Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add TaintedCallable sinks for 4 core generic functions #11090

Merged
merged 1 commit into from
Sep 7, 2024

Conversation

cgocast
Copy link
Contributor

@cgocast cgocast commented Sep 6, 2024

Fixes #11089

@weirdan weirdan added the release:feature The PR will be included in 'Features' section of the release notes label Sep 7, 2024
@weirdan weirdan merged commit 3ff52fb into vimeo:5.x Sep 7, 2024
50 of 51 checks passed
@weirdan
Copy link
Collaborator

weirdan commented Sep 7, 2024

Thanks!

@cgocast cgocast deleted the core_function_sinks branch September 9, 2024 06:08
Gashmob referenced this pull request in Gashmob/project-templates Sep 14, 2024
This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [vimeo/psalm](https://redirect.github.com/vimeo/psalm) | `5.25.0` ->
`5.26.1` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>vimeo/psalm (vimeo/psalm)</summary>

###
[`v5.26.1`](https://redirect.github.com/vimeo/psalm/compare/5.26.0...5.26.1)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.26.0...5.26.1)

###
[`v5.26.0`](https://redirect.github.com/vimeo/psalm/releases/tag/5.26.0)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.25.0...5.26.0)

<!-- Release notes generated using configuration in .github/release.yml
at 5.x -->

#### What's Changed

##### Features

- Add mysqli.execute-query as sink for TaintedSql by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11021](https://redirect.github.com/vimeo/psalm/pull/11021)
- Add TaintedCallable sinks for 4 core generic functions by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11090](https://redirect.github.com/vimeo/psalm/pull/11090)
- Improve mysql fetch_field\* return type by
[@&#8203;MoonE](https://redirect.github.com/MoonE) in
[https://github.com/vimeo/psalm/pull/11009](https://redirect.github.com/vimeo/psalm/pull/11009)
- Check for `psalm.dist.xml` as well by
[@&#8203;HypeMC](https://redirect.github.com/HypeMC) in
[https://github.com/vimeo/psalm/pull/11031](https://redirect.github.com/vimeo/psalm/pull/11031)

##### Fixes

- Change `ReflectionParameter::getName()` result type to
`non-empty-string` by [@&#8203;vjik](https://redirect.github.com/vjik)
in
[https://github.com/vimeo/psalm/pull/11037](https://redirect.github.com/vimeo/psalm/pull/11037)
- Fix mysqli_real_escape_string stub by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11078](https://redirect.github.com/vimeo/psalm/pull/11078)
- Fix mysqli_get_client_version by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11074](https://redirect.github.com/vimeo/psalm/pull/11074)
- Up the minimum required version of nikic/php-parser to 4.17 by
[@&#8203;chesn0k](https://redirect.github.com/chesn0k) in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)
- Fix callable/lowercase strings coercion by
[@&#8203;weirdan](https://redirect.github.com/weirdan) in
[https://github.com/vimeo/psalm/pull/11091](https://redirect.github.com/vimeo/psalm/pull/11091)
- Consistently emit issues for properties on classes with unknown mixins
by [@&#8203;issidorov](https://redirect.github.com/issidorov) in
[https://github.com/vimeo/psalm/pull/11081](https://redirect.github.com/vimeo/psalm/pull/11081)

#### New Contributors

- [@&#8203;chesn0k](https://redirect.github.com/chesn0k) made their
first contribution in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)

**Full Changelog**:
vimeo/psalm@5.25.0...5.26.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/Gashmob/project-templates).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41OS4yIiwidXBkYXRlZEluVmVyIjoiMzguNTkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
oguzhand95 referenced this pull request in cerbos/cerbos-sdk-php Sep 17, 2024
This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google/common-protos](https://redirect.github.com/googleapis/common-protos-php)
| `4.7.0` -> `4.8.3` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/google%2fcommon-protos/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/google%2fcommon-protos/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/google%2fcommon-protos/4.7.0/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/google%2fcommon-protos/4.7.0/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [google/protobuf](https://developers.google.com/protocol-buffers/)
([source](https://redirect.github.com/protocolbuffers/protobuf-php)) |
`4.27.3` -> `4.28.1` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/google%2fprotobuf/4.28.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/google%2fprotobuf/4.28.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/google%2fprotobuf/4.27.3/4.28.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/google%2fprotobuf/4.27.3/4.28.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [phpstan/phpstan](https://redirect.github.com/phpstan/phpstan) |
`1.11.10` -> `1.12.3` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/phpstan%2fphpstan/1.12.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/phpstan%2fphpstan/1.12.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/phpstan%2fphpstan/1.11.10/1.12.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/phpstan%2fphpstan/1.11.10/1.12.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [phpunit/phpunit](https://phpunit.de/)
([source](https://redirect.github.com/sebastianbergmann/phpunit)) |
`10.5.29` -> `10.5.34` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/phpunit%2fphpunit/10.5.34?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/phpunit%2fphpunit/10.5.34?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/phpunit%2fphpunit/10.5.29/10.5.34?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/phpunit%2fphpunit/10.5.29/10.5.34?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [vimeo/psalm](https://redirect.github.com/vimeo/psalm) | `5.25.0` ->
`5.26.1` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>googleapis/common-protos-php (google/common-protos)</summary>

###
[`v4.8.3`](https://redirect.github.com/googleapis/common-protos-php/releases/tag/v4.8.3):
google/common-protos v4.8.3

