Features
Better tracking of mixed issues
On level 1 Psalm now provides traces whenever mixed
types occur in your code, to help you pinpoint where the mixed
types were introduced. Here's an article that goes into more detail.
Some unused code is now a level 1 issue
Unused code detection breaks down into two main categories: function-scoped unused code (e.g. unused variables and unused closure params) and codebase-scoped (unused public methods, unused public properties).
Psalm has unused code detection for a long time, but it's always been opt-in. Now in version 4.7 all function-scoped unused code issues are emitted when using level 1, Psalm's strictest level.
This allows us to perform the aforementioned tracking of mixed
types, because we're using the same underlying mechanism for both features. More importantly, it should also help you improve code quality, and avoid bugs.
Plugin hook for per-expression taint analysis
@mortenson has added a plugin that allows you to add and remove taint flows (#5398)
Error level XML autocompletion improvements
@weirdan made the XML config level more specific, allowing the value to be autocompleted in IDEs that understand the .xsd (#5476)
Add @psalm-ignore-var
Thanks to @sj-i you can now tell Psalm to ignore an inline @var
type annotation with a @psalm-ignore-var
tag (#5488)
Psalm level badges
If your project is open-source you can now show what Psalm level you use in a badge:
[![Psalm level](https://shepherd.dev/github/<username>/<repository>/level.svg?)](https://psalm.dev/)
This is the badge for Psalm's repository:
Make sure your build is sending appropriate data to Shepherd, the Psalm build data service:
vendor/bin/psalm --shepherd
Bugfixes
- @orklah improved the return type for
json_encode
whenJSON_THROW_ON_ERROR
is passed (#5417) - @AndrolGenhald fixed major/minor version handling for composer packages (#5415)
- @AndrolGenhald fixed a number of array bugs (#5427, #5431, #5436, #5421)
- @AndrolGenhald added support for template property invariance (#5371)
- @weirdan fixed timezone identifier method/function signatures (#5443)
- @weirdan prevented a crash when accessing templates with array offsets (#5447)
- @yakimun fixed handling of unpacked arrays with string arguments (#5446)
- @AndrolGenhald improved handling of
@no-named-arguments
(#5455) - Fixed a potential crash when calling
__set
explicitly with only one argument - @azjezz pure functions are allowed to return
no-return
(#5461) - @morozov improved signature for
mysql_real_connect
(#5464) - @danog allowed string template params in concatenation (#5468)
- @danog improved
posix_*
function return types (#5469) - Taint Analysis taints can now flow through array keys (#5470)
- @jni- improved analysis of intersections of classes with classes with magic methods (#5473)
- @morozov fixed
OCI
stubs in PHP 8 (#5478) reset
andend
now respect template unwrapping for nested templates (#5208)- @weirdan prevented string subtypes subsuming
class-string
(#5497)