Matt Brown
a871d0dd58
Fix dumb bug
2021-03-18 11:27:32 -04:00
Matt Brown
e919e41114
Improve labelling
2021-03-18 11:18:49 -04:00
Matt Brown
3046468d1e
Add hints for MixedAssignment issues
2021-03-17 01:10:42 -04:00
Matt Brown
f2d202e2bb
Add less severe issue for docblock property type invariance cc @bdsl
...
This is less likely to break everything
2021-02-07 00:52:29 -05:00
Bruce Weirdan
04bb2b1182
Prevent invalid Traversable implementation ( #5171 )
...
* Prevent invalid Traversable implementation
Fixes vimeo/psalm#5167
* Document new issue
* CS fix
2021-02-06 22:10:05 -05:00
Barney Laurance
0cd5442c47
Enforce property type invariance ( #5131 )
...
* Implement NonInvariantChildProperty detection
See https://github.com/vimeo/psalm/issues/4184
* Delete test cases with 'parentSetsWiderTypeInConstructor'
As I understand it these are not valid test cases. They
emit NonInvariantPropertyType issues which seems correct - the property
type variation is I think a latent bug in the sample code.
* Reduce shortcode for NonInvariantPropertyType to 1+max used shortcode on master
2021-01-31 11:32:24 -05:00
Matthew Brown
7764a4ce6c
Fix #4912 - detect mismatching property type
2020-12-29 16:37:03 +00:00
Matt Brown
e7f9ce6da0
Break out RedundantCast issues
2020-12-01 17:25:45 -05:00
Matthew Brown
60ac109c01
Add RedundantPropertyInitializationCheck ( #4732 )
...
* Add RedundantPropertyInitializationCheck
* add documentation for RedundantPropertyInitializationCheck (#4734 )
Co-authored-by: orklah <orklah@users.noreply.github.com>
2020-11-29 11:57:20 -05:00
Matt Brown
ffabce19c5
Add complex issue error
2020-11-27 17:02:37 -05:00
Matt Brown
2c77424e16
Fix #4656 - separate UnusedConstructor from UnusedMethod
2020-11-22 11:48:17 -05:00
Matt Brown
78d644d1a1
Change TaintedText to TaintedCallable
2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' ( #4630 )
...
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'
* Add documentation
* Add mapping for taint flows
* Add tests
* Fix test
2020-11-19 17:47:29 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category ( #4604 )
...
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks ( #4592 )
2020-11-18 00:52:48 -05:00
Matt Brown
43af3b1a57
Break out TaintedInput issues into a lot of separate ones
2020-11-17 12:44:31 -05:00
Matt Brown
579327a470
Detect when targets are incorrectly targeted
2020-10-30 13:28:45 -04:00
Matt Brown
f8eee22f77
Add basic support for PHP attributes
...
Ref #4367 - supports creation and argument checks
2020-10-24 00:10:22 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} ( #4361 )
...
* initial implementation of psalm-require-extends
* Added @psalm-require-implements
* Added shortcode for ExtensionRequirementViolation
* Docs & cofig entries for @pasalm-require-{implements,extends}
* Added requirement violations to issues.md
2020-10-19 15:08:18 -04:00
Matt Brown
516141a380
Rename ControlFlowGraph to more appropriate DataFlowGraph
2020-10-13 16:49:03 -04:00
orklah
62e79fb7ea
param types ( #4313 )
2020-10-12 15:46:47 -04:00
Matt Brown
63a11bae15
4.x - Support named arguments
...
Ref #4089
2020-10-02 20:27:01 -04:00
Brown
56cddd16bf
Rename TaintGraph to ControlFlowGraph because it’s about to do more
2020-09-20 23:59:52 -04:00
orklah
1a1b88bb5e
add visibilities to constants ( #4219 )
2020-09-20 12:54:46 -04:00
orklah
ead107fa9e
More return types ( #4173 )
...
* add native return types
* redundant phpdoc
2020-09-12 11:24:05 -04:00
Brown
6ffe471525
Make new InvalidLiteralArgument issue for strpos refs
...
Ref #4070
2020-09-10 22:54:32 -04:00
Brown
eda426a594
Improve unique issue solution
2020-09-10 22:54:30 -04:00
orklah
8c7423505a
add native param types ( #4137 )
...
* add native param types
* redundant phpdoc
* add more param types and adds "?" to nullable types
* remove redundant phpdoc
* add more param types and remove redundant phpdoc
* add more param types and remove redundant phpdoc
2020-09-06 19:36:47 -04:00
orklah
f66d57f19d
add native return types ( #4116 )
...
* add native return types
* remove redundant phpdoc
2020-09-04 16:26:33 -04:00
Bruce Weirdan
ffb316a9e6
Converted MissingPropertyType to property issue ( #4099 )
...
