danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-14 18:36:58 +01:00
Code Issues Projects Releases Wiki Activity
10,102 Commits 43 Branches 314 Tags 108 MiB
0c1564f4b5
Commit Graph

653 Commits

Author SHA1 Message Date
orklah
f1269d2425 makesbindtextdomain impure 2021-07-18 14:24:43 +02:00
Bruce Weirdan
a180dc6099
Flag staticness mismatch 
This handles two new cases:
1. Accessing static property with `->` (produces notices and warnings: https://3v4l.org/TiGan)
2. Accessing non-static property with `::` (causes fatal error: https://3v4l.org/IdYSh)

Fixes vimeo/psalm#6117
 2021-07-18 02:51:33 +03:00
Claas Augner
b91e00b03f Always keep FunctionLikeStorage->param_lookup in sync 2021-07-06 11:58:58 +02:00
Claas Augner
601a981898 Extract FunctionLikeStorage::setParams()/addParam() 2021-07-06 11:52:42 +02:00
Matt Brown
667dcc2e49 No false-positives for tainting through array keys 2021-06-29 17:05:39 -04:00
Bruce Weirdan
6d4262edbd
Mark return values in as throw argument as used (#5989) 
Fixes vimeo/psalm#5975
 2021-06-25 09:11:27 -04:00
Abdul Malik Ikhsan
3376f3cdfa
Add ob_get_clean to impure function 2021-06-24 20:34:38 +07:00
Oliver Hader
b07de1fefd
[BUGFIX] Avoid crash during interface checks on non-existing classes (#5984) 
`ClassLikes::classImplements(NonExisting::class, WellKnown::class)`
now returns `false` instead of throwing an exception for non-existing
classes.

Fixes: #5983
 2021-06-22 18:04:47 -04:00
Bruce Weirdan
260faee29e
Mark set_include_path() as impure 2021-06-22 22:00:05 +03:00
Matt Brown
b678461f5c Improve detection of fluent methods 2021-06-12 17:09:42 -04:00
Matt Brown
23b7ff86b7 Mark interface methods as unused even when inherited 2021-06-12 16:13:29 -04:00
Matt Brown
47bf5ed567 Fix #5918 - add new issue to detect unquoted strings 2021-06-10 17:43:04 -04:00
Matthew Brown
6d09418a23
Detect unused return values (#5917) 
* Detect unused return values

* Allow static-returning instance methods (presumed to be fluent)

* Make $is_used the default for Codebase::methodExists
 2021-06-10 14:18:15 -04:00
Matt Brown
34c1f9dccf Nest conditional for more accurate flow 2021-06-10 12:52:23 -04:00
Bruce Weirdan
6abce3525a
Enforce use sort (#5900) 2021-06-07 22:55:21 -04:00
Bruce Weirdan
5bfb841072
Prevent crashes when class constant references missing class (#5902) 
Fixes vimeo/psalm#5861
 2021-06-07 13:20:07 -04:00
Oliver Hader
b259296457
[BUGFIX] Continue processing psalm-flow graph after first taint sink (#5832) 
Related: #5830
 2021-05-26 16:04:22 -04:00
Matt Brown
6a61298074 Fix #5810 - detect properties that are never read 2021-05-21 09:25:57 -04:00
pawel-slowik
d82f02879c
Don't migrate virtual nodes (#5780) 
* Add a failing test for issue #5002

* Don't try to migrate virtual nodes

Fixes #5002
 2021-05-17 22:21:32 -04:00
Marco Pivetta
641587635d
Fix #5761 by marking all opcache_ functions as impure, as they are affected by runtime/engine (#5762) 
Quoting original issue (fixes #5761):

