danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-14 10:17:33 +01:00
Code Issues Projects Releases Wiki Activity
8,182 Commits 43 Branches 314 Tags 108 MiB
3f4bb25a35
Commit Graph

3470 Commits

Author SHA1 Message Date
Matt Brown
11825a2cc2 Fix #4611 - flag invalid attribute arguments correctly 2020-11-22 00:44:44 -05:00
Matt Brown
1fc1cae1d5 Fix #4615 - ensure promoted properties are not treated as uninitialized 2020-11-22 00:32:02 -05:00
Matt Brown
efafe2edd5 Add instanceof check 2020-11-21 20:15:13 -05:00
Matt Brown
19bb4aba56 Remove unnecessary coercion 2020-11-21 18:26:55 -05:00
Matt Brown
df2ec48018 Don’t erase already-known literal ints 
Fixes #4644
 2020-11-21 18:26:13 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649) 
* Implement variadic taint propagation

* Lint code
 2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Lukas Reschke
3943b55f8a
Add psalm-flow for string functions from sscanf to wordwrap (#4591) 
* Add string functions from sscanf to wordwrap

This should conclude all string functions from https://www.php.net/manual/en/book.strings.php

Continuation of https://github.com/vimeo/psalm/pull/4576

Ref https://github.com/vimeo/psalm/issues/3636

* Add StrTrReturnTypeProvider

* Fix psalm error

* phpcs

* Line length

* Ignore false return on vsprintf

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-21 17:35:07 -05:00
orklah
6b72599ec5
allow static return type in PHP8 (#4641) 2020-11-20 18:46:35 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Dalibor Karlović
da632ca73a
feature: allow plugin manager to work without config file (#4639) 2020-11-20 09:54:14 -05:00
Matt Brown
ce8938263e Fix #4636 - prevent crashes on aliased classes 2020-11-20 09:29:24 -05:00
Matt Brown
c562e1dd52 Don’t taint foreach keys with array-fetch 
We could use array-keyfetch or similar, but for now gives false-positives
 2020-11-19 19:08:59 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c Closure calls aren’t sinks 2020-11-19 18:44:36 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630) 
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
 2020-11-19 17:47:29 -05:00
Matt Brown
70c9fd97c7 Return empty instead of throwing 2020-11-19 16:25:53 -05:00
Matt Brown
ead63894a1 Fix formatting 2020-11-19 16:09:30 -05:00
Matt Brown
b5d4b59c33 Be more refined 2020-11-19 15:57:05 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible 
Now the flag passed to scrapeAssertions just determines the errors emitted
 2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays" 
This reverts commit 08ae85a735.
 2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Matt Brown
4bb84f7f0a Add more attributes to fake PhpParser generated expressions 
Ref #4600
 2020-11-18 10:16:41 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Lukas Reschke
494ec40777
Add SARIF as report output (#4582) 
https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html
 2020-11-17 13:23:20 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575) 
Closes #4563
 2020-11-16 15:49:27 -05:00
Thomas Mauro Vargiu
4e8fb9c37f
Fix #4549 Better intersection between parent types (#4560) 2020-11-15 20:29:49 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
5b004a1d11 Fix #4558 - Don’t convert value-of to key-of template 2020-11-15 18:33:07 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
f65868c023 Fix style 2020-11-13 16:43:36 -05:00
Matt Brown
d97c8b750a Add closure-use termination for byref flows 2020-11-13 13:37:27 -05:00
Matt Brown
e7e5904d2d Remove unused uses in Psalm’s codebase 2020-11-13 13:16:39 -05:00
Matt Brown
2e47ca51d5 Fix #4547 - mark unused uses 2020-11-13 13:13:29 -05:00
Matt Brown
57125c7106 Uses by ref should be assigned that way 2020-11-13 12:50:01 -05:00
Matt Brown
4c1cf37d52 Improve error message for UnusedVariable 2020-11-13 12:36:17 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966 Move mutation checks to more appropriate place 2020-11-12 23:54:50 -05:00
Matt Brown
ec9762ce61 Prevent the same interface, repopulated, from confusing matters 2020-11-12 15:52:13 -05:00
Matt Brown
58c47ab32c Fix build 2020-11-12 14:22:54 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
929efcc1ac Use the same docblock as the source params, if possible 2020-11-12 09:14:40 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use 
Fixes #4524
 2020-11-11 19:22:23 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred 
Ref #4485
 2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Matt Brown
5a5cbb2892 Increase nesting 2020-11-10 18:27:28 -05:00
Matt Brown
165e0db157 Fix style 2020-11-10 16:19:24 -05:00
Matt Brown
46ebca4497 Fix coalesce operation tainting 2020-11-10 14:36:36 -05:00
Matt Brown
a82a9558d2 Experiment with refactor 2020-11-10 12:50:17 -05:00
Matt Brown
b731b53d5e Add debug stuff for code complexity 2020-11-10 12:49:42 -05:00
Matt Brown
81babf2430 Clone to prevent incorrect references 2020-11-10 09:01:46 -05:00
Matt Brown
e27cbfba57 Reduce size of data flow graph when analysing array assignments 2020-11-09 22:44:36 -05:00
Adrien LUCAS
4cb8e86737
Add a proxy capability to the flow annotation (#4495) 
* Add a `passthru` capability to the flow annotation

