Psalm 用于查找PHP应用中错误的静态分析工具
Psalm 用于查找PHP应用中错误的静态分析工具Fixed issues comparing variables - #677 for get_class
vs ::class
, and $a !== $b
now fails if $a
can never equal $b
.
Fixed #676 - bit manipulations were getting typed to mixed
, now string
or int
depending.
Fixed #673 where cached class names could pollute class lookups on case-sensitive OSes like Linux
@srsbiz fixed Windows directory handling in #655 and changed Psalm to use .dist
files by default in #644
1.0.6
muglug released this
1.0.5
muglug released this
Fixes a couple of bugs with intersection types and nested trait resolution.
You get a phar... and *you* get a phar
muglug released this
Thanks to the great work of @weirdan, this release has a Phar that you can use on any existing Psalm project.
Other changes:
- fixes #569 where trait function name maps got corrupted
- improves analysis of error-suppressed functions (#570)
- improves analysis of
array_merge
where...
is used (#571) - improves analysis of
strpos
andabs
calls (#576 and #577) - improves handling of
iterable
types when negated (#574 and #579) - added better checks to compare trait abstract methods to classes that use the traits
Add stricter class constant checks
muglug released this
You can now specify that parameters that take fully-qualified class names must be passed a ::class
constant. The docs have more info.
This release also brings more robustness to class-filename resolution, relying on composer's autoloader class where available to get the class name without using reflection. Thanks @weirdan for the ticket that led to this improvement.
This release also removes a dependency on composer/composer
, using the much smaller composer/xdebug-handler
instead. Thanks to @felixfbecker for the idea, and @johnstevenson for the legwork on the composer side, and @weirdan for integrating it with Psalm.
I introduced a new issue type of OverriddenPropertyAccess
to fix #547. While this is technically a change in the API, it's also an issue that is very unlikely to occur in your codebase, so I felt it was acceptable to violate SemVer.
Other fixed issues:
array_map
/array_filter
oddities in #555 and #556- improved property-no-set-in-constructor checks (#562)
- improved
do
/while
checks when vars are set only in thedo
, and used in thewhile
(#561) - prevented an issue from being triggered in #563
- improve handling of complicated (strings that contain square brackets) array keys in #564
- Fixes #540, allowing any param name starting with
_
to be ignored inUnusedParam
/PossiblyUnusedParam
checks. - Fixes #541 where
array_map
wasn't respecting key type - Fixed some
UnusedVariable
false positives: #543 withstatic
vars, #544 with try/catch vars, and #539 withglobal
vars used in functions - Fixed #546 where
iterable|string[]
was causing a fatal error whenallowPhpStormGenerics="true"
- Fixed #548 allowing callables in
array_map
andarray_filter
to be properly checked - Fixed documentation of
--init
in #537
Additionally Psalm now treats functions that start with assert
more intelligently, and checks to see if they assert something. If they do it applies those assertions to the current scope.
This first major version signifies the beginning of semantic versioning:
- No Psalm issues will be added between major versions
- Minor versions will be used to fix bugs, especially those leading to false positives, and also to introduce new features that don't substantially alter Psalm's analysis
- The plugin API will not change between major versions
Updates since 0.3.93
- Running Psalm with PHP 5.4 and 5.5 is no longer supported
- new caching engine, reducing time and increasing memory usage
- rewritten internals to group similar functionality into classes, increasing long-term maintainability
- add checks for
__set
calls where@property
annotations are present - thanks @nickyr - updated plugin API to use static methods instead of instance ones
- added support for Pylint output format - thanks @TysonAndre
- made
igbinary
the default serializer if it's installed with the latest version - thanks again to @TysonAndre for his tireless work on that project - added ending-line & ending-column data to output for future Language Server Protocol support
Known bugs
- #534 Failure to properly evaluate some repeated
instanceof
logic - #502
InvalidReturnStatement
should fire for void return if noyield
statements found - #455 Unset on objectlike array should reset it to empty array
- #442 Calling
count()
on an array should inform its emptiness - #416 Dead code detection fails for trait-defined methods not directly called
- #324 Suppressing
EmptyArrayAccess
causes weird side-effects on problematic code
Introduce more stringent docblock checks
muglug released this
Added two new issues:
DocblockTypeContradiction
- emitted when contradicting a docblock-asserted type:
/**
* @param string $s
*/
function foo($s) {
if ($s === 5) { }
}
RedundantConditionGivenDocblockType
- emitted when conditional is redundant given information in docblocks
/**
* @param string $s
*/
function foo($s) {
if (is_string($s)) {};
}
and fixed a few issues with erroneous emitting of RedundantCondition
Miscellaneous fixes, plus a big refactor that'll hopefully make Psalm a touch faster.