> Given this snippet ( https://psalm.dev/r/4d51eeab35 ):
>
> ```php
> <?php
>
> function invalidate_cache_for(string $path): void {
>     opcache_invalidate($path);
> }
>
> invalidate_cache_for('foo');
> ```
>
> Psalm reports the `opcache_invalidate()` call as `UnusedFunctionCall`. I'm wondering if `opcache_invalidate()` is perhaps inferred as a pure function? The only reference to it that I could find is in 1a59e81808/dictionaries/CallMap.php, but no purity markers are there.
>
> I'd gladly fix these, if I could get a pointer to where purity is determined.
 2021-05-13 21:18:00 -04:00
Matthew Brown
cc7ff94f7c Prevent crash when method being called does not exist in reflection 
Crash seen when running this test in PHP 7.4 because the method does not exist, but the call map includes it in 8.0
 2021-05-13 12:40:39 -04:00
Matthew Brown
832a190dd4
Support enums (#5699) 
* Add initial enum preparation

* Support cases method

* Ignore bad use error

cc @weirdan

* Fix type
 2021-05-03 17:54:09 -04:00
Bruce Weirdan
105c6f3a1c
Remove (and prevent) unused uses (#5704) 
* Updates `slevomat/coding-standard`
* Removes unused uses
* Prevents unused uses
* Fixes a number of symbol case mismatches
 2021-05-03 17:22:15 -04:00
Abdul Malik Ikhsan
2a31b66978
Add json_last_error to impure function (#5613) 
* Add json_last_error to impure function

* add 'json_encode', 'json_decode' as well

* revert json_encode and json_decode
 2021-04-10 20:38:02 -04:00
AndrolGenhald
9a03598a6d
Improve type resolution of class constants. (#5591) 
Handle array plus operator (fixes #5588).
Handle array spread operator.
Improve string concatenation to resolve to literal instead of unknown string.

I feel like it should be possible to let ConstantTypeResolver take advantage of
the better type analysis in ArrayAnalyzer, ConcatAnalyzer, etc, but it would
require a restructuring that's beyond me for the time being.
 2021-04-07 21:56:35 -04:00
Valentin Udaltsov
31096d9361
Marked iterator_to_array as an impure function (#5532) 2021-04-02 15:38:15 -04:00
Valentin Udaltsov
59b7de5647
Closes #3238 Marked flock as an impure function (#5543) 2021-03-31 09:55:36 -04:00
Bruce Weirdan
8753c28a1b
Marked more functions as impure (#5524) 
Fixes vimeo/psalm#5519
 2021-03-30 11:55:09 -04:00
Matt Brown
10ccbdd8be Add tainting for array keys 
Fixes #5470
 2021-03-24 15:32:56 -04:00
Matt Brown
937e68cc75 Change taint path names to prepare for allowing array key tainting 2021-03-24 15:23:56 -04:00
Samuel Mortenson
e07337650b
Make taint source keys unique to the added taints. (#5444) 2021-03-20 15:42:24 -04:00
Matt Brown
04f3e29f94 Expand documentation method return type to ensure we’re giving a fair shot 2021-03-18 11:07:02 -04:00
Matt Brown
3046468d1e Add hints for MixedAssignment issues 2021-03-17 01:10:42 -04:00
Claas Augner
3c66b755e2
Always return type inference summary, even if no files were analyzed due to caching (#5329) 
* Fix #5319 – Always return type inference summary

Even if no files were analyzed (e.g. due to caching).

* fix code style
 2021-03-06 17:20:01 -05:00
Matt Brown
f5ed12f038 Fix tests by removing references 2021-02-28 23:58:21 -05:00
Matt Brown
3f4bb25a35 Simplify reference map updates 2021-02-28 10:36:36 -05:00
Matt Brown
ad82c93edb Fix #5297 - be more sensitive to additions and deletions in language server mode 2021-02-28 01:36:06 -05:00
Bruce Weirdan
26978fcea1
Convert PHP errors / warnings / notices to exceptions (#5260) 
* Sort uses

