danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-02 09:37:59 +01:00
Code Issues Projects Releases Wiki Activity
12,383 Commits 43 Branches 314 Tags 108 MiB
2efa6aefac
Commit Graph

12383 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
orklah
2efa6aefac
Merge pull request #9025 from kkmuffme/fix-method-phpdoc-errors-reported-for-stubs-instead-of-files 
fixes return type issues of methods reported for the wrong file
 2022-12-29 20:13:38 +01:00
orklah
5a6e8cb8e7
Merge pull request #9023 from kkmuffme/fix-union-never-wrong-return-type 
Fix never return union type wrong condition
 2022-12-29 20:11:38 +01:00
orklah
0101a9f483
Merge pull request #9024 from kkmuffme/fix-never-method-calls 
fix never return for MethodCalls
 2022-12-29 20:11:10 +01:00
kkmuffme
9130ee2614 fixes return type issues of methods reported for the wrong file 
fixes return type issues of methods reported for the wrong file

Fix #8457

See https://github.com/vimeo/psalm/pull/8503 which fixed this issue for functions
 2022-12-29 18:55:15 +01:00
kkmuffme
ac8f892d13 Fix never return union type wrong condition 
Fix never return union type wrong condition

Related https://github.com/vimeo/psalm/pull/8624
 2022-12-29 18:50:58 +01:00
kkmuffme
efc87277d1 fix never return for MethodCalls 
Related:
https://github.com/vimeo/psalm/pull/8902 https://github.com/vimeo/psalm/pull/8624
 2022-12-29 18:49:58 +01:00
orklah
5bfb87c624
Merge pull request #9022 from Ocramius/fix/#8983-allow-large-union-types-in-array-type-inference 
Better type inference and type checking for large union types used in array keys/values
 2022-12-29 10:48:05 +01:00
orklah
790c30959d
Merge pull request #9016 from Ocramius/feature/#5039-more-refined-types-for-explode-core-function 
Refined `explode()` types
 2022-12-29 10:23:18 +01:00
Marco Pivetta
e6600fea21 Better type inference and type checking for large union types used in array keys/values 
Fixes #8983

This patch adds a basic test showing that, when reaching a union type with 30 elements
or more, Psalm used to fail with an error, because the large union type got simplified
into a more general type as part of performance optimizations done in `TypeCombiner::combine()`.

This means that a type like `array<1|2|3|(etcetera...)|100, mixed>` was internally
simplified to `array<int, mixed>`, after reaching 30 elements or more, which in turn
led to problems and confusing errors when large union types are in play.

Such union types are relatively common in lookup-table-alike value objects.

By removing the hardcoded call-time limit of `30` types to be combined, we hereby
rely on the default `TypeCombiner::combine()` limit of `500` items, which is more
healthy.

This may come with some performance implications, but it is worth trying out, for
now.

