Bump vimeo/psalm from 4.6.3 to 4.9.2

[dependabot-preview]

Bumps vimeo/psalm from 4.6.3 to 4.9.2.

Release notes

Sourced from vimeo/psalm's releases.

Improve preloading and fix template bounds checks

Fixes an issue introduced in 4.9.0: #6212

Also improves Psalm's knowledge when some stub files are loaded (#5126, #5626)

Fixed TIntRange bounds types

TIntRange changes

The types for int range bounds were sub-optimal. This release fixes this. Formally this is a BC break, for plugins. However, given the short time that passed since TIntRange introduction we believe it should be OK to release it as a patch release.

Fixes

• (#6208) Fixed bounds types for TIntRange (@​orklah)

First community release

Features

• (#5974, #5980) Ability to turn off inferPropertyTypesFromConstructor (thanks @​weirdan)
• (#6008, #6010) LSP server now runs analysis on open and save (thanks @​tm1000)
• (#6013, #6014, #6055) LSP server now understands didChangeWatchedFiles notification (thanks @​tm1000)
• (#6058, #6059) Support for xml:base attribute (useful for modular configs) (thanks @​turnabout)
• (#6060) FunctionReturnTypeProviderEvent and MethodReturnTypeProviderEvent now provide access to the statement via getStmt() method (thanks @​VincentLanglet)
• (#6106) Added support for interface-string<FooInterface> (currently as an alias to class-string<FooInterface>) (thanks @​muglug)
• (#5512) Added option to enable Shepherd reporting with environment variables (PSALM_SHEPHERD and PSALM_SHEPHERD_HOST) (thanks @​ngmy)
• (#6117, #6130) Psalm now flags static access to non-static property (and vice versa) (thanks @​weirdan)
• (#6155) Added support for PHP 8.1 native readonly flag on properties (thanks @​muglug)
• (#6110, #6142) Now you may configure trigger_error() behavior (thanks @​orklah)
• (#6152, #6181) Psalm now understands that the only descendants of DateTimeInterface are DateTime and DateTimeImmutable (thanks @​Jack97)
• (#6207) Preliminary support for int ranges (e.g. int<min, 25>, int<2, 8> etc) (thanks @​orklah)

Fixes

• (#5981, #5992) Marked more built-in functions as impure (thanks @​samsonasik)
• (#5964) Fixed RdKafka\ProducerTopic::producev() (thanks @​danog)
• (#5975, #5989) Values used in throw are no longer considered unused (thanks @​weirdan)
• (#5979, #6000) Fixed newline-related issues when using baseline cross-platform (Windows/everything else) (thanks @​bdsl)
• (#5997, #6007) Fixed errors during LSP shutdown sequence (thanks @​tm1000)
• (#6011, #6012) Fixed psalm-language-server crash when invoked with --version argument (thanks @​tm1000)
• (#6005, #6019) Correctly resolve self and static in callable arrays passed to array_reduce() (thanks @​elnoro)
• (#3287, #6036) Fixed mbstring functions signatures (they changed in PHP 8) (thanks @​mpesari)
• (#6038, #6039) Generic part of the array shape is no longer erased by array_map() (thanks @​weirdan)
• (#6027, #6041) Fixed inferred value for __FUNCTION__ constant used in methods (thanks @​orklah)
• (#6040) DateTime::format() and DateTimeImmutable::format() return values on PHP 8 (thanks @​j4nr6n)
• (#6062) Do not interpret psalm.xml in --config psalm.xml as a file to check (thanks @​simPod)
• (#4663, #5378, #6063, #6064) Fixed parsing of negative int literals (thanks @​ElisDN)
• (#6050, #6054) Fixed crash due to internal structures getting out of sync (thanks @​caugner)
• (#6016, #6069) Improve str_word_count() signature (thanks @​elnoro)
• (#5584) Added ReflectionProperty::hasType() and ReflectionProperty::getType() stubs (thanks @​franmomu)
• (#5971, #6068) Fixed plugin crash due to missing ClassLikeStorage (thanks @​caugner)
• (#5608) Ignore string keys in callable arrays passed to preg_replace_callback() (thanks @​paxal)
• (#6066, #6072) Tightened constraints on generic type parameter inference that might lead to runtime errors (thanks @​muglug)
• (#6061, #6081) Analyze array keys before values (thanks @​muglug)
• (#6080, #6082) join() signature is synced to implode() (thanks @​weirdan)

... (truncated)

Commits

• 00c0622 Fix space
• a205a23 Fix #6212 - remove untested code, add test for reasonable behaviour
• edffb1a Merge pull request #6213 from weirdan/scan-preloaded-stubs-earlier
• 2562e37 Scan preloaded stubs earlier
• 7e137f5 Improve internals of TIntRange (#6208)
• c62adf9 Merge pull request #6198 from mmcev106/master
• 3a049df Merge pull request #6207 from orklah/int-range
• ba9f7d0 fix CS
• 0252a65 fix syntax
• 1e3e6a8 introduce basic integer range
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information