build(deps-dev): bump carthage-software/mago from 1.23.1 to 1.24.0

[dependabot]

Bumps carthage-software/mago from 1.23.1 to 1.24.0.

Release notes

Sourced from carthage-software/mago's releases.

Mago 1.24.0

Mago 1.24.0 is mostly an analyzer-correctness release: recursive literal-scalar widening in by-reference out-types, wider mixed-operand detection on templated concatenations, and targeted fixes around isset / array_key_exists, list destructuring, iterable narrowing, and __call on non-final classes. It also adds a prefer-self-return-type linter rule with FQCN-to-use autofix, match-arm => alignment in the formatter, and a service memory fix that takes mago lint --fix --unsafe on Drupal core from ~11.6 GB RSS down to 748 MB.

New: mago-twig-syntax. A lossless Twig 3 lexer, AST, and parser published to crates.io. Not wired into the Mago binary yet: the plan is Twig support across the linter, formatter, and possibly the analyzer (#303), then Blade (#304). Twig is the testing ground for multi-language support; once that plumbing is confident, adding Blade should be much cheaper.

✨ Features

Linter

• prefer-self-return-type: new rule suggesting self instead of the declaring class name in method return types. (#1442, 9081ce8)
• FQCN autofix with use-statement synthesis: no-fully-qualified-global-* fixers now insert a matching use at the top of the file. (#555, #1645, d16e16c)
• string-style handles single-quoted strings: fixer now converts 'foo' to "foo" when the chosen style requires it. (#1674, b33a57b)

Formatter

• Align assignment-like match arms: column-align => across arms in match expressions, matching assignment alignment. (#1642, 34e0277)

Codex

• Detect class_exists-guarded stubs as polyfills: user definitions are preferred over guarded fallbacks on merge. (0748989)

Prelude

• Iterator on Generator: stub now reflects that Generator implements Iterator. (e115682)
• ArrayAccess on DOMNodeList: stub reflects the interface exposed by the extension. (7efae17)

🐛 Bug Fixes

Analyzer

• Recursive literal-scalar widening in by-reference out-types: widens through arrays, iterables, generics, and conditionals. (#1686, 1575f1e)
• Baseline literal-scalar widening in by-reference out-types: initial fix for single-level literal tightening on param-out. (#1678, 45926da)
• Reject mixed and union-shaped templates as concat operands: T as mixed and mixed-scalar unions now surface mixed-operand. (a55b321)
• Namespaced global-fallback calls pass function-casing check: \Foo\bar() no longer misfires on global fallback. (#1680, f61f57d)
• Reject incompatible parameter defaults; gate implicit-null on PHP < 9.0: catches value/default-type mismatches. (#1682, f04aefb)
• Narrow isset / array_key_exists to false on provably missing keys: fixes inconsistent impossible-condition warnings. (#1679, 434f11e)
• Skip no-boolean-literal-comparison on synthetic match-arm binaries: fixer no longer produces invalid code for match arms. (#1681, 67ea13e)
• Only hard-error on missing __call when the class-like is final: non-final classes keep PHPUnit-style magic method calls working. (#1676, 6953e8e)
• Respect list siblings when reporting undefined array keys: fixes wrong undefined-string-array-index on list destructuring. (#1668, 2f248e8)
• Don't corrupt locals when array-index narrowing drops every variant: fixes false undefined-string-array-index positives. (#1669, 90f9c5d)
• Preserve type parameters when narrowing iterable/array: generic arguments survive through iterable narrowing. (f815bcc)

Codex

• Disjoint literal class-string and string in identity check: fixes an incorrect subtype relation. (#1677, 0fed110)
• Hold alias-expansion guard across recursive calls: prevents stack overflow on deeply aliased type graphs. (58afef6)
• Prioritize user polyfills over builtins and external definitions: user-written class_exists-guarded stubs win. (c3d7eb2)
• Narrow iterable<mixed, V> key to array-key against an array container: fixes over-wide key propagation. (ed712ba)

... (truncated)

Commits

• ff885e9 release: 1.24.0
• a55b321 fix(analyzer): reject mixed and union-shaped templates as concat operands
• ec890a3 test(twig-syntax): normalise path separators in fixture exclusion check
• 1575f1e fix(analyzer): widen literal scalars recursively in by-reference out-types
• a0eb189 chore: exclude twig-syntax test fixtures from typos check
• f3ad53c feat(twig-syntax): introduce twig-syntax crate
• bb90620 fix(codex): broken test
• 9081ce8 feat(linter): add prefer-self-return-type rule
• 58afef6 fix(codex): hold alias-expansion guard across recursive call to prevent stack...
• 38baca6 fix(cli): handle spaces in binary path (#1471)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)