* Add ErrorHandler

* Use new error handler

* Drop old exception handler

* Suppress error-triggered exceptions during external autoload calls
 2021-02-22 09:19:34 -05:00
Matt Brown
3106635953 Fix inference of conditional types when wildcard constant given 2021-02-20 12:21:52 -05:00
Matt Brown
bd6efd7cf2 Improve completion for namespaced classes 
cc @joehoyle - this mainly allows us to get a correct list when the user starts typing Foo (without the new before it) inside a namespace
 2021-02-14 23:25:13 -05:00
Matt Brown
6b53e79505 When there’s an irrecoverqable syntax error invalidate all issues in the file 2021-02-14 21:16:12 -05:00
Matt Brown
1d5020f59f Only match functions where the first character has the same case as stub 
cc @joehoyle - this prevents seeing lots of date_* functions when writing Date
 2021-02-14 20:08:31 -05:00
Joe Hoyle
4077de2c93
Add completions for functions (#5128) 
* Add completions for functions

Provide autocompletions in the LSP for all global functions and functions from namespaces used in the current context.

* Uncomment code

* PHPCS

* Simplify functions map

Co-authored-by: Matthew Brown <github@muglug.com>

* Switch to storing lowercase function string in array key

* Fix spacing

Co-authored-by: Matthew Brown <github@muglug.com>
 2021-02-12 16:59:47 -05:00
Matt Brown
03665b9646 Revert "Correct Psalm’s concept of string emptiness" 
This reverts commit 331ce8ead4.

It was too hasty
 2021-02-03 01:09:58 -05:00
Matt Brown
331ce8ead4 Correct Psalm’s concept of string emptiness 
It contrasted with PHP’s idea
 2021-02-02 23:07:51 -05:00
Matt Brown
15e87b13b8 Prevent infinite loop while scanning in some situations 2021-01-26 15:51:15 -05:00
Matt Brown
62a5a74640 Fix #5108 - prevent crash on 0 type 2021-01-26 14:06:43 -05:00
Matt Brown
dc7ffe2810 Fix long line 2021-01-24 14:02:55 -05:00
Joe Hoyle
531cd36767
Support completions on class references (#5085) 
* Support compleitions on class references

This provides completions on class references (as opposed to initiated objects via the type map), so you can do `MyClass::` and get completitions for static methods and constants etc.

* Only provide completions for references that don't exist
 2021-01-24 13:29:21 -05:00
Joe Hoyle
ba43e6d0f3
Remove file map cache when re-analyzing files (#5084) 
* Remove file map cache when re-analyzing files

When the project is re-analyzed under the single thread condition (not using a process pool), the filemaps are not cleared before re-analyzing files. This means that file maps only get appended to. If you delete the contents of a file via the LSP, the file map will still be populated with all the old values for example.

In doing this I had to write a few more tests to check my assumptions too, so adding those additional tests.

* Rename test

* Formatting

* Formatting again!
 2021-01-22 16:05:28 -05:00
Adrien LUCAS
6f1f680b2d
Add option to dump taint graph (#5080) 
* Add option to dump taint graph

* Fix types

* Simplify types

Co-authored-by: Matthew Brown <github@muglug.com>
 2021-01-22 16:04:15 -05:00
Bruce Weirdan
d659957b88
Resolve class aliases when accessing properties (#5068) 
* Resolve class aliases when accessing properties

* Moved Properties::getClasslikeStorage() to ClassLikes::getStorageFor()
 2021-01-21 19:38:17 -05:00
Vincent Langlet
c912b6c2b9
Catch InvalidArgumentException (#5061) 2021-01-20 17:42:45 -05:00
orklah
f9fccb2b2d
implement DTO for plugins (#4881) 
* implement DTO for plugins

* introduce EventHandler + reintroduce legacy API for plugins
 2021-01-06 09:05:53 -05:00
Matthew Brown
b3b2389aff Ignore recently-deleted files for scanning 2021-01-04 19:00:44 +00:00
orklah
09fb141e49
Document lowercase-string when possible (#4904) 
* document lowercase-string