* Fix passthru-calls type

* Fix types and rename to proxy

* Allow to proxy a method

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-09 15:22:35 -05:00
Matt Brown
32d526bde9 Add descendant variables for closure uses 
Fixes #4522
 2020-11-09 15:20:28 -05:00
Matt Brown
e97a9c86eb Fix #4517 - track type contradiction issues in match expressions 2020-11-09 10:00:53 -05:00
Matt Brown
3aaa1d8447 Fix #4516 - treat exit() as the empty type 2020-11-09 08:44:03 -05:00
Matt Brown
683546e024 Fix #4519 - prevent crash with empty match 2020-11-09 08:36:59 -05:00
Matt Brown
8799e1a337 Break apart complex method 2020-11-09 00:58:45 -05:00
Matt Brown
6acd667e55 Fix #4509 - treat expression-derived constants as mixed 2020-11-08 15:36:38 -05:00
Matt Brown
ab2ab826d2 Add slashes 2020-11-08 14:34:09 -05:00
Matt Brown
0be4f2fedf Fix/ignore reflection bugs 2020-11-08 14:27:37 -05:00
Wouter J
58318282c5
Add support for PHP 8 union types (#4505) 2020-11-08 14:23:03 -05:00
Matt Brown
20e37d8cb6 Add a comment to show workings 2020-11-08 13:08:45 -05:00
Matt Brown
24c9702aa5 Remove unused imports 2020-11-08 12:31:21 -05:00
Matt Brown
6da0905478 Separate out good from the bad 2020-11-08 12:29:23 -05:00
Matt Brown
b635353cf4 Fix redundant thing 2020-11-08 10:18:32 -05:00
Matt Brown
dccf236d16 Fix #4503 - don’t ignore assertions on possibly-null mixed 2020-11-08 10:06:39 -05:00
Matt Brown
b8f5d16e9f Consolidate similar functionality 2020-11-07 00:58:20 -05:00
Matt Brown
bb5b5142d6 Add more info to mic drop code 2020-11-06 21:36:38 -05:00
Matt Brown
45b3dce631 Break apart IfElseAnalyzer 2020-11-06 21:01:17 -05:00
Matt Brown
3359e7699a Rename IfAnalyzer 2020-11-06 20:51:14 -05:00
Axel H
271e0d86be
Fix type inference when unpacking typed iterables (#4487) 
* Add test for unpacking typed iterables