[Compare
Source](https://redirect.github.com/googleapis/common-protos-php/compare/v4.8.2...v4.8.3)

##### Bug Fixes

- Add back compatibility for Protobuf v4
([#&#8203;7648](https://redirect.github.com/googleapis/google-cloud-php/issues/7648))
([24e6efd](https://redirect.github.com/googleapis/google-cloud-php/commit/24e6efd1a4a2c1e2a08970c0224b4709b9cf183d))

###
[`v4.8.2`](https://redirect.github.com/googleapis/common-protos-php/releases/tag/v4.8.2):
google/common-protos v4.8.2

[Compare
Source](https://redirect.github.com/googleapis/common-protos-php/compare/v4.8.1...v4.8.2)

##### Miscellaneous Chores

###
[`v4.8.1`](https://redirect.github.com/googleapis/common-protos-php/releases/tag/v4.8.1):
google/common-protos v4.8.1

[Compare
Source](https://redirect.github.com/googleapis/common-protos-php/compare/v4.8.0...v4.8.1)

##### Bug Fixes

- Ensure common-protos is up-to-date
([#&#8203;7591](https://redirect.github.com/googleapis/google-cloud-php/issues/7591))
([3d20307](https://redirect.github.com/googleapis/google-cloud-php/commit/3d20307b9e280072650f23832cd3bfdb1eaa3521))

###
[`v4.8.0`](https://redirect.github.com/googleapis/common-protos-php/releases/tag/v4.8.0):
google/common-protos v4.8.0

[Compare
Source](https://redirect.github.com/googleapis/common-protos-php/compare/v4.7.0...v4.8.0)

##### Features

- Move common-protos to google-cloud-php
([#&#8203;7554](https://redirect.github.com/googleapis/google-cloud-php/issues/7554))
([3339a27](https://redirect.github.com/googleapis/google-cloud-php/commit/3339a2720d3b7b83096ff8fda69ab4d4abb65cee))

</details>

<details>
<summary>protocolbuffers/protobuf-php (google/protobuf)</summary>

###
[`v4.28.1`](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.28.0...v4.28.1)

[Compare
Source](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.28.0...v4.28.1)

###
[`v4.28.0`](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.27.4...v4.28.0)

[Compare
Source](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.27.4...v4.28.0)

###
[`v4.27.4`](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.27.3...v4.27.4)

[Compare
Source](https://redirect.github.com/protocolbuffers/protobuf-php/compare/v4.27.3...v4.27.4)

</details>

<details>
<summary>phpstan/phpstan (phpstan/phpstan)</summary>

###
[`v1.12.3`](https://redirect.github.com/phpstan/phpstan/releases/tag/1.12.3)

[Compare
Source](https://redirect.github.com/phpstan/phpstan/compare/1.12.2...1.12.3)

# Improvements 🔧

- PHPStan Pro: debug corrupted PHAR signature message
(phpstan/phpstan-src@9815bbb)

# Bugfixes 🐛

- Revert "Fix phar.yml workflow"
(phpstan/phpstan-src@6973519),
[#&#8203;11638](https://redirect.github.com/phpstan/phpstan/issues/11638)
- Refactor `ArrayFilterFunctionReturnTypeReturnTypeExtension` and
support first-class callable
([#&#8203;3329](https://redirect.github.com/phpstan/phpstan-src/pull/3329)),
[#&#8203;11337](https://redirect.github.com/phpstan/phpstan/issues/11337),
thanks [@&#8203;takaram](https://redirect.github.com/takaram)!
- Prevent resolving conditional types in callable param/return types
([#&#8203;3405](https://redirect.github.com/phpstan/phpstan-src/pull/3405)),
[#&#8203;11472](https://redirect.github.com/phpstan/phpstan/issues/11472),
thanks [@&#8203;rvanvelzen](https://redirect.github.com/rvanvelzen)!
- Fix wrongly convertion of `list<T>` to `array{T}`
([#&#8203;3412](https://redirect.github.com/phpstan/phpstan-src/pull/3412)),
[#&#8203;11642](https://redirect.github.com/phpstan/phpstan/issues/11642),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Fix internal error
(phpstan/phpstan-src@052f6b1),
[#&#8203;11649](https://redirect.github.com/phpstan/phpstan/issues/11649)
- Missing typehints should be consistently checked on level 6
(phpstan/phpstan-src@e3e80f6),
[#&#8203;11657](https://redirect.github.com/phpstan/phpstan/issues/11657)

# Function signature fixes 🤖

- Don't prevent checking for `curl_init()` false returns
([#&#8203;3409](https://redirect.github.com/phpstan/phpstan-src/pull/3409)),
[#&#8203;11640](https://redirect.github.com/phpstan/phpstan/issues/11640),
thanks [@&#8203;tscni](https://redirect.github.com/tscni)!
- Update phpstorm-stubs and patch
([#&#8203;3393](https://redirect.github.com/phpstan/phpstan-src/pull/3393)),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!

# Internals 🔍

- The `COMPOSER_ROOT_VERSION` hack should no longer be necessary
([#&#8203;3414](https://redirect.github.com/phpstan/phpstan-src/pull/3414))
- Add non regression test
([#&#8203;3416](https://redirect.github.com/phpstan/phpstan-src/pull/3416)),
[#&#8203;4960](https://redirect.github.com/phpstan/phpstan/issues/4960),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Add non regression test
([#&#8203;3415](https://redirect.github.com/phpstan/phpstan-src/pull/3415)),
[#&#8203;10499](https://redirect.github.com/phpstan/phpstan/issues/10499),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!

