danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-13 01:37:23 +01:00
Code Issues Projects Releases Wiki Activity
8,178 Commits 43 Branches 314 Tags 108 MiB
44f8d71e72
Commit Graph

3896 Commits

Author SHA1 Message Date
Matt Brown
b14a62338e Fix test 2020-11-23 13:14:40 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680) 
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
 2020-11-23 13:10:51 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
Matt Brown
60b3086b9a Fix #4609 - add more attribute rules 2020-11-22 01:15:52 -05:00
Matt Brown
66d574b82e Fix #4475 - verify that used attributes actual use the Attribute attribute 2020-11-22 00:52:56 -05:00
Matt Brown
11825a2cc2 Fix #4611 - flag invalid attribute arguments correctly 2020-11-22 00:44:44 -05:00
Matt Brown
6b1112e6ea Fix #4653 - prevent crash with recursive type in root namespace 2020-11-22 00:26:14 -05:00
Matt Brown
baca927aab Fix #4643 - use PHP8 union types when possible 2020-11-21 22:50:56 -05:00
Matt Brown
df2ec48018 Don’t erase already-known literal ints 
Fixes #4644
 2020-11-21 18:26:13 -05:00
Matt Brown
3728837ef9 Only run unused code analysis where necessary 2020-11-21 18:25:18 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649) 
* Implement variadic taint propagation

* Lint code
 2020-11-21 17:41:40 -05:00
orklah
509a937d1b
use int|string in phpdoc format for array-key (#4645) 2020-11-21 17:38:40 -05:00
Lukas Reschke
3943b55f8a
Add psalm-flow for string functions from sscanf to wordwrap (#4591) 
* Add string functions from sscanf to wordwrap

This should conclude all string functions from https://www.php.net/manual/en/book.strings.php

Continuation of https://github.com/vimeo/psalm/pull/4576

Ref https://github.com/vimeo/psalm/issues/3636

* Add StrTrReturnTypeProvider

* Fix psalm error

* phpcs

* Line length

* Ignore false return on vsprintf

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-21 17:35:07 -05:00
Matt Brown
62b0ddd74d Fix test 2020-11-20 19:07:48 -05:00
Matt Brown
23ab0f1ddb Allow Psalm to run in taint analysis mode without a config 2020-11-20 19:02:44 -05:00
orklah
6b72599ec5
allow static return type in PHP8 (#4641) 2020-11-20 18:46:35 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Dalibor Karlović
da632ca73a
feature: allow plugin manager to work without config file (#4639) 2020-11-20 09:54:14 -05:00
orklah
e04f219948
return static instead of self when static context detected (#4632) 
* return this instead of self when static context detected

* replace $this by static
 2020-11-19 19:02:25 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630) 
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
 2020-11-19 17:47:29 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible 
Now the flag passed to scrapeAssertions just determines the errors emitted
 2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays" 
This reverts commit 08ae85a735.
 2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
7c02fa76d1 Fix #4620 - reconciled literal strings cannot carry taints 2020-11-19 09:06:25 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
ab3961d9b3 Sanity check to ensure closure uses aren’t removed 2020-11-18 00:38:28 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Lukas Reschke
494ec40777
Add SARIF as report output (#4582) 
https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html
 2020-11-17 13:23:20 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575) 
Closes #4563
 2020-11-16 15:49:27 -05:00
Lukas Reschke
09abcfb650
Add sinks for popen and proc_open (#4572) 
User input in those two functions could lead to a RCE.

popen: https://www.php.net/manual/en/function.popen.php
proc_open: https://www.php.net/manual/en/function.proc-open.php
 2020-11-16 15:04:22 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
d97c8b750a Add closure-use termination for byref flows 2020-11-13 13:37:27 -05:00
Matt Brown
2e47ca51d5 Fix #4547 - mark unused uses 2020-11-13 13:13:29 -05:00
Matt Brown
57125c7106 Uses by ref should be assigned that way 2020-11-13 12:50:01 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
2992cc73c2 Split out trait template tests 2020-11-13 08:59:55 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use 
Fixes #4524
 2020-11-11 19:22:23 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred 
Ref #4485
 2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Adrien LUCAS
4cb8e86737
Add a proxy capability to the flow annotation (#4495) 
* Add a `passthru` capability to the flow annotation