* Fix type inference when unpacking typed iterables into arrays

* Fix possibly undefined array offset
 2020-11-06 17:24:01 -05:00
Matt Brown
9daa534656 Ensure we flush out re-assigned vars also referenced 
Fixes #4488
 2020-11-06 12:51:41 -05:00
Matt Brown
6b06ecec39 Fix #4491 - support assertions in new calls 2020-11-06 11:55:19 -05:00
Matt Brown
debedf2c96 Support pure-Closure annotation 2020-11-06 00:38:57 -05:00
Matthew Brown
1c66646e72
Fix formatting 2020-11-05 19:23:54 -05:00
Matt Brown
388e804ed8 Allow opt-in to strict return type checking 2020-11-05 18:20:04 -05:00
Matt Brown
d47d817843 Fix #4479 - use correct keys in message 2020-11-05 10:13:08 -05:00
Matt Brown
e9dd16f336 Fix #4481 - ReflectionProperty implements Reflector 2020-11-05 09:29:20 -05:00
Matt Brown
b3ff107c20 Add functions 2020-11-04 23:34:38 -05:00
Matt Brown
3bde327f1b Break up CommentAnalyzer 2020-11-04 23:25:08 -05:00
Matt Brown
f3c6d70a9b Use more accurate type for div of ints 2020-11-04 22:39:27 -05:00
Matt Brown
eacc05e73f Fix #2132 - get value of literal int division 2020-11-04 22:32:33 -05:00
Matt Brown
3e9c5d3600 Add support for @return never 2020-11-04 12:30:02 -05:00
Matt Brown
b5a3f45d52 Remove use of PHP 7.2 function 2020-11-04 11:02:34 -05:00
Matt Brown
590af31449 Improve output of Clause::__toString 2020-11-03 17:02:37 -05:00
Matt Brown
91d9dc3759 Fix overeager inference 2020-11-03 16:44:24 -05:00
Matt Brown
b35db3e523 Reorganise things a little 2020-11-03 16:15:54 -05:00
Matt Brown
16bfbd9224 Fix function 2020-11-02 00:54:12 -05:00
Matt Brown
3d4e77beb6 Fix int-mask-of expansion 2020-11-02 00:40:36 -05:00
Matt Brown
09228131d8 Use falsy value 2020-11-01 22:57:30 -05:00
Matt Brown
6922caf9f6 Fix #4466 use better differentiation for class_exists second param 2020-11-01 13:14:17 -05:00
Matt Brown
966b139504 Fix dupe semicolons 2020-11-01 11:42:09 -05:00
Matt Brown
024d93b7fd Fix #4467 - variables are only the same if they were set in the same location 2020-11-01 11:26:42 -05:00
Matt Brown
f0a30b9fd0 Invalidate child methods when signature changes 2020-11-01 09:46:21 -05:00
Matt Brown
667220408c Fix #4464 - bust cache when Psalm’s version changes, not just composer’s 2020-11-01 09:01:53 -05:00
Matt Brown
957a554c4b Support a bunch of attributes 2020-10-30 21:38:27 -04:00
Matt Brown
938cebc9f8 Use better inference for getAttributes return type 
Fixes #4367
 2020-10-30 17:37:16 -04:00
Matt Brown
67554dd017 Fix #4453 - sanitise @extends types before attempting to parse 2020-10-30 15:08:23 -04:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
4ea87b9054 Add support for int-mask<...> and int-mask-of<...> 2020-10-30 13:28:45 -04:00
Joe Hoyle
4bb675ea72
Pass CodeLocation to FunctionParamsProviderInterface interface (#4444) 
Currently the `getFunctionParams()` method of the `FunctionParamsProviderInterface` is never passed the CodeLocation of the analyzed function call. As this is in-scope in the only call site, we can pass the CodeLocation. This means the `getFunctionParams()` is able to issue it's own Issues (which required the code location to attached the Issue to)
 2020-10-29 19:53:21 -04:00
Matt Brown
82f35c1454 Ensure Stringable is always available to tests that need it 2020-10-29 19:41:10 -04:00
Matt Brown
5c784dc7cb Fix #4435 - ensure casts are always flow-sensitive 2020-10-28 14:06:05 -04:00
Matt Brown
dab1aac9d4 Protect more calls 2020-10-28 13:48:13 -04:00
Matt Brown
f43dba8c4c Use more accurate comparison for non-empty-lists 2020-10-28 13:32:55 -04:00
Matt Brown
083102a862 Fix count call 2020-10-28 13:10:30 -04:00
Matt Brown
4aef96bbac Use lists everywhere for args 2020-10-28 12:45:26 -04:00
Matt Brown
fee5eab671 If interface implements __toString it’s also Stringable 2020-10-28 09:06:52 -04:00
Matt Brown
d00a02a06b Fix #4429 - any class with a __toString method in PHP8 assumed to implement Stringable 2020-10-27 15:41:04 -04:00
Matt Brown
d27d86a84c Fix #4422 - be aware of nested template params 2020-10-27 10:01:17 -04:00
Matt Brown
1da6615ac2 Fix comma 2020-10-27 09:13:57 -04:00
Matt Brown
b91370e4ae Fix #4407 - always scan types in @var docblocks regardless of next element 2020-10-26 12:35:29 -04:00
Matt Brown
d3464cb22a Fix #4418 - improve try analysis for mixed, too 2020-10-26 09:05:48 -04:00
Matt Brown
462f8ba32b Fix #4397 - allow offsetGet on inside isset 2020-10-25 22:16:43 -04:00
Matt Brown
b6dbc34523 Track final-ness of class when evaluating trait returns 2020-10-25 12:20:18 -04:00
Matt Brown
18f3a3721f Fix #4414 - allow multiple @psalm-assert-if-true on same var 2020-10-25 10:49:39 -04:00
Matt Brown
94e26b2257 Empty checks variables are really falsy checks 2020-10-24 12:46:27 -04:00
Matt Brown
5ff3f1377d Fix a few bugs 2020-10-24 12:23:59 -04:00
Matt Brown
f8eee22f77 Add basic support for PHP attributes 
Ref #4367 - supports creation and argument checks
 2020-10-24 00:10:22 -04:00
Matt Brown
f3cc7a7f2f Break apart ReflectorVisitor 2020-10-23 19:53:04 -04:00
Matt Brown
6e262ca753 Add slash 2020-10-22 18:30:36 -04:00
Matt Brown
1c836ad2fb Invalidate signature types when use changes 2020-10-22 18:07:27 -04:00
Matthew Brown
0f9b4003f8
arraylike-object should include countable 
Fixes #4398
 2020-10-22 11:48:24 -04:00
Matt Brown
ad5a8c247b Fix #4386 - fix issues with property promotion 2020-10-21 14:41:15 -04:00
Matt Brown
f72e2d7de5 Fix #4374 - prevent paradox and allow Psalm to understand more assignments in conditionals 2020-10-20 14:43:05 -04:00
Matt Brown
66780716aa Fix #3625 - getIterator call is used inside loop 2020-10-20 10:59:09 -04:00
Matt Brown
e7d1fa6798 Fix #4372 - count implicitly-used short-closure vars as used 2020-10-20 09:32:08 -04:00
Matt Brown
3803bbfce0 Fix #4368 - improve handling of try with finally 2020-10-20 09:07:10 -04:00
Matt Brown
7afd817a3b Add back use 2020-10-19 15:10:35 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361) 
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
 2020-10-19 15:08:18 -04:00
Matt Brown
32787169d7 Fix language server 2020-10-19 13:13:50 -04:00
Matt Brown
1a6b684993 Fix #4366 - possibly-undefined vars in finally block should not error 2020-10-19 09:56:38 -04:00
Matt Brown
fe294a4dc0 Don’t overwrite true flag 2020-10-18 01:24:36 -04:00
Matt Brown
a6c7336c69 Fix bad replacement 2020-10-18 00:54:07 -04:00
Matt Brown
0897abf5cb Be more explicit about negation 2020-10-18 00:39:43 -04:00
Matt Brown
3c29ffd0b7 Ignore just-coerced vars 2020-10-17 23:35:24 -04:00
Matt Brown
b646414304 Prevent unnecessary assignments 2020-10-17 18:44:42 -04:00
Matt Brown
055fe551c1 Suppress errors from fake statements 2020-10-17 18:35:55 -04:00
Matt Brown
9502e51a08 Fix reversed negation check 2020-10-17 17:46:00 -04:00
Matt Brown
c0f6afbd87 Improve binary op || analysis for chain 2020-10-17 17:16:47 -04:00
Matt Brown
559abb7b6a Fix style 2020-10-17 14:50:14 -04:00
orklah
ceaaa39ec3
improve phpdoc (#4352) 2020-10-17 12:36:44 -04:00
Matt Brown
9f29e77adc Fix #4354 - allow assignments on RHS of || in if conditional 2020-10-17 12:29:57 -04:00
Matt Brown
be1cd5275e Fix #4349 - improve types for suggested unions 2020-10-16 17:56:31 -04:00
Matt Brown
234eae6ad0 Fix algebra more 2020-10-16 11:17:52 -04:00
Matt Brown
083cc29c04 Fix #4347 - fix combinatorial expansion when negating if conditions 2020-10-16 10:23:15 -04:00
orklah
ffe7874906
Misc improvements (#4314) 
* extract the operation out of the loop when possible