###
[`v1.12.2`](https://redirect.github.com/phpstan/phpstan/releases/tag/1.12.2)

[Compare
Source](https://redirect.github.com/phpstan/phpstan/compare/1.12.1...1.12.2)

# Improvements 🔧

- PHP 8.4 - report deprecated implicitly nullable parameter types
(phpstan/phpstan-src@9bd027c),
[#&#8203;11413](https://redirect.github.com/phpstan/phpstan/issues/11413)

# Bugfixes 🐛

- Run `@mixin` class reflection extensions after all other class
reflection extensions
(phpstan/phpstan-src@c889baa),
[#&#8203;11624](https://redirect.github.com/phpstan/phpstan/issues/11624),
[#&#8203;11342](https://redirect.github.com/phpstan/phpstan/issues/11342),
[#&#8203;10159](https://redirect.github.com/phpstan/phpstan/issues/10159),
[https://github.com/larastan/larastan/issues/2032](https://redirect.github.com/larastan/larastan/issues/2032)
- RegexArrayShapeMatcher - Don't optimize alternations with optional
groups for tagged unions
([#&#8203;3395](https://redirect.github.com/phpstan/phpstan-src/pull/3395)),
[#&#8203;11604](https://redirect.github.com/phpstan/phpstan/issues/11604),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Narrow array on `count()` with `positive-int`
([#&#8203;3389](https://redirect.github.com/phpstan/phpstan-src/pull/3389)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Improve narrowing after string functions
([#&#8203;3390](https://redirect.github.com/phpstan/phpstan-src/pull/3390)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Add `Type::reverseArray()`
([#&#8203;3344](https://redirect.github.com/phpstan/phpstan-src/pull/3344)),
thanks [@&#8203;herndlm](https://redirect.github.com/herndlm)!

# Function signature fixes 🤖

- `version_compare()` operator arg can be null
([#&#8203;3399](https://redirect.github.com/phpstan/phpstan-src/pull/3399)),
[#&#8203;4457](https://redirect.github.com/phpstan/phpstan/issues/4457),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!

# Internals 🔍

- Regression test
([#&#8203;3396](https://redirect.github.com/phpstan/phpstan-src/pull/3396)),
[#&#8203;6642](https://redirect.github.com/phpstan/phpstan/issues/6642),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Simplify isFloat checks
([#&#8203;3397](https://redirect.github.com/phpstan/phpstan-src/pull/3397)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!

###
[`v1.12.1`](https://redirect.github.com/phpstan/phpstan/releases/tag/1.12.1)

[Compare
Source](https://redirect.github.com/phpstan/phpstan/compare/1.12.0...1.12.1)

# Bleeding edge 🔪

- Check if required file exists
([#&#8203;3294](https://redirect.github.com/phpstan/phpstan-src/pull/3294)),
[#&#8203;3397](https://redirect.github.com/phpstan/phpstan/issues/3397),
thanks [@&#8203;Bellangelo](https://redirect.github.com/Bellangelo)!
- Check generics `@method` `@template` tags above traits
(phpstan/phpstan-src@aadbf62)
- Check `@mixin` PHPDoc tag above traits
(phpstan/phpstan-src@0d0de94)

*If you want to see the shape of things to come and adopt bleeding edge
features early, you can include this config file in your project's
`phpstan.neon`:*

    includes:
    	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

*Of course, there are no backwards compatibility guarantees when you
include this file. The behaviour and reported errors can change in minor
versions with this file included. [Learn
more](https://phpstan.org/blog/what-is-bleeding-edge)*

# Improvements 🔧

- Allow dot-prefixed config files
([#&#8203;3354](https://redirect.github.com/phpstan/phpstan-src/pull/3354)),
thanks [@&#8203;sreichel](https://redirect.github.com/sreichel)!
- Respect dist order over dot order
([#&#8203;3379](https://redirect.github.com/phpstan/phpstan-src/pull/3379)),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Update PhpStorm stubs + refactor WithoutSideEffectsRule classes
([#&#8203;3377](https://redirect.github.com/phpstan/phpstan-src/pull/3377)),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- TypeSpecifier: Narrow `(bool) $expr` like `$expr != false`
([#&#8203;3380](https://redirect.github.com/phpstan/phpstan-src/pull/3380)),
[#&#8203;8881](https://redirect.github.com/phpstan/phpstan/issues/8881),
[#&#8203;7685](https://redirect.github.com/phpstan/phpstan/issues/7685),
[#&#8203;6006](https://redirect.github.com/phpstan/phpstan/issues/6006),
[#&#8203;10528](https://redirect.github.com/phpstan/phpstan/issues/10528),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- TypeSpecifier: Narrow `(string) $expr` like `$expr != false`
([#&#8203;3387](https://redirect.github.com/phpstan/phpstan-src/pull/3387)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- TypeSpecifier: Narrow `(int) $expr` like `$expr != false`
([#&#8203;3384](https://redirect.github.com/phpstan/phpstan-src/pull/3384)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- TypeSpecifier: Narrow `(float) $expr` like `$expr != false`
([#&#8203;3391](https://redirect.github.com/phpstan/phpstan-src/pull/3391)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Add missing rule to StubValidator
(phpstan/phpstan-src@085fcf4)
- Support `@mixin` above traits
(phpstan/phpstan-src@f5e2e32)

