1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-13 17:57:37 +01:00
Commit Graph

8184 Commits

Author SHA1 Message Date
gdejong
a183aafadc
Migrate PHPUnit configuration (#4710)
Co-authored-by: Gijs de Jong <gijs.de.jong@munisense.com>
2020-11-26 15:23:10 -05:00
Matt Brown
6de97e3779 Skip missing function params in taint analysis 2020-11-26 11:58:14 -05:00
Matt Brown
b224970281 Fix generic ArrayAccess creation cc @orklah 2020-11-26 10:00:03 -05:00
orklah
f7cfdaabd7
Allow reconciling between object and iterable (#4706)
* Allow reconciling between object and iterable

* add tests
2020-11-26 09:25:49 -05:00
orklah
4bbb72329e
Fix PHPMAXINT offset (#4707) 2020-11-26 09:24:32 -05:00
Matt Brown
01ceaf7006 Fix style issues 2020-11-25 21:36:37 -05:00
Matt Brown
0c477da310 Fix test failures 2020-11-25 20:05:09 -05:00
Markus Staab
a174b4c415
Document more taint types (#4704)
* Document more taint types

Taken from the TaintKind enum

* Add more of a description

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-25 19:28:02 -05:00
LeSuisse
e32ed43253
Fix incorrect taint sink map for \rmdir (#4703)
Closes #4690
2020-11-25 16:45:53 -05:00
Markus Staab
8a0feaffa9
Declare PdoStatement->fetchObject($class_name) a taint sink (#4701)
* Declare PdoStatement

* Change to a callable sink

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-25 15:50:19 -05:00
orklah
58736924dd
fix wrong cast to int when string offset is a number > MAX INT (#4702) 2020-11-25 15:48:53 -05:00
Matt Brown
f3e0201a99 Treat $a ?? $b identically to isset($a) ? $a : $b 2020-11-25 14:34:05 -05:00
Matt Brown
d40d63f180 Fix #4699 - treat isset like !== null when variable is defined 2020-11-25 14:04:55 -05:00
Matt Brown
6aa052475a Pass correct flags when referencing from finally 2020-11-25 14:04:55 -05:00
Markus Staab
d393b4a69d
Added PDOStatement->fetchObject() stub (#4693)
* Added PDOStatement->fetchObject() stub

* fix stub param

* fix Xdebug spelling

* Use extension_loaded check instead

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-25 12:08:04 -05:00
orklah
b6a3282589
Detect redundant cast (#4695)
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
2020-11-25 12:04:48 -05:00
Matthew Brown
1320081d27
Fix core return types 2020-11-25 11:49:51 -05:00
Matt Brown
39f26d9047 Remove suppressed issuue 2020-11-25 09:22:41 -05:00
Markus Staab
3dc311fd45
fixed exception message (#4692) 2020-11-24 16:04:34 -05:00
Matt Brown
f8ddc7e58a Add slash 2020-11-24 15:07:15 -05:00
orklah
45c6189190
restore str_split as a list (#4694) 2020-11-24 15:01:46 -05:00
Matt Brown
e9c00b8395 Switch order to satisfy new refinement 2020-11-24 14:57:34 -05:00
Matt Brown
41af653bd4 Add support for some dependent types 2020-11-24 14:50:35 -05:00
Matt Brown
27b7de285e Fix some stubs 2020-11-24 10:44:33 -05:00
Matt Brown
8ede667cad Remove debugging error 2020-11-24 08:06:26 -05:00
orklah
2bf25d5f50
Emit an issue when returning a Stringable object when a string is expected (#4657)
* Emit an issue when returning a Stringable object when a string is expected

* Fix issue in Psalm codebase
2020-11-24 00:18:24 -05:00
Benjamin Morel
5748a4e25a
Fix PdoStatementReturnTypeProvider (#4683)
* Fix PdoStatementReturnTypeProvider

Methods returning scalars may return null as well.

* Fix tests
2020-11-23 18:41:12 -05:00
Matthew Brown
9823824608
Add example from @ludofleury's solution 2020-11-23 17:25:30 -05:00
Benjamin Morel
e938933ff3
Fix PDOStatement::fetchObject() return type (#4682) 2020-11-23 15:52:14 -05:00
Matt Brown
2c5f767098 Fix tests 2020-11-23 15:51:58 -05:00
Olivier Doucet
70a130f11e
add CodeClimate output format (#4387)
* add CodeClimate output format

* cosmetic fixes

* add CodeClimate output format

* cosmetic fixes

* phpcs fixes
2020-11-23 15:34:51 -05:00
orklah
b6cb9785ac
Prevent illegal array keys (#4660)
* Emit an issue when an array-key is not legal

* tests
2020-11-23 15:20:39 -05:00
Markus Staab
e5493f59cd
Mark finfo_open and finfo_file as impure (#4678)
* Mark finfo_open and finfo_file as impure

* fix CS
2020-11-23 15:19:50 -05:00
Matt Brown
b14a62338e Fix test 2020-11-23 13:14:40 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
2020-11-23 13:10:51 -05:00
Markus Staab
d151f1c36e
mark file_get_contents as impurce (#4679) 2020-11-23 11:33:30 -05:00
Markus Staab
387bfbd9e0
is_file and is_dir should be impure (#4676)
* `is_file` and `is_dir` should be impure

* newline

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-23 09:53:39 -05:00
Matt Brown
8325317e16 Fix #4674 - is_readable should be impure 2020-11-23 08:54:11 -05:00
Matt Brown
10c0bcc4e2 Fix #4674 - is_readable should be impure 2020-11-23 08:45:27 -05:00
Matt Brown
17ceba5c06 Fix bug 2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843 Fix bugs 2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Lukas Reschke
a36c1af846
Add more verbose description for TaintedHtml (#4668)
Ref https://github.com/vimeo/psalm/issues/4590
2020-11-22 19:14:48 -05:00
Matt Brown
853432a6aa Fix tests 2020-11-22 16:24:33 -05:00
Matt Brown
6399707dd6 Prevent flows through TaintedInput-suppressed files 2020-11-22 16:04:57 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
Matt Brown
bd612c476c Break apart large function 2020-11-22 13:24:33 -05:00
Lukas Reschke
7ac42551de
Add some more flows (#4659)
* Add some more flows

- Adds all relevant JSON flows https://www.php.net/manual/en/ref.json.php
- Adds all relevant misc flows https://www.php.net/manual/en/ref.misc.php
- Adds a small subset of URL flows https://www.php.net/manual/en/ref.url.php

* Update CoreGenericFunctions.phpstub
2020-11-22 12:09:55 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00