mirror of
https://github.com/danog/psalm.git
synced 2024-11-27 04:45:20 +01:00
orklah
GitHub
commit
91705722ff
@ -509,7 +509,7 @@ class User {
|
||||
|
||||
### `@psalm-require-extends`
|
||||
|
||||
The `@psalm-require-extends` annotation allows you to define a requirements that a trait imposes on the using class.
|
||||
The `@psalm-require-extends` annotation allows you to define the requirements that a trait imposes on the using class.
|
||||
|
||||
```php
|
||||
<?php
|
||||
|
||||
@ -66,7 +66,7 @@ class One_off_instance_of_MyContainer {
|
||||
}
|
||||
```
|
||||
|
||||
This pattern can be used in large number of different situations like mocking, collections, iterators and loading arbitrary objects. Psalm has a large number of annotations to make it easy to use templated types in your codebase.
|
||||
This pattern can be used in a large number of different situations like mocking, collections, iterators and loading arbitrary objects. Psalm has a large number of annotations to make it easy to use templated types in your codebase.
|
||||
|
||||
## `@template`, `@psalm-template`
|
||||
|
||||
@ -111,7 +111,7 @@ function array_combine(array $arr, array $arr2) {}
|
||||
|
||||
### Notes
|
||||
- `@template` tag order matters for class docblocks, as they dictate the order in which those generic parameters are referenced in docblocks.
|
||||
- The names of your templated types (e.g. `TKey`, `TValue` don't matter outside the scope of the class or function in which they're declared.
|
||||
- The names of your templated types (e.g. `TKey`, `TValue`) don't matter outside the scope of the class or function in which they're declared.
|
||||
|
||||
## @param class-string<T>
|
||||
|
||||
|
||||
@ -40,7 +40,7 @@ You can also parameterize `class-string` with an object name e.g. [`class-string
|
||||
|
||||
### trait-string
|
||||
|
||||
Psalm also supports a `trait-string` annotation denote a trait that exists.
|
||||
Psalm also supports a `trait-string` annotation denoting a trait that exists.
|
||||
|
||||
### callable-string
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ version supported by Psalm, it needs to process delta files to arrive at a
|
||||
version of callmap matching the one that is used during analysis. Psalm uses
|
||||
the following process to do that:
|
||||
|
||||
1. Read `CallMap.php` (Note: it's the one having latest signatures).
|
||||
1. Read `CallMap.php` (Note: it's the one having the latest signatures).
|
||||
2. If it matches configured PHP version, use it.
|
||||
3. If the callmap delta for previous PHP version exists, read that.
|
||||
4. Take previous callmap delta and apply it in reverse order. That is, entries
|
||||
@ -70,7 +70,7 @@ it exists in the latest PHP version). Here's [the PR that does it](https://githu
|
||||
|
||||
### Correcting the function signature
|
||||
|
||||
Assume you found incorrect signature, the one that was always different to what
|
||||
Assume you found an incorrect signature, the one that was always different to what
|
||||
we currently have in Psalm. This will need a change to `CallMap_historical.php`
|
||||
(as the signature was always that way) and `CallMap.php` (as the signature is
|
||||
still valid). Here's [the PR that does it](https://github.com/vimeo/psalm/pull/6359/files).
|
||||
|
||||
@ -66,7 +66,7 @@ At each line the `Context` object may or may not be manipulated. At branching po
|
||||
|
||||
The `NodeDataProvider` stores a type for each PhpParser node.
|
||||
|
||||
After all the statements have been analysed we gather up all the return types and compare to the given return type.
|
||||
After all the statements have been analysed we gather up all the return types and compare them to the given return type.
|
||||
|
||||
### Type Reconciliation
|
||||
|
||||
|
||||
@ -40,7 +40,7 @@ Psalm is almost always run on PHP code that parses a lint check (`php -l <filena
|
||||
|
||||
Given Psalm is almost always used on syntatically-correct code it should use a parser built for that purpose, and `nikic/php-parser` is the gold-standard.
|
||||
|
||||
Where Psalm needs to run on syntactically-incorrect code (e.g. in language server mode) Psalm should still use the same parser (and work around any issues that produces).