# Bugfixes 🐛

- Fix `array_filter` with callback optional persistance
([#&#8203;3366](https://redirect.github.com/phpstan/phpstan-src/pull/3366)),
[#&#8203;11570](https://redirect.github.com/phpstan/phpstan/issues/11570),
thanks [@&#8203;robotomarvin](https://redirect.github.com/robotomarvin)!
- RegexArrayShapeMatcher - infer constant string types in alternations
([#&#8203;3369](https://redirect.github.com/phpstan/phpstan-src/pull/3369)),
[#&#8203;11222](https://redirect.github.com/phpstan/phpstan/issues/11222),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- RegexArrayShapeMatcher - improve type inference in alternations
([#&#8203;3375](https://redirect.github.com/phpstan/phpstan-src/pull/3375)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Fix error on offset assignment to specialized strings
([#&#8203;3365](https://redirect.github.com/phpstan/phpstan-src/pull/3365)),
[#&#8203;11572](https://redirect.github.com/phpstan/phpstan/issues/11572),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Narrow string on `strlen() ==` and `===` comparison with integer range
([#&#8203;3342](https://redirect.github.com/phpstan/phpstan-src/pull/3342)),
[#&#8203;11548](https://redirect.github.com/phpstan/phpstan/issues/11548),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Fix `get_debug_type` produces wrong type for anonymous classes with
parent
([#&#8203;3374](https://redirect.github.com/phpstan/phpstan-src/pull/3374)),
[#&#8203;11562](https://redirect.github.com/phpstan/phpstan/issues/11562),
thanks
[@&#8203;patrickkusebauch](https://redirect.github.com/patrickkusebauch)!
- Fix preserving list when setting union offset type to a
ConstantArrayTypeBuilder
([#&#8203;3382](https://redirect.github.com/phpstan/phpstan-src/pull/3382)),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Fix `preg_replace()` return type
([#&#8203;3338](https://redirect.github.com/phpstan/phpstan-src/pull/3338)),
[#&#8203;11547](https://redirect.github.com/phpstan/phpstan/issues/11547),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Detect function variadic-ness anywhere deep in the declaration file
([#&#8203;3370](https://redirect.github.com/phpstan/phpstan-src/pull/3370)),
[#&#8203;11559](https://redirect.github.com/phpstan/phpstan/issues/11559),
[#&#8203;4753](https://redirect.github.com/phpstan/phpstan/issues/4753),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Add DateTimeSubMethodThrowTypeExtension
([#&#8203;3378](https://redirect.github.com/phpstan/phpstan-src/pull/3378)),
[#&#8203;11503](https://redirect.github.com/phpstan/phpstan/issues/11503),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Do not report `static` in PHPDoc tags above traits as an error
(phpstan/phpstan-src@777a82a),
[#&#8203;11591](https://redirect.github.com/phpstan/phpstan/issues/11591)
- RegexArrayShapeMatcher - Fix alternations containing a `$`-only case
([#&#8203;3394](https://redirect.github.com/phpstan/phpstan-src/pull/3394)),
[#&#8203;11622](https://redirect.github.com/phpstan/phpstan/issues/11622),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Do not report missing implementation abstract method from trait when
it's implicitly implemented by enum
(phpstan/phpstan-src@c50b71f),
[#&#8203;11592](https://redirect.github.com/phpstan/phpstan/issues/11592)
- Fix how well conditional types play with pre-existing `@param-out`
variable after assignment
(phpstan/phpstan-src@5892e8d),
[#&#8203;11580](https://redirect.github.com/phpstan/phpstan/issues/11580),
[#&#8203;6642](https://redirect.github.com/phpstan/phpstan/issues/6642)

# Internals 🔍

- Debugging function - `PHPStan\debugScope()`
(phpstan/phpstan-src@5909fb2)
- Added regression test
([#&#8203;3368](https://redirect.github.com/phpstan/phpstan-src/pull/3368)),
[#&#8203;7856](https://redirect.github.com/phpstan/phpstan/issues/7856),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Simplify specifyTypesForConstantBinaryExpression
([#&#8203;3392](https://redirect.github.com/phpstan/phpstan-src/pull/3392)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Refactoring: introduce MethodTagTemplateTypeCheck
(phpstan/phpstan-src@47a85bf)
- Simplify extensions
(phpstan/phpstan-src@c47730f)
- Refactoring - extract MixinCheck
(phpstan/phpstan-src@57ccd8c)
- MixinCheck - prepare for trait rules
(phpstan/phpstan-src@ba59142)

###
[`v1.12.0`](https://redirect.github.com/phpstan/phpstan/releases/tag/1.12.0)

[Compare
Source](https://redirect.github.com/phpstan/phpstan/compare/1.11.11...1.12.0)

[**Read all about PHPStan 1.12 on phpstan.org
»**](https://phpstan.org/blog/phpstan-1-12-road-to-phpstan-2-0)