* remove unnecessary interfaces when already inherited in parent

* simplify expressions

* avoid using alias functions

* redundant phpdoc

* unused imports
 2020-10-15 13:23:35 -04:00
Matt Brown
b69e28f26a Fix default value 2020-10-15 13:20:42 -04:00
Matt Brown
8d2e88ef41 Fix #4333 - don’t get tripped up on try with no catches 2020-10-15 10:15:55 -04:00
Matt Brown
8a2983e5e9 Fix #4336 - don’t merge sources twice for null coalesce 2020-10-15 09:57:37 -04:00
Matt Brown
da257a0fa5 Break apart InstancePropertyFetchAnalyzer and others 2020-10-15 09:21:44 -04:00
Matt Brown
2902a8cc60 Fix #4326 - Prevent later remapping of properties 2020-10-14 21:35:57 -04:00
Matt Brown
4539a2f27e Fix #4326 - prevent more mapping than necessary 2020-10-14 21:22:51 -04:00
Matt Brown
d8d17a6587 Fix #4327 - make sure loop always returns 2020-10-14 20:19:55 -04:00
Matt Brown
b2382cdf18 Use correct count 2020-10-14 18:56:49 -04:00
Matt Brown
4488d5fb1f Use more accurate arguments count 2020-10-14 18:51:15 -04:00
Matt Brown
864a7bbb4c Add better support for get_debug_type 2020-10-14 17:30:08 -04:00
Matt Brown
a0fbac347e Prevent features pre-php-8 2020-10-14 17:09:56 -04:00
Matt Brown
62c15b2a4f Avoid crash when callable type is missing 2020-10-14 11:01:46 -04:00
Matt Brown
724b25b918 Change control_flow_graph to data_flow_graph 2020-10-13 17:28:12 -04:00
Matt Brown
516141a380 Rename ControlFlowGraph to more appropriate DataFlowGraph 2020-10-13 16:49:03 -04:00
Matt Brown
1ae9a6127e Fix #4315 - prevent crash when setting unknown property in finally 2020-10-13 08:32:26 -04:00
Matt Brown
bb7d7132f7 Do arithmetic for preg_split arguments 2020-10-12 20:26:02 -04:00
Matt Brown
b08d70f977 Fix #4252 - fix xml generation 2020-10-12 18:39:26 -04:00
orklah
62e79fb7ea
param types (#4313) 2020-10-12 15:46:47 -04:00
Matt Brown
fee3b63122 Fix #4274 - don’t ignore mixed union in array_shift operation 2020-10-12 15:17:22 -04:00
orklah
10f2966dcb
return types (#4311) 
* return types

