Commit Graph

102 Commits

Author SHA1 Message Date
Adrien LUCAS
a7d3a76ca0
[tainting] improve twig template names resolving (#122) 2020-12-15 10:52:58 +03:00
Adrien LUCAS
f5e4b97c53
[docs] improve the twig tainting documentation (#121) 2020-12-14 19:37:22 +03:00
Farhad Safarov
dcb4195b62
[dependencies] reintroduce support for PHP 7.1 and 7.2 (#120) 2020-12-10 09:50:32 +03:00
Farhad Safarov
2dd4b18a81
[internal] allow development on php8 (#114) 2020-12-08 12:45:11 +03:00
Farhad Safarov
aef28735fd
[test] skip failing test temporarily (#115) 2020-12-08 10:59:52 +03:00
Valentin Udaltsov
20fbfcfa7d
Add mixed type to serializer $data parameter (#112) 2020-12-08 00:23:29 +03:00
Valentin Udaltsov
85529f3c5f
Improved DenormalizerInterface and SerializerInterface stubs (#111) 2020-12-05 19:44:15 +03:00
Michel Hunziker
fb77c49200
Allow psalm 4.2 and later (#110) 2020-12-05 19:42:43 +03:00
Michel Hunziker
9117ebb759
[tainting] stub ParameterBag to provide taint information for Symfony 3/4/5.0 (#103) 2020-12-05 17:23:27 +03:00
Michel Hunziker
6a97204596
Install the correct version of the symfony packages (#108) 2020-12-05 15:48:55 +03:00
Farhad Safarov
2aa06e6609
[console] option name with -- prefix (#106) 2020-11-29 15:14:05 +03:00
Farhad Safarov
d4f6d579eb
[psalm] exclude breaking changes (#104) 2020-11-23 13:36:01 +03:00
Farhad Safarov
9dc1c34e88
[container] support subscribed services in child classes (#102) 2020-11-15 21:52:47 +03:00
Farhad Safarov
e750732ee2
[container] support service subscriber & locator (#101)
* [container] support service subscriber

* no message
2020-11-14 13:18:54 +03:00
Adrien LUCAS
0397c581db
[tainting] Allow Twig\Environment::render to be tainted even with a variable as template name (#97)
Allow Twig\Environment::render to be tainted even with a variable as template parameters

Allow using a variable as template name for CachedTemplatesTainter too

Add TwigUtils::extractTemplateNameFromExpression tests
2020-11-10 13:23:21 +03:00
Adrien LUCAS
f75effe9dd
[tainting] Fix the precedence of the CachedTemplatesMapping (#89)
Allow alternatives template name notation

Isolate template naming in a CachedTemplatesRegistry

Allow `render` calls with no second arguments

Allow twig template name old notation alternatives
2020-11-10 12:57:01 +03:00
Adrien LUCAS
01b5dcb771
[container] read the DI required annotation (#100) 2020-11-10 10:34:20 +03:00
Farhad Safarov
6c6b4f53fb
Support Psalm v4.0 (#98)
* Support Psalm v4.0

* no message

* no message

* no message
2020-10-20 16:03:17 +03:00
Farhad Safarov
720e554ff8
run tests daily (#96) 2020-10-15 12:06:13 +03:00
Farhad Safarov
fc1bcd6ce9
psalm min v3.17 (#95)
* psalm min v3.17

* no message

* no message
2020-10-14 08:02:27 +03:00
Farhad Safarov
1978edad3f
static analysis plugin itself with lowest & highest deps (#94)
* static analysis plugin itself with lowest & highest deps

* no message

* no message

* no message

* no message

* no message
2020-10-13 16:52:11 +03:00
Farhad Safarov
5cd3df193f
[console] nullable & bool default values (#92)
* [console] nullable & bool default values

* no message
2020-09-26 13:40:51 +03:00
Matthew Brown
fcef6b8f59
Merge pull request #88 from adrienlucas/twig-analyzer
Refactor twig analyzer
2020-09-24 14:12:24 -04:00
Adrien LUCAS
4a523e7aba Refactor twig analyzer 2020-09-24 19:43:50 +02:00
Farhad Safarov
ac32e62977
[console] argument return type infer improvements (#87) 2020-09-24 13:37:51 +03:00
Maarten de Boer
c1535e05e1
Detect return type for denormalize and deserialize for the Serializer component (#83)
* Detect return type for denormalize and deserialize

* Fix typo

* Remove empty docblock
2020-09-21 09:08:39 +03:00
Farhad Safarov
cb7eb847bb
psalm update fixes (#85) 2020-09-18 08:52:49 +03:00
Adrien LUCAS
0240845744
Use the assert-package-constraint step provided by third party (#79) 2020-09-14 11:17:23 +03:00
Farhad Safarov
dd0f54f41b
Testing no service naming convention violation when using FQCN (#78) 2020-09-14 08:06:07 +03:00
Wouter J
00bae73943
Added stub for PropertyAccessorInterface::setValue() (#76)
* Added stub for PropertyAccessorInterface::setValue()

* Update src/Stubs/common/PropertyAccessorInterface.stubphp

Co-authored-by: Farhad Safarov <farhad.safarov@gmail.com>
2020-09-13 20:03:33 +03:00
Adrien LUCAS
4eb4dae6ea
Tainting twig (#61)
* Taint Request::get and Response::__construct

