⚠️ Security fix
Fixed a CWD configuration poisoning vulnerability (CVE-2026-25129) where a malicious .psysh.php file in an attacker-writable directory could execute arbitrary code when a victim runs PsySH from that directory. This affects all versions prior to v0.12.19 and v0.11.23, including downstream consumers like Laravel Tinker, when invoked from an attacker-writable CWD.
Fixed in v0.12.19 and v0.11.23. Upgrade ASAP.
Restricted Mode
PsySH now requires explicit trust before loading project-local config (.psysh.php), local PsySH binaries, or Composer autoloads from untrusted projects. Trust decisions are persisted per-project in trusted_projects.json.
Configure with trustProject:
'trustProject' => 'prompt', // default — ask interactively
'trustProject' => 'always', // trust all projects
'trustProject' => 'never', // always run restrictedOr use --trust-project / --no-trust-project CLI flags, or the PSYSH_TRUST_PROJECT env var.
Non-interactive sessions automatically skip untrusted features with a warning.
Magic method and property support 🪄
Tab completion, ls, doc, and show commands now recognize @method and @property docblock tags. Magic members display in magenta so you can tell them apart from real methods and properties.
Inheritance works as expected — magic members from parent classes, interfaces, and traits are included, with child declarations taking precedence.
Also fixes parsing of generic types (e.g., array<int, string>) in docblock tags, which previously broke on whitespace inside angle brackets.
See #905
Improvements
- Excluded a few unnecessary files and folders from release source zips (Thanks @reedy!)
- Fixed
--cwdto actually change the working directory. Previously it only affected discovery for autoload/config, so relative paths and other directory-dependent behavior didn’t work as expected inside the shell. - Significantly improved memory usage with older php-parser versions (pre-v4.18.0)