Further parameters passed to `TypeCombiner::combine()` that were already matching
parameter default values were also omitted from the call-sites.
 2022-12-29 10:05:23 +01:00
orklah
9770e113c3
Merge pull request #9020 from orklah/isContainedbug 
Is containedbug
 2022-12-28 23:46:38 +01:00
orklah
a290729087 fix test 2022-12-28 23:33:28 +01:00
orklah
a8fd349e07 fix #7809 2022-12-28 23:29:33 +01:00
orklah
94f9d48bca
Merge pull request #9019 from mmcev106/prevent-erroneous-escapes 
Prevent DB escaping functions from affecting non-sql taints
 2022-12-28 21:32:12 +01:00
Mark McEver
53c3f1ebb3 Prevent other DB escaping functions from escaping non-sql taints 2022-12-28 14:19:01 -06:00
orklah
435acb823c
Merge pull request #9018 from orklah/TClosure 
create proper TClosure instead of TNamedObject with a Closure value
 2022-12-28 20:53:52 +01:00
orklah
a0a9d979d5 remove useless import 2022-12-28 20:47:50 +01:00
orklah
fa4891ce58 create proper TClosure instead of TNamedObject with a Closure value 2022-12-28 20:42:59 +01:00
Mark McEver
69f31dcd4a Prevent mysqli escaping functions from escaping non-sql taints 2022-12-28 13:39:01 -06:00
orklah
1bd0644124
Merge pull request #9017 from orklah/isnotaclass 
Add getAtomicType to IsNotAClass for proper negation Reconciliation
 2022-12-28 19:22:48 +01:00
orklah
58853c00f8 add test 2022-12-28 19:13:03 +01:00
orklah
e52664deea Add getAtomicType for IsNotAClass for proper negation Reconciliation 2022-12-28 19:04:23 +01:00
Marco Pivetta
45f743f851 Adjusted assertDifferentTypeOfArray test to avoid intersecting incompatible string arrays 
Getting one interesting failure caused by the `lowercase-string` refinement done before:

```
  There was 1 error:

  1) Psalm\Tests\AssertAnnotationTest::testValidCode with data set "assertDifferentTypeOfArray" ('<?php\n                    /*...ts[1];')
  Psalm\Exception\CodeException: DocblockTypeContradiction - src/somefile.php:21:21 - Cannot resolve types for $parts - docblock-defined type list{0: lowercase-string, 1?: lowercase-string} does not contain list{string, string}
```

Happens on this bit:

```php
           'assertDifferentTypeOfArray' => [
                'code' => '<?php
                    /**
                     * @psalm-assert list{string, string} $value
                     * @param mixed $value
                     */
                    function isStringTuple($value): void {
                        if (!is_array($value)
                            || !isset($value[0])
                            || !isset($value[1])
                            || !is_string($value[0])
                            || !is_string($value[1])
                        ) {
                            throw new \Exception("bad");
                        }
                    }

                    $s = "";

                    $parts = explode(":", $s, 2);

                    isStringTuple($parts);

                    echo $parts[0];
                    echo $parts[1];',
            ],
```

If I change this to:

```
@psalm-assert list{lowercase-string, lowercase-string} $value
```

Then everything works: I'm wondering if this error has to do with array intersections, and whether suppressing it suffices.

For now, changing the input string, so it is not a `lowercase-string`, is sufficient.
 2022-12-28 17:57:33 +01:00
Marco Pivetta
c0c0116809 Using list{0: string, 1?: string} syntax for more precise array key types 
Thanks to @orklah's feedback, the `explode()` return type is now much more precise too.

Ref: https://github.com/vimeo/psalm/pull/9016#discussion_r1058458616
 2022-12-28 17:48:33 +01:00
Marco Pivetta
6341d7fef0 Adjusted existing tests to the new signature of explode() 
Note how the signature became `array{0: string, 1?: string, 2?: string, array<int, string>}`,
which may be a side-effect of unions between a defined hashmap structure with array
keys, and `list<string>`.
 2022-12-28 17:39:06 +01:00
Marco Pivetta
bfded43614 Ensure that explode($d, lowercase-string) produces list<lowercase-string> types 
This specific distinction seems to be very important for Psalm, as `explode()` and
`lowercase-string` are used aggressively across the codebase.

Also, this change expands the baseline by a few entries, since some of the code locations
instide Psalm itself have un-checked list destructuring operations, as well as array
access calls on potentially undefined array keys produced by `explode()`, which were
previously just `list<string>`, and are now `array{0: string, 1?: string}`, which is
a bit more precise.
 2022-12-28 17:26:25 +01:00
Marco Pivetta
04999b172a Refined explode() types 
Fixes #5039

This patch removes the need for a custom function return type
provider for `explode()`, and instead replaces all that with a single
stub for the `explode()` function, which provides types for some of
the most common `$limit` input values.

With this change, the `$delimiter` is enforced to be a `non-empty-string`,
which will lead to downstream consumers having to adjust some code accordingly,
but that shouldn't affect the most common scenario of exploding a string
based with a constant `literal-string` delimiter, which most PHP devs tend to do.