# Major new features 🚀

- Precise type for `$matches` from `preg_match` generally available, out
of bleeding edge
(phpstan/phpstan-src@bd2cec1)
-   PHP 8.4 runtime support
    -   PHPStan runs on PHP 8.4 without emitting deprecation notices
- Full support for PHP 8.4 including new syntax and rules is coming
later, after PHPStan 2.0 release

# Bleeding edge 🔪

- More precise types for bcmath function parameters
([#&#8203;2217](https://redirect.github.com/phpstan/phpstan-src/pull/2217)),
thanks [@&#8203;Warxcell](https://redirect.github.com/Warxcell)!
- Enforce `@no-named-arguments`
(phpstan/phpstan-src@74ba8c2),
[#&#8203;5968](https://redirect.github.com/phpstan/phpstan/issues/5968)
- Check too wide private property type
(phpstan/phpstan-src@7453f4f)
- Consider implicit throw points when the only explicit one is Throw\_
(phpstan/phpstan-src@22eef6d)
- Check existing classes in `@param-out`
(phpstan/phpstan-src@30c4b9e),
[#&#8203;10260](https://redirect.github.com/phpstan/phpstan/issues/10260)
- Check existing classes in `@param-closure-this`
(phpstan/phpstan-src@2fa539a),
[#&#8203;10933](https://redirect.github.com/phpstan/phpstan/issues/10933)
- Check invalid `@param-closure-this`
(phpstan/phpstan-src@95c0a58),
[#&#8203;10932](https://redirect.github.com/phpstan/phpstan/issues/10932)
- Check `@param-immediately-invoked-callable` and
`@param-later-invoked-callable`
(phpstan/phpstan-src@580a6ad),
[#&#8203;10932](https://redirect.github.com/phpstan/phpstan/issues/10932)
- Check existing classes in `@phpstan-self-out`
(phpstan/phpstan-src@6838669)
- Check missing types in `@phpstan-self-out`
(phpstan/phpstan-src@892b319)
- Check missing types in local type aliases
(phpstan/phpstan-src@ce7ffaf)
- Check nonexistent classes in local type aliases
(phpstan/phpstan-src@2485b2e)
- Check unresolvable types in local type aliases
(phpstan/phpstan-src@5f7d12b)
- Check generics in local type aliases
(phpstan/phpstan-src@5a2d441)
- Check missing types in `@mixin`
(phpstan/phpstan-src@3175c81)
- Check types in `@property` tags
(phpstan/phpstan-src@55ea2ae),
[#&#8203;10752](https://redirect.github.com/phpstan/phpstan/issues/10752),
[#&#8203;9356](https://redirect.github.com/phpstan/phpstan/issues/9356)
- Check types in `@method` tags
(phpstan/phpstan-src@5b7e474)
- Check `@extends`, `@implements`, `@use` for unresolvable types
(phpstan/phpstan-src@2bb5282),
[#&#8203;11552](https://redirect.github.com/phpstan/phpstan/issues/11552)

*If you want to see the shape of things to come and adopt bleeding edge
features early, you can include this config file in your project's
`phpstan.neon`:*

    includes:
    	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

*Of course, there are no backwards compatibility guarantees when you
include this file. The behaviour and reported errors can change in minor
versions with this file included. [Learn
more](https://phpstan.org/blog/what-is-bleeding-edge)*

# Improvements 🔧

- Internal classes made `final`, `@api` classes made `@final`
([#&#8203;3264](https://redirect.github.com/phpstan/phpstan-src/pull/3264),
phpstan/phpstan-src@5baa146)
- Repair `PhpParser\Node\Stmt\Class_::isAnonymous()`
([#&#8203;3343](https://redirect.github.com/phpstan/phpstan-src/pull/3343)),
thanks [@&#8203;tscni](https://redirect.github.com/tscni)!
- Improve `curl_init()` return type analysis
([#&#8203;3346](https://redirect.github.com/phpstan/phpstan-src/pull/3346)),
thanks [@&#8203;tscni](https://redirect.github.com/tscni)!
- StubValidator - added missing rules
(phpstan/phpstan-src@7fc5ab8)
- Do not allow `@phpstan-self-out` above static method
(phpstan/phpstan-src@0dfd821)
- Check unresolvable types in `@phpstan-self-out`
(phpstan/phpstan-src@e182c06)
- Check generics in `@phpstan-self-out`
(phpstan/phpstan-src@9ebc315)
- ConstExprNodeResolver - support ConstFetchNode for class constants
(phpstan/phpstan-src@3e51899)
- allowed in default parameter values in `@method`

# Bugfixes 🐛

- PHPStanDiagnoseExtension - skip showing config files in "Included
configs from Composer packages" if already present in the "Extension
installer" section
(phpstan/phpstan-src@6c4477c)
- Support multiple anonymous class definitions on the same line
([#&#8203;3328](https://redirect.github.com/phpstan/phpstan-src/pull/3328)),
[#&#8203;5597](https://redirect.github.com/phpstan/phpstan/issues/5597),
[#&#8203;11511](https://redirect.github.com/phpstan/phpstan/issues/11511),
thanks [@&#8203;tscni](https://redirect.github.com/tscni)!
- Fix ConstantArrayType not accepting NeverType
([#&#8203;3327](https://redirect.github.com/phpstan/phpstan-src/pull/3327)),
[#&#8203;11517](https://redirect.github.com/phpstan/phpstan/issues/11517),
thanks [@&#8203;tscni](https://redirect.github.com/tscni)!
- Narrow to non-falsy-string from `strlen()` on integer range
([#&#8203;3337](https://redirect.github.com/phpstan/phpstan-src/pull/3337)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Narrow arrays in union based on `count()` with integer range
([#&#8203;3335](https://redirect.github.com/phpstan/phpstan-src/pull/3335)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Fix description escaping in UsedTraitsRule
(phpstan/phpstan-src@4ffbb3b)

