1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 02:47:02 +01:00
Commit Graph

6523 Commits

Author SHA1 Message Date
Matt Brown
5a94043a7f Unbreak gettype support 2020-10-02 20:33:35 -04:00
Matt Brown
63a11bae15 4.x - Support named arguments
Ref #4089
2020-10-02 20:27:01 -04:00
Matt Brown
2cd306b75c Promoted properties are always initialized 2020-10-02 19:44:58 -04:00
Matt Brown
5bcd1bbb75 4.x - add support for get_debug_type function
Ref #4089
2020-10-02 19:15:47 -04:00
Matt Brown
74934ffdbb 4.x - rename GetClassT to TDependentGetClass 2020-10-02 18:47:23 -04:00
Matt Brown
211553c53f Support property type promotion ref #4089 2020-10-02 18:31:32 -04:00
Matt Brown
6866e443dc Small refactor 2020-10-02 18:24:46 -04:00
orklah
17d53974e6
change label (#4272) 2020-10-02 15:08:26 -04:00
Matt Brown
c9e47450a7 Fix #4266 - prevent OOM when analysing closure unioned with invokable class 2020-10-02 00:47:42 -04:00
Matt Brown
6ad5e1c013 Fix #4264 - prevent crash when analysing file with duplicate classes 2020-10-01 15:07:25 -04:00
Matt Brown
35081c0d21 Ensure catch variables are marked as used 2020-09-30 13:51:02 -04:00
Matt Brown
fc001cdf65 Treat func_get_args as using function params 2020-09-30 13:08:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Matt Brown
169b2b7023 Fix analysis when there’s a break in a loop after a reassignment 2020-09-30 00:04:07 -04:00
David de Boer
046725bd21
Fix: allowMissingFiles not respected for ignored files (#4259) 2020-09-29 11:27:35 -04:00
1eca537209
Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs (#4255)
* Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs

* Add SplFixedArray
2020-09-29 11:27:12 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
1afbce82ca Ensure loop marks vars as possibly assigned 2020-09-27 17:50:48 -04:00
Bruce Weirdan
d9776aa710
Fixes crash due to class/filename mismatch (#4247)
Introduced in 56cddd16bf
2020-09-26 13:31:38 -04:00
Brown
4f28b38556 Fix unused var in finally false-positive 2020-09-25 10:20:22 -04:00
Brown
c17bacd682 Prevent duplicate switch return types 2020-09-25 09:45:20 -04:00
Brown
d52d7ef6aa Add extra loops for more reliable analysis 2020-09-25 00:59:58 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
orklah
83ca918824
preg_split can't take null in limit (#4236)
* preg_split can't take null in limit

* fix wrong type in preg_split
2020-09-22 13:46:37 -04:00
aheart
8da6feb7b7
Filter selected text to prevent invalid XML (#4234) 2020-09-22 13:44:14 -04:00
orklah
37a2f8a33d
unused use statements (#4228) 2020-09-22 01:10:46 -04:00
Brown
3593a120f3 Add missing = true 2020-09-22 01:10:11 -04:00
orklah
250fa8e42d
misc changes (#4227)
* misc changes

* misc changes
2020-09-22 00:44:31 -04:00
Brown
275c6bf4e7 Propagate has_returned flag 2020-09-22 00:43:13 -04:00
Brown
3015aca2df Fix fudging var 2020-09-21 16:23:44 -04:00
Brown
b501db6dd2 Skip currently-failing undefined variable test 2020-09-21 16:01:14 -04:00
Brown
cdb2b5caf6 Be a little bit more robust in finally handling 2020-09-21 15:37:10 -04:00
Brown
3e0f449163 Detect more issues inside finally block 2020-09-21 15:16:19 -04:00
Brown
fe94ae0603 Make sure to union try-set vars 2020-09-21 14:33:34 -04:00
Brown
7bd1c43be1 Don’t forget control actions 2020-09-21 11:18:30 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
70b8c8c0e4 Revert StatementsAnalyzer change 2020-09-20 21:01:59 -04:00
Brown
ef612ea598 Fix tests 2020-09-20 20:58:34 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
de16308f2e
useless comparison (#4223)
* remove unused code

* fix wrong fix
2020-09-20 13:01:27 -04:00
Brown
cf8dcc163e Use shuffled files 2020-09-20 12:59:32 -04:00
orklah
24a38f21ce
Use array destructuring when possible (#4221)
* list usage

* fix inversion
2020-09-20 12:55:38 -04:00
orklah
b4bfbb6a28
remove incorrect inheritDoc (#4220) 2020-09-20 12:55:10 -04:00
orklah
1a1b88bb5e
add visibilities to constants (#4219) 2020-09-20 12:54:46 -04:00
Brown
ef3cf67f50 Fix #4198 - make analysis of class-string property assignments more robust 2020-09-20 09:18:35 -04:00
orklah
cb7065ae07
replace deprecated methods with their equivalent (#4217) 2020-09-20 08:56:49 -04:00
orklah
a9a364e363
Misc improvements (#4216)
* misc changes

* fix CI
2020-09-20 08:55:28 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211)
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
2020-09-19 18:26:51 -04:00
Brown
1ac527bbf1 Meke staticy methods properly static 2020-09-19 18:24:36 -04:00
Brown
62d43817f6 Fix #4206 - add shortcut for if ((bool) $foo) 2020-09-19 18:15:12 -04:00
Brown
0ae436d335 Fix a couple of false-positive redundant conditions 2020-09-19 18:12:14 -04:00
Brown
72d1d799b1 Fix #4208 - array with possibly-undefined keys isn‘t really sealed 2020-09-19 15:46:54 -04:00
Brown
f973937aec Fix #4209 - allow hinting arrow function return type 2020-09-19 14:59:19 -04:00
Brown
a8a2a4cb66 Fix #4210 - fix __invoke declaration tracing 2020-09-19 14:18:52 -04:00
Brown
94ed53b25a func_num_args is pure
fixes #4215
2020-09-19 13:58:29 -04:00
orklah
5db75dfbf2
align default value with documentation (#4188) 2020-09-17 21:40:19 -04:00
Brown
363887a445 Add explicit offset
Fixes #4202
2020-09-17 21:35:30 -04:00
Daniel Badura
7d5dbd3f38
add random_int as stub, returns positive-int if min is positive-int (#4199) 2020-09-17 08:31:31 -04:00
orklah
191495328a
Fix errors in return types (#4189)
* FunctionLikeAnalyzer::verifyReturnType returns void

* ArrayFunctionArgumentsAnalyzer::checkArgumentsMatch returns void

* AssertionFinder::scrapeAssertions can't return null
2020-09-16 17:35:55 -04:00
Brown
dda013dc2e Only refine for matching closure union members
Ref #4136
2020-09-15 09:40:27 -04:00
Brown
0b209864fe Improve accuracy of array_filter 2020-09-14 13:31:53 -04:00
Brown
8d7fe83e2a Improve array_merge return type 2020-09-14 13:06:15 -04:00
Brown
b10c1ac280 Fix style 2020-09-14 12:19:30 -04:00
Brown
1f3215d36b Support more array intersections in type parsing 2020-09-14 12:13:33 -04:00
Brown
02b725f8a2 Add back suppression 2020-09-14 11:02:04 -04:00
Brown
a37a3c5c96 Make sure all written entries are correctly sorted 2020-09-14 11:00:15 -04:00
Brown
17a0ecb60e Fix regression – detect unused params with defaults again 2020-09-14 10:58:36 -04:00
Brown
1df3c9365c Fix template check 2020-09-14 10:00:09 -04:00
Brown
77e84b3817 Fix a few more things 2020-09-13 23:28:31 -04:00
Brown
c4450b930c Fix various things 2020-09-13 22:39:03 -04:00
Brown
249903e18a Fix style issues 2020-09-13 21:45:07 -04:00
Brown
56bae3b587 Add check for strpos dictionaries
Ref #4070
2020-09-13 21:42:44 -04:00
Brown
8f8dbfbd72 Fix #4122 - detect yield in function arguments 2020-09-13 17:13:26 -04:00
Brown
f180fb23bc Fix #4178 - always detect missing property types 2020-09-13 16:50:50 -04:00
Bruce Weirdan
689027c92d
Support multiple issue types in @psalm-suppress (#4179)
* Accept multiple issue names in `@psalm-suppress`

