.3 - applying deltas backwards has the same result (#4478)

Aug 07 2021, Phan 5.1.0

New Features (Analysis):

  • Support running Phan 5 with AST version 80 instead of 85 but warn about php-ast being outdated.

Documentation:

  • Update documentation of --target-php-version and --minimum-target-php-version

Aug 01 2021, Phan 5.0.0

New Features (Analysis):

  • Warn about implicitly nullable parameter intersection types (function(A&B $paramName = null)) being a compile error. New issue type: PhanTypeMismatchDefaultIntersection

  • Emit PhanTypeMismatchArgumentSuperType instead of PhanTypeMismatchArgument when passing in an object supertype (e.g. ancestor class) of an object instead of a subtype. Emit PhanTypeMismatchReturnSuperType instead of PhanTypeMismatchReturn when returning an object supertype (e.g. ancestor class) of an object instead of a subtype.

    Phan 5 starts warning about ancestor classes being incompatible argument or return types in cases where it previously allowed it. (#4413)

Jul 24 2021, Phan 5.0.0a4

New Features (Analysis):

  • Use the enum class declaration type (int, string, or absent) from AST version 85 to check if enum cases are valid. (#4313) New issue types: PhanSyntaxEnumCaseExpectedValue, PhanSyntaxEnumCaseUnexpectedValue, PhanTypeUnexpectedEnumCaseType

Backwards incompatible changes:

  • Bump the minimum required AST version from 80 to 85 (Required to analyze php 8.1 enum classes - 'type' was added in AST version 85).
  • In php 8.1, require php-ast 1.0.14 to natively parse AST version 85.

... (truncated)

Commits
  • eb59e65 Merge pull request #4516 from TysonAndre/release-5.2.0
  • 9fe24d1 Release Phan 5.2.0
  • ebf38ff Merge pull request #4515 from TysonAndre/comparison-string
  • cfe86f4 Update plugin test
  • 120408a Fix false positive type incompatibility warning between string subtypes
  • 53d1931 Merge pull request #4511 from TysonAndre/never-return
  • 36bf893 Add never return type to Phan's code
  • e414c8d Add plugin for never-return. Change BlockExitStatusChecker details.
  • e01daae More indentation fixes for phpcbf splitting closure use lines
  • aadcc06 Run phpcbf, fix code style
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 3 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.