* Taint Request::request, Request::query & Request::cookies

* Taint Request::headers (only for the user-agent header)

* Taint HeaderBag::__toString (and a fix of psalm taint api usage)

* Taint InputBag::all

* Fix type resolving

* Bump psalm requirement

* refactoring first scenario outline

* Refactor RequestTaint

* no message

* Taint HeaderBag using the MethodReturnTypeProviderInterface

* Skip tests when dependencies too low

* Taint Request::get and Response::__construct

* Taint Request::headers (only for the user-agent header)

* wip

* Try using MethodReturnTypeProviderInterface

* Compiling templates

* Make it work using fake call

* Explicitely load compliled twig files

* wip

* Add more direct way of tainting output

* wip

* Add real twig template analyzer

* Refactor

* Little fixes

* Change namespace from Taint to Twig

* Refactoring

* Some type fixing

* Fix CS

* Guess template-to-cache mapping instead of using the twig env.

* Fix typing

* Last minutes changes

* Change test group

* Update README

* fix TemplateFileAnalyzer path in readme

Co-authored-by: Farhad Safarov <farhad.safarov@gmail.com>
Co-authored-by: Brown <github@muglug.com>
2020-09-13 19:37:26 +03:00
Damien Debin
b1bfd5fac1
Better null handling for getOption. (#75) 2020-08-24 09:57:30 +03:00
Adrien LUCAS
51d363960f
Taint analysis (#54)
* Taint Request::get and Response::__construct

* Taint Request::request, Request::query & Request::cookies

* Taint Request::headers (only for the user-agent header)

* Taint HeaderBag::__toString (and a fix of psalm taint api usage)

* Taint InputBag::all

* Fix type resolving

* Bump psalm requirement

* refactoring first scenario outline

* Refactor RequestTaint

* no message

* Taint HeaderBag using the MethodReturnTypeProviderInterface

* Skip tests when dependencies too low

* Fix CS

Co-authored-by: Farhad Safarov <farhad.safarov@gmail.com>
2020-08-22 21:04:30 +03:00
Valentin Udaltsov
9fb76499f9
Added CacheInterface.stubphp from symfony contracts (#74) 2020-08-18 14:38:35 +03:00
Valentin Udaltsov
898d580c13
Added Guard AuthenticatorInterface.stubphp (#72) 2020-08-18 13:18:10 +03:00
Valentin Udaltsov
da8d170c78
Made Messenger Envelope aware of the message class (#71) 2020-08-18 09:24:21 +03:00
Valentin Udaltsov
d27cd2fc1b
Added LockableTrait.stubphp (#70) 2020-08-18 09:06:54 +03:00
Valentin Udaltsov
942397d1b5
Fixed named arguments in ContainerHandler.php for Psalm 3.14 (#73) 2020-08-18 09:02:44 +03:00
Farhad Safarov
798b72f40c
InputBag get stub for return type (#69) 2020-08-04 07:14:56 +03:00
Farhad Safarov
9e7968cb57
Add PHP CS fixer check (#67) 2020-08-03 17:25:34 +03:00
Farhad Safarov
37912ba88f
test container support (#66)
* test container support

* no message

* no message
2020-08-03 17:14:55 +03:00
Farhad Safarov
25c91fd99a
PropertyNotSetInConstructor error is not raised when class is an Annotation (#65) 2020-08-01 18:07:39 +03:00
Farhad Safarov
750e7b9e8f
PropertyNotSetInConstructor error about $context is not raised in ConstraintValidator (#63) 2020-07-30 16:07:38 +03:00
Farhad Safarov
d13b6aa27a
Default service visibility for different Symfony versions (#62)
* Default service visibility for different Symfony versions

* no message

* test fix
2020-07-28 21:21:03 +03:00
Anton Zagorskii
c8cea86f11
test symfony version typo fix (#58)
Co-authored-by: Anton Zagorskii <anton@paytronix.io>
2020-07-20 10:09:39 +03:00
Anton Zagorskii
1c68a1529a
Suppress PropertyNotSetInConstructor error in AbstractController::$container (managed by Symfony DI) (#57)
Co-authored-by: Anton Zagorskii <anton@paytronix.io>
2020-07-20 06:40:55 +03:00
Anton Zagorskii
7fb4a082cf
totallyTyped is deprecated, changed to errorLevel="1" (#56)
Co-authored-by: Anton Zagorskii <anton@paytronix.io>
2020-07-19 11:28:57 +03:00
Anton Zagorskii
5d46b7a221
removed .gitkeep & unblocked testing on symfony 5.* (#55)
Co-authored-by: Anton Zagorskii <anton@paytronix.io>
2020-07-19 11:27:05 +03:00
Michel Hunziker
e6ae163a54
Add envelope stub to provide the correct argument and return types (#53)
* Add envelope stub to provide the correct argument and return types

* Use a custom test stamp
2020-07-06 06:29:10 +03:00
Adrien LUCAS
4b826dc432
Taint Request::get and Response::__construct (#50)
* Taint Request::get and Response::__construct

* no message

Co-authored-by: Farhad Safarov <farhad.safarov@gmail.com>
2020-07-02 14:27:48 +03:00