Improve dead code detection
muglug released this
This release aims to match, and possibly supersede, Scrutinizer's very good dead code detection.
Known issues: #475
This release also has the last breaking change before a planned 1.0 release – breaking apart the UntypedParam
issue into MissingParamType
and MissingClosureParamType
(as the latter scenario is often less worrisome).
Inherit docs from interfaces where missing
Psalm used not to automatically inherit docs from interfaces. Now it does, unless two different interfaces contain the same method.
So this is fine:
interface I1 {
/** @return string */
public function foo();
}
interface I2 {
/** @return string */
public function bar();
}
class A implements I1, I2 {
public function foo() {
return "hello";
}
public function bar() {
return "goodbye";
}
}
This will cause Psalm to emit InvalidReturnType
and MissingReturnType
for A::foo
:
interface I1 {
/** @return string */
public function foo();
}
interface I2 {
/** @return int */
public function foo();
}
class A implements I1, I2 {
public function foo() {
return "hello";
}
}
And this will cause Psalm to emit MissingReturnType
for A::foo
:
interface I1 {
/** @return string */
public function foo();
}
interface I2 {
/** @return string */
public function foo();
}
class A implements I1, I2 {
public function foo() {
return "hello";
}
}
More lenient treatment of various core functions
Functions like preg_replace
, file_get_contents
and current
, which can return false
, are now allowed to be reported as returning just a string
. A few other functions, like strpos
, still require explicit false
checks because I judged the frequency of failure to be much higher in those situations.
Fix folder name
muglug released this
Because CodeBase/Codebase broke autoloaders on *nix systems
Improve speed and array_filter checks
muglug released this
Psalm gets a bit faster for the first time in a while. Also array_filter checks are more accurate, interpreting some closure contents if included.
Add unused property dead code detection
muglug released this
0.3.81 Be less alarmist info issues, colour-wise
Fix PropertyNotSetInConstructor analysis
muglug released this
0.3.79 Use properly-cased version of class name
Add Psalter, a tool to fix the issues Psalm finds
muglug released this
Psalm is good at finding potential issues in large codebases, but once found, it can be something of a gargantuan task to fix all the issues.
This release introduces Psalter, designed to fix issues that Psalm finds.
Safety features
Updating code is inherently risky, doing so automatically is even more so. I've added a few features to make it a little more reassuring:
- To see what changes Psalter will make ahead of time, you can run it with
--dry-run
. - You can target particular versions of PHP via
--php-version
, so that (for example) you don't add nullable typehints to PHP 7.0 code, or any typehints at all to PHP 5.6 code.--php-version
defaults to your current version. - it has a
--safe-types
mode that will only update PHP 7 return typehints with information Psalm has gathered from non-docblock sources of type information (e.g. typehinted params,instanceof
checks, other return typehints etc.)
Plugins
You can pass in your own manipulation plugins e.g.
vendor/bin/psalter --plugin=vendor/vimeo/psalm/examples/ClassUnqualifier.php --dry-run
The above example plugin converts all unnecessarily qualified classnames in your code to shorter aliased versions.