Fixes vimeo/psalm#1575

* Accept multiple issue types on statement docblocks as well

* Proper highlighting of individual issues in compound suppressions
2020-09-13 16:41:14 -04:00
Bruce Weirdan
cd110c7e2f
Added @psalm-stub-override for classlikes and methods (#4177)
Fixes vimeo/psalm#1252
2020-09-13 16:40:31 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
Brown
ded9237176 Fix bad error flagging 2020-09-13 16:38:32 -04:00
Brown
9ed09d2679 Fix #4127 - improve error message for unused closure var 2020-09-12 17:03:11 -04:00
ygottschalk
5b0c9b1a28
added array-size max constraint to greater check (#4175)
added a few unit tests
2020-09-12 16:13:13 -04:00
Brown
09d22cb05c Fix #4169 - add appropriate bounds check 2020-09-12 11:33:26 -04:00
Toshiyuki Goto
ad437c5265
Workaround to PhpScoper group use bug in Box (#4174) 2020-09-12 11:24:40 -04:00
orklah
ead107fa9e
More return types (#4173)
* add native return types

* redundant phpdoc
2020-09-12 11:24:05 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs
Ref #4070
2020-09-10 22:54:32 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
aaede393d4 Fix #4070 - prevent literal strpos argument 2020-09-10 18:28:34 -04:00
Brown
2100dbd8aa Fix #4167 - allow many issues for the same position 2020-09-10 17:41:45 -04:00
Andrey Savchenko
3e1758deea
Changed path output in PhpStorm report to absolute (#4159)
Needs to be absolute to be recognized and linked up by PhpStorm terminal (at least for me on Windows).

See #3271, https://youtrack.jetbrains.com/issue/IDEA-154439
2020-09-08 14:29:46 -04:00
Craig Francis
993e112236
Additional MySQL sinks, ref Issue #4155 (#4158) 2020-09-08 11:54:23 -04:00
Brown
9936419263 Fix casing 2020-09-08 09:11:47 -04:00
Brown
29efab5cc2 Fix #4154 - treat literal numeric strings as numeric 2020-09-07 23:29:46 -04:00
Brown
fe4af8ff1a Minor fixes 2020-09-07 17:22:43 -04:00
Brown
a83c0fe21a Fix signature 2020-09-07 16:44:09 -04:00
Brown
877a81f808 Always detect return type mismatches from docblock parents 2020-09-07 16:42:25 -04:00
Brown
4ffdbe0a21 Fix some signatures 2020-09-07 16:00:27 -04:00
Brown
8737abf3b8 Fix real projects bug 2020-09-07 15:14:14 -04:00
Brown
88e0811cdd Fix #4136 - allow union type properly 2020-09-07 14:08:56 -04:00
Brown
d174fc6f3f Improve fix 2020-09-07 13:19:37 -04:00
Brown
afce416bfb Fix #4136 - allow inference of callabe type param in union of callables 2020-09-07 12:56:47 -04:00
Brown
f78fbbe4c9 Fix #4146 - allow null checks on Iterator::current output 2020-09-07 11:40:36 -04:00
Brown
02a58f787b Fix #4148 - add Closure to scanned classes when arrow function is seen 2020-09-07 11:11:01 -04:00
Wouter Sioen
f3d3ef9074
Add consistent array type for predefined constants (#4151)
When running psalm through https://github.com/Roave/infection-static-analysis-plugin, you get a lot of warnings

```
Warning: array_key_exists() expects parameter 2 to be array, null given in /Users/woutersioen/Sites/madewithlove/htaccess/vendor/vimeo/psalm/src/Psalm/Internal/Analyzer/Sta
tements/Expression/Fetch/ConstFetchAnalyzer.php on line 124
```

This is because the config is instantiated without calling the collectPredefinedConstants method, thus making this a null value.
By adding a default value, we make it not required to call this method before running psalm.
2020-09-07 10:54:29 -04:00
orklah
8c7423505a
add native param types (#4137)
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
2020-09-06 19:36:47 -04:00
Matthijs Kooijman
3335b26cb4
Fixes to LSP protocol (#4143)
* Fix missing parameter in LSP textDocument.didChange

This parameter was accepted, but not documented. Since the JSON-RPC
Dispatcher looks at the comments for type information, it would fail
to find info and produce:

    PHP Notice: Undefined offset: 1 in vendor/felixfbecker/advanced-json-rpc/lib/Dispatcher.php on line 141

Combined with issue #4142, this ended up violating the protocol.

* Ignore out-of-project files in textDocument.completion

Other methods, such as didOpen and didChange already checked for this,
but completion did not. This would lead to funny behaviour, where
triggering completion would cause the file to be analyzed, but only
using the on-disk state. And any changes to the file would never be
analyzed.

This ignores out-of-project files for completion, too.
2020-09-06 19:31:49 -04:00
Matthew Brown
422271b2cf Prevent variables named "haystack" from receiving literal strings
cc @staabm
2020-09-05 00:35:48 -04:00
Matthew Brown
00df5cf875 Fix unnecessary var 2020-09-04 21:57:53 -04:00
Matthew Brown
3605eeee04 Support analysing preg_match_all args in reverse to infer matches type 2020-09-04 20:33:02 -04:00
Brown
681eff6dd4 Fix type 2020-09-04 18:35:19 -04:00
Brown
2895402269 Add asterisks 2020-09-04 18:32:51 -04:00
Brown
d3d8c4ed87 Hard code possible bit-shift values 2020-09-04 18:31:50 -04:00
Brown
4d82d3ddad Fix #4128 - improve understanding of preg_match_all 2020-09-04 18:10:14 -04:00
Brown
22fe7458d8 Break up large method 2020-09-04 17:45:22 -04:00
Brown
cf3e92410c Prevent crash when suppressing UndefinedTrait
Fixes #4130
2020-09-04 16:50:10 -04:00
Brown
f4c2edf40b Fix #4132 - ignore purity of $this when checking for initialisation 2020-09-04 16:46:20 -04:00
orklah
f66d57f19d
add native return types (#4116)
* add native return types

* remove redundant phpdoc
2020-09-04 16:26:33 -04:00
the-toster
e296abbabf
Add option to show link to source in console output (#4085)
* add option to change console output for PhpStorm suitable format, so filenames become links, closes #3271

* fix code style

* rename option to php-storm-format

* replace flag with new report format

* fix code style
2020-09-04 16:24:14 -04:00
Brown
68ebef2a2e Clean up immutable fix 2020-09-03 15:32:14 -04:00
Brown
8505ca2a23 Allow passing mutable object into immutable class to store reference 2020-09-03 15:28:09 -04:00
Brown
a4d6a845f8 Fix #4111 - ensure Closure::__invoke doesn’t break things 2020-09-03 00:13:55 -04:00
Brown
bd27e8b17b Fix #4109 - detect duplicate match condition 2020-09-02 20:08:09 -04:00
Brown
28a107e620 Fix #4112 - allow slashes in docblock tag names 2020-09-02 19:39:59 -04:00
orklah
73f6fcde48
Short list syntax (#4102)
* Short list syntax

* revert unrelated CS
2020-09-02 00:17:41 -04:00
Brown
6f92846fd6 Make reportInfo="false" flag better 2020-09-01 18:09:57 -04:00
Brown
8d790256e0 Revert trim changes 2020-09-01 17:42:11 -04:00
Brown
0804141d56 Fix type coercion 2020-09-01 17:23:43 -04:00
Brown
f105f6aca9 Fix Psalm errors 2020-09-01 13:21:24 -04:00
Brown
c2f492a4ca Add more accomodations for TPositiveInt 2020-09-01 13:03:57 -04:00
Brown
b5279cd7d4 Fix erroneous Closure::__invoke return type 2020-09-01 12:33:25 -04:00
orklah
c6ea274180
Config reportInfo to speed up analysis for big projects (#4095) 2020-09-01 09:22:05 -04:00
lhchavez
817779274e
Add null as a possible type parameter to strval (#4100)
https://www.php.net/manual/en/language.types.string.php#language.types.string.casting mentions

> `NULL` is always converted to an empty string.

Which seems to indicate that it is a valid argument for it.

