danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 19:07:00 +01:00
Code Issues Projects Releases Wiki Activity
8,488 Commits 43 Branches 314 Tags 108 MiB
3f0de269ee
Commit Graph

116 Commits

Author SHA1 Message Date
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. (#5398) 
* Added event to prevent tainting.

* Remove optional codebase parameter.

* Removed falsy check for codebase.

* Use two separate hooks for adding and removing taints

* Add slashes

* Update add/remove taint test name.

* Cleaned up SafeArrayKeyChecker example plugin.

* Added more AddRemoveTaintsEvent calls to codebase.

* Fix type check error with $added_taints param.

* Added AddRemoveTaintsEvent to remaining classes.

* Fix post-merge error.

* Add comma

* Remove $int_offset that never existed

Co-authored-by: Matt Brown <github@muglug.com>
 2021-03-19 22:41:41 -04:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680) 
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
 2020-11-23 13:10:51 -05:00
Matt Brown
724b25b918 Change control_flow_graph to data_flow_graph 2020-10-13 17:28:12 -04:00
Matt Brown
516141a380 Rename ControlFlowGraph to more appropriate DataFlowGraph 2020-10-13 16:49:03 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection 
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
 2020-09-30 12:28:13 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
efe143a396 Fix #4077 - always track closure purity 2020-08-28 12:42:55 -04:00
Brown
4e10a0ed6f Fix #4036 - add immutable annotations automatically too 2020-08-24 19:29:00 -04:00
Brown
67f9adb33c Allow adding pure annotations to functions 
Ref #4036
 2020-08-23 10:28:26 -04:00
Brown
a8c0d81dc1 Prevent bool > 1 in strict mode 2020-07-30 11:25:47 -04:00
Brown
cb979262c7 Add slash 2020-07-24 10:51:04 -04:00
Matthew Brown
84945a7d1b Fix #3877 - prevent impossible subtr comparisons 2020-07-24 10:08:57 -04:00
Brown
ae7c5b095b Fix #3712 - allow taints to be suppressed with @psalm-suppress 2020-07-01 23:23:45 -04:00
Brown
49f0592794 Improve tracking of array taints 2020-06-18 18:48:19 -04:00
Brown
f609a01497 Move static property fetch analyzer to own class 2020-06-18 11:53:24 -04:00
Brown
953be61cf2 Allow limiting connected taint paths 2020-05-25 23:28:11 -04:00
Brown
a198b09eb7 Add intermediary concat op node 2020-05-23 21:38:09 -04:00
Brown
f5a0622ad2 Fix style 2020-05-23 08:06:31 -04:00
Matthew Brown
0dee85d0b7
Remove redundancy 2020-05-23 01:48:56 -04:00
Brown
16af6a5773 Improve concat taint propagation 2020-05-23 01:11:16 -04:00
Brown
e82c317d53 Adjust tolerances 2020-05-22 21:37:18 -04:00
Brown
666cc3b4c9 Fix BinaryOp analysis 2020-05-18 23:00:53 -04:00
Brown
8e5b330c5a Break apart CallAnalyzer 2020-05-18 22:57:00 -04:00
Brown
ace049a068 Beautify BinaryOpAnalyzer 2020-05-18 18:57:09 -04:00
Brown
5ee1487a01 Make ExpressionAnalyzer more beautiful 2020-05-18 15:13:27 -04:00
Brown
111303d913 Add non-empty-lowercase-string type 2020-05-15 10:18:05 -04:00
Brown
2af0a17d03 Fix #3236 - allow use-checking of more methods starting with __ 2020-05-12 22:39:26 -04:00
Matthew Brown
1b2017e4f4 Add slash 2020-03-29 10:44:38 -04:00
Matthew Brown
0e919a0696 Allow arithmetic on simple templated types 2020-03-29 10:34:46 -04:00
Matthew Brown
47c1470e3b Refactor reference checks to use more appropriate properties 2020-03-28 16:30:56 -04:00
Matthew Brown
bfb919d26a Break out methods into their own classes 2020-03-11 23:04:52 -04:00
Brown
0a8bb32115 Fix #2866 - prevent use of impure __toString via concatenation in pure contexts 2020-02-24 14:50:34 -05:00
Matthew Brown
f1a9b73a78 Fix message 2020-02-23 18:24:43 -05:00
Matthew Brown
ed4f4e35b8 Fix null checks 2020-02-23 18:20:59 -05:00
Matthew Brown
41e076e0ee Fix bad 2020-02-23 18:19:53 -05:00
Matthew Brown
618ae77846 Prevent implicit __toString method calls in a pure context 2020-02-23 18:18:25 -05:00
Matthew Brown
3efe271819
Remove blank line 2020-02-13 18:36:37 -05:00
Brown
bc0ccbda99 Add better inference for lower-cased methods 2020-02-13 17:30:00 -05:00
Brown
0ffb833bf3 Fix #2677 - use better assertion for null coalesce 2020-01-23 14:52:35 -05:00
Matthew Brown
c3edbdbc19 Allow checking $_SESSION for null without altering type 2020-01-14 21:51:04 -05:00
Brown
0f6b61d62d Clone isset type before contradicting 2020-01-14 18:28:32 -05:00
Matthew Brown
e1daf26202 Improve support for null coalesce checks 2020-01-14 00:53:38 -05:00
Matthew Brown
90d6b73fd8 Fix taint analysis of binary operations 2020-01-07 08:50:31 -05:00
Matthew Brown
1f777bec0e Capture non-empty-string from concat more effectively 2020-01-07 01:44:12 -05:00
Matthew Brown
ce5917c6fb Add better string detection 2020-01-07 01:21:29 -05:00