What's Changed
Features
- Update PHP 8.2 stubs to include
SensitiveParameterValueby @gsteel in #10726 - Add list of statements to BeforeFileAnalysisEvent by @ohader in #10728
- Forbid iterating over generators with non-nullable
send()by @weirdan in #10697 - Initial support for named parameters for callables by @weirdan in #10772
Fixes
- Improve randomizer stubs by @danog in #10709
- Fix detecting magic static methods by @issidorov in #10704
- Fix non-empty-lowercase-string handling with literal non-lowercase strings by @kkmuffme in #10722
- Fix RiskyTruthyFalsyComparison irrelevant errors when there is no explicit truthy/falsy type by @kkmuffme in #10733
- Allow
Overrideattribute to be used in pure contexts by @weirdan in #10734 - Revert "Allow tainted numerics except for 'html' and 'has_quotes'" by @ohader in #10729
- Fix loading stubs from phar file on Windows by @weirdan in #10748
- Fix a false flag issue with InvalidConstantAssignmentValue by @MelechMizrachi in #10738
- Set inside_isset false when analyzing ArrayDimFetch index by @edsrzf in #10752
- Set inside_isset = false when analyzing arguments by @edsrzf in #10753
- Fix PHP notice - crash on invalid taint-escape by @kkmuffme in #10760
- Fix version comparison for
@sinceby @weirdan in #10764 - Since annotations outside phpstub should not infer php version by @kkmuffme in #10769
- Backport
WeakMapiterator fix frommasterby @weirdan in #10778 - Namespace anonymous classes by @weirdan in #10779
- Update CallMap for sqlsrv_connect and sqlsrv_errors to match reflection by @theodorejb in #10781
$resourceparameter ofmkdir()is nullable since PHP 7.3 by @weirdan in #10802- Use wider class-string when combining class strings with intersections by @weirdan in #10800
Internal changes
- Use TaintKind/TaintKindGroup constants instead of string values by @ohader in #10746
- Skip symlink test on Windows by @weirdan in #10749
- Avoid duplicating code for RiskyTruthyFalsyComparison by @theodorejb in #10765
- fix PHP 8 tests running with wrong --php-version=/phpVersion= if not explicitly specified by @kkmuffme in #10776
- CS fix by @weirdan in #10801
New Contributors
- @MelechMizrachi made their first contribution in #10738
Full Changelog: 5.22.2...5.23.0