Supported fixes
This initial release provides support for the following alterations, corresponding to the names of issues Psalm finds:
MissingReturnType
Running vendor/bin/psalter --issues=MissingReturnType --php-version=7.0
on
function foo() {
return "hello";
}
gives
function foo() : string {
return "hello";
}
and running vendor/bin/psalter --issues=MissingReturnType --php-version=5.6
on
function foo() {
return "hello";
}
gives
/**
* @return string
*/
function foo() {
return "hello";
}
MissingClosureReturnType
As above, except for closures
InvalidReturnType
Running vendor/bin/psalter --issues=InvalidReturnType
on
/**
* @return int
*/
function foo() {
return "hello";
}
gives
/**
* @return string
*/
function foo() {
return "hello";
}
There's also support for return typehints, so running vendor/bin/psalter --issues=InvalidReturnType
on
function foo() : int {
return "hello";
}
gives
function foo() : string {
return "hello";
}
InvalidNullableReturnType
Running vendor/bin/psalter --issues=InvalidNullableReturnType --php-version=7.1
on
function foo() : string {
return rand(0, 1) ? "hello" : null;
}
gives
function foo() : ?string {
return rand(0, 1) ? "hello" : null;
}
and running vendor/bin/psalter --issues=InvalidNullableReturnType --php-version=7.0
on
function foo() : string {
return rand(0, 1) ? "hello" : null;
}
gives
/**
* @return string|null
*/
function foo() {
return rand(0, 1) ? "hello" : null;
}
InvalidFalsableReturnType
Running vendor/bin/psalter --issues=InvalidFalsableReturnType
on
function foo() : string {
return rand(0, 1) ? "hello" : false;
}
gives
/**
* @return string|false
*/
function foo() {
return rand(0, 1) ? "hello" : false;
}
MismatchingDocblockParamType
Given
class A {}
class B extends A {}
class C extends A {}
class D {}
running vendor/bin/psalter --issues=MismatchingDocblockParamType
on
/**
* @param B|C $first
* @param D $second
*/
function foo(A $first, A $second) : void {}
gives
/**
* @param B|C $first
* @param A $second
*/
function foo(A $first, A $second) : void {}
MismatchingDocblockReturnType
Running vendor/bin/psalter --issues=MismatchingDocblockReturnType
on
/**
* @return int
*/
function foo() : string {
return "hello";
}
gives
/**
* @return string
*/
function foo() : string {
return "hello";
}
LessSpecificReturnType
Running vendor/bin/psalter --issues=LessSpecificReturnType
on
function foo() : ?string {
return "hello";
}
gives
function foo() : string {
return "hello";
}
Add file replacement API
muglug released this
This introduces a file replacement API, allowing you to build plugins that alter your code.
For example, you can run
vendor/bin/psalm --plugin=vendor/vimeo/psalm/examples/ClassUnqualifier.php --replace-code
and all classes that are unnecessarily fully-qualified will be fixed
Add support for int-keyed objectlike arrays
muglug released this
Psalm now has a more accurate representation of arrays with integer keys e.g. ["one", 2, 3.0]
is now represented internally as array{0:string, 1:int, 2:float}
Fix a few bugs and improve for loop analysis
muglug released this
Support @property-read and @property-write as new tags. (#317) In combination with `@psalm-seal-properties`, this can be used to have in-depth checking of magic properties.
Improve redundant condition checks
muglug released this
0.3.68 Fix #385, fix return type of sodium function
Downloads
Psalm used to cautiously emit FailedTypeResolution
issues. @TysonAndre encouraged the emitting of a RedundantCondition
issue in the same sorts of places, but in more instances.
Emitting that issue in more places meant shining a harsh light on Psalm's analysis, and its generation and modification of type algebra, as it relates to the code it's scanning. Fixing the bugs that were revealed required a wholesale refactor of loop analysis and a bunch of other attendant changes.
The result is an analysis that is hopefully very much more robust than it was previously.
Downloads
Includes #325 and other array fixes
Introduces MixedTypeCoercion
, separate from TypeCoercion
, to reduce severity of issues.
Downloads
And also fix a bug with get_class($c) !== A::class
checks
Downloads
Includes more accurate array function typing.
Downloads
0.3.61 Fix issue simplifying callable types
Downloads
Revert 0.2.x branch to using old parser cache version
Downloads
Also can deal with weird Wordpress class definitions.
Downloads
0.3.58 Fix #235 - add psalm.xml option to support igbinary serializer
Downloads
Revert 0.2.x branch to using old parser cache version
Downloads
0.2.60 Fix parser ref
Downloads
0.2.59 Fix parser ref
Downloads
0.2.51 More anti-master changes
Downloads
Fix issue calculating inherited parent property mutations
Downloads
Watchers:33 |
Star:814 |
Fork:43 |
创建时间: 2016-11-22 01:04:41 |
最后Commits: 今天 |
许可协议:MIT |
v2.0.0-dev - support PHP Parser 4
Assets
Breaking changes:
MoreSpecifcImplementedReturnType
has been renamedLessSpecificImplementedReturnType
PossiblyUndefinedArrayOffset
is triggered for possibly undefined array keys (previously bucketed intoPossiblyUndefinedVariable
)stopOnFirstError
<psalm />
config attribute, which hasn't been used in agesUntypedParam
issue type, which also hasn't been used (MissingParamType
is the replacement)