composer(deps-dev): bump vimeo/psalm from 4.6.2 to 4.6.4

[dependabot]

Bumps vimeo/psalm from 4.6.2 to 4.6.4.

Release notes

Sourced from vimeo/psalm's releases.

Fix small API regression

IssueBuffer::finish had a small undocumented API change – that change is reverted here (#5410).

Bugfixes:

• @​orklah improved the return type of array_combine and iterator_to_array (#5393, #5400)
• Promoted properties are no longer counted as unused params — thanks @​weirdan (#5404)
• @​theodorejb improved the type of DOMElement::childNodes (#5403)
• Property invariance checks are now disabled for properties with templates — thanks @​AndrolGenhald (#5380)
• @​orklah fixed scalar-to-string reconciliation inside templates (#5402)
• Fixed a regression asserting on templated arrays and generic objects (#5406)

Mostly bugfixes

Features

• @​weirdan added support for PHP Version-dependent method stubs (#5337)

Bugfixes

• Improving handling of nested template types in class strings (#5290)
• Language Server Allow static methods to be autocompleted on instances (#5210, #5295)
• Language Server Fix inferred type caching bug when editing neighbouring methods (#5297)
• Fix JSON reports containing UTF-8 strings – thanks @​danog (#5300)
• Improve callmap for gd functions in PHP 8 – thanks @​iluuu1994 (#5271)
• improvements to mysql_init and PDOStatement::fetchAll return type – thanks @​morozov (#5306, #5317)
• WeakMap is now generic – thanks @​weirdan (#5313)
• Allow iterable coercion from a generic object (#5310)
• Fix an issue with method memoisation (#5317)
• Allow ReflectionParameter::getType() to return non-null if a ReflectionParameter::hasType() call returns true (#5258)
• Undefined variables can now be tracked in arrow functions – thanks @​weirdan (#5343)
• ImplicitToStringCast is now emitted in more places – thanks @​weirdan (#5344)
• variable usage in bool to int casts are now tracked – thanks @​weirdan (#5349)
• explode return type is improved – thanks @​weirdan (#5350)
• ceil just returns a float, thanks @​simPod (#5355)
• improved return type for min and max – thanks @​orklah
• Psalm startup variables are now shielded from plugins that change global variables – thanks @​weirdan! (#5366)
• fixed integer overflow that could cause a Psalm crash – thanks @​orklah (#5369)
• @​orklah fixed a bug where Psalm would not accurately type the output of array_map when given a callable (#5373)
• prevented an edge-case where calling the constructor of a genericised class could poison Psalm's internal cache (b549989)

Commits

• 97fe86c Fix BC break introduced in 4.6.3 (#5410)
• 9d979e3 Fix #5406 - track more changes to assertion type
• 2777b62 String can be reconciled with Scalar (#5402)
• 1149050 adapt bcdiv for PHP8 in stubs (#5401)
• ff5a6cb iterator_to_array must always return array-key (#5400)
• 1a3ff56 fix stub for array_combine + remove false in PHP8 + improve tests (#5395)
• 9d840ee Disable property invariance checks for properties with templates (#5380)
• 5b9efd5 Fix type of DomElement childNodes property (#5403)
• ae247d0 Don't mark promoted properties as unused params (#5404)
• 817d1cf Fix #5408 - avoid nullref when parser param cannot be found
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #754 (6f4d325) into main (d24c795) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #754   +/-   ##
=========================================
  Coverage     98.80%   98.80%           
  Complexity       89       89           
=========================================
  Files            12       12           
  Lines           334      334           
=========================================
  Hits            330      330           
  Misses            4        4           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d24c795...6f4d325. Read the comment docs.

[dependabot]

Superseded by #758.