# Internals 🔍

- Cleanup TypeSpecifier
([#&#8203;3340](https://redirect.github.com/phpstan/phpstan-src/pull/3340)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Refactor ReplaceFunctionsDynamicReturnTypeExtension
([#&#8203;3339](https://redirect.github.com/phpstan/phpstan-src/pull/3339)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- BetterReflectionSourceLocator - playground mode
(phpstan/phpstan-src@7d1bde4)
- Internal PHPStan rule - class must be abstract or final
(phpstan/phpstan-src@d631120)
- Downgrade PHP files in build/PHPStan
(phpstan/phpstan-src@fe503ca)
- ExtendedPropertyReflection
(phpstan/phpstan-src@d65138a)
- Replace `highlight_string()` stub with a return type extension
([#&#8203;3350](https://redirect.github.com/phpstan/phpstan-src/pull/3350))
- Issue bot - test PHP 8.4
([#&#8203;3358](https://redirect.github.com/phpstan/phpstan-src/pull/3358))

###
[`v1.11.11`](https://redirect.github.com/phpstan/phpstan/releases/tag/1.11.11)

[Compare
Source](https://redirect.github.com/phpstan/phpstan/compare/1.11.10...1.11.11)

# Improvements 🔧

- Narrow arrays in union based on count() with smaller/greater operator
([#&#8203;3324](https://redirect.github.com/phpstan/phpstan-src/pull/3324)),
[#&#8203;11480](https://redirect.github.com/phpstan/phpstan/issues/11480),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- PHPStanDiagnoseExtension - show Composer packages with included config
files
(phpstan/phpstan-src@58d202f)

# Bugfixes 🐛

- RegexArrayShapeMatcher - optional non-last groups can be empty-string
([#&#8203;3306](https://redirect.github.com/phpstan/phpstan-src/pull/3306)),
[#&#8203;11479](https://redirect.github.com/phpstan/phpstan/issues/11479),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- RegexArrayShapeMatcher - fix capturing item-array-shapes for
preg_match_all
([#&#8203;3307](https://redirect.github.com/phpstan/phpstan-src/pull/3307)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- RegexArrayShapeMatcher - Fix shape of single top level alternations
([#&#8203;3299](https://redirect.github.com/phpstan/phpstan-src/pull/3299)),
[#&#8203;11462](https://redirect.github.com/phpstan/phpstan/issues/11462),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- RegexArrayShapeMatcher - Fix matching literal "-" in character classes
([#&#8203;3314](https://redirect.github.com/phpstan/phpstan-src/pull/3314)),
[#&#8203;11490](https://redirect.github.com/phpstan/phpstan/issues/11490),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!
- Improve sprintf support
([#&#8203;3310](https://redirect.github.com/phpstan/phpstan-src/pull/3310)),
[#&#8203;11491](https://redirect.github.com/phpstan/phpstan/issues/11491),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Handle union and mixed in plus operation
([#&#8203;3320](https://redirect.github.com/phpstan/phpstan-src/pull/3320)),
[#&#8203;3759](https://redirect.github.com/phpstan/phpstan/issues/3759),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Fix union with float should accept integer range
([#&#8203;3318](https://redirect.github.com/phpstan/phpstan-src/pull/3318)),
[#&#8203;10248](https://redirect.github.com/phpstan/phpstan/issues/10248),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Fix array_intersect_key
([#&#8203;3317](https://redirect.github.com/phpstan/phpstan-src/pull/3317)),
[#&#8203;10561](https://redirect.github.com/phpstan/phpstan/issues/10561),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Improve non strict `in_array()`
([#&#8203;3319](https://redirect.github.com/phpstan/phpstan-src/pull/3319)),
[#&#8203;9436](https://redirect.github.com/phpstan/phpstan/issues/9436),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- String offset access leads to non-empty-string (single character)
(phpstan/phpstan-src@9439bba),
[#&#8203;11506](https://redirect.github.com/phpstan/phpstan/issues/11506)
- Fix `AccessoryLiteralStringType::setOffsetValueType()`
(phpstan/phpstan-src@93c5226)
- Fix `AccessoryNonFalsyStringType::setOffsetValueType()`
(phpstan/phpstan-src@c28c936)
- Improve IntDivThrowTypeExtension to support integer ranges
([#&#8203;3325](https://redirect.github.com/phpstan/phpstan-src/pull/3325)),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!
- Fix array intersection between HasOffsetType and HasOffsetValueType
(phpstan/phpstan-src@07d6405),
[#&#8203;11518](https://redirect.github.com/phpstan/phpstan/issues/11518)
- Fix item type in list to constant array conversion with `count()`
([#&#8203;3309](https://redirect.github.com/phpstan/phpstan-src/pull/3309)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!

# Function signature fixes 🤖

- Fix imagick definition
([#&#8203;3316](https://redirect.github.com/phpstan/phpstan-src/pull/3316)),
[#&#8203;10803](https://redirect.github.com/phpstan/phpstan/issues/10803),
thanks
[@&#8203;VincentLanglet](https://redirect.github.com/VincentLanglet)!