As opposed to stringifying other types (like arrays), `strval(null)` does not cause a warning in PHP.
2020-09-01 09:21:32 -04:00
Bruce Weirdan
ffb316a9e6
Converted MissingPropertyType to property issue (#4099)
Fixes vimeo/psalm#2200
2020-09-01 09:21:03 -04:00
Bruce Weirdan
aa09a1c780
Use per-user cache folder (#4098)
Fixes vimeo/psalm#3869
2020-09-01 09:20:24 -04:00
orklah
6d36f8f5cc
Nullable strings (#4096) 2020-09-01 09:19:50 -04:00
Markus Staab
0280757b4a
Added more fine grained strpos stub (#4101)
* Added strpos stub

* Update CoreGenericFunctions.phpstub

* Update CoreGenericFunctions.phpstub
2020-09-01 09:17:57 -04:00
Brown
548ac1129c Fix crash with @var over echo 2020-09-01 00:12:12 -04:00
Brown
4f578b42b8 Fix exhaustiveness checks for const value 2020-08-31 23:23:24 -04:00
Brown
ab063e80d7 Keep going 2020-08-31 23:11:16 -04:00
Brown
3cdb13f7ab Fix issues 2020-08-31 23:03:36 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Brown
9935f647ab Fix some magic method calls when a return type provider exists 2020-08-31 18:56:45 -04:00
Brown
5905171b79 Fix api 2020-08-31 16:40:46 -04:00
Brown
e8148980ff Remove unused variable 2020-08-31 10:49:37 -04:00
Joe Hoyle
674392737d
Include variadic and pass-by-ref params in generated stubs (#4091)
When generating stubs, params that are passed by ref or variadic don't get added to the generated code stub output.
2020-08-31 10:05:22 -04:00
Brown
40e88095d8 Fix #4093 - prevent redundant condition in presence of positive-int 2020-08-31 10:02:23 -04:00
Brown
940b673a36 Fix fns 2020-08-30 18:29:28 -04:00
Brown
2cbe89d55a Fix Psalm errors 2020-08-30 16:30:43 -04:00
Brown
5c043b0d41 Ignore redundant conditions inside match potentially in perpetuity? 2020-08-30 16:23:53 -04:00
Brown
54a781ad28 Support match expressions and throw expressions 2020-08-30 16:08:22 -04:00
Brown
5759c12fa9 Support mixed type natively 2020-08-30 13:38:03 -04:00
Brown
99d6af0f9a Support static return type 2020-08-30 13:32:42 -04:00
Brown
f34e54ec41 Support PHP 8 union types 2020-08-30 13:16:37 -04:00
Brown
92239add4d Add some backwards-incompatible changes for 4.x 2020-08-30 11:44:14 -04:00
Brown
c13b0efd49 Improve understanding of negated count queries 2020-08-30 11:32:01 -04:00
Brown
64f08fa9dc Improve Closure::fromCallable handling 2020-08-29 22:02:58 -04:00
Brown
cf5aa5c5cd Fix #4083 - namespace docblock method classes the proper way 2020-08-29 11:46:24 -04:00
Brown
efed9d4480 Allow ParamNameMismatch to be suppressed locally
Fixes #4012
2020-08-29 11:17:57 -04:00
Brown
3ca4a576e7 Fix treatment of closure params in array_map 2020-08-29 11:10:09 -04:00
Brown
df0d426f61 Fix #4081 - better inference of positive ints 2020-08-28 16:38:50 -04:00
Brown
d29620a42b Fix style issues 2020-08-28 15:46:55 -04:00
Brown
1825e30752 Allow pure-Callable type to be annotated 2020-08-28 13:15:04 -04:00
Brown
63b74276c6 Report use of impure closures 2020-08-28 13:01:14 -04:00
Brown
98ce590e9d Remove some redundant calls 2020-08-28 12:48:33 -04:00
Brown
efe143a396 Fix #4077 - always track closure purity 2020-08-28 12:42:55 -04:00
Brown
5f5ce6eb32 Fix typo 2020-08-26 18:16:12 -04:00
Brown
e64d45b644 Fix #4061 - allow indirect null comparison check 2020-08-26 17:58:01 -04:00
Brown
936a7e01b6 Allow bare pure-callable in namespace cc @azjezz 2020-08-26 16:57:27 -04:00
Brown
e9adcb8d35 Simplify simplification 2020-08-26 16:51:55 -04:00
Saif Eddin G
5a20092fbd
add pure-callable type (#4066) 2020-08-26 16:51:22 -04:00
Brown
0f18f77d49 Fix too-long line 2020-08-26 16:27:35 -04:00
Brown
988e17f11d Make clause fully immutable 2020-08-26 15:35:29 -04:00
Brown
b2b329d1a9 Prevent unset on immutable properties 2020-08-26 12:18:34 -04:00
Brown
f33d626052 Use a slightly cleaner fix 2020-08-26 11:03:27 -04:00
Brown
9878613594 Refine iterable key after is_array check
Ref #4038
2020-08-26 11:00:38 -04:00
Brown
8ad1c2eeb1 Use immutable data structures for clause calculations 2020-08-26 10:41:47 -04:00
Brown
20e004744f Fix #4064 - assume most iterators are impure 2020-08-25 18:04:36 -04:00
Brown
59e7f69d7b Fix get_class-inferred templating 2020-08-25 17:25:05 -04:00
Brown
6ab3e732fb Fix #4038 - don’t remove null types unnecessarily in mixed union 2020-08-25 15:50:33 -04:00
Brown
d25a24ee89 Fix type bug 2020-08-25 15:09:14 -04:00
Brown
6e1218065d Preserve intersections when expanding templated types
Fixes #4043
2020-08-25 14:12:57 -04:00
Brown
346d475f55 Create empty params by default for SplObjectStorage
Fixes #4055
2020-08-25 11:52:21 -04:00
Brown
2b060b75d3 Fix #4052 - foreach over an iterable is impure 2020-08-25 11:24:57 -04:00
Brown
3f50fbc116 Expand object-with-properties
Fixes #4057
2020-08-25 10:15:56 -04:00
Brown
7dba9bc50a Add a bunch of immutable & pure annotations 2020-08-24 19:29:00 -04:00
Brown
4e10a0ed6f Fix #4036 - add immutable annotations automatically too 2020-08-24 19:29:00 -04:00
Matthew Brown
c8ecee109c Fix immutable tests 2020-08-24 00:35:59 -04:00
Brown
94cec15598 Only add pure when not overriding upstream 2020-08-23 22:16:03 -04:00
Brown
6103cf0f51 Fix ImpureVariable test 2020-08-23 22:07:02 -04:00
Brown
ba1ff21af4 Add a couple more pure annotations 2020-08-23 18:53:34 -04:00
Brown
140d37c7ef Prevent isset on uknown property in pure function 2020-08-23 18:50:17 -04:00
Brown
02a2e99d42 Only add pure to functions with params 2020-08-23 18:41:31 -04:00
Brown
10f7031080 Prevent use of $this in pure functions 2020-08-23 18:37:46 -04:00
Brown
41cf47ef0b Add another pure annotation 2020-08-23 18:07:49 -04:00
Brown
4026b717b9 Allow function manipulators to work in threaded mode 2020-08-23 18:05:48 -04:00
Matthew Brown
8a975d7c20 Don’t add pure annotation when closure is impure 2020-08-23 14:07:19 -04:00
Matthew Brown
64fd2d60f4 Add another pure annotation 2020-08-23 14:02:10 -04:00
Matthew Brown
6efaf474d4 Don’t add @psalm-pure for void-returning functions 2020-08-23 13:58:34 -04:00
Matthew Brown
ef0486ce35 Add some pure annotations 2020-08-23 13:52:31 -04:00
Matthew Brown
d2b07ebde8 Fix docblock removal 2020-08-23 13:45:45 -04:00
Matthew Brown
06c231fbba glob is impure 2020-08-23 13:41:43 -04:00
Matthew Brown
89dd5ee563 Nest new impure checks 2020-08-23 13:39:08 -04:00
Matthew Brown
9418be79cc Restrict pure annotation addition a little more 2020-08-23 13:34:32 -04:00
Matthew Brown
f6135bcefc Add more impure functions 2020-08-23 13:15:27 -04:00
Matthew Brown
6a8ad1876f Static property fetching is bad 2020-08-23 13:10:47 -04:00
Brown
c8ea4b4e8b Prohibit property fetches from pure contexts except when they’re on immutable objects 2020-08-23 10:57:24 -04:00
Bruce Weirdan
1cf5153700
Test parallelization (#4045)
* Run tests in random order

Being able to run tests in any order is a pre-requisite for being able
to run them in parallel.

* Reset type coverage between tests, fix affected tests

* Reset parser and lexer between test runs and on php version change

Previously lexer was reset, but parser kept the reference to the old
one, and reference to the parser was kept by StatementsProvider. This
resulted in order-dependent tests - if the parser was first initialized
with phpVersion set to 7.4 then arrow functions worked fine, but were
failing when the parser was initially constructed with settings for 7.3

This can be demonstrated on current master by upgrading to
nikic/php-parser:4.9 and running:

```
vendor/bin/phpunit --no-coverage --filter="inferredArgArrowFunction" tests/ClosureTest.php
```

Now all tests using PHP 7.4 features must set the PHP version
accordingly.