* remove willReturn for void methods
 2020-10-12 15:02:52 -04:00
Matt Brown
fcfa746ba8 Fix #4310 - prevent literal class check on union 2020-10-12 14:45:11 -04:00
Matt Brown
d16c0de872 Add slash 2020-10-12 14:32:44 -04:00
Matt Brown
464795d86c Fix #4309 - improve reuse of callmap callable inference 2020-10-12 13:46:43 -04:00
Matt Brown
5743471a19 Don’t merge array and Traversable to iterable when there are intersections 2020-10-12 12:45:31 -04:00
Matt Brown
ce90466ad4 Change name to arraylike-object 2020-10-12 12:39:48 -04:00
Matt Brown
8319278ef1 4.x - Add support for array-like-object 
Ref #4308
 2020-10-12 12:32:02 -04:00
Matt Brown
d8a74ca383 4.x - Prevent passing empty array to max or min 2020-10-12 12:09:12 -04:00
Matt Brown
7e65355513 4.x - detect falty !is_resource checks 2020-10-12 09:57:11 -04:00
Matt Brown
b85cbd01a7 4.x - add support for PHP 8 callmap 2020-10-12 09:41:25 -04:00
Matt Brown
f3b05f5ab5 Move static code out of src 2020-10-12 00:59:19 -04:00
Matt Brown
5be7276a17 Fix #4306 - negating positive-numeric is useless, avoid crash 2020-10-11 23:16:43 -04:00
Matt Brown
7195275993 Fix #4299 - only allow unpacking for the zeroeth-indexed element 2020-10-08 09:51:27 -04:00
Matt Brown
e9b520d72d Ignore precondition issues in loop 2020-10-07 20:24:50 -04:00
Matt Brown
3b19913b44 Unbreak CI 2020-10-07 18:50:30 -04:00
Matt Brown
a9c145a725 Convert numeric literal strings to their int/float equivalents for numeric operations 2020-10-07 18:06:41 -04:00
Matt Brown
443025eab8 Fix addition of int and string type 2020-10-07 18:01:41 -04:00
Matt Brown
8b7657f379 Fix #4297 - use correct property id for each different MissingConstructor error 2020-10-07 17:54:00 -04:00
Matt Brown
1f2d2764ab Fix #4287 - intersection of regular arrays should not result in crash 2020-10-07 17:47:17 -04:00
Matt Brown
c8d4bafb85 Improve accuracy of messages 2020-10-07 17:26:37 -04:00
Matt Brown
c2108e89db Warn about impossible/redundant conditions in RHS of || 2020-10-07 17:04:01 -04:00
Matt Brown
595b8178e0 Improve error message 2020-10-07 15:36:31 -04:00
Matt Brown
54ec83c5ee Use better locations for errors 2020-10-07 13:53:35 -04:00
Matt Brown
639ae61284 Always check LHS of or condition before applying to RHS 2020-10-07 13:40:09 -04:00
Matt Brown
26a674dcb4 Improve message even more 2020-10-07 12:41:36 -04:00
Matt Brown
8f188877ae Improve language further 2020-10-07 12:34:28 -04:00
Matt Brown
95ec310807 Clarify names 2020-10-07 12:24:36 -04:00
Matt Brown
f49884a30d Fix bug 2020-10-07 12:04:54 -04:00
Matt Brown
f655b97330 Simplified even more 2020-10-07 12:00:53 -04:00
Matt Brown
8aaebfc2c4 Simplify more 2020-10-07 11:55:57 -04:00
Matt Brown
21a6f34088 Fix linting 2020-10-07 11:52:02 -04:00
Matt Brown
02e18c0cde Improve clause-to-string conversion 2020-10-07 11:46:53 -04:00
feek
8d2db4e673
feature: universal object crates (#3948) 
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-10-07 09:56:21 -04:00
Marco Perone
a12fbb7f90
add some more stubs for array functions (#4271) 
* add some more stubs for array functions