# Internals 🔍

- Turn Regex classes immutable where possible
([#&#8203;3305](https://redirect.github.com/phpstan/phpstan-src/pull/3305)),
thanks [@&#8203;staabm](https://redirect.github.com/staabm)!

</details>

<details>
<summary>sebastianbergmann/phpunit (phpunit/phpunit)</summary>

###
[`v10.5.34`](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.33...10.5.34)

[Compare
Source](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.33...10.5.34)

###
[`v10.5.33`](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.32...10.5.33)

[Compare
Source](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.32...10.5.33)

###
[`v10.5.32`](https://redirect.github.com/sebastianbergmann/phpunit/releases/tag/10.5.32):
PHPUnit 10.5.32

[Compare
Source](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.31...10.5.32)

##### Added

-
[#&#8203;5937](https://redirect.github.com/sebastianbergmann/phpunit/issues/5937):
`failOnPhpunitDeprecation` attribute on the `<phpunit>` element of the
XML configuration file and `--fail-on-phpunit-deprecation` CLI option
for controlling whether PHPUnit deprecations should be considered when
determining the test runner's shell exit code (default: do not consider)
- `displayDetailsOnPhpunitDeprecations` attribute on the `<phpunit>`
element of the XML configuration file and
`--display-phpunit-deprecations` CLI option for controlling whether
details on PHPUnit deprecations should be displayed (default: do not
display)

##### Changed

-
[#&#8203;5937](https://redirect.github.com/sebastianbergmann/phpunit/issues/5937):
PHPUnit deprecations will, by default, no longer affect the test
runner's shell exit code. This can optionally be turned back on using
the `--fail-on-phpunit-deprecation` CLI option or the
`failOnPhpunitDeprecation="true"` attribute on the `<phpunit>` element
of the XML configuration file.
- Details for PHPUnit deprecations will, by default, no longer be
displayed. This can optionally be turned back on using the
`--display-phpunit-deprecations` CLI option or the
`displayDetailsOnPhpunitDeprecations` attribute on the `<phpunit>`
element of the XML configuration file.

***

[How to install or update
PHPUnit](https://docs.phpunit.de/en/10.5/installation.html)

###
[`v10.5.31`](https://redirect.github.com/sebastianbergmann/phpunit/releases/tag/10.5.31):
PHPUnit 10.5.31

[Compare
Source](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.30...10.5.31)

##### Changed

-
[#&#8203;5931](https://redirect.github.com/sebastianbergmann/phpunit/pull/5931):
`name` property on `<testsuites>` element in JUnit XML logfile
- Removed `.phpstorm.meta.php` file as methods such as
`TestCase::createStub()` use generics / template types for their return
types and PhpStorm, for example, uses that information

##### Fixed

-
[#&#8203;5884](https://redirect.github.com/sebastianbergmann/phpunit/issues/5884):
TestDox printer does not consider that issues can be suppressed by
attribute, baseline, source location, or `@` operator

***

[How to install or update
PHPUnit](https://docs.phpunit.de/en/10.5/installation.html)

###
[`v10.5.30`](https://redirect.github.com/sebastianbergmann/phpunit/releases/tag/10.5.30):
PHPUnit 10.5.30

[Compare
Source](https://redirect.github.com/sebastianbergmann/phpunit/compare/10.5.29...10.5.30)

##### Changed

- Improved error message when stubbed method is called more often than
return values were configured for it

***

[How to install or update
PHPUnit](https://docs.phpunit.de/en/10.5/installation.html)

</details>

<details>
<summary>vimeo/psalm (vimeo/psalm)</summary>

###
[`v5.26.1`](https://redirect.github.com/vimeo/psalm/releases/tag/5.26.1)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.26.0...5.26.1)

<!-- Release notes generated using configuration in .github/release.yml
at 5.x -->

#### What's Changed

##### Fixes

- Fix JSON formatter crashes with invalid UTF in error messages by
[@&#8203;weirdan](https://redirect.github.com/weirdan) in
[https://github.com/vimeo/psalm/pull/11092](https://redirect.github.com/vimeo/psalm/pull/11092)

**Full Changelog**:
vimeo/psalm@5.26.0...5.26.1

###
[`v5.26.0`](https://redirect.github.com/vimeo/psalm/releases/tag/5.26.0)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.25.0...5.26.0)

<!-- Release notes generated using configuration in .github/release.yml
at 5.x -->

#### What's Changed

##### Features

- Add mysqli.execute-query as sink for TaintedSql by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11021](https://redirect.github.com/vimeo/psalm/pull/11021)
- Add TaintedCallable sinks for 4 core generic functions by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11090](https://redirect.github.com/vimeo/psalm/pull/11090)
- Improve mysql fetch_field\* return type by
[@&#8203;MoonE](https://redirect.github.com/MoonE) in
[https://github.com/vimeo/psalm/pull/11009](https://redirect.github.com/vimeo/psalm/pull/11009)
- Check for `psalm.dist.xml` as well by
[@&#8203;HypeMC](https://redirect.github.com/HypeMC) in
[https://github.com/vimeo/psalm/pull/11031](https://redirect.github.com/vimeo/psalm/pull/11031)

