Samuel Mortenson
4aabb411a8
Added event to prevent tainting. ( #5398 )
...
* Added event to prevent tainting.
* Remove optional codebase parameter.
* Removed falsy check for codebase.
* Use two separate hooks for adding and removing taints
* Add slashes
* Update add/remove taint test name.
* Cleaned up SafeArrayKeyChecker example plugin.
* Added more AddRemoveTaintsEvent calls to codebase.
* Fix type check error with $added_taints param.
* Added AddRemoveTaintsEvent to remaining classes.
* Fix post-merge error.
* Add comma
* Remove $int_offset that never existed
Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
Tyson Andre
00b42bf4f7
Check if included files are listed in mustBeIgnored ( #4911 )
...
Previously, when a file was included in `include()`, it was not subject
to ignoreFiles
Related to #4876
2020-12-29 14:05:17 +00:00
orklah
8974da5610
preserve analyzers until the end of file ( #4834 )
...
* preserve analyzers until the end of file
* remove unused variable
2020-12-13 01:17:13 -05:00
Matt Brown
43af3b1a57
Break out TaintedInput issues into a lot of separate ones
2020-11-17 12:44:31 -05:00
Matt Brown
724b25b918
Change control_flow_graph to data_flow_graph
2020-10-13 17:28:12 -04:00
Matt Brown
516141a380
Rename ControlFlowGraph to more appropriate DataFlowGraph
2020-10-13 16:49:03 -04:00
Matt Brown
14efde286f
4.x - refactor unused variable detection
...
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Brown
da65a4327f
Move taint graph functionality into its own object
2020-09-25 00:37:40 -04:00
Brown
56cddd16bf
Rename TaintGraph to ControlFlowGraph because it’s about to do more
2020-09-20 23:59:52 -04:00
Brown
0f6a271858
Improve file-based suppression of taints
2020-09-20 19:37:25 -04:00
Brown
2968b3b065
Add to StatementsAnalyzer taint object instead of Context
2020-09-20 18:42:21 -04:00
Brown
abb9502921
Rename Taint object to TaintGraph
2020-09-20 18:27:02 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe ( #4211 )
...
* replace empty usage with stricter checks
* use strict comparison when safe
* replace is_null with === null for consistency
2020-09-19 18:26:51 -04:00
orklah
8c7423505a
add native param types ( #4137 )
...
* add native param types
* redundant phpdoc
* add more param types and adds "?" to nullable types
* remove redundant phpdoc
* add more param types and remove redundant phpdoc
* add more param types and remove redundant phpdoc
2020-09-06 19:36:47 -04:00
orklah
f66d57f19d
add native return types ( #4116 )
...
* add native return types
* remove redundant phpdoc
2020-09-04 16:26:33 -04:00
Matthew Brown
ef0486ce35
Add some pure annotations
2020-08-23 13:52:31 -04:00
Brown
ae7c5b095b
Fix #3712 - allow taints to be suppressed with @psalm-suppress
2020-07-01 23:23:45 -04:00
Brown
dddc159694
Add explicit path object
2020-06-22 02:10:03 -04:00
Brown
49f0592794
Improve tracking of array taints
2020-06-18 18:48:19 -04:00
Matthew Brown
edb2b4c5ef
Get type of requires
2020-06-13 15:48:12 -04:00
Brown
953be61cf2
Allow limiting connected taint paths
2020-05-25 23:28:11 -04:00
Brown
118b700436
Simplify sink mapping for internal calls
2020-05-25 13:10:06 -04:00
Brown
ee493909d7
Fix bugs
2020-05-23 00:08:16 -04:00
Brown
dc73e25157
Detect taints in include calls
2020-05-22 23:53:37 -04:00
Brown
5ee1487a01
Make ExpressionAnalyzer more beautiful
2020-05-18 15:13:27 -04:00
Matthew Brown
309a229db1
Add codes to all issues
2020-03-17 09:19:47 -04:00
Philip Hofstetter
d315822bfa
make skipping of checks after invalid includes configurable
...
as suggested in the PR it's best to make the setting configurable.
In order not to break existing installations, we default to keeping the
old behaviour, but in a later version of psalm, we might change the
default.
2020-02-27 18:49:23 -05:00
Philip Hofstetter
f2277ebb6d
don't disable checks when includes can't be resolved
...
Any unresolvable include (even suppressed ones) would lead to some
subsequent tests being disabled as a side-effect.
this fixes #2817
2020-02-27 18:49:23 -05:00
Brown
0bcb7863f3
Use better system for storing inferred types and assertions
2019-11-25 11:44:54 -05:00
Brown
b5614d03f8
Add detection for unused function calls
2019-08-13 13:15:23 -04:00
Matthew Brown
ea1f9874fb
Remove more memory leaks
2019-08-02 01:55:24 -04:00
Matthew Brown
3d4adee6b3
Reduce with / before converting back
2019-07-21 11:03:02 -04:00
Brown
1208437b4c
Fix #1940 - allow proper evaluation of /a/b/../../
2019-07-12 14:28:21 -04:00
LeSuisse
f29826b958
Fully qualify constants and function calls ( #1849 )
...
This should give a small performance boost.
Part of #1837 .
The change is enforced via phpcs and can be autofixed
with phpcbf.
2019-06-26 16:52:29 -04:00
Ilija Tovilo
5a14e4b1cf
Progress bar ( #1709 )
...
* Revert "Revert "Implement better progress""
This reverts commit 4302596654235194e28bb2fa52867d9b52ccd0b1.
* Revert "Revert "Implement dots progress bar""
This reverts commit e41733d789c6971d9c8ba9e4e8a4584888fd6a8a.
* Revert "Revert "Switch to VoidProgress by default""
This reverts commit 304ffeb0a30bc650634c0a0715c84ca7b3a8ecd0.
* Revert "Revert "Pass success flag to progress""
This reverts commit 62a690ee4eb192065bac0934202923aeb472b89e.
* Improve socket communication
* Use an underscore
* Add means to disable progress
* Add extra newline before progress bar
2019-05-30 10:30:41 -04:00
Matthew Brown
4302596654
Revert "Implement better progress"
...
This reverts commit 042070d0fd3280430c4b2b51bc73acf98d02c744.
2019-05-27 13:07:02 -04:00
Ilija Tovilo
042070d0fd
Implement better progress
2019-05-26 23:18:48 -04:00
Brown
21b1c04c1d
Fix #1526 - ignore files if they weren’t picked up in scanning step
2019-04-03 10:43:48 -04:00
Matthew Brown
8650f9eb1a
Fix #1356 - improve assertion system to work better on function calls
2019-02-26 01:03:33 -05:00
Matthew Brown
b32000fa05
Fix #689 - add checks for @internal annotations
2018-12-01 18:37:49 -05:00
Matthew Brown
0f90309819
Do all normalisation on / before conversion to \
2018-11-18 17:18:05 -05:00
Matthew Brown
fa2e7f1f70
More finagling of windows file names
2018-11-18 17:06:11 -05:00
Matthew Brown
2a3c3ed223
Fix #1071 - improve resolution of include paths
2018-11-18 16:53:46 -05:00
Matthew Brown
4d79b61e93
Change _checker to _analyzer
2018-11-12 11:20:59 -05:00
Matthew Brown
4688b25fd9
Move internal classes to own namespace
2018-11-12 11:20:59 -05:00