* add function brackets to stubs

* add parameter names

* remove redundant brackets

* remove stubs already defined in return type providers
 2020-10-06 09:13:19 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
fb604bfacb 4.x - move class constants into their own storage object 2020-10-05 09:50:32 -04:00
Matt Brown
ea47548dd0 4.x - Prevent AfterFunctionCallAnalysisInterface from rewriting return types 2020-10-04 23:39:20 -04:00
Matt Brown
939297484c 4.x - rename TFn to TClosure 2020-10-04 23:32:01 -04:00
Matt Brown
549b200aa7 Remove mixed assignment issue 2020-10-04 17:53:26 -04:00
Matt Brown
ad8bda9eeb Fix indentation 2020-10-04 00:18:55 -04:00
Matt Brown
d532133325 Add support for Stringable 2020-10-04 00:17:16 -04:00
Matt Brown
ec3501b244 Ensure PHP 8 continuation of 7.4 method signature features 2020-10-03 23:34:29 -04:00
Matt Brown
127e66df65 Elevate trait mismatch issues in PHP 8.0 2020-10-03 22:59:43 -04:00
Matt Brown
1a11897849 4.x - add support for the nullsafe operator 2020-10-03 20:21:52 -04:00
Saif Eddin G
0475f379aa
add support for 'COMPOSER' env variable for alternate name of 'composer.json' (#4275) 2020-10-03 02:26:37 -04:00
Matt Brown
6a91c2f70e Fix @no-named-arguments more 2020-10-02 21:09:37 -04:00
Matt Brown
009b33b17d Support @no-named-args when calling in PHP 8 2020-10-02 20:58:51 -04:00
Matt Brown
5a94043a7f Unbreak gettype support 2020-10-02 20:33:35 -04:00
Matt Brown
63a11bae15 4.x - Support named arguments 
Ref #4089
 2020-10-02 20:27:01 -04:00
Matt Brown
2cd306b75c Promoted properties are always initialized 2020-10-02 19:44:58 -04:00
Matt Brown
5bcd1bbb75 4.x - add support for get_debug_type function 
Ref #4089
 2020-10-02 19:15:47 -04:00
Matt Brown
74934ffdbb 4.x - rename GetClassT to TDependentGetClass 2020-10-02 18:47:23 -04:00
Matt Brown
211553c53f Support property type promotion ref #4089 2020-10-02 18:31:32 -04:00
Matt Brown
6866e443dc Small refactor 2020-10-02 18:24:46 -04:00
orklah
17d53974e6
change label (#4272) 2020-10-02 15:08:26 -04:00
Matt Brown
c9e47450a7 Fix #4266 - prevent OOM when analysing closure unioned with invokable class 2020-10-02 00:47:42 -04:00
Matt Brown
6ad5e1c013 Fix #4264 - prevent crash when analysing file with duplicate classes 2020-10-01 15:07:25 -04:00
Matt Brown
35081c0d21 Ensure catch variables are marked as used 2020-09-30 13:51:02 -04:00
Matt Brown
fc001cdf65 Treat func_get_args as using function params 2020-09-30 13:08:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection 
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
 2020-09-30 12:28:13 -04:00
Matt Brown
169b2b7023 Fix analysis when there’s a break in a loop after a reassignment 2020-09-30 00:04:07 -04:00
Daniil Gentili
1eca537209
Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs (#4255) 
* Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs

* Add SplFixedArray
 2020-09-29 11:27:12 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
1afbce82ca Ensure loop marks vars as possibly assigned 2020-09-27 17:50:48 -04:00
Bruce Weirdan
d9776aa710
Fixes crash due to class/filename mismatch (#4247) 
Introduced in 56cddd16bf
 2020-09-26 13:31:38 -04:00
Brown
4f28b38556 Fix unused var in finally false-positive 2020-09-25 10:20:22 -04:00
Brown
c17bacd682 Prevent duplicate switch return types 2020-09-25 09:45:20 -04:00
Brown
d52d7ef6aa Add extra loops for more reliable analysis 2020-09-25 00:59:58 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
orklah
83ca918824
preg_split can't take null in limit (#4236) 
* preg_split can't take null in limit

* fix wrong type in preg_split
 2020-09-22 13:46:37 -04:00
orklah
37a2f8a33d
unused use statements (#4228) 2020-09-22 01:10:46 -04:00
Brown
3593a120f3 Add missing = true 2020-09-22 01:10:11 -04:00
orklah
250fa8e42d
misc changes (#4227) 
* misc changes

* misc changes
 2020-09-22 00:44:31 -04:00
Brown
275c6bf4e7 Propagate has_returned flag 2020-09-22 00:43:13 -04:00
Brown
3015aca2df Fix fudging var 2020-09-21 16:23:44 -04:00
Brown
b501db6dd2 Skip currently-failing undefined variable test 2020-09-21 16:01:14 -04:00
Brown
cdb2b5caf6 Be a little bit more robust in finally handling 2020-09-21 15:37:10 -04:00
Brown
3e0f449163 Detect more issues inside finally block 2020-09-21 15:16:19 -04:00
Brown
fe94ae0603 Make sure to union try-set vars 2020-09-21 14:33:34 -04:00
Brown
7bd1c43be1 Don’t forget control actions 2020-09-21 11:18:30 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
70b8c8c0e4 Revert StatementsAnalyzer change 2020-09-20 21:01:59 -04:00
Brown
ef612ea598 Fix tests 2020-09-20 20:58:34 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
de16308f2e
useless comparison (#4223) 
* remove unused code

* fix wrong fix
 2020-09-20 13:01:27 -04:00
Brown
cf8dcc163e Use shuffled files 2020-09-20 12:59:32 -04:00
orklah
24a38f21ce
Use array destructuring when possible (#4221) 
* list usage