##### Fixes

- Change `ReflectionParameter::getName()` result type to
`non-empty-string` by [@&#8203;vjik](https://redirect.github.com/vjik)
in
[https://github.com/vimeo/psalm/pull/11037](https://redirect.github.com/vimeo/psalm/pull/11037)
- Fix mysqli_real_escape_string stub by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11078](https://redirect.github.com/vimeo/psalm/pull/11078)
- Fix mysqli_get_client_version by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11074](https://redirect.github.com/vimeo/psalm/pull/11074)
- Up the minimum required version of nikic/php-parser to 4.17 by
[@&#8203;chesn0k](https://redirect.github.com/chesn0k) in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)
- Fix callable/lowercase strings coercion by
[@&#8203;weirdan](https://redirect.github.com/weirdan) in
[https://github.com/vimeo/psalm/pull/11091](https://redirect.github.com/vimeo/psalm/pull/11091)
- Consistently emit issues for properties on classes with unknown mixins
by [@&#8203;issidorov](https://redirect.github.com/issidorov) in
[https://github.com/vimeo/psalm/pull/11081](https://redirect.github.com/vimeo/psalm/pull/11081)

#### New Contributors

- [@&#8203;chesn0k](https://redirect.github.com/chesn0k) made their
first contribution in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)

**Full Changelog**:
vimeo/psalm@5.25.0...5.26.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/cerbos/cerbos-sdk-php).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41OS4yIiwidXBkYXRlZEluVmVyIjoiMzguNzQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiYXJlYS9kZXBzIiwiYm90cyIsImtpbmQvY2hvcmUiXX0=-->

---------

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oğuzhan Durgun <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Oğuzhan Durgun <[email protected]>
tcarrio referenced this pull request in open-feature/php-sdk Sep 25, 2024
This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [vimeo/psalm](https://redirect.github.com/vimeo/psalm) | `~5.25.0` ->
`~5.26.0` |
[![age](https://developer.mend.io/api/mc/badges/age/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/packagist/vimeo%2fpsalm/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/packagist/vimeo%2fpsalm/5.25.0/5.26.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>vimeo/psalm (vimeo/psalm)</summary>

###
[`v5.26.1`](https://redirect.github.com/vimeo/psalm/compare/5.26.0...5.26.1)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.26.0...5.26.1)

###
[`v5.26.0`](https://redirect.github.com/vimeo/psalm/releases/tag/5.26.0)

[Compare
Source](https://redirect.github.com/vimeo/psalm/compare/5.25.0...5.26.0)

<!-- Release notes generated using configuration in .github/release.yml
at 5.x -->

#### What's Changed

##### Features

- Add mysqli.execute-query as sink for TaintedSql by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11021](https://redirect.github.com/vimeo/psalm/pull/11021)
- Add TaintedCallable sinks for 4 core generic functions by
[@&#8203;cgocast](https://redirect.github.com/cgocast) in
[https://github.com/vimeo/psalm/pull/11090](https://redirect.github.com/vimeo/psalm/pull/11090)
- Improve mysql fetch_field\* return type by
[@&#8203;MoonE](https://redirect.github.com/MoonE) in
[https://github.com/vimeo/psalm/pull/11009](https://redirect.github.com/vimeo/psalm/pull/11009)
- Check for `psalm.dist.xml` as well by
[@&#8203;HypeMC](https://redirect.github.com/HypeMC) in
[https://github.com/vimeo/psalm/pull/11031](https://redirect.github.com/vimeo/psalm/pull/11031)

##### Fixes

- Change `ReflectionParameter::getName()` result type to
`non-empty-string` by [@&#8203;vjik](https://redirect.github.com/vjik)
in
[https://github.com/vimeo/psalm/pull/11037](https://redirect.github.com/vimeo/psalm/pull/11037)
- Fix mysqli_real_escape_string stub by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11078](https://redirect.github.com/vimeo/psalm/pull/11078)
- Fix mysqli_get_client_version by
[@&#8203;kamil-tekiela](https://redirect.github.com/kamil-tekiela) in
[https://github.com/vimeo/psalm/pull/11074](https://redirect.github.com/vimeo/psalm/pull/11074)
- Up the minimum required version of nikic/php-parser to 4.17 by
[@&#8203;chesn0k](https://redirect.github.com/chesn0k) in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)
- Fix callable/lowercase strings coercion by
[@&#8203;weirdan](https://redirect.github.com/weirdan) in
[https://github.com/vimeo/psalm/pull/11091](https://redirect.github.com/vimeo/psalm/pull/11091)
- Consistently emit issues for properties on classes with unknown mixins
by [@&#8203;issidorov](https://redirect.github.com/issidorov) in
[https://github.com/vimeo/psalm/pull/11081](https://redirect.github.com/vimeo/psalm/pull/11081)

#### New Contributors

- [@&#8203;chesn0k](https://redirect.github.com/chesn0k) made their
first contribution in
[https://github.com/vimeo/psalm/pull/10968](https://redirect.github.com/vimeo/psalm/pull/10968)

**Full Changelog**:
vimeo/psalm@5.25.0...5.26.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/open-feature/php-sdk).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41OS4yIiwidXBkYXRlZEluVmVyIjoiMzguNTkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release:feature The PR will be included in 'Features' section of the release notes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Missing TaintedCallable for 4 core generic functions
2 participants