Fixes vimeo/psalm#2200
2020-09-01 09:21:03 -04:00
Brown
3cdb13f7ab
Fix issues
2020-08-31 23:03:36 -04:00
Brown
92239add4d
Add some backwards-incompatible changes for 4.x
2020-08-30 11:44:14 -04:00
Brown
02a2e99d42
Only add pure to functions with params
2020-08-23 18:41:31 -04:00
Brown
c8ea4b4e8b
Prohibit property fetches from pure contexts except when they’re on immutable objects
2020-08-23 10:57:24 -04:00
Olle
3630b4a2f9
Merge remote-tracking branch 'remotes/upstream/master'
2020-08-18 15:59:46 +00:00
Bruce Weirdan
7adc25c421
Improve import errors ( #3997 )
...
* Better errors for invalid type imports
Fixes vimeo/psalm#3885
* Finishing touches
Docs, schema, CS
* Drop unused import
* Drop more unused imports
2020-08-16 22:53:53 -04:00
Bruce Weirdan
22d8f5a0bc
Fixed duplicate shortcodes ( #3996 )
...
Also added an utility to help assign new shortcodes and a test to
prevent duplicate shortcodes.
2020-08-16 16:26:54 -04:00
Brown
6def99d653
Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch
2020-08-10 12:26:25 -04:00
Matthew Brown
6085e42fc1
Detect mismatching param names effectively
2020-08-10 09:58:43 -04:00
Brown
c0b0036109
Fix #3934 - prevent unsafe use of new static
2020-08-05 19:39:27 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true ( #3893 )
...
Using === true on a known boolean results in the same boolean.
2020-07-25 17:27:45 -04:00
kesselb
aaba3a08ec
Add option to supress a referenced but undefined global variable. ( #3827 )
2020-07-16 09:49:59 -04:00
Olle
45457acdf7
Merge remote-tracking branch 'upstream/master'
2020-07-08 19:55:03 +00:00
Olle
285348efe9
New annotation: @psalm-if-this-is
2020-07-08 19:51:02 +00:00
Brown
17558a5c0e
Fix #3676 - add multiline output for TaintedInput issues
2020-06-30 13:17:51 -04:00
Andrei Petre
3497ca07b6
Extending final class is prohibited #3037 ( #3576 )
2020-06-13 00:29:59 -04:00
Brown
8c86d47eb7
Downgrade some PossiblyInvalidClone
issues
2020-05-18 17:18:13 -04:00
Evgeniy
04a576708c
Correct analyze clone expression ( #3382 )
...
* Correct analyze clone, add PossibleInvalidClone issue type
* Infer mixed type when possible incorrect clone
* Remove unused variable
2020-05-18 16:22:50 -04:00
m0003r
28f740fddb
@psalm-trace is now a specific low-level issue, because plain debug print breaks structured output (after #3080 ) ( #3106 )
2020-04-08 21:03:05 -04:00
Matthew Brown
44713a48ac
Add default shortcode
2020-03-20 14:41:25 -04:00
Matthew Brown
a237ba307c
Use simpler method for generating links
2020-03-19 17:12:16 -04:00
Matthew Brown
309a229db1
Add codes to all issues
2020-03-17 09:19:47 -04:00
Matthew Brown
0aca01faea
Improve fix to #2805
2020-03-14 01:09:12 -04:00
Matthew Brown
0d62fbdf98
Detect erroneous abstract static method calls
2020-03-11 10:18:40 -04:00
Matthew Brown
a706f4d722
Fix #2242 - warn when using mutable dependencies
2020-02-22 10:04:46 -05:00
Brown
7d99a15072
Fix #2805 - forbid passing in mutable class to mutation-free context
2020-02-21 18:25:35 -05:00
Matthew Brown
a55686b6e4
Move to more appropriate location
2020-02-17 22:21:04 -05:00
Matthew Brown
99a97f4085
Update issue levels
2020-02-17 16:32:16 -05:00
Matthew Brown
01d3d9270f
Change constant name and meaning
2020-02-17 00:04:46 -05:00
Matthew Brown
39afe9b4ff
Add levels to every issue
2020-02-16 20:55:09 -05:00
Matthew Brown
d281a6796b
Fix lagging comma
2020-02-16 18:26:24 -05:00
Matthew Brown
196a0a5c4e
Replace issue data array with object
2020-02-16 18:24:40 -05:00
Matthew Brown
5c3ec7a531
Fix #2696 - make sure static property references are prevented in pure functions
2020-01-27 22:55:20 -05:00
Brown
da43b8188f
Fix #2632 - detect invalid by-ref assignments in pure functions
2020-01-23 14:21:34 -05:00
Brown
083fbc55e1
Add more specific UndefinedMagicMethod issue
2020-01-06 14:23:33 -05:00
Matthew Brown
867511d7fd
Use more specific error magic properties
2020-01-05 21:07:26 -05:00
Brown
af5f83602e
Break out more specific possibly defined offset errors
2019-11-11 09:59:56 -05:00
Bruce Weirdan
79acbadfad
Added InvalidParent issue ( #2320 )
...