This change didn't come with an accompanying test, since that would be a bit
wasteful, but it was verified locally with following script:

```php
<?php

$possible0  = explode(',', 'hello, world', -100);
$possible1  = explode(',', 'hello, world', -1);
$possible2  = explode(',', 'hello, world', 0);
$possible3  = explode(',', 'hello, world', 1);
$possible4  = explode(',', 'hello, world', 2);
$possible5  = explode(',', 'hello, world', 3);
$possible6  = explode(',', 'hello, world', 4);
try {
    $impossible1 = explode('', '', -1);
} catch (Throwable $impossible1) {}

$traced = [$possible0, $possible1, $possible2, $possible3, $possible4, $possible5, $possible6, $impossible1];

/** @psalm-trace $traced */

var_dump($traced);

return $traced;
```

Running psalm locally, this produces:

```
psalm on  feature/#5039-more-refined-types-for-explode-core-function [?] via 🐘 v8.1.13 via ❄️  impure (nix-shell)
❯ ./psalm --no-cache explode.php
Target PHP version: 7.4 (inferred from composer.json) Extensions enabled: dom, simplexml (unsupported extensions: ctype, json, libxml, mbstring, tokenizer)
Scanning files...
Analyzing files...

░

To whom it may concern: Psalm cannot detect unused classes, methods and properties
when analyzing individual files and folders. Run on the full project to enable
complete unused code detection.

ERROR: InvalidArgument - explode.php:11:28 - Argument 1 of explode expects non-empty-string, but '' provided (see https://psalm.dev/004)
    $impossible1 = explode('', '', -1);

ERROR: PossiblyUndefinedGlobalVariable - explode.php:14:96 - Possibly undefined global variable $impossible1 defined in try block (see https://psalm.dev/126)
$traced = [$possible0, $possible1, $possible2, $possible3, $possible4, $possible5, $possible6, $impossible1];

ERROR: ForbiddenCode - explode.php:18:1 - Unsafe var_dump (see https://psalm.dev/002)
/** @psalm-trace $traced */

var_dump($traced);

ERROR: Trace - explode.php:18:1 - $traced: list{0: array<never, never>, 1: non-empty-list<string>, 2: list{string}, 3: list{string}, 4: array{0: string, 1?: string}, 5: array{0: string, 1?: string, 2?: string}, 6: non-empty-list<string>, 7?: Throwable|non-empty-list<string>} (see https://psalm.dev/224)
/** @psalm-trace $traced */

var_dump($traced);

------------------------------
4 errors found
------------------------------

Checks took 6.31 seconds and used 265.386MB of memory
Psalm was unable to infer types in the codebase
```

The actual runtime behavior on PHP 8.x: https://3v4l.org/0NKlW

```
array(8) {
  [0]=>
  array(0) {
  }
  [1]=>
  array(1) {
    [0]=>
    string(5) "hello"
  }
  [2]=>
  array(1) {
    [0]=>
    string(12) "hello, world"
  }
  [3]=>
  array(1) {
    [0]=>
    string(12) "hello, world"
  }
  [4]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [5]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [6]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [7]=>
  object(ValueError)#1 (7) {
    ["message":protected]=>
    string(51) "explode(): Argument #1 ($separator) cannot be empty"
    ["string":"Error":private]=>
    string(0) ""
    ["code":protected]=>
    int(0)
    ["file":protected]=>
    string(9) "/in/0NKlW"
    ["line":protected]=>
    int(11)
    ["trace":"Error":private]=>
    array(1) {
      [0]=>
      array(4) {
        ["file"]=>
        string(9) "/in/0NKlW"
        ["line"]=>
        int(11)
        ["function"]=>
        string(7) "explode"
        ["args"]=>
        array(3) {
          [0]=>
          string(0) ""
          [1]=>
          string(0) ""
          [2]=>
          int(-1)
        }
      }
    }
    ["previous":"Error":private]=>
    NULL
  }
}
```