* fix inversion
 2020-09-20 12:55:38 -04:00
orklah
1a1b88bb5e
add visibilities to constants (#4219) 2020-09-20 12:54:46 -04:00
Brown
ef3cf67f50 Fix #4198 - make analysis of class-string property assignments more robust 2020-09-20 09:18:35 -04:00
orklah
cb7065ae07
replace deprecated methods with their equivalent (#4217) 2020-09-20 08:56:49 -04:00
orklah
a9a364e363
Misc improvements (#4216) 
* misc changes

* fix CI
 2020-09-20 08:55:28 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211) 
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
 2020-09-19 18:26:51 -04:00
Brown
1ac527bbf1 Meke staticy methods properly static 2020-09-19 18:24:36 -04:00
Brown
0ae436d335 Fix a couple of false-positive redundant conditions 2020-09-19 18:12:14 -04:00
Brown
72d1d799b1 Fix #4208 - array with possibly-undefined keys isn‘t really sealed 2020-09-19 15:46:54 -04:00
Brown
f973937aec Fix #4209 - allow hinting arrow function return type 2020-09-19 14:59:19 -04:00
Brown
a8a2a4cb66 Fix #4210 - fix __invoke declaration tracing 2020-09-19 14:18:52 -04:00
Brown
94ed53b25a func_num_args is pure 
fixes #4215
 2020-09-19 13:58:29 -04:00
Brown
363887a445 Add explicit offset 
Fixes #4202
 2020-09-17 21:35:30 -04:00
Daniel Badura
7d5dbd3f38
add random_int as stub, returns positive-int if min is positive-int (#4199) 2020-09-17 08:31:31 -04:00
orklah
191495328a
Fix errors in return types (#4189) 
* FunctionLikeAnalyzer::verifyReturnType returns void

* ArrayFunctionArgumentsAnalyzer::checkArgumentsMatch returns void

* AssertionFinder::scrapeAssertions can't return null
 2020-09-16 17:35:55 -04:00
Brown
dda013dc2e Only refine for matching closure union members 
Ref #4136
 2020-09-15 09:40:27 -04:00
Brown
0b209864fe Improve accuracy of array_filter 2020-09-14 13:31:53 -04:00
Brown
8d7fe83e2a Improve array_merge return type 2020-09-14 13:06:15 -04:00
Brown
b10c1ac280 Fix style 2020-09-14 12:19:30 -04:00
Brown
1f3215d36b Support more array intersections in type parsing 2020-09-14 12:13:33 -04:00
Brown
02b725f8a2 Add back suppression 2020-09-14 11:02:04 -04:00
Brown
17a0ecb60e Fix regression – detect unused params with defaults again 2020-09-14 10:58:36 -04:00
Brown
1df3c9365c Fix template check 2020-09-14 10:00:09 -04:00
Brown
77e84b3817 Fix a few more things 2020-09-13 23:28:31 -04:00
Brown
c4450b930c Fix various things 2020-09-13 22:39:03 -04:00
Brown
249903e18a Fix style issues 2020-09-13 21:45:07 -04:00
Brown
56bae3b587 Add check for strpos dictionaries 
Ref #4070
 2020-09-13 21:42:44 -04:00
Brown
8f8dbfbd72 Fix #4122 - detect yield in function arguments 2020-09-13 17:13:26 -04:00
Brown
f180fb23bc Fix #4178 - always detect missing property types 2020-09-13 16:50:50 -04:00
Bruce Weirdan
689027c92d
Support multiple issue types in @psalm-suppress (#4179) 
* Accept multiple issue names in `@psalm-suppress`

Fixes vimeo/psalm#1575

* Accept multiple issue types on statement docblocks as well

* Proper highlighting of individual issues in compound suppressions
 2020-09-13 16:41:14 -04:00
Bruce Weirdan
cd110c7e2f
Added @psalm-stub-override for classlikes and methods (#4177) 
Fixes vimeo/psalm#1252
 2020-09-13 16:40:31 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
Brown
ded9237176 Fix bad error flagging 2020-09-13 16:38:32 -04:00
Brown
9ed09d2679 Fix #4127 - improve error message for unused closure var 2020-09-12 17:03:11 -04:00
ygottschalk
5b0c9b1a28
added array-size max constraint to greater check (#4175) 
added a few unit tests
 2020-09-12 16:13:13 -04:00
Brown
09d22cb05c Fix #4169 - add appropriate bounds check 2020-09-12 11:33:26 -04:00
Toshiyuki Goto
ad437c5265
Workaround to PhpScoper group use bug in Box (#4174) 2020-09-12 11:24:40 -04:00
orklah
ead107fa9e
More return types (#4173) 
* add native return types