Refs vimeo/psalm#2304
2019-11-11 00:21:43 -05:00
Matthew Brown
9c629414a7
Fix #2138 - complain when inheriting from immutable interfaces without annotation
2019-09-21 22:52:30 -04:00
Brown
c5ef2516b5
Fix #2150 - add detection for unnecessary @var annotations
...
And also remove them from codebase
2019-09-19 11:59:43 -04:00
Matthew Brown
51e552665e
Fix #2061 - add config to allow suppression of string increment issues
2019-09-01 17:49:37 -04:00
Matthew Brown
dee2cf3281
Detect use of static inside pure function
2019-08-31 21:31:53 -04:00
Matthew Brown
6d07663d70
Annotate method getters more accurately
2019-08-30 16:40:32 -04:00
Brown
95c61db513
Add a PossibleRawObjectIteration issue
2019-08-20 12:06:02 -04:00
Matthew Brown
2a5e0d8f39
Fix #1444 - track unused suppressions
2019-08-18 14:27:50 -04:00
Brown
b5614d03f8
Add detection for unused function calls
2019-08-13 13:15:23 -04:00
Matthew Brown
b2c0993cdc
Add framework for taint analysis to Psalm
...
Ref #611
2019-08-04 10:37:36 -04:00
Matthew Brown
3df248eea2
Add concept of purity to functions and methods
2019-07-18 01:31:48 -04:00
LeSuisse
f29826b958
Fully qualify constants and function calls ( #1849 )
...
This should give a small performance boost.
Part of #1837 .
The change is enforced via phpcs and can be autofixed
with phpcbf.
2019-06-26 16:52:29 -04:00
Matthew Brown
5a64e97f0f
Fix #1793 - warn on deprecated function
2019-06-15 12:09:15 -04:00
Brown
b00d51b7db
Allow misplaced required params so Psalm still inspects the code
2019-06-07 09:25:12 -04:00
Brown
9aeaf1a4ed
Fix #1746 - allow DeprecatedInterface to be suppressed with referencedClass
2019-06-06 14:48:33 -04:00
Matthew Brown
fd3235d785
Reduce duplicate trait messages
2019-05-27 10:10:21 -04:00
Brown
4a434d9a2f
Add separate issue for undefined classes in docblocks
2019-05-15 18:41:26 -04:00
Brown
30cbcb6c36
Add ImplementedParamTypeMismatch issue
...
Fixes #1633
2019-05-14 15:44:46 -04:00
Brown
0e4c8ce482
Split apart TypeCoercion issues, allowing more granular issue filtering
2019-04-25 18:02:19 -04:00
Brown
af4d10cb63
Fix #1499 - use TraitMethodSignatureMismatch when dealing with trait methods
2019-03-29 14:09:06 -04:00
bugreportuser
976c2c5ef3
Add an error for throws in global scope
2019-03-24 23:03:37 -04:00
Matthew Brown
472ab29d74
Add PossiblyInvalidCast for more refined checks
2019-03-17 17:10:51 -04:00
Brown
b3a59d2638
Fix #1435 - prevent classes extending interfaces
2019-03-07 11:16:40 -05:00
Brown
bd372e93af
Add config flags for findUnusedVariables and findUnusedCode
2019-03-05 15:45:09 -05:00
Matthew Brown
cdae79b9fe
Fix unnecessary params in Psalm codebase
2019-02-23 11:31:33 -05:00
Bruce Weirdan
cb453a8da9
Allow suppressing UnusedClass on specific classes
...
This allows suppressing UnusedClass with either `referencedMethod` or
`@psalm-suppress`
Fixes vimeo/psalm#1353
2019-02-18 09:32:09 -05:00
Brown
3deea3980d
Add checks for unitialized properties
...
Fixes #1328
2019-02-13 13:32:19 -05:00
Matthew Brown
c58100e3af
Fix #1313 - don’t allow mixed function calls
2019-02-10 16:15:52 -05:00
Brown
fcc9d1a979
Fix #1244 and fix #1243 - add template-extends checks
2019-01-25 15:31:17 -05:00
Brown
cd0a7441d9
Add warnings for extended template param counts off
2019-01-24 17:55:03 -05:00
Brown
8a97e32e16
Add code to make handling interfaces with magic get/set
...
Ref #1228
2019-01-23 16:58:50 -05:00
Matthew Brown
c43734f3ab
Don’t localise PropertyNotSetInConstructor issues
2019-01-15 21:34:18 -05:00
Matthew Brown
bd9f2ec546
Add separate issue type for undefined interface method
2019-01-13 13:07:53 -05:00