* Fix passthru-calls type

* Fix types and rename to proxy

* Allow to proxy a method

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-09 15:22:35 -05:00
Matt Brown
32d526bde9 Add descendant variables for closure uses 
Fixes #4522
 2020-11-09 15:20:28 -05:00
Matt Brown
e97a9c86eb Fix #4517 - track type contradiction issues in match expressions 2020-11-09 10:00:53 -05:00
Matt Brown
3aaa1d8447 Fix #4516 - treat exit() as the empty type 2020-11-09 08:44:03 -05:00
Matt Brown
683546e024 Fix #4519 - prevent crash with empty match 2020-11-09 08:36:59 -05:00
Matt Brown
8799e1a337 Break apart complex method 2020-11-09 00:58:45 -05:00
Matt Brown
6acd667e55 Fix #4509 - treat expression-derived constants as mixed 2020-11-08 15:36:38 -05:00
Matt Brown
324e9d11c3 Fix tests 2020-11-08 11:04:39 -05:00
Matt Brown
67f9853756 Preserve reconciled taints for all but non-string scalar types 2020-11-08 10:27:58 -05:00
Matt Brown
dccf236d16 Fix #4503 - don’t ignore assertions on possibly-null mixed 2020-11-08 10:06:39 -05:00
Matt Brown
9d7414cbbd Get rid of version test, which is dumb 2020-11-06 18:24:23 -05:00
Axel H
271e0d86be
Fix type inference when unpacking typed iterables (#4487) 
* Add test for unpacking typed iterables