* Marked more tests using 7.4 syntax

* Reset newline-between-annotation flag between tests

* Resolve real paths before passing them to checkPaths

When checkPaths is called from psalm.php the paths are resolved, so we
just mimicking SUT behaviour here.

* Restore newline-between-annotations in DocCommentTest

* Tweak Appveyor caches

* Tweak TravisCI caches

* Tweak CircleCI caches

* Run tests in parallel

Use `vendor/bin/paratest` instead of `vendor/bin/phpunit`

* Use default paratest runner on Windows

WrapperRunner is not supported on Windows.

* TRAVIS_TAG could be empty

* Restore appveyor conditional caching
2020-08-23 10:32:07 -04:00
Brown
67f9adb33c Allow adding pure annotations to functions
Ref #4036
2020-08-23 10:28:26 -04:00
Michel Hunziker
3538fe1955
Add configuration attribute to find unused @psalm-suppress (#4041) 2020-08-22 10:01:26 -04:00
Bruce Weirdan
1f54c42a4c
Don't hang when pcntl_fork is disabled (#4039)
* Don't hang when pcntl_fork is disabled

Fixes vimeo/psalm#3951

* fix CS
2020-08-22 10:01:00 -04:00
Bruce Weirdan
5bf7cc6434
Resolve typedefs that are used in var docblocks of foreach (#4037)
Fixes vimeo/psalm#4029
2020-08-22 08:20:05 -04:00
Tyson Andre
e62e964167
Set up taint analysis for pgsql functions (#4021)
I noticed that entries in InternalTaintSinkMap don't warn
unless the functions are added to CallMap.php
e.g. `pg_exec($conn, $_GET['query']);`
(pg_exec is an alias of pg_query)
2020-08-19 10:41:02 -04:00
Brown
45d9ab12e1 Fix #4017 - allow float defaults in namespaced classes 2020-08-18 12:13:27 -04:00
Brown
ebe37392eb Fix #4019 - new static isn’t static if class is final 2020-08-18 11:25:11 -04:00
Bauke van der Woude
7ac6d2e5a4
Fix hash_*() signatures (#4014)
Functions can return false when an invalid algorithm is supplied
2020-08-18 09:35:31 -04:00
Brown
1468a28273 Fix #3999 - allow @psalm-type to reference imported type right above 2020-08-18 09:34:07 -04:00
Brown
134955a5f4 Fix #4011 - prevent mixed assignment in loop 2020-08-18 08:51:09 -04:00
Daniel Melchior
17ed440f2e
fix #4013: prevent exception when two mixins declare methods with same name (#4018)
fixes #4013
2020-08-18 08:38:30 -04:00
SignpostMarv
9822043ca4
flag class_exists as impure per vimeo/psalm#3975 (#4004)
`class_exists()` interacts with PHP's autoloader feature, which allows
user-defined behaviour to take place when PHP tries to load a given
class or interface.
2020-08-17 15:48:48 -04:00
Gabriel Ostrolucký
81a117be85
Mark fgets impure (#4006)
This function is used to skip line of text
2020-08-17 15:48:28 -04:00
Brown
12798d1cab Prevent access to possibly unset var 2020-08-17 15:25:13 -04:00
Brown
11f170acb4 Don’t modify object after unnecessary assertion 2020-08-16 23:38:59 -04:00
Bruce Weirdan
7adc25c421
Improve import errors (#3997)
* Better errors for invalid type imports

Fixes vimeo/psalm#3885

* Finishing touches

Docs, schema, CS

* Drop unused import

* Drop more unused imports
2020-08-16 22:53:53 -04:00
Brown
bb3c5d4c38 Fix too many arguments 2020-08-16 21:10:09 -04:00
Bruce Weirdan
22d8f5a0bc
Fixed duplicate shortcodes (#3996)
Also added an utility to help assign new shortcodes and a test to
prevent duplicate shortcodes.
2020-08-16 16:26:54 -04:00
Matthew Brown
cb243778d2 Fix #3917 - allow comparisons between classes and interfaces 2020-08-16 16:25:59 -04:00
Matthew Brown
38af5db8f0 Fix #3929 - merge expanded types where necessary 2020-08-16 16:12:29 -04:00
Matthew Brown
e972319f8c Remove unused variable 2020-08-16 14:22:11 -04:00
Matthew Brown
5c20a5295e Improve solution to #3964 2020-08-16 13:03:30 -04:00
Matthew Brown
ec2178d14a Fix #3927 - prevent crash with bad type ref 2020-08-16 12:43:46 -04:00
Matthew Brown
a356a43a51 Fix #3964 - prevent incorrect intersection of unions 2020-08-16 12:26:07 -04:00
Brown
ec70d6f698 Clear out new_storage classlikes 2020-08-15 15:45:54 -04:00
Matthew Brown
a0bb5ed37d Fix #3991 - fix test 2020-08-15 14:21:24 -04:00
Matthew Brown
8731b10bc6 Use older method 2020-08-15 10:31:24 -04:00
Brown
61a0832c05 Fix type bug 2020-08-15 09:41:21 -04:00
Brown
f12f4c8cb3 Fix issues 2020-08-15 01:18:29 -04:00
Brown
cdef4ec351 Alter docblock params too 2020-08-14 16:26:55 -04:00
Brown
dbcf154036 Add fixer for mismatching param names 2020-08-14 15:25:21 -04:00
Matthew Brown
72ecb57def Improve names of things 2020-08-14 00:27:33 -04:00
Brown
209d17c868 Fix #2891 - treat autoloaded constants better 2020-08-13 09:14:27 -04:00
Brown
42c3a703b5 Fix #3741 - detect scalar class constants in if-true assertions 2020-08-12 17:03:41 -04:00
Brown
2a13397904 Find unused code in language server if enabled via config
Fixes #3987
2020-08-12 16:29:15 -04:00
Brown
966a3522ff Move words 2020-08-11 14:36:59 -04:00
Toshiyuki Goto
22b339304d
Normalize file_path with uriToPath (#3984)
Fix #3983
2020-08-11 07:32:24 -04:00
feek
7fe7146dc3
docs: provide some background as to what certain hooks are for (#3978) 2020-08-11 07:29:45 -04:00
m0003r
e81593f359
Localize types on magic properties (#3971)
* Fix #3949 - localize types on magic properties

* fix failing tests

* fix code style

Co-authored-by: m03r <m03r@m03r.net>
2020-08-10 12:45:21 -04:00
Brown
1533debe86 Fix style thinggs 2020-08-10 12:43:19 -04:00
Brown
6def99d653 Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch 2020-08-10 12:26:25 -04:00
the-toster
5bdc9723ff
fix for DeprecatedClass suppress on property (#3962)
* add test case for DeprecatedClass suppress on property

* fix test case for DeprecatedClass suppress on property - suppress MissingConstructor also

* ugly way to fix - double analyze propery statement to get dockblock + fix in TypeChecker - respect given suppressed_issues in checkNamedObject

* replace double analyze propery with direct DocBlock manipulation

* replace double analyze propery with direct DocBlock manipulation

* add exception handler to keep original addContextProperties behavior

* correct way to unwrap value from array
2020-08-10 10:50:37 -04:00
lhchavez
ab3016af6e
Fix File-related analysis plugin hooks (#3970)
This change does a few things:

* Renames `BeforeAnalyzeFileInterface` to `BeforeFileAnalysisInterface`.
* Adds a few more parameters to `BeforeFileAnalysisInterface`.
* Since the analysis was never called due to a bug, the above two
  changes are safe to do.
* Fix the above-mentioned bug, and now adds the hooks to the config.
* Update the documentation about the File-related analysis plugin hooks.
* Add a test to ensure that this does not break again in the future.

