chore: fix plus.*NonNumeric errors from PHPStan

[kubawerlos]

No description provided.

[coveralls]

coverage: 93.162% (-0.01%) from 93.172%
when pulling 00efc03 on 6b7562617765726c6f73:fix_plus_phpstan_errors
into f99d88e on PHP-CS-Fixer:master.

[gharlan]

IMO it is not a good idea to cast the potential false value to int. I would still prefer something like #9058.

[kubawerlos]

We can change to thecodingmachine/safe, or we can create a custom wrapper.

IMO the bad idea is to keep them, which (with other baseline errors) is stopping from bumping PHPStan level up, which could uncover some actually buggy places in code.

[gharlan]

refs the discussion about strict types and casting here: #8877 (reply in thread)

[kubawerlos]

Each of the cases here are always integers, unless I was stupid and they could false.

I'm happy to be proven the latter with a test case.

[gharlan]

In #9059 I found a case where continuing with the false value (implicitly casted to 0) was a problem.
I think with the explicit casts it is harder to spot those issues. I found the bug after adding explicit validation via Str helper class.

IMO the bad idea is to keep them, which (with other baseline errors) is stopping from bumping PHPStan level up, which could uncover some actually buggy places in code.

I agree that we should work on increasing the phpstan level. And with #9058 and #9008 I also try to solve some pain points in higher levels.

[keradus]

in most of the cases, that value should be int already. yet, it's easy to not see some edge case there, or get fooled after some refactoring (eg we now explicitly check \\ in string, so we know strpos won't be false, but after some refactoring, flow can be different),

but then, returning false is not error - it's that string was not found.

tbh, i would rather go with assertions of type before casting it.