Merge pull request #11676 from vimeo/psalm_pure_on_classes

Allow @psalm-pure on classes

Author: danog

config.xsd

@@ -372,6 +372,7 @@
             <xs:element name="MixedStringOffsetAssignment" type="IssueHandlerType" minOccurs="0" />
             <xs:element name="MoreSpecificImplementedParamType" type="IssueHandlerType" minOccurs="0" />
             <xs:element name="MoreSpecificReturnType" type="IssueHandlerType" minOccurs="0" />
+            <xs:element name="ImmutableDependency" type="PropertyIssueHandlerType" minOccurs="0" />
             <xs:element name="MutableDependency" type="PropertyIssueHandlerType" minOccurs="0" />
             <xs:element name="NamedArgumentNotAllowed" type="ArgumentIssueHandlerType" minOccurs="0" />
             <xs:element name="NoEnumProperties" type="ClassIssueHandlerType" minOccurs="0" />

docs/annotating_code/supported_annotations.md

@@ -449,7 +449,9 @@ Used to annotate a class where at least one property is mutable: this is the def
 
 ### `@psalm-pure`
 
-Used to annotate a [pure function](https://en.wikipedia.org/wiki/Pure_function) - one whose output is just a function of its input.
+Used to annotate a [pure function](https://en.wikipedia.org/wiki/Pure_function) - one whose output is just a function of its input.  
+
+Can also be used on classes to auotmatically annotate all of its methods as pure and ban the usage of properties.  
 
 ```php
 <?php

docs/running_psalm/error_levels.md

@@ -109,6 +109,7 @@ Level 5 and above allows a more non-verifiable code, and higher levels are even
  - [UnusedMethodCall](issues/UnusedMethodCall.md)
 ## Errors that only appear at level 1
 
+ - [ImmutableDependency](issues/ImmutableDependency.md)
  - [InvalidClassConstantType](issues/InvalidClassConstantType.md)
  - [LessSpecificClassConstantType](issues/LessSpecificClassConstantType.md)
  - [LessSpecificReturnType](issues/LessSpecificReturnType.md)

docs/running_psalm/issues.md

@@ -39,6 +39,7 @@
  - [FalseOperand](issues/FalseOperand.md)
  - [ForbiddenCode](issues/ForbiddenCode.md)
  - [IfThisIsMismatch](issues/IfThisIsMismatch.md)
+ - [ImmutableDependency](issues/ImmutableDependency.md)
  - [ImplementationRequirementViolation](issues/ImplementationRequirementViolation.md)
  - [ImplementedParamTypeMismatch](issues/ImplementedParamTypeMismatch.md)
  - [ImplementedReturnTypeMismatch](issues/ImplementedReturnTypeMismatch.md)

docs/running_psalm/issues/ImmutableDependency.md

@@ -0,0 +1,29 @@
+# ImmutableDependency
+
+Emitted when an mutable class inherits from an immutable class, trait or interface.
+
+```php
+<?php
+
+/** @psalm-immutable */
+class ImmutableParent {
+    public int $i = 0;
+
+    public function getI(): int {
+        return $this->i;
+    }
+}
+
+final class MutableChild extends ImmutableParent {
+    public function setI(int $i): void {
+        $this->i = 123;
+    }
+}
+
+// This is bad because when passing around an ImmutableParent instance,
+// we might actually be passing around a MutableChild.  
+```
+
+Will also be emitted for classes marked `@psalm-pure`, `@psalm-mutation-free`, `@psalm-external-mutation-free`.  
+
+To fix, make the child have the same mutability level of the parent, or vice versa.  

docs/running_psalm/issues/MissingImmutableAnnotation.md

@@ -1,8 +1,6 @@
 # MissingImmutableAnnotation
 
-Emitted when a class inheriting from an immutable interface or class does not also have a `@psalm-immutable` declaration.
-
-Also emitted when a potentially immutable interface or class does not have a `@psalm-immutable` declaration.  
+Emitted when a potentially immutable interface or class does not have a `@psalm-pure`, `@psalm-immutable` or `@psalm-external-mutation-free` declaration.  
 
 To automatically add immutable annotations where needed, run Psalm with `--alter --issues=MissingImmutableAnnotation`.  
 
@@ -11,18 +9,17 @@ This issue is emitted to aid [security analysis](https://psalm.dev/docs/security
 ```php
 <?php
 