|
||||
Where Psalm needs to run on syntactically-incorrect code (e.g. in language server mode) Psalm should still use the same parser (and work around any issues that it produces).
|
||||
|
||||
## Docblock annotations are better than type-providing plugins
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ This tells Psalm to move class `Ns1\Foo` into the namespace `Ns2\Bar` and rename
|
||||
vendor/bin/psalm-refactor --move "Ns1\Foo::bar" --into "Ns2\Baz"
|
||||
```
|
||||
|
||||
This tells Psalm to move a method named `bar` inside `Ns1\Foo` into the class `Ns2\Baz`, so any reference to `Ns1\Foo::bar` becomes `Ns2\Baz::bar`). Psalm currently allows you to move static methods between aribitrary classes, and instance methods into child classes of that instance.
|
||||
This tells Psalm to move a method named `bar` inside `Ns1\Foo` into the class `Ns2\Baz`, so any reference to `Ns1\Foo::bar` becomes `Ns2\Baz::bar`). Psalm currently allows you to move static methods between arbitrary classes, and instance methods into child classes of that instance.
|
||||
|
||||
## Moving and renaming methods
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ Psalm will probably find a number of issues - find out how to deal with them in
|
||||
|
||||
## Installing plugins
|
||||
|
||||
While Psalm can figure out the types used by various libraries based on the
|
||||
While Psalm can figure out the types used by various libraries based on
|
||||
their source code and docblocks, it works even better with custom-tailored types
|
||||
provided by Psalm plugins.
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ function getCommaPosition(string $a) : int {
|
||||
}
|
||||
```
|
||||
|
||||
Alternatively you may chose to throw an exception:
|
||||
Alternatively you may choose to throw an exception:
|
||||
|
||||
```php
|
||||
<?php
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# InvalidExtendClass
|
||||
|
||||
Emitted when attempting to extends a final class or a class annotated with `@final`.
|
||||
Emitted when attempting to extend a final class or a class annotated with `@final`.
|
||||
|
||||
```php
|
||||
<?php
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# PropertyTypeCoercion
|
||||
|
||||
Emitted when setting a property with an value which has a less specific type than the property expects
|
||||
Emitted when setting a property with a value which has a less specific type than the property expects
|
||||
|
||||
```php
|
||||
<?php
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# TaintedCallable
|
||||
|
||||
Emitted when tainted text is used in an aribtary function call.
|
||||
Emitted when tainted text is used in an arbitrary function call.
|
||||
|
||||
This can lead to dangerous situations, like running arbitrary functions.
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# TaintedLdap
|
||||
|
||||
Potential LDAP injection. This rule is emitted when user-controlled input can be passed into a LDAP request.
|
||||
Potential LDAP injection. This rule is emitted when user-controlled input can be passed into an LDAP request.
|
||||
|
||||
## Risk
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ $param = strip_tags($_GET['param']);
|
||||
</script>
|
||||
```
|
||||
|
||||
Passing `');alert('injection');//` as a `GET` param here would would cause the `alert` to trigger.
|
||||
Passing `');alert('injection');//` as a `GET` param here would cause the `alert` to trigger.
|
||||
|
||||
## Mitigations
|
||||
|
||||
|
||||
@ -80,7 +80,7 @@ class SomePlugin implements \Psalm\Plugin\EventHandler\AfterStatementAnalysisInt
|
||||
- `AfterFunctionCallAnalysisInterface` - called after Psalm evaluates a function call to any function defined within the project itself. Can alter the return type or perform modifications of the call.
|
||||
- `AfterFunctionLikeAnalysisInterface` - called after Psalm has completed its analysis of a given function-like.
|
||||
- `AfterMethodCallAnalysisInterface` - called after Psalm analyzes a method call.
|
||||
- `AfterStatementAnalysisInterface` - called after Psalm evaluates an statement.
|
||||
- `AfterStatementAnalysisInterface` - called after Psalm evaluates a statement.
|
||||
- `BeforeFileAnalysisInterface` - called before Psalm analyzes a file.
|
||||
- `FunctionExistenceProviderInterface` - can be used to override Psalm's builtin function existence checks for one or more functions.
|
||||
- `FunctionParamsProviderInterface.php` - can be used to override Psalm's builtin function parameter lookup for one or more functions.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user