fixed PHPStan errors

Author: dg

composer.json

@@ -23,7 +23,7 @@
 		"nette/tester": "^2.6",
 		"nette/security": "^3.0",
 		"tracy/tracy": "^2.8",
-		"phpstan/phpstan-nette": "^2.0@stable"
+		"phpstan/phpstan": "^2.0@stable"
 	},
 	"conflict": {
 		"nette/di": "<3.0.3",

phpstan-baseline.neon

@@ -0,0 +1,73 @@
+parameters:
+	ignoreErrors:
+		-
+			message: '#^Parameter \#1 \$callback of function array_map expects \(callable\(Nette\\Utils\\ImageType\)\: mixed\)\|null, Closure\(1\|2\|3\|6\|18\|19\)\: string given\.$#'
+			identifier: argument.type
+			count: 1
+			path: src/Http/FileUpload.php
+
+		-
+			message: '#^Unknown parameter \$sameSite in call to method Nette\\Http\\IResponse\:\:setCookie\(\)\.$#'
+			identifier: argument.unknown
+			count: 1
+			path: src/Http/Helpers.php
+
+		-
+			message: '#^Right side of && is always true\.$#'
+			identifier: booleanAnd.rightAlwaysTrue
+			count: 1
+			path: src/Http/Request.php
+
+		-
+			message: '#^Strict comparison using \=\=\= between 2 and 2 will always evaluate to true\.$#'
+			identifier: identical.alwaysTrue
+			count: 1
+			path: src/Http/Request.php
+
+		-
+			message: '#^Offset ''name'' on non\-empty\-array in isset\(\) always exists and is not nullable\.$#'
+			identifier: isset.offset
+			count: 1
+			path: src/Http/RequestFactory.php
+
+		-
+			message: '#^Variable \$_FILES on left side of \?\? always exists and is not nullable\.$#'
+			identifier: nullCoalesce.variable
+			count: 1
+			path: src/Http/RequestFactory.php
+
+		-
+			message: '#^Method Nette\\Http\\IResponse\:\:setCookie\(\) invoked with 8 parameters, 3\-7 required\.$#'
+			identifier: arguments.count
+			count: 1
+			path: src/Http/Session.php
+
+		-
+			message: '#^Offset ''samesite'' on array\{lifetime\: int\<0, max\>, path\: non\-falsy\-string, domain\: string, secure\: bool, httponly\: bool, samesite\: ''Lax''\|''lax''\|''None''\|''none''\|''Strict''\|''strict''\} on left side of \?\? always exists and is not nullable\.$#'
+			identifier: nullCoalesce.offset
+			count: 1
+			path: src/Http/Session.php
+
+		-
+			message: '#^Parameter \#1 \$callbacks of static method Nette\\Utils\\Arrays\:\:invoke\(\) expects iterable\<callable\(\)\: mixed\>, list\<callable\(Nette\\Http\\Session\)\: void\> given\.$#'
+			identifier: argument.type
+			count: 2
+			path: src/Http/Session.php
+
+		-
+			message: '#^Parameter \#3 \$onError of static method Nette\\Utils\\Callback\:\:invokeSafe\(\) expects callable\(string, int\)\: \(bool\|null\), Closure\(string\)\: void given\.$#'
+			identifier: argument.type
+			count: 1
+			path: src/Http/Session.php
+
+		-
+			message: '#^Method Nette\\Http\\Url\:\:export\(\) return type has no value type specified in iterable type array\.$#'
+			identifier: missingType.iterableValue
+			count: 1
+			path: src/Http/Url.php
+
+		-
+			message: '#^Method Nette\\Http\\UrlImmutable\:\:export\(\) return type has no value type specified in iterable type array\.$#'
+			identifier: missingType.iterableValue
+			count: 1
+			path: src/Http/UrlImmutable.php

phpstan.neon

@@ -1,5 +1,14 @@
 parameters:
-	level: 5
+	level: 6
 
 	paths:
 		- src
+		- tests/types
+
+	excludePaths:
+		- src/Http/UserStorage.php   # deprecated, implements interface from optional nette/security
+
+	checkMissingCallableSignature: true
+
+includes:
+	- phpstan-baseline.neon

src/Bridges/HttpDI/HttpExtension.php

@@ -50,6 +50,7 @@ public function loadConfiguration(): void
 	{
 		$builder = $this->getContainerBuilder();
 		$config = $this->config;
+		\assert($config instanceof \stdClass);
 
 		$requestFactory = $builder->addDefinition($this->prefix('requestFactory'))
 			->setFactory(Nette\Http\RequestFactory::class)
@@ -98,6 +99,7 @@ public function loadConfiguration(): void
 	private function sendHeaders(): void
 	{
 		$config = $this->config;
+		\assert($config instanceof \stdClass);
 		$headers = array_map(strval(...), $config->headers);
 
 		if (isset($config->frames) && $config->frames !== true && !isset($headers['X-Frame-Options'])) {

src/Bridges/HttpDI/SessionExtension.php

@@ -44,6 +44,7 @@ public function loadConfiguration(): void
 	{
 		$builder = $this->getContainerBuilder();
 		$config = $this->config;
+		\assert($config instanceof \stdClass);
 