Fixes: #3969
2020-08-10 10:49:53 -04:00
Matthew Brown
6085e42fc1 Detect mismatching param names effectively 2020-08-10 09:58:43 -04:00
Matthew Brown
50cc3a8afa Align paramter names 2020-08-09 23:19:59 -04:00
Matthew Brown
73321339a3 Bump nikic/php-parser 2020-08-09 16:23:43 -04:00
kazusuke sasezaki
90a50be9f0
quit using combineUnionTypes, when specific TSend provided. (#3966) 2020-08-09 08:26:10 -04:00
the-toster
3a1c861c43
minor: typo in message (#3960) 2020-08-08 08:08:57 -04:00
Brown
166134aca3 Fix bug I added 2020-08-07 15:13:03 -04:00
ygottschalk
f831ebdbcf
narrowed reset and end return type (#3950)
* narrowed `reset` return type
BUT psalm seems to ignore the stub

* narrowed `reset` and `end` return type, this time for real

* fixed UnusedVariable Issue

* fixed RedundantCondition Issue
caused by `end`s return type being more precise

* Improve solution slightly

Co-authored-by: Matthew Brown <github@muglug.com>
2020-08-07 12:23:20 -04:00
Isaac Rozas García
84130770f4
Improve details of functions to get the last errors parsing a date (#3953) 2020-08-07 12:17:08 -04:00
Brown
b6d9ee5eb1 Fix things 2020-08-07 12:16:35 -04:00
Brown
e61765ff9b Fix #3954 - catch ComplicatedExpressionException with added workaround 2020-08-07 08:20:35 -04:00
Brown
afce2dc66f Tighten up rules around instantiation a bit more 2020-08-06 10:18:55 -04:00
Matthew Brown
ccd4eaa8e7 Clarify language a little 2020-08-06 09:02:24 -04:00
feek
ec7876b8d6
feature: allow specifying memory limit (#3947) 2020-08-06 08:51:57 -04:00
Brown
278addd93d Fix strtolower calls and docs 2020-08-05 21:46:15 -04:00
Brown
bcf0df4170 Fix a bug with lowercase-string unions 2020-08-05 20:05:57 -04:00
Brown
488a899823 Fix Psalm issues 2020-08-05 19:49:09 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Brown
e0f5595307 Fix #3932 - try to get assertions of negated expression if instant negation fails 2020-08-05 16:53:30 -04:00
Brown
e808391f56 Fix #3943 - understand trait return types a bit better 2020-08-05 15:58:26 -04:00
Daniel Melchior
fa73c7c9d9
Fix #3757 - allow multiple mixins (#3772) 2020-08-05 15:49:19 -04:00
Brown
38bfc12b98 Fix array_shift behaviour to be more accurate with lists
Fixes #3941
2020-08-05 12:43:37 -04:00
Matthew Brown
9dfdcbef31 Fix #3928 - preserve list-ness when assigning with no offset 2020-08-03 12:30:58 -04:00
SignpostMarv
06d4b9d6dd
mark bcscale as impure, re: vimeo/psalm#3918 (#3926) 2020-08-03 10:15:59 -04:00
Brown
7fc4a85534 Fix CI 2020-08-03 02:45:55 -04:00
Brown
20a9b103ec Restrict narrowing fix 2020-08-03 02:20:58 -04:00
Brown
b168777236 Fix #3924 - remove descendants after reconciled change 2020-08-03 02:06:42 -04:00
Brown
bc053e5ee8 Fix #3923 - remember class name when appending array with key 2020-08-03 01:34:46 -04:00
Brown
855a4b8456 Make type combination of object-like arrays with class-string-keys work
Ref #3923
2020-08-03 01:34:46 -04:00
Nicolas CARPi
593a9063bb
Fix hash_file signature. See https://3v4l.org/E0BeU (#3920)
hash_file can return false if the file is not readable.
2020-08-02 15:18:42 -04:00
Matthew Brown
ab64ccab88 Fix #3913 properly 2020-07-31 14:56:29 -04:00
Matthew Brown
6e699836ff Fix #3913 - improve resolution of array_filter checks 2020-07-31 14:39:03 -04:00
Brown
fd4ced42a7 Don’t register new assignment inside isset expr 2020-07-31 12:44:01 -04:00
Brown
57cd21346c Fix #3914 - treat $i++ like $i = $i + 1 2020-07-31 11:26:54 -04:00
Brown
afd8874a9e Don’t get stuck in recursive loop
Fixes #3912
2020-07-30 15:42:34 -04:00
Brown
6919e88423 Add performance logging under a --debug-performance flag 2020-07-30 15:30:19 -04:00
Brown
ad1920c3a2 Fix #3910 - improve handling of fgetcsv 2020-07-30 14:21:55 -04:00
Brown
a8c0d81dc1 Prevent bool > 1 in strict mode 2020-07-30 11:25:47 -04:00
Brown
6949a34ded Put RedundantIdentityWithTrue behind a flag cc @greg0ire 2020-07-30 10:25:59 -04:00
Brown
abe91adbe7 Fix #3801 - convert static to Foo&static when @method is given 2020-07-30 09:42:23 -04:00
Brown
96ce488241 Generic key type cannot be undefined
Fixes #3905
2020-07-29 18:46:21 -04:00
Brown
7367e8e6c2 Allow assertions of non-empty lists on typed lists
Fixes #3906
2020-07-29 18:10:43 -04:00
Brown
1c8f9e94b1 Fix #3907 - allow template as types to be refined via instanceof 2020-07-29 17:46:45 -04:00
Brown
1b81ce9921 Revert string changes 2020-07-26 19:55:49 -04:00
Brown
74eea18563 Add better checks 2020-07-26 19:09:26 -04:00
Brown
d9d5fdd6c9 Add more rules around positive ints 2020-07-26 18:29:17 -04:00
Brown
4a5f74c091 Add positive-int type 2020-07-26 15:51:55 -04:00
Brown
8c5e4edab0 Fix extra test 2020-07-26 15:50:07 -04:00
Brown
657f9db2e0 Fix bugs 2020-07-26 15:21:05 -04:00
Brown
23f5d66516 Fix #3897 - support aliasing final methods 2020-07-26 14:46:52 -04:00
Brown
eddd7b8c11 Fix #1916 - support @var docblock annotations in more places 2020-07-26 13:23:21 -04:00
Brown
42ad366dc8 psalm-internal no longer requires internal annotation
cc @bdsl
2020-07-26 10:47:48 -04:00
Brown
e398535f9f Fix #3872 - detect namespace violations in non-methods 2020-07-26 10:42:04 -04:00
Matthew Brown
1d077cc48e Fix #3894 - don’t alter class-string during erroneous emptiness check 2020-07-25 22:49:19 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true (#3893)
Using === true on a known boolean results in the same boolean.
2020-07-25 17:27:45 -04:00
Matthew Brown
ab714a40c4 Allow binding of static to current final class
Ref #3892
2020-07-25 17:26:07 -04:00
Brown
b1e583ebed Detect concat operation on property
Ref #3870
2020-07-24 16:01:45 -04:00
Brown
3687d34a5a Detect bad class constants more explicitly 2020-07-24 15:38:56 -04:00
Brown
873970a4d1 Recursively transform template types before comparison
Fixes #3887
2020-07-24 14:47:24 -04:00
Brown
92fe9898a1 Fix #3879 - ensure interface templates are extended where nececssary 2020-07-24 11:29:36 -04:00
Brown
cb979262c7 Add slash 2020-07-24 10:51:04 -04:00
Matthew Brown
84945a7d1b Fix #3877 - prevent impossible subtr comparisons 2020-07-24 10:08:57 -04:00
Matthew Brown
b88b169464 Fix #3882 - prevent crash when comparing object{...} to missing class 2020-07-24 09:38:51 -04:00
kazusuke sasezaki
94002367ba
fixed typo (#3883) 2020-07-24 09:34:05 -04:00
Barney Laurance
ff432ff73d
Simplify error messages and implementation for internal errors (#3881)
* Use more consistent language for Internal errors

There's no meaningful distinction between something being internal and
being 'marked as internal'.

* Rename property psalm_internal to internal in all storage classes

This property holds metadata that can be set using either @internal
or @psalm-internal in docblocks

* Change types of internal properties in storage from ?string to string

Simpler type is easier to handle. Non-internal methods can be considered
to be internal to the entire universe of PHP code, i.e. that code whose
namespace starts with the empty string. It's not a special case.
2020-07-24 09:32:54 -04:00
Brown
344a732829 Warn about simple assignments 2020-07-23 02:40:35 -04:00
Brown
3848fa6872 Fix #3870 - mark properties as reference-free only for externally-immutable classes 2020-07-23 01:48:06 -04:00
Barney Laurance
3bc91b9944
Fix multiple issues with @internal and @psalm-internal (#3841)
* Add passing tests for property fetch on an @internal class

I'm trying to work out why the equivilent InvalidCodeParse test is
failing for PsalmInternal

* Treat all properties of a psalm-internal class as psalm-internal

* Remove all $internal properties from storage - use psalm_internal instead

@internal can be represented as internal to the namespace root, avoiding
the need to check for both properties in storage later.