On PHP 7:

```
Warning: explode(): Empty delimiter in /in/0NKlW on line 11
array(8) {
  [0]=>
  array(0) {
  }
  [1]=>
  array(1) {
    [0]=>
    string(5) "hello"
  }
  [2]=>
  array(1) {
    [0]=>
    string(12) "hello, world"
  }
  [3]=>
  array(1) {
    [0]=>
    string(12) "hello, world"
  }
  [4]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [5]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [6]=>
  array(2) {
    [0]=>
    string(5) "hello"
    [1]=>
    string(6) " world"
  }
  [7]=>
  bool(false)
}
```
 2022-12-28 17:11:40 +01:00
orklah
7b8b44ca21
Merge pull request #9014 from theodorejb/patch-1 
Fix PHPCS trailing comma
 2022-12-28 16:55:51 +01:00
Theodore Brown
e4b0343f76
Fix PHPCS trailing comma 2022-12-28 09:35:34 -06:00
orklah
dbcfe62c52
Merge pull request #8987 from jack-worman/Always_check_unused_methods_and_properties 
Add @psalm-api annotation
 2022-12-28 15:20:48 +01:00
orklah
d338b00cb7
Merge pull request #8999 from VincentLanglet/union 
Preserve from_docblock in TypeCombiner
 2022-12-28 10:08:12 +01:00
Vincent Langlet
a263e5d42c Simplify 2022-12-28 09:30:41 +01:00
orklah
41ae518800
Merge pull request #9001 from fluffycondor/http_response_header-non-empty-list 
Make `$http_response_header` a non-empty-list
 2022-12-28 00:27:30 +01:00
orklah
9892ef2fab
Merge pull request #9011 from mathe42/patch-1 
feat: add xdebug_info (fixes #8977)
 2022-12-27 19:40:33 +01:00
Sebastian Krüger
ddf846b8c7
.xdebug_info only available for php >= 2022-12-27 18:39:41 +01:00
Sebastian Krüger
c74aacdeee
feat: add xdebug_info (fixes #8977) 2022-12-27 17:45:58 +01:00
Bruce Weirdan
9f5314b146
Merge pull request #9009 from weirdan/allow-no-return-type-on-destructors 
Fixes https://github.com/vimeo/psalm/issues/9008
 2022-12-26 15:58:50 -04:00
Bruce Weirdan
52da29e389
Do not require return type on destructors in interfaces 
Fixes vimeo/psalm#9008
 2022-12-26 15:45:44 -04:00
Bruce Weirdan
c1273a8c51
Merge pull request #9007 from lptn/imap_is_open 2022-12-26 12:16:40 -04:00
Alies Lapatsin
f700feb5b5 Add imap_is_open() to PHP 8.2 dictionary (Only as of PHP 8.2.1) 2022-12-26 16:19:03 +01:00
Alies Lapatsin
6cd85b9b84 Add imap_is_open() to PHP 8.2 dictionary 2022-12-26 16:14:20 +01:00
Vincent Langlet
b1f1ca6d7e Try 2022-12-25 19:11:54 +01:00
Vincent Langlet
a8ef02db5a Real fix 2022-12-25 17:35:47 +01:00
orklah
e26ce993c7
Merge pull request #9000 from jack-worman/restrictReturnTypes_configuration 
restrictReturnTypes configuration documentation
 2022-12-25 16:14:09 +01:00
fluffycondor
bfc00056e3 Add test 2022-12-25 11:50:09 +06:00
fluffycondor
040737de24 Fix non-empty-list class 2022-12-25 11:45:56 +06:00
fluffycondor
032f01114e Fix test 2022-12-25 11:41:34 +06:00
fluffycondor
a077bd4351 Make http_response_header possibly undefined 2022-12-25 11:38:51 +06:00
Bruce Weirdan
58ae7480c9
Merge pull request #9002 from jack-worman/forbidden_functions_bug 2022-12-24 15:42:47 -04:00
Jack Worman
1bb9eb4cfc forbidden function bug and better get_defined_functions() signature 2022-12-24 12:34:40 -06:00
fluffycondor
69da58d578 Make http_response_header a non-empty-list of non-falsy-string 2022-12-25 00:02:58 +06:00