composer(deps-dev): bump vimeo/psalm from 3.15 to 3.16

[dependabot]

Bumps vimeo/psalm from 3.15 to 3.16.

Release notes

Sourced from vimeo/psalm's releases.

A smattering of things

Features

New PHPStorm-optimised output format

Added a phpstorm report format that displays errors in a manner that PHPStorm can parse more easily (#4085) – thanks @the-toster (with additional help from @Rarst)

Detection of strpos issues

Psalm will now raise two separate issues for the following code:

function foo(string $s) : void {
  if (strpos(".", $s) !== -1) {}
}

The first, InvalidLiteralArgument, complains a string was passed where a variable was expected. The second complains that the output of strpos can never be negative.

Allow intersection of object-like arrays and regular arrays

Psalm now allows the docblock array{foo: string}&array<string, string>, understanding it to mean an array of strings with one explicit known key.

@psalm-stub-override

Added support for @psalm-stub-override which only renders the stub valid if the given class already exists – thanks @weirdan (#4177)

@psalm-suppress Issue1, Issue2

Added support for multiple suppressed issues on a given line – thanks @weirdan (#4179)

Bugfixes

Allow multiple issues of the same type at a single position

Psalm will now report multiple issues that map to the same code position (but whose message body is different). If you use the baseline, you might need to update it accordingly (#4167)

Other bugfixes

• allow slashes in docblock tags (#4112)
• ensure calling Closure::__invoke doesn't break when running Psalm in PHP 7.2.11 and below (#4111)
• refine closure types more accurately according to a callable
• prevent crash when suppressing UndefinedTrait (#4130)
• improve inference of preg_match_all $matches array value (#4128)
• fix a crash when using a short closure without specifying the Closure type anywhere in the affected methods (#4148)
• allow null checks on the output of Iterator::current (#4146)
• Language Server @matthijskooijman made a couple of improvements (#4143)
• treat literal numeric strings as numeric always (#4154)
• Taint analysis @craigfrancis added additional mysql sinks (#4155)

Commits

• d03e5ef Only refine for matching closure union members
• f83c96e Improve accuracy of array_filter
• 1b3fbeb Improve array_merge return type
• d1ac38b Support more array intersections in type parsing
• 6afd3d1 Add back suppression
• a6622c4 Make sure all written entries are correctly sorted
• 7e53865 Fix regression – detect unused params with defaults again
• ae4feae Fix template check
• 51924c9 Do no writing when saving parser cache in tests
• e472600 Fix a few more things
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #191 into main will decrease coverage by 0.04%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##               main     #191      +/-   ##
============================================
- Coverage     98.92%   98.87%   -0.05%     
  Complexity       58       58              
============================================
  Files            14       14              
  Lines           186      178       -8     
============================================
- Hits            184      176       -8     
  Misses            2        2              

Impacted Files	Coverage Δ	Complexity Δ
src/Range.php	100.00% <0.00%> (ø)	8.00% <0.00%> (ø%)
src/Exception/InvalidUrl.php	100.00% <0.00%> (ø)	1.00% <0.00%> (ø%)
src/Exception/InvalidFile.php	100.00% <0.00%> (ø)	3.00% <0.00%> (ø%)
src/Exception/InvalidYear.php	100.00% <0.00%> (ø)	1.00% <0.00%> (ø%)
src/Exception/InvalidRange.php	100.00% <0.00%> (ø)	2.00% <0.00%> (ø%)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 773d94a...fc8693d. Read the comment docs.