* Raise InternalClass issue when an internal class is used with e.g. instanceOf

* fix docs and tests

* Add return type declartion to code example in doc

* Don't allow class psalm-internal to overide a tighter method psalm-internal

* Break up long line

* Code style - move && from EOL to SOL

* Restore misplaced &&

* Fix code style

* Fix namespace fetching so it works

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-22 19:27:35 -04:00
Brown
9430a9b204 Add file to namespace 2020-07-22 18:03:17 -04:00
Brown
ced264620c Move things a little 2020-07-22 16:04:46 -04:00
Brown
1e01e90fba Namespace base files 2020-07-22 15:57:24 -04:00
Brown
eaae243905 Fix #3857 - allow reconciliation on magic properties 2020-07-22 09:55:22 -04:00
Brown
983f233026 Improve unpacking 2020-07-22 00:35:18 -04:00
Brown
962265e98e Hopefully final fixes 2020-07-21 23:59:11 -04:00
Brown
7ef3d4711f Fix some more tests 2020-07-21 23:16:56 -04:00
Brown
fc8c899b3a Fix test 2020-07-21 20:51:37 -04:00
Brown
5415a379d2 Fix style things 2020-07-21 19:44:59 -04:00
Brown
76bd5b6278 Refactor type comparison 2020-07-21 19:40:35 -04:00
Brown
3ce5478e5e Fix what source we give the afterMethodCall analysis hook 2020-07-21 15:00:47 -04:00
Brown
295adb5763 Fix #3860 - use correct trait element positions for nested error 2020-07-21 14:17:07 -04:00
Brown
8ed9007355 Allow false to be removed from scalar
Fixes #3829
2020-07-21 13:02:13 -04:00
Brown
ae89a71c84 Prevent false-positive comparing template to true 2020-07-21 12:59:50 -04:00
Brown
223b0619c5 Fix #3858 - support @psalm-assert falsy for abort_if expressions 2020-07-21 12:55:11 -04:00
othercorey
1524b62181
Allow null for locale, datetime and typetime of datefmt_create (#3851) 2020-07-20 04:52:27 -04:00
Gregor Harlan
5212bd1f9c
Readonly: allow assignments in __unserialize (#3845) 2020-07-20 04:50:50 -04:00
Evgeniy
2c51f47ff6
Fix invalid UndefinedClass using array|callable (#3842)
* Do not treat string array argument as callable if it can be traeted just as string array.

* cs
2020-07-20 04:50:07 -04:00
ygottschalk
de2109234d
fixes wrong return type of key() #3838 (#3839)
* fixes wrong return type of key() #3838
fixed/added tests for key

* fixed test again
2020-07-20 04:49:36 -04:00
Tyson Andre
060ae61f31
Remove an if statement that repeats the previous if statement (#3840)
They're the exact same variables.
2020-07-17 19:46:06 -04:00
Brown
9ca8fb80b7 Carry over taints after @var docblock type hints 2020-07-17 11:30:44 -04:00
Adrien LUCAS
d44130191b
Allow taint through strval sprintf (#3836)
* Add psalm-flow to strval

* Unexpected behavior with implode
2020-07-17 10:12:04 -04:00
Nat Zimmermann
a1a403e046
make meta path optional (#3833) 2020-07-17 10:09:42 -04:00
Nat Zimmermann
2ee126c567
correct *getcsv return types (#3832) 2020-07-17 10:09:21 -04:00
Brown
5392ae0b39 Fix UnusedMethodCall examples 2020-07-16 18:14:15 -04:00
Brown
d950ddfff6 Fix adding sink method 2020-07-16 16:04:17 -04:00
Brown
d1e62f1413 Add programattic sink method
Ref #3828
2020-07-16 16:02:26 -04:00
Brown
26a61c47c0 Prevent mixed erasure in get_class call 2020-07-16 13:56:42 -04:00
Brown
a2dbd31371 Fix usage of array_push results 2020-07-16 13:44:51 -04:00
Brown
262bb9fd89 Invalidate memoized getter method results after property assignment 2020-07-16 12:59:49 -04:00
Brown
b361b44889 Rip out plain getter property logic cc @m0003r
It gets in the way of the other IMO more useful memoisation logic (e.g. when a getter is declared final)
2020-07-16 12:42:59 -04:00
Brown
96bfd144df Fix #3825 - ensure final getters are treated as mutation free 2020-07-16 11:58:27 -04:00
kesselb
aaba3a08ec
Add option to supress a referenced but undefined global variable. (#3827) 2020-07-16 09:49:59 -04:00
Brown
8fbc8de98a Fix #3820 - don’t treat a method call as memoisable if it has assertions 2020-07-15 15:09:19 -04:00
Brown
06ee1b71c7 Improve check for empty array 2020-07-15 09:49:30 -04:00
ygottschalk
94e2552d1c
Fix #3810 removing ignore-nullable-return (#3817)
* Fix #3810 removing ignore-nullable-return form stubs of key, array_key_first, array_key_last

* fixed test failing due to changes to key()

* Improve key return type

* Remove unnecessary check

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-14 17:43:26 -04:00
Tyson Andre
f17a4911d5
Add more impure functions (#3814) 2020-07-14 17:14:09 -04:00
Evgeniy
fcd2ac3078
array_column check result non-emptyness (#3813)
* Update

* Update test

* Fix test

* Fix test

* inline function res in test

* cs
2020-07-14 17:13:45 -04:00
Brown
3c9028c182 Fix #3808 - allow detection of paradoxes in switch condition function calls 2020-07-14 10:51:12 -04:00
Brown
f0a5463834 Catch string subtypes that cannot be identical 2020-07-14 10:08:31 -04:00
Brown
2399643472 Fix #3811 - allow more complex negations inside boolean expressions 2020-07-13 21:31:58 -04:00
Bruce Weirdan
931d35a703
Collect and scan files included by the autoloaders (#3183)
Refs vimeo/psalm#2861
2020-07-11 17:17:22 -04:00
Joe Hoyle
b8c4abf08b
Add ability to Go to Definition on Use statements (#3805)
This adds the ability to use the LSP's "Go to Definition" on `use MyClass` statements.

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-11 17:16:44 -04:00
Joe Hoyle
0b6d682964
Fix going to definition on return type (#3806)
* Fix going to definition on return type

If a return type of a method or function is set incorrectly (with the PHP doc), then the references are not added for the `function() : MyClass` symbol, so the "Go to definition" feature of the LSP won't work. I don't believe an invalid return type or not should stop the symbol location being tracked (and not allowing code navigation).

In moved the symbol location tracking to be before the return early short circuit.

* Update SymbolLookupTest.php

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-11 17:14:39 -04:00
Joe Hoyle
11af82a97f
Fix jumping to definition on nullable parameters (#3804)
Currently it's not possible to "Go to definition" (LSP) on nullable args like `function( ?MyClass )` as the reference is stored a `MyClass|null` in the reference map, which will now resolve to a class name.

This PR removed any nullable type from the union before adding it to the reference map (as the reference map is only use to indicate a symbol was used in a given location, I think this makes sense).
2020-07-11 17:12:03 -04:00
Brown
2afbf58324 Prevent adding trait property types 2020-07-10 19:11:06 -04:00
Brown
9177ad5ce0 Add back fix 2020-07-10 17:13:11 -04:00
Brown
8d022307d2 Fix #3797 - prevent many chained assignments crashing Psalm 2020-07-10 16:49:45 -04:00
Brown
d71f12d250 Fix #3802 - allow increment inside isset expression 2020-07-10 16:14:24 -04:00
Brown
4f872674f9 Add space 2020-07-10 14:40:25 -04:00
Jon Ursenbach
6aca4c169e
feat: adding a runTaintAnalysis option into the config (#3800) 2020-07-10 13:22:03 -04:00
Brown
8349564cc4 Fix #3790 - removing false/null from template not redundant 2020-07-10 13:19:23 -04:00
Brown
cd8420aa94 Skip optimisation for unpacked args 2020-07-10 13:04:37 -04:00
Brown
d8eca89b44 Remove redundancy 2020-07-10 10:35:26 -04:00
Brown
38fdf4bef6 Treat array_push($a, ... as $a[]= ... 2020-07-10 10:20:02 -04:00
Joe Hoyle
d1ca68e57a
Fix offset calculation in getReferenceAtPosition (#3783)
* Fix calculation of getPositionFromOffse

* Add test for testGetSymbolPositionRange

* Fix code formatting.
2020-07-09 16:24:51 -04:00
Joe Hoyle
0119cd09c1
Always deep scan stubs (#3781)
In many sitations, stub files will receive a shallow _and_ deep scan when project files require extra analysys on things like parent classes. This makes stub file scanning inconsistent (orders become much less predictable for example), and adds extra process time to scan the files twice. In the case of stubs providing classes and functions for large projects, this is a non-trivial amount of time.

As deep scanning stubs should take just about as long as a shallow scan, it makes sense to just always deep scan them.

