danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-30 04:39:00 +01:00
Code Issues Projects Releases Wiki Activity

feat: adding a runTaintAnalysis option into the config (#3800)

Browse Source
This commit is contained in:
Jon Ursenbach 2020-07-10 10:22:03 -07:00 committed by GitHub
parent 8349564cc4
commit 6aca4c169e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.xsd
View File

@ -72,6 +72,7 @@
<xs:attribute name="usePhpDocPropertiesWithoutMagicCall" type="xs:boolean" default="false" /> <xs:attribute name="usePhpDocPropertiesWithoutMagicCall" type="xs:boolean" default="false" />
<xs:attribute name="skipChecksOnUnresolvableIncludes" type="xs:boolean" default="true" /> <xs:attribute name="skipChecksOnUnresolvableIncludes" type="xs:boolean" default="true" />
<xs:attribute name="sealAllMethods" type="xs:boolean" default="false" /> <xs:attribute name="sealAllMethods" type="xs:boolean" default="false" />
<xs:attribute name="runTaintAnalysis" type="xs:boolean" default="false" />
</xs:complexType> </xs:complexType>
<xs:complexType name="ProjectFilesType"> <xs:complexType name="ProjectFilesType">

10
docs/running_psalm/configuration.md
View File

@ -305,6 +305,16 @@ For backwards compatibility, this defaults to `true`, but if you do not rely on
When `true`, Psalm will treat all classes as if they had sealed methods, meaning that if you implement the magic method `__call`, you also have to add `@method` for each magic method. Defaults to false. When `true`, Psalm will treat all classes as if they had sealed methods, meaning that if you implement the magic method `__call`, you also have to add `@method` for each magic method. Defaults to false.
#### runTaintAnalysis
```xml
<psalm
runTaintAnalysis="[bool]"
>
```
When `true`, Psalm will run [Taint Analysis](../security_analysis/index.md) on your codebase. This config is the same as if you were running Psalm with `--taint-analysis`.
### Running Psalm ### Running Psalm
#### autoloader #### autoloader

8
src/Psalm/Config.php
View File

@ -399,6 +399,11 @@ class Config
*/ */
public $find_unused_variables = false; public $find_unused_variables = false;
/**
* @var bool
*/
public $run_taint_analysis = false;
/** /**
* Whether to resolve file and directory paths from the location of the config file, * Whether to resolve file and directory paths from the location of the config file,
* instead of the current working directory. * instead of the current working directory.
@ -801,7 +806,8 @@ class Config
'ensureArrayIntOffsetsExist' => 'ensure_array_int_offsets_exist', 'ensureArrayIntOffsetsExist' => 'ensure_array_int_offsets_exist',
'reportMixedIssues' => 'show_mixed_issues', 'reportMixedIssues' => 'show_mixed_issues',
'skipChecksOnUnresolvableIncludes' => 'skip_checks_on_unresolvable_includes', 'skipChecksOnUnresolvableIncludes' => 'skip_checks_on_unresolvable_includes',
'sealAllMethods' => 'seal_all_methods' 'sealAllMethods' => 'seal_all_methods',
'runTaintAnalysis' => 'run_taint_analysis',
]; ];
foreach ($booleanAttributes as $xmlName => $internalName) { foreach ($booleanAttributes as $xmlName => $internalName) {

4
src/psalm.php
View File

@ -587,9 +587,9 @@ if ($config->find_unused_variables || $find_unused_variables) {
$project_analyzer->getCodebase()->reportUnusedVariables(); $project_analyzer->getCodebase()->reportUnusedVariables();
} }
if (isset($options['track-tainted-input']) if ($config->run_taint_analysis || (isset($options['track-tainted-input'])
|| isset($options['security-analysis']) || isset($options['security-analysis'])
|| isset($options['taint-analysis']) || isset($options['taint-analysis']))
) { ) {
$project_analyzer->trackTaintedInputs(); $project_analyzer->trackTaintedInputs();
} }