* redundant phpdoc
 2020-09-12 11:24:05 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs 
Ref #4070
 2020-09-10 22:54:32 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
aaede393d4 Fix #4070 - prevent literal strpos argument 2020-09-10 18:28:34 -04:00
Brown
2100dbd8aa Fix #4167 - allow many issues for the same position 2020-09-10 17:41:45 -04:00
Craig Francis
993e112236
Additional MySQL sinks, ref Issue #4155 (#4158) 2020-09-08 11:54:23 -04:00
Brown
fe4af8ff1a Minor fixes 2020-09-07 17:22:43 -04:00
Brown
877a81f808 Always detect return type mismatches from docblock parents 2020-09-07 16:42:25 -04:00
Brown
8737abf3b8 Fix real projects bug 2020-09-07 15:14:14 -04:00
Brown
88e0811cdd Fix #4136 - allow union type properly 2020-09-07 14:08:56 -04:00
Brown
d174fc6f3f Improve fix 2020-09-07 13:19:37 -04:00
Brown
afce416bfb Fix #4136 - allow inference of callabe type param in union of callables 2020-09-07 12:56:47 -04:00
Brown
f78fbbe4c9 Fix #4146 - allow null checks on Iterator::current output 2020-09-07 11:40:36 -04:00
Brown
02a58f787b Fix #4148 - add Closure to scanned classes when arrow function is seen 2020-09-07 11:11:01 -04:00
orklah
8c7423505a
add native param types (#4137) 
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
 2020-09-06 19:36:47 -04:00
Matthijs Kooijman
3335b26cb4
Fixes to LSP protocol (#4143) 
* Fix missing parameter in LSP textDocument.didChange

This parameter was accepted, but not documented. Since the JSON-RPC
Dispatcher looks at the comments for type information, it would fail
to find info and produce:

    PHP Notice: Undefined offset: 1 in vendor/felixfbecker/advanced-json-rpc/lib/Dispatcher.php on line 141

Combined with issue #4142, this ended up violating the protocol.

* Ignore out-of-project files in textDocument.completion

Other methods, such as didOpen and didChange already checked for this,
but completion did not. This would lead to funny behaviour, where
triggering completion would cause the file to be analyzed, but only
using the on-disk state. And any changes to the file would never be
analyzed.

This ignores out-of-project files for completion, too.
 2020-09-06 19:31:49 -04:00
Matthew Brown
422271b2cf Prevent variables named "haystack" from receiving literal strings 
cc @staabm
 2020-09-05 00:35:48 -04:00
Matthew Brown
3605eeee04 Support analysing preg_match_all args in reverse to infer matches type 2020-09-04 20:33:02 -04:00
Brown
681eff6dd4 Fix type 2020-09-04 18:35:19 -04:00
Brown
2895402269 Add asterisks 2020-09-04 18:32:51 -04:00
Brown
d3d8c4ed87 Hard code possible bit-shift values 2020-09-04 18:31:50 -04:00
Brown
4d82d3ddad Fix #4128 - improve understanding of preg_match_all 2020-09-04 18:10:14 -04:00
Brown
22fe7458d8 Break up large method 2020-09-04 17:45:22 -04:00
Brown
cf3e92410c Prevent crash when suppressing UndefinedTrait 
Fixes #4130
 2020-09-04 16:50:10 -04:00
Brown
f4c2edf40b Fix #4132 - ignore purity of $this when checking for initialisation 2020-09-04 16:46:20 -04:00
orklah
f66d57f19d
add native return types (#4116) 
* add native return types

* remove redundant phpdoc
 2020-09-04 16:26:33 -04:00
the-toster
e296abbabf
Add option to show link to source in console output (#4085) 
* add option to change console output for PhpStorm suitable format, so filenames become links, closes #3271

* fix code style

* rename option to php-storm-format

* replace flag with new report format

* fix code style
 2020-09-04 16:24:14 -04:00
Brown
68ebef2a2e Clean up immutable fix 2020-09-03 15:32:14 -04:00
Brown
8505ca2a23 Allow passing mutable object into immutable class to store reference 2020-09-03 15:28:09 -04:00
Brown
a4d6a845f8 Fix #4111 - ensure Closure::__invoke doesn’t break things 2020-09-03 00:13:55 -04:00
Brown
bd27e8b17b Fix #4109 - detect duplicate match condition 2020-09-02 20:08:09 -04:00
Brown
28a107e620 Fix #4112 - allow slashes in docblock tag names 2020-09-02 19:39:59 -04:00
orklah
73f6fcde48
Short list syntax (#4102) 
* Short list syntax

* revert unrelated CS
 2020-09-02 00:17:41 -04:00
Brown
8d790256e0 Revert trim changes 2020-09-01 17:42:11 -04:00
Brown
0804141d56 Fix type coercion 2020-09-01 17:23:43 -04:00
Brown
f105f6aca9 Fix Psalm errors 2020-09-01 13:21:24 -04:00
Brown
c2f492a4ca Add more accomodations for TPositiveInt 2020-09-01 13:03:57 -04:00
Brown
b5279cd7d4 Fix erroneous Closure::__invoke return type 2020-09-01 12:33:25 -04:00