Fixes #3568.
2020-07-08 17:42:51 -04:00
Tyson Andre
018c4bf545
Support generating a .console report text file. (#3777)
This is useful for use cases such as saving multiline taint detection results.

Only the compact and console reports seem to use color right now.
In many cases, adding color codes to a text file would make it harder to read
in an editor.
2020-07-08 15:09:31 -04:00
Tyson Andre
80e46cdb13
Support generating multiple report files (#3776)
E.g. `psalm --report=report.txt --report=report.pylint`.
It may be useful to have both a machine-readable and human readable
report, e.g. during taint analysis.

Previously, psalm would generate neither report if the report option was
repeated.
2020-07-08 15:08:17 -04:00
Brown
bf7bcc0dca Fix #3779 - allow ParadoxicalCondition of default to be suppressed 2020-07-08 14:51:20 -04:00
Brown
33a834bb0b Fix some property inference bugs 2020-07-08 14:43:36 -04:00
Brown
619c384509 Add indentation as necessary between property docblocks 2020-07-08 14:32:16 -04:00
Brown
f173ef6ef0 Add mixed types to prevent bad recommendations 2020-07-08 12:18:36 -04:00
Brown
cf67b9eef1 Fix #435 - add psalter fix for MissingPropertyType 2020-07-08 12:03:12 -04:00
Brown
6bdff42cda Add support for potentially-assigned properties 2020-07-08 11:46:55 -04:00
Brown
0034f2e4bd Don’t manipulate property storage during analysis 2020-07-07 19:32:44 -04:00
Tyson Andre
cda6bd0553
Fix "Could not get class storage" from cache (#3769)
Fixes #3671

This is better than an uncaught exception, at least, and I can detect
new issues if the constructor body changes
2020-07-07 17:10:51 -04:00
Brown
8ecee6df6d Fix #3760 - prevent param remapping twice 2020-07-07 11:44:22 -04:00
Brown
82a85791f2 Fix #3764 - preserve sealed-ness of array into array_map 2020-07-07 09:31:43 -04:00
Brown
279cad3599 Fix #3755 - prevent crash when throw class not found 2020-07-07 00:29:46 -04:00
Tyson Andre
cad86aae5b
Fix typo for printr (#3754)
Related to #3744

`print_r` is only a taint sink when `$return` is false or absent.
2020-07-07 00:25:14 -04:00
Brown
1b498e6dae Remove unused variable 2020-07-06 17:41:07 -04:00
Brown
eb3ce8d368 Remove unused code 2020-07-06 15:39:52 -04:00
Brown
ada2fe033e Remove comma 2020-07-05 15:21:44 -04:00
Brown
ab6df0a5d1 Fix #3753 - resolve self-references in trait as statements earlier 2020-07-05 12:05:25 -04:00
Brown
42a3cedd31 Fix #3742 - add null to type after possibly null array access 2020-07-05 09:12:07 -04:00
jarstelfox
3096afed99
Fix echo false issue (#3751)
* Echo: add failing test case

echo false; is a noop, not an issue

* Echo: Fix failing test case
2020-07-05 08:55:42 -04:00
Brown
7c7ebd068f Make invalidation more robust 2020-07-03 12:59:07 -04:00
Brown
5da29955ee Use better replacement when analysing potentially-inherited templated type 2020-07-03 12:25:33 -04:00
Brown
44d7f51857 Generalise init vars inside for loops
Ref #3085
2020-07-03 11:13:44 -04:00
Brown
3d0a8c4c59 Fix #3738 - allow storing references to class-strings inside immutable 2020-07-03 08:47:50 -04:00
Brown
6419788a49 Remove false from template param as necessary
Fixes #3737
2020-07-03 01:07:50 -04:00
lhchavez
ba63ccb825
Improve \Psalm\Internal\Scanner\DocblockParser::parse() (#3736)
This change avoids calling `str_replace()` on the original docblock and
instead only operates on the parsed (and modified) lines. This now makes
it so that if there are substrings of the docblock that match a tag
match, it won't get prematurely removed, therefore avoiding mangling of
the parsed docblock's description.

Fixes: #3735
2020-07-02 17:55:57 -04:00
Brown
1745f5cafa Fix too-long line 2020-07-02 15:32:13 -04:00
Brown
cb94764d22 Prevent false-positive for Exception::__toString overriding 2020-07-02 14:09:56 -04:00
Brown
0c582e9993 Fix #3685 - improve handling of if conditionals inside do 2020-07-02 13:59:59 -04:00
Brown
cf1a8ac5fc Suppress taints in instance properties 2020-07-02 12:08:42 -04:00
Brown
67b2edc328 Allow more things to be suppressed with @psalm-suppress TaintedInput 2020-07-02 11:53:51 -04:00
Matthew Brown
fab07c58bd Add slash 2020-07-02 01:32:40 -04:00
Brown
ea82cdc6ea Fix #3726 - infer generic template from class-string 2020-07-02 01:11:46 -04:00
Brown
ae7c5b095b Fix #3712 - allow taints to be suppressed with @psalm-suppress 2020-07-01 23:23:45 -04:00
Tyson Andre
e3d59bf5d4
Support taint detection on Throwable::getTraceAsString() (#3731)
And `__toString()`, which uses getTraceAsString().

Fixes #3696

```php
function login($username, $password, $secret) {
    throw new RuntimeException('login failure');
}
try {
    login('user', $_GET['pass'], SECRET);
} catch (Exception $e) {
    // This output includes unescaped 'pass' and SECRET
    echo $e, "\n";
    echo $e->getTraceAsString();
}
```
2020-07-01 21:27:40 -04:00
Brown
0f548c83ea Fix redundant condition 2020-07-01 19:31:10 -04:00
Brown
6c62e46d15 Only emit one error for erroneous array_map string closure types 2020-07-01 19:18:01 -04:00
Brown
4d73b2501b Allow multiple args passed to array_map 2020-07-01 19:11:49 -04:00
Brown
70ab4c18f4 Fix #3720 - allow literal unions in keys to map to object-like arrays 2020-07-01 18:57:19 -04:00
Olle Härstedt
d8e8ce428e
Add new annotation: @psalm-self-out (#3650)
* Add new config: sealAllMethods

* Add some more tests

* Fix codesniffer issue with preg_quote

* Fix missing method in test

* New tag @self-out (WIP)

* Add self_out_type to method storage

* Add some notes

* More work on self-out (WIP)

* More work on self-out (WIP)

* Use psalm-self-out instead of self-out

* Remove extra file

* Cleanup

* Wrap around try-catch - how to check if a method has/should have storage?

* New method hasStorage()

* Fix indentation

* Fix some errors

* Fix indentation

* Cast storage type to type

* Add proper use-statement in method storage

* Correct test class name

* Allow self_out to be null

* method_id can be string (why, when?)

Co-authored-by: Olle <noemail>
2020-07-01 18:10:24 -04:00
Tyson Andre
b0a3de47e8
Mark create_function() as a taint sink (#3729)
create_function() is a thin wrapper around eval().
Fixes #3723
2020-07-01 18:09:30 -04:00
Brown
e13da22292 Allow cloning interfaces 2020-07-01 11:14:31 -04:00
Brown
fca350c498 Prevent a few crashes with really bad code 2020-07-01 10:30:10 -04:00
Brown
6047b7b6cb Fix #3719 - prevent crash when cloning missing class 2020-07-01 10:10:55 -04:00
Brown
4c368da75e Fix #3721 - prevent crash on empty @method 2020-07-01 09:00:33 -04:00
Brown
cceacde01d Hide fixable issues when running with taint analysis
Fixes #3722
2020-07-01 08:55:58 -04:00
Brown
17558a5c0e Fix #3676 - add multiline output for TaintedInput issues 2020-06-30 13:17:51 -04:00
Brown
671009a70c Specialize constructor taints cc @TysonAndre 2020-06-29 21:08:43 -04:00
Brown
7288dfc620 Fix #3715 - unserialize is a taint sink 2020-06-29 17:54:47 -04:00
Brown
7253e01000 Fix #3716 - prevent crash for Foo|? return type 2020-06-29 17:52:55 -04:00
Brown
e56483bb54 Fix #3711 - generalize call of specialized class without specializations 2020-06-29 17:42:01 -04:00
Brown
ab29ac0e51 Only cast in echo when tracking taints 2020-06-29 15:06:11 -04:00
Brown
cff976049d Remove unused vars 2020-06-29 13:24:05 -04:00
Brown
f6e2e0a84a Perform string casting for taints in ArgumentAnalyzer 2020-06-29 13:21:33 -04:00
Brown
45c21853e5 Fix #3709 - don’t crash on inherited __toString tainting 2020-06-29 12:11:11 -04:00
Brown
aab90fb74e Fix Psalm errors 2020-06-29 09:29:19 -04:00
Brown
38977d797e Fix #3697 - cast types via implied __toString method 2020-06-29 09:13:19 -04:00
Brown
b54b832838 Break out method call tainting 2020-06-29 00:14:49 -04:00
Barney Laurance
3f8aa64ee9
Treat methods of internal or psalm internal classes as internal (#3698)
When both the method and the class are annotated as psalm-internal,
but to different namespaces, we consider the method internal to
whichever namespace is longer, i.e. the smaller code module.