 		$session = $builder->addDefinition($this->prefix('session'))
 			->setFactory(Nette\Http\Session::class);

src/Http/FileUpload.php

@@ -51,7 +51,7 @@ public function __construct(array|string|null $value)
 			$value = [
 				'name' => basename($value),
 				'full_path' => $value,
-				'size' => filesize($value),
+				'size' => filesize($value) ?: 0,
 				'tmp_name' => $value,
 				'error' => UPLOAD_ERR_OK,
 			];
@@ -141,7 +141,7 @@ public function getSuggestedExtension(): ?string
 			}
 			[, , $type] = Nette\Utils\Helpers::falseToNull(@getimagesize($this->tmpName)); // @ - files smaller than 12 bytes causes read error
 			if ($type) {
-				return $this->extension = image_type_to_extension($type, include_dot: false);
+				return $this->extension = image_type_to_extension($type, include_dot: false) ?: null;
 			}
 			$this->extension = false;
 		}
@@ -274,9 +274,8 @@ public function getImageFileExtension(): ?string
 	 */
 	public function getContents(): ?string
 	{
-		// future implementation can try to work around safe_mode and open_basedir limitations
 		return $this->isOk()
-			? file_get_contents($this->tmpName)
+			? (string) file_get_contents($this->tmpName)
 			: null;
 	}
 }

src/Http/RequestFactory.php

@@ -86,7 +86,7 @@ public function fromGlobals(): Request
 			$this->getMethod(),
 			$remoteAddr,
 			$remoteHost,
-			fn(): string => file_get_contents('php://input'),
+			fn(): string => (string) file_get_contents('php://input'),
 		);
 	}
 

src/Http/Response.php

@@ -11,7 +11,7 @@
 
 use Nette;
 use Nette\Utils\DateTime;
-use function array_filter, header, header_remove, headers_list, headers_sent, htmlspecialchars, http_response_code, ini_get, is_int, ltrim, ob_get_length, ob_get_status, preg_match, rawurlencode, setcookie, str_replace, strcasecmp, strlen, strncasecmp, strpos, substr, time;
+use function array_filter, header, header_remove, headers_list, headers_sent, htmlspecialchars, http_response_code, ini_get, is_int, ltrim, ob_get_length, ob_get_status, preg_match, rawurlencode, setcookie, str_replace, strcasecmp, strlen, strncasecmp, substr, time;
 use const ENT_IGNORE, ENT_QUOTES, PHP_SAPI;
 
 
@@ -217,8 +217,10 @@ public function getHeaders(): array
 	{
 		$headers = [];
 		foreach (headers_list() as $header) {
-			$a = strpos($header, ':');
-			$headers[substr($header, 0, $a)] = substr($header, $a + 2);
+			$parts = explode(':', $header, 2);
+			if (isset($parts[1])) {
+				$headers[$parts[0]] = ltrim($parts[1]);
+			}
 		}
 
 		return $headers;

src/Http/Url.php

@@ -387,6 +387,7 @@ private static function idnHostToUnicode(string $host): string
 		}
 
 		trigger_error('PHP extension intl is not loaded or is too old', E_USER_WARNING);
+		return $host;
 	}
 
 
@@ -417,7 +418,7 @@ public static function unescape(string $s, string $reserved = '%;/?:@&=+$,'): st
 	public static function parseQuery(string $s): array
 	{
 		$s = str_replace(['%5B', '%5b'], '[', $s);
-		$sep = preg_quote(ini_get('arg_separator.input'));
+		$sep = preg_quote(ini_get('arg_separator.input') ?: '&');
 		$s = preg_replace("#([$sep])([^[$sep=]+)([^$sep]*)#", '&0[$2]$3', '&' . $s);
 		parse_str($s, $res);
 		return $res[0] ?? [];

tests/types/http-types.php

@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * PHPStan type tests for Http.
+ * Run: vendor/bin/phpstan analyse tests/types
+ */
+
+declare(strict_types=1);
+
+use Nette\Http\FileUpload;
+use Nette\Http\SessionSection;
+use function PHPStan\Testing\assertType;
+
+
+function testSessionSectionIterator(SessionSection $section): void
+{
+	foreach ($section as $key => $value) {
+		assertType('string', $key);
+		assertType('mixed', $value);
+	}
+}
+
+
+function testSessionSectionArrayAccess(SessionSection $section): void
+{
+	$section->remove();
+	$value = $section['key'];
+	assertType('mixed', $value);
+}
+
+
+function testFileUploadGetImageSize(FileUpload $upload): void
+{
+	$size = $upload->getImageSize();
+	assertType('array{int, int}|null', $size);
+}