-/** @psalm-immutable */
-interface SomethingImmutable {
-    public function someInteger() : int;
-}
-
-class MutableImplementation implements SomethingImmutable {
+/** @api */
+final class CouldBeExternallyMutationFree {
     private int $counter = 0;
+
+    /** @psalm-external-mutation-free */
     public function someInteger() : int {
         return ++$this->counter;
     }
 }
 
+/** @api */
 final class CouldBeImmutable {
 }
 

docs/running_psalm/issues/MissingInterfaceImmutableAnnotation.md

@@ -1,6 +1,6 @@
 # MissingInterfaceImmutableAnnotation
 
-Emitted when an interface is not annotated with `@psalm-immutable` nor `@psalm-mutable`: to fix, mark the interface with one of the two annotations, enforcing immutability (or mutability) for all properties and methods of implementing classes.
+Emitted when an interface is not annotated with `@psalm-pure`, `@psalm-immutable`, `@psalm-external-mutation-free` or `@psalm-mutable`: to fix, mark the interface with one of the two annotations, enforcing immutability (or mutability) for all properties and methods of implementing classes.
 
 This issue is emitted to aid [security analysis](https://psalm.dev/docs/security_analysis/), which works best when all explicitly immutable interfaces and classes are marked as immutable.  
 

psalm-baseline.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<files psalm-version="6.x-dev@bbd217fc98c0daa0a13aea2a7f119d03ba3fc9a0">
+<files psalm-version="dev-master@cf404b51daf81d79198a029f7b2c7f64d28ae68e">
   <file src="examples/TemplateChecker.php">
     <PossiblyUndefinedIntArrayOffset>
       <code><![CDATA[$comment_block->tags['variablesfrom'][0]]]></code>
@@ -131,11 +131,6 @@
       <code><![CDATA[glob($parts[0], GLOB_ONLYDIR | GLOB_NOSORT)]]></code>
     </RiskyTruthyFalsyComparison>
   </file>
-  <file src="src/Psalm/Config/ProjectFileFilter.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
   <file src="src/Psalm/Context.php">
     <RiskyTruthyFalsyComparison>
       <code><![CDATA[strpos($key, '()')]]></code>
@@ -221,9 +216,6 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Internal/Analyzer/ClassLikeAnalyzer.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
     <PossiblyUndefinedIntArrayOffset>
       <code><![CDATA[$property_name]]></code>
     </PossiblyUndefinedIntArrayOffset>
@@ -1558,12 +1550,6 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Internal/Codebase/CombinedFlowGraph.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-      <code><![CDATA[#[Override]]]></code>
-      <code><![CDATA[#[Override]]]></code>
-      <code><![CDATA[DataFlowGraph]]></code>
-    </MutableDependency>
     <PossiblyUnusedMethod>
       <code><![CDATA[addSink]]></code>
     </PossiblyUnusedMethod>
@@ -1665,10 +1651,9 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Internal/Codebase/TaintFlowGraph.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
+    <ImmutableDependency>
       <code><![CDATA[DataFlowGraph]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
     <RiskyTruthyFalsyComparison>
       <code><![CDATA[end($path_types)]]></code>
     </RiskyTruthyFalsyComparison>
@@ -1677,10 +1662,9 @@
     </UnnecessaryVarAnnotation>
   </file>
   <file src="src/Psalm/Internal/Codebase/VariableUseGraph.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
+    <ImmutableDependency>
       <code><![CDATA[DataFlowGraph]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/Internal/Composer.php">
     <RiskyTruthyFalsyComparison>
@@ -2123,11 +2107,6 @@
       <code><![CDATA[new Cache($config, 'classlike_cache', $dependencies, $persistent)]]></code>
     </InvalidPropertyAssignmentValue>
   </file>
-  <file src="src/Psalm/Internal/Provider/FakeFileProvider.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
   <file src="src/Psalm/Internal/Provider/FileReferenceCacheProvider.php">
     <InvalidPropertyAssignmentValue>
       <code><![CDATA[new Cache($config, 'file_reference', [$composerLock], $persistent)]]></code>
@@ -2534,30 +2513,10 @@
       <code><![CDATA[strpos($string_type_token[0], '$')]]></code>
     </RiskyTruthyFalsyComparison>
   </file>
-  <file src="src/Psalm/Internal/TypeVisitor/CanContainObjectTypeVisitor.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
-  <file src="src/Psalm/Internal/TypeVisitor/ContainsLiteralVisitor.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
-  <file src="src/Psalm/Internal/TypeVisitor/ContainsStaticVisitor.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
-  <file src="src/Psalm/Internal/TypeVisitor/TemplateTypeCollector.php">
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
-  </file>
   <file src="src/Psalm/Internal/TypeVisitor/TypeChecker.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
     <RiskyTruthyFalsyComparison>
       <code><![CDATA[!$fq_classlike_name]]></code>
       <code><![CDATA[$class_storage->template_types]]></code>
@@ -2566,9 +2525,9 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Internal/TypeVisitor/TypeScanner.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/Issue/ArgumentIssue.php">
     <RiskyTruthyFalsyComparison>
@@ -2828,10 +2787,10 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Report/CompactReport.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
       <code><![CDATA[Report]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/Report/ConsoleReport.php">
     <PossiblyInvalidArgument>
@@ -2853,27 +2812,27 @@
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Report/JunitReport.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
       <code><![CDATA[Report]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/Report/PhpStormReport.php">
     <RiskyTruthyFalsyComparison>
       <code><![CDATA[$issue_data->taint_trace]]></code>
     </RiskyTruthyFalsyComparison>
   </file>
   <file src="src/Psalm/Report/SarifReport.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
       <code><![CDATA[Report]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/Report/XmlReport.php">
-    <MutableDependency>
+    <ImmutableDependency>
       <code><![CDATA[#[Override]]]></code>
       <code><![CDATA[Report]]></code>
-    </MutableDependency>
+    </ImmutableDependency>
   </file>
   <file src="src/Psalm/StatementsSource.php">
     <MissingInterfaceImmutableAnnotation>
@@ -3409,6 +3368,16 @@
       <code><![CDATA[$expected_value_type]]></code>
     </ImplicitToStringCast>
   </file>
+  <file src="tests/Config/ConfigFileTest.php">
+    <ImmutableDependency>
+      <code><![CDATA[#[Override]]]></code>
+    </ImmutableDependency>
+  </file>
+  <file src="tests/Config/ConfigTest.php">
+    <ImmutableDependency>
+      <code><![CDATA[#[Override]]]></code>
+    </ImmutableDependency>
+  </file>
   <file src="tests/Config/Plugin/Hook/AfterAnalysis.php">
     <UnusedMethodCall>
       <code><![CDATA[toArray]]></code>
@@ -3546,6 +3515,9 @@
     </PossiblyFalseArgument>
   </file>
   <file src="tests/TestConfig.php">
+    <ImmutableDependency>
+      <code><![CDATA[public function __construct()]]></code>
+    </ImmutableDependency>
     <InvalidExtendClass>
       <code><![CDATA[Config]]></code>
     </InvalidExtendClass>
@@ -3554,10 +3526,6 @@
       <code><![CDATA[#[Override]]]></code>
       <code><![CDATA[public function __construct()]]></code>
     </MethodSignatureMismatch>
-    <MutableDependency>
-      <code><![CDATA[#[Override]]]></code>
-      <code><![CDATA[public function __construct()]]></code>
-    </MutableDependency>
   </file>
   <file src="tests/TypeParseTest.php">
     <ImplicitToStringCast>