Issue reported at https://github.com/vimeo/psalm/issues/3457
2020-06-28 13:15:54 -04:00
Simon Podlipsky
0f727e7607
Add RdKafka\ProducerTopic::producev() to CallMap (#3700) 2020-06-28 13:15:11 -04:00
Brown
c95ebfeb21 Fix #3694 - allow two args for PDO::query 2020-06-26 18:26:06 -04:00
Fabien Villepinte
c42dadaf0d
Redis::getDbNum|getHost can return false (#3673) (#3693) 2020-06-26 18:14:10 -04:00
Tyson Andre
3a9c7432e1
Add psalm-taint-specialize for preg_replace_callback (#3683)
Fixes https://psalm.dev/r/517c4a169e
2020-06-26 08:58:57 -04:00
Brown
bcd7478352 Reduce memory footprint a little 2020-06-25 19:12:30 -04:00
Brown
8404fa0750 Allow use of a different baseline
Ref #3672
2020-06-25 17:31:03 -04:00
Brown
559b3d3471 Fix #3681 - taint exit like echo 2020-06-25 17:17:08 -04:00
Brown
07f7e5ccaf Reconciling should preserve taints
Fixes #3680
2020-06-25 17:04:18 -04:00
Brown
9837a60853 Fix #3675 - add taints to filter_var return
Doesn’t yet take callback into account
2020-06-25 13:24:26 -04:00
Brown
9e7650586b Fix bugs 2020-06-25 13:21:11 -04:00
Brown
95bf7f835b Improve handling of array_map, faking out calls where nececssary 2020-06-25 13:05:34 -04:00
Brown
f458959af5 Add param type 2020-06-25 01:40:19 -04:00
Brown
d7f1bde6da Refactor taint acccess checks 2020-06-25 01:32:57 -04:00
Brown
b8ebed0b85 Add a bit more accuracy 2020-06-25 01:00:11 -04:00
Brown
e26922010a Improve accuracy of array nesting checks 2020-06-25 00:50:52 -04:00
Brown
b84cf74754 Fix #3668 - taint property types for magic properties without @property 2020-06-25 00:24:37 -04:00
Brown
dd25b81d3a Fix #3670 - taint mixed foreach access 2020-06-24 19:16:30 -04:00
Brown
a6c7a48387 Add support for argument unpacking
Ref #3670
2020-06-24 18:43:15 -04:00
Tyson Andre
1670848267
Mark print() statement as the same sink type as echo (#3669) 2020-06-24 17:23:16 -04:00
Brown
de85e7c539 Fix blips 2020-06-24 13:19:14 -04:00
Brown
7a7cd91c24 Fix #3631 - better treatment for assignments in complex conditionals 2020-06-24 13:16:52 -04:00
Brown
9aa0aca949 Fix handling of coerced callmap args 2020-06-24 11:51:31 -04:00
Brown
c29b3744ec Change storage of out types 2020-06-24 11:51:31 -04:00
Brown
96d05ab06b Fix #3654 - use correct function id for namespaced functions 2020-06-23 16:53:11 -04:00
Brown
6a746b65ea Fix #3655 - taint encapsulated strings 2020-06-23 16:38:59 -04:00
Brown
13fc8a75fd Allow taints to flow where no return type exists
Fixes #3652
2020-06-23 15:52:19 -04:00
Brown
f46236ad71 Taint flows through preg_replace_callback 2020-06-23 15:28:31 -04:00
Brown
f72b609d42 Fix #3642 - detect missing property when name matches 2020-06-23 13:12:46 -04:00
Brown
4d6fc4d0ca Fix get_class($foo) === static::class checks 2020-06-23 13:11:19 -04:00
Brown
9b860214d5 Fix #3639 - allow coerced types to count when picking callmap options 2020-06-22 20:24:34 -04:00
Brown
1f86afece7 Revert "Fix #3631 - apply assertions to RHS of equality in conditional"
This reverts commit 9c17795545.
2020-06-22 20:01:27 -04:00
Brown
fc8212e207 Fix static call specialisation via annotation 2020-06-22 18:40:43 -04:00
Tyson Andre
bee10a2eb4
Add a --debug-emitted-issues flag (#3637)
And support --debug-by-line in psalter and psalm-refactor.
Those were previously not supported in getopt()

Fixes #3634
2020-06-22 18:16:47 -04:00
Brown
e8be2c500e Support taint flows in more functions 2020-06-22 17:53:03 -04:00
Brown
7f05b3c530 Add $_REQUEST as a taint source
Ref #3636
2020-06-22 17:16:15 -04:00
Tyson Andre
f2f5606ca8
Document other supported --report file names (#3633) 2020-06-22 15:21:16 -04:00
Brown
9c17795545 Fix #3631 - apply assertions to RHS of equality in conditional 2020-06-22 15:16:16 -04:00
Brown
d46283075d Add --taint-analysis to command line help 2020-06-22 11:39:46 -04:00
Brown
81e2745cf1 Add more options 2020-06-22 11:24:38 -04:00
Brown
dddc159694 Add explicit path object 2020-06-22 02:10:03 -04:00
Brown
36f1630e03 Add more steps for clearer output 2020-06-22 01:08:58 -04:00
Brown
02e8313c39 Allow taintedness to propagate to some stubbed methods 2020-06-21 18:07:39 -04:00
Brown
fbe3433edd Use escape terminology 2020-06-21 11:43:08 -04:00
Brown
07adecc6eb Use correct method id when creating taints 2020-06-21 02:06:08 -04:00
Brown
dc83c2e2fc Add annotation for taint sources 2020-06-21 00:58:56 -04:00
Brown
cbd7ba8ed8 Fix return type 2020-06-20 23:34:39 -04:00
Brown
10e4e9ac65 Fix #3617 - prevent crash when constant class doesn’t exist 2020-06-20 23:30:36 -04:00
Brown
f21d3a8346 Remove html and sql taints for simple preg_replace patterns 2020-06-20 23:11:42 -04:00
Brown
8edee96d8d Fix taint regression 2020-06-20 18:10:01 -04:00
Brown
80ed1daf33 Allow static method mixin to invoke instance method 2020-06-20 18:05:35 -04:00
Brown
2ccec821f8 Fix #3624 - inherit magic property annotations from traits 2020-06-20 16:53:17 -04:00
Brown
2c5c9e95e1 Don’t add two @return docblocks after @method 2020-06-20 15:30:47 -04:00
Brown
edbeec2c6a Fix @method annotation namespacing 2020-06-20 15:18:22 -04:00
Ilija Tovilo
2f646d29db
Fix #3607 - constant string class reference with leading backslash (#3612) 2020-06-19 18:02:39 -04:00
Brown
51202c75ea Add taint docs 2020-06-19 11:56:12 -04:00
Andrei Petre
6024fe4761
use original case in error messages when reporting undefined methods (#3615) 2020-06-19 11:51:08 -04:00
Brown
b1c836e5f3 Improve specialisation after call 2020-06-19 01:59:45 -04:00
Brown
8f2e28c36b Improve tainting of specializable classes 2020-06-19 01:22:51 -04:00
Brown
078b8b7b1a Fix #3618 - add way to load non-analyzed files 2020-06-19 00:13:09 -04:00
Brown
eecdc43ce7 Remove stray commas 2020-06-18 20:15:38 -04:00
Brown
49f0592794 Improve tracking of array taints 2020-06-18 18:48:19 -04:00
Brown
562a7c1ca4 Track taints from all tainted arrays 2020-06-18 13:45:58 -04:00
Brown
7d9a99a956 Fix #3609 - interpret strings as regular static calls 2020-06-18 11:56:08 -04:00
Brown
f609a01497 Move static property fetch analyzer to own class 2020-06-18 11:53:24 -04:00
Brown
98622783ec Allow lists to have their types refined
Fixes #3605
2020-06-18 10:01:16 -04:00
Bruce Weirdan
6fb63903c1
Infer better types for magic constants used in const initializers (#3602)
Fixes vimeo/psalm#3464
2020-06-18 09:48:51 -04:00