New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add configuration option to disable @var parsing everywhere except for properties. #7434
Conversation
If we're going to add this, I think it would be nice to add an issue whenever inline |
I agree with Ondrej on this but his plans are way more sensible than just dropping the feature. @var are sometimes needed to refine types from third party libs, for IDEs or even to circumvent bugs from static tools themselves. It would not be reasonable to just disable this This is an interesting topic but we're gonna have to take this slowly to change habits of users. Here's a few ideas:
Ultimately, we will possibly want to drop support for @var to prevent cross-usage between IDEs and static tools who use it in different context(autocomplete vs analysis), but not before we have tools to help users first |
Disabling @var support in Psalm caused virtually no additional issues at work.
No offense, but this seems like a horrible feature to implement into a static analysis tool like Psalm.
This is already possible using runtime assertions, which are actually way safer than an unchecked |
Then I'm pretty happy your job managed to keep things clean, but a lot of users have big hairy legacy codebase to take care of, including me :)
Again, if you actually have time to wrap a whole library for static analysis purposes and if every dependency you have is up to date, this is cool! At my work we have a 2009 Html2Pdf manually patched to run on PHP 8.0. We don't have time or resources to update it, without even starting to talk about patching it upstream or wrapping it for Psalm to understand it all
Psalm capabilities are not the whole issue here. There will always be new tools that don't use Psalm at all (starting from PHP-Parser, the thing that makes Psalm and PHPStan runs) You have to remember that not all users have the same use-case as yours. The goal of Psalm is to help find bugs in application before running it, not to annoy users for the sake of quality. Disabling widely used features is the opposite of helping people. They may be dangerous in some cases, but if you take into account that those using the features may have thousand of issues left in their baseline, it kinda make sense to give them power tools, not toys |
I agree with your power tool argument, however I really don't feel like I currently have 122k issues in my baseline :) Anyway, this PR is just about introducing a flag; while I still strongly feel about making this a default in v5, I'd be more than glad to hear more arguments for possible usecases and solutions. |
To give some perspective based on a 18 year old code-base (300k lines) which we started using psalm with 3 years ago, I can say that most of our @var usages are actually to work around bugs in psalm itself (annoyingly in some cases a reduced test case is fine, but the same code wrapped in 🍝 causes psalm to infer wrongly) and to help with wrong docblock annotations in third party libraries. In both cases, the @var annotation is better than a suppression because suppressions stay forever and can hide future issues due to a lack in granularity of where they can be applied. They also cause the error to propagate through the function stack, requiring further suppressions to be added, making the issue worse. Plus, due to the way how suppressions are handled in psalm before IssueBuffer::maybeAdd was added, suppressions can have the side-effect of altering further analysis which is way worse than the downsides of @var when used responsibly. So long as many reasons for using @var are issues with psalm itself, I think it would be quite a usability downgrade to remove this useful helper. |
Hehe, this was my exact problem when I first started introducing psalm to our 830k codebase, to the point where I actually started writing a psalm plugin that could automatically generate reduced testcases by iteratively removing elements, didn't quite finish it but I still have it on a branch of our psalm fork :)
Suppressions can hide future issues of the same type, yes, which is why I also added a configuration key to disallow usage of Now that I think of it, maybe something similar to an I see that quite a few people are against making this a default in v5, that's fine, this PR will just add a configuration key that can be enabled if people need it. |
One important use case is overriding inferred generic type: https://psalm.dev/r/86fce654ba |
I found these snippets: https://psalm.dev/r/86fce654ba<?php
/** @var Collection<int> */
$c = new Collection([]);
/** @psalm-trace $c */;
$c->add(123); // will complain unless collection type is specified via @var
/** @template T */
class Collection {
/** @param array<array-key, T> $items */
public function __construct(private array $items) {}
/** @param T $item */
public function add($item): void { $this->items[] = $item; }
}
|
This is the reason why I added template support to Although I admit as per your #7351, it still requires a use of |
I found these snippets: https://psalm.dev/r/468f504fd9<?php
/** @template T */
final class Collection {
/** @param array<array-key, T> $items */
public function __construct(private array $items) {}
/**
* @template NewT
* @param NewT $item
* @psalm-this-out self<NewT|T>
*/
public function add($item): void { $this->items[] = $item; }
}
$c = new Collection([]);
/** @psalm-trace $c */;
$c->add(123); // won't complain
/** @psalm-trace $c */;
|
@danog, that's two different use cases. One may want a collection that accepts anything (your example) and changes its type based on that, while others may need a collection that only accepts a particular type. |
Oh I get it now 😅. |
@danog I'll merge that, can you rebase please? |
63408cb
to
3c1cbeb
Compare
3c1cbeb
to
eb3df40
Compare
Done! |
Thanks! |
Ondrej is already planning to remove
@var
support in phpstan, and I also propose disabling parsing by default in Psalm v5.