src/Psalm/Config.php

@@ -1882,16 +1882,25 @@ public function reportIssueInFile(string $issue_type, string $file_path): bool
         return true;
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     public function isInProjectDirs(string $file_path): bool
     {
         return $this->project_files && $this->project_files->allows($file_path);
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     public function isInExtraDirs(string $file_path): bool
     {
         return $this->extra_files && $this->extra_files->allows($file_path);
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     public function mustBeIgnored(string $file_path): bool
     {
         return $this->project_files && $this->project_files->forbids($file_path);
@@ -2232,6 +2241,9 @@ public function getExtraDirectories(): array
         return $this->extra_files->getDirectories();
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     public function reportTypeStatsForFile(string $file_path): bool
     {
         return $this->project_files

src/Psalm/Config/ProjectFileFilter.php

@@ -35,6 +35,9 @@ public static function loadFromXMLElement(
         return $filter;
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     #[Override]
     public function allows(string $file_name, bool $case_sensitive = false): bool
     {
@@ -47,6 +50,9 @@ public function allows(string $file_name, bool $case_sensitive = false): bool
         return parent::allows($file_name, $case_sensitive);
     }
 
+    /**
+     * @psalm-mutation-free
+     */
     public function forbids(string $file_name, bool $case_sensitive = false): bool
     {
         if ($this->inclusive && $this->file_filter) {