* fix missing strtolower
 2020-12-29 11:42:12 +00:00
Matt Brown
fbaaf05f48 Fix psl inheritance stuff cc @azjezz 2020-12-13 16:58:03 -05:00
Matt Brown
e6dad6e65f Be smarter when choosing inherited param types 
Ref #4803
 2020-12-10 00:15:37 -05:00
Matt Brown
524084a64c Tighten up rules arouund when mutation-free methods get memoised 2020-12-08 16:39:06 -05:00
Matt Brown
3f155792a7 Allow nested specialisation 2020-12-04 15:44:29 -05:00
Matt Brown
fd67d41120 Fix #4769 – don’t use unique ids for new generated nodes 2020-12-04 15:44:29 -05:00
Matt Brown
fb88145780 Fix #4767 - rescan directly-affected class-interface relationships 2020-12-04 01:19:51 -05:00
Matt Brown
1a629ccc82 Fix a few issues 2020-12-01 18:26:15 -05:00
Matt Brown
75a6d88773 Fix #4705 - clear documenting method ids when scanning stubs 2020-12-01 11:23:38 -05:00
orklah
a760a2418a
support shift and bitwise operations in constants (#4740) 2020-11-29 21:43:49 -05:00
Matt Brown
4d22723525 Break out replacement of templated types with their inferred result 2020-11-29 16:16:16 -05:00
Matt Brown
15a5bd5e29 Simplify storage and retrieval of extended template params 2020-11-29 15:05:32 -05:00
Matt Brown
b717356f95 Simplify more things 2020-11-27 17:48:39 -05:00
Matt Brown
2626f008be Only show possibly unused params on methods that don’t extend others 2020-11-27 17:17:03 -05:00
Matt Brown
6db8132b4c Simplify call analysers a bit 
Ref #4714
 2020-11-27 16:31:10 -05:00
Matt Brown
5f065d3d74 Turn template bound tuples into object 
Ref #4714
 2020-11-27 11:43:30 -05:00
orklah
b6a3282589
Detect redundant cast (#4695) 
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
 2020-11-25 12:04:48 -05:00
orklah
2bf25d5f50
Emit an issue when returning a Stringable object when a string is expected (#4657) 
* Emit an issue when returning a Stringable object when a string is expected

* Fix issue in Psalm codebase
 2020-11-24 00:18:24 -05:00
Markus Staab
e5493f59cd
Mark finfo_open and finfo_file as impure (#4678) 
* Mark finfo_open and finfo_file as impure

* fix CS
 2020-11-23 15:19:50 -05:00
Markus Staab
d151f1c36e
mark file_get_contents as impurce (#4679) 2020-11-23 11:33:30 -05:00
Markus Staab
387bfbd9e0
is_file and is_dir should be impure (#4676) 
* `is_file` and `is_dir` should be impure

* newline

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-23 09:53:39 -05:00
Matt Brown
8325317e16 Fix #4674 - is_readable should be impure 2020-11-23 08:54:11 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
853432a6aa Fix tests 2020-11-22 16:24:33 -05:00
Matt Brown
6399707dd6 Prevent flows through TaintedInput-suppressed files 2020-11-22 16:04:57 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630) 
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
 2020-11-19 17:47:29 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Thomas Mauro Vargiu
4e8fb9c37f
Fix #4549 Better intersection between parent types (#4560) 2020-11-15 20:29:49 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
ec9762ce61 Prevent the same interface, repopulated, from confusing matters 2020-11-12 15:52:13 -05:00
Matt Brown
58c47ab32c Fix build 2020-11-12 14:22:54 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
929efcc1ac Use the same docblock as the source params, if possible 2020-11-12 09:14:40 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use 
Fixes #4524
 2020-11-11 19:22:23 -05:00
Matt Brown
5a5cbb2892 Increase nesting 2020-11-10 18:27:28 -05:00
Matt Brown
165e0db157 Fix style 2020-11-10 16:19:24 -05:00