psalm

mirror of https://github.com/danog/psalm.git synced 2024-11-26 12:24:49 +01:00

Author	SHA1	Message	Date
sji	6426da6269	Fix wrong comments in CallMap_80_delta.php (#5104 )	2021-01-29 11:47:36 +01:00
sji	7569e17d06	Bump the CURRENT PHP TARGET VERSION to 8.0 in CallMap.php (#5103 )	2021-01-29 11:47:36 +01:00
sji	995f89e8b9	Fix CallMap of PDOStatement for PHP8 (#5100 ) The definitions are based on the php-src stub. `4bbb98c24f/ext/pdo/pdo_stmt.stub.php`	2021-01-29 11:47:36 +01:00
Bruce Weirdan	9292316073	Remove ReflectionType::getName(), move ReflectionType::isBuiltin() (#5090 ) * Remove ReflectionType::getName(), move ReflectionType::isBuiltin() * `ReflectionType::getName()` was never there: https://3v4l.org/1iZt4 * `ReflectionType::isBuiltin()` was moved to `ReflectionNamedType::isBuiltin()` in PHP 8 Fixes vimeo/psalm#5089 * Fix test * Mark test as php 8.0 only	2021-01-29 11:47:35 +01:00
orklah	a9235b6ee9	fix wrong order of types (#5058 )	2021-01-29 11:47:33 +01:00
orklah	5eb4d88f1a	add createFromInterface in PHP 8 (#5055 )	2021-01-29 11:47:33 +01:00
Bruce Weirdan	7b43d321ad	Correct gzread signature (#4960 ) Fixes vimeo/psalm#4959	2021-01-29 11:47:28 +01:00
Holger Woltersdorf	972da55d84	Add missing param for constructor arguments in PDOStatement#fetchObject (#4915 ) * Add missing param for constructor arguments PDOStatement#fetchObject allows a second, optional parameter for constructor arguments, which - if given - will be passed to the given class' constructor. See: https://www.php.net/manual/de/pdostatement.fetchobject.php Also see the PhpStorm stubs: https://github.com/JetBrains/phpstorm-stubs/blob/master/PDO/PDO.php#L1441 * Fix wrong nullability for 2nd argument in PDOStatement#fetchObject	2021-01-29 11:47:24 +01:00
Benjamin Morel	44c79daf1a	GEOS stubs (#4902 )	2021-01-29 11:47:22 +01:00
Benjamin Morel	e6d23d10e9	Return type for DateTimeZone::getTransitions() (#4879 )	2021-01-29 11:47:22 +01:00
Benjamin Morel	8b8c6e5a02	Improve DateTimeZone signatures (#4870 )	2021-01-29 11:47:21 +01:00
Christer Edvartsen	3f86e8cb94	According to the PHP docs the session_name signature is: (#4855 ) session_name ([ string\|null $name = null ] ) : string\|false Resolves Possibly incorrect handling of session_name() #4854	2021-01-29 11:47:21 +01:00
Fabien Villepinte	519edd9251	ftp_misd may return false (#4830 )	2021-01-29 11:47:20 +01:00
orklah	7a217a060d	allow passing mixed in is_a (#4780 )	2021-01-29 11:47:16 +01:00
orklah	ca26acd31e	improve pg_fetch return types (#4777 )	2021-01-29 11:47:15 +01:00
Benjamin Morel	8990f1ec95	Fix ImagickPixel::getColor() (#4758 )	2021-01-29 11:47:13 +01:00
Benjamin Morel	1c14600c03	Improve Imagick call map (#4757 )	2021-01-29 11:47:12 +01:00
orklah	0814f5d6ee	sync param names with php (#4745 ) * sync param names with php * fiw prefixes	2021-01-29 11:47:10 +01:00
LeSuisse	2a56a3a0c9	Fix incorrect taint sink map for \rmdir (#4703 ) Closes #4690	2021-01-29 11:46:26 +01:00
Benjamin Morel	ec89cc623a	Fix PDOStatement::fetchObject() return type (#4682 )	2021-01-29 11:46:24 +01:00
Matt Brown	7f0ac653a1	First creation_function param isnÆt really a sink	2021-01-29 11:46:18 +01:00
Markus Staab	2c998aea7e	documented type in InternalTaintSinkMap (#4627 )	2021-01-29 11:46:17 +01:00
Lukas Reschke	2ad5eee193	Add dedicated types for 'file', 'header' and 'cookie' (#4630 ) * [WIP] Add dedicated sinks for 'file', 'header' and 'cookie' * Add documentation * Add mapping for taint flows * Add tests * Fix test	2021-01-29 11:46:16 +01:00
Lukas Reschke	ce05165384	Split LDAP into custom category (#4604 ) - Adds ldap_escape as sanitizer - Defines the right parameters to ldap_search as sink - Wrote documentation - Added tests	2021-01-29 11:46:14 +01:00
Lukas Reschke	99d094b5e0	Add SSRF sinks (#4592 )	2021-01-29 11:46:14 +01:00
Matt Brown	2c69618347	Break out TaintedInput issues into a lot of separate ones	2021-01-29 11:46:13 +01:00
Benjamin Morel	4cd6a2b532	DateTimeInterface::getTimeZone() can return false (#4579 ) Fixes #4515	2021-01-29 11:46:12 +01:00
Benjamin Morel	8d37f16616	mysqli::$insert_id can be a string (#4577 )	2021-01-29 11:46:12 +01:00
Tyson Andre	e06350b1ad	Fix curl_multi_getcontent signature (#4580 )	2021-01-29 11:46:12 +01:00
Lukas Reschke	ff55dba130	Add sinks for popen and proc_open (#4572 ) User input in those two functions could lead to a RCE. popen: https://www.php.net/manual/en/function.popen.php proc_open: https://www.php.net/manual/en/function.proc-open.php	2021-01-29 11:46:11 +01:00
orklah	88a075456d	Add undocumented properties in SoapFault (#4510 )	2021-01-29 11:46:06 +01:00
Matt Brown	0f022c711d	Remove use of PHP 7.2 function	2021-01-29 11:45:02 +01:00
Philip Hofstetter	61a24c5577	improve mb_strtolower return type (#4469 ) this fixes #4455	2021-01-29 11:45:02 +01:00
Matt Brown	a495e067ca	Protect more calls	2021-01-29 11:44:34 +01:00
Matt Brown	f9adf24d6d	Use lists everywhere for args	2021-01-29 11:44:34 +01:00
Matt Brown	7df404bfb5	Fix #4374 - prevent paradox and allow Psalm to understand more assignments in conditionals	2021-01-29 11:41:13 +01:00
Matt Brown	3a95ab9885	getShortName does not return a class-string	2021-01-29 11:41:12 +01:00
Matt Brown	1a4292b992	4.x - fix callmap regressions	2021-01-29 11:39:52 +01:00
Matt Brown	88284c2b3d	4.x - add support for PHP 8 callmap	2021-01-29 11:39:51 +01:00
Matt Brown	36ed769b9f	Add more fixes	2021-01-29 11:39:51 +01:00
Matt Brown	df98750963	Fix order	2021-01-29 11:39:51 +01:00
Matt Brown	3558a66a12	Add changes from PHPStan‘s functionmap	2021-01-29 11:39:51 +01:00
Matt Brown	a531c2e450	Move static code out of src	2021-01-29 11:39:51 +01:00

43 Commits