* Fix type inference when unpacking typed iterables into arrays

* Fix possibly undefined array offset
 2020-11-06 17:24:01 -05:00
Matt Brown
9daa534656 Ensure we flush out re-assigned vars also referenced 
Fixes #4488
 2020-11-06 12:51:41 -05:00
Matt Brown
3cde617ecc Put assignment-in-conditional tests in their own file 2020-11-06 12:41:00 -05:00
Matt Brown
388e804ed8 Allow opt-in to strict return type checking 2020-11-05 18:20:04 -05:00
Matt Brown
d47d817843 Fix #4479 - use correct keys in message 2020-11-05 10:13:08 -05:00
Matt Brown
3e9c5d3600 Add support for @return never 2020-11-04 12:30:02 -05:00
Matt Brown
91d9dc3759 Fix overeager inference 2020-11-03 16:44:24 -05:00
Matt Brown
b35db3e523 Reorganise things a little 2020-11-03 16:15:54 -05:00
Matt Brown
3d4e77beb6 Fix int-mask-of expansion 2020-11-02 00:40:36 -05:00
Matt Brown
6922caf9f6 Fix #4466 use better differentiation for class_exists second param 2020-11-01 13:14:17 -05:00
Matt Brown
024d93b7fd Fix #4467 - variables are only the same if they were set in the same location 2020-11-01 11:26:42 -05:00
Matt Brown
f0a30b9fd0 Invalidate child methods when signature changes 2020-11-01 09:46:21 -05:00
Matt Brown
667220408c Fix #4464 - bust cache when Psalm’s version changes, not just composer’s 2020-11-01 09:01:53 -05:00
Matt Brown
938cebc9f8 Use better inference for getAttributes return type 
Fixes #4367
 2020-10-30 17:37:16 -04:00
Matt Brown
67554dd017 Fix #4453 - sanitise @extends types before attempting to parse 2020-10-30 15:08:23 -04:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
4ea87b9054 Add support for int-mask<...> and int-mask-of<...> 2020-10-30 13:28:45 -04:00
Matt Brown
82f35c1454 Ensure Stringable is always available to tests that need it 2020-10-29 19:41:10 -04:00
Matt Brown
5c784dc7cb Fix #4435 - ensure casts are always flow-sensitive 2020-10-28 14:06:05 -04:00
Matt Brown
fce5c26600 Remove subpar test 2020-10-28 13:55:51 -04:00
Matt Brown
f43dba8c4c Use more accurate comparison for non-empty-lists 2020-10-28 13:32:55 -04:00
Matt Brown
a3755a1d1f Fix tests 2020-10-27 22:29:49 -04:00
Matt Brown
aeeb1e6b90 Fix test type 2020-10-27 18:10:53 -04:00
Matt Brown
d00a02a06b Fix #4429 - any class with a __toString method in PHP8 assumed to implement Stringable 2020-10-27 15:41:04 -04:00
Matt Brown
d27d86a84c Fix #4422 - be aware of nested template params 2020-10-27 10:01:17 -04:00
Matt Brown
8dd5dc5b72 Improve algebra handling a little better 2020-10-26 16:34:56 -04:00
Matt Brown
d3464cb22a Fix #4418 - improve try analysis for mixed, too 2020-10-26 09:05:48 -04:00
Matt Brown
462f8ba32b Fix #4397 - allow offsetGet on inside isset 2020-10-25 22:16:43 -04:00
Matt Brown
b6dbc34523 Track final-ness of class when evaluating trait returns 2020-10-25 12:20:18 -04:00
Matt Brown
18f3a3721f Fix #4414 - allow multiple @psalm-assert-if-true on same var 2020-10-25 10:49:39 -04:00
Matt Brown
94e26b2257 Empty checks variables are really falsy checks 2020-10-24 12:46:27 -04:00
Matt Brown
a832d77d73 Add logic to weed out unnecessary clauses 2020-10-24 11:31:36 -04:00
Matt Brown
f8eee22f77 Add basic support for PHP attributes 
Ref #4367 - supports creation and argument checks
 2020-10-24 00:10:22 -04:00
Matt Brown
f3cc7a7f2f Break apart ReflectorVisitor 2020-10-23 19:53:04 -04:00
Matt Brown
1c836ad2fb Invalidate signature types when use changes 2020-10-22 18:07:27 -04:00
Matt Brown
ad5a8c247b Fix #4386 - fix issues with property promotion 2020-10-21 14:41:15 -04:00
feek
cc684eeccd
feature: ensure universal object crate class exists (#4375) 2020-10-20 17:17:49 -04:00
Matt Brown
f72e2d7de5 Fix #4374 - prevent paradox and allow Psalm to understand more assignments in conditionals 2020-10-20 14:43:05 -04:00
Matt Brown
66780716aa Fix #3625 - getIterator call is used inside loop 2020-10-20 10:59:09 -04:00
Matt Brown
e7d1fa6798 Fix #4372 - count implicitly-used short-closure vars as used 2020-10-20 09:32:08 -04:00
Matt Brown
3803bbfce0 Fix #4368 - improve handling of try with finally 2020-10-20 09:07:10 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361) 
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
 2020-10-19 15:08:18 -04:00
Matt Brown
1a6b684993 Fix #4366 - possibly-undefined vars in finally block should not error 2020-10-19 09:56:38 -04:00
Matt Brown
fe294a4dc0 Don’t overwrite true flag 2020-10-18 01:24:36 -04:00
Matt Brown
0897abf5cb Be more explicit about negation 2020-10-18 00:39:43 -04:00
Matt Brown
3c29ffd0b7 Ignore just-coerced vars 2020-10-17 23:35:24 -04:00
Matt Brown
055fe551c1 Suppress errors from fake statements 2020-10-17 18:35:55 -04:00
Matt Brown
c0f6afbd87 Improve binary op || analysis for chain 2020-10-17 17:16:47 -04:00
orklah
ceaaa39ec3
improve phpdoc (#4352) 2020-10-17 12:36:44 -04:00
Matt Brown
4614f4be3e Unskip now-working tests 2020-10-17 12:30:19 -04:00
Matt Brown
9f29e77adc Fix #4354 - allow assignments on RHS of || in if conditional 2020-10-17 12:29:57 -04:00
Matt Brown
be1cd5275e Fix #4349 - improve types for suggested unions 2020-10-16 17:56:31 -04:00
Matt Brown
083cc29c04 Fix #4347 - fix combinatorial expansion when negating if conditions 2020-10-16 10:23:15 -04:00
Matt Brown
8d2e88ef41 Fix #4333 - don’t get tripped up on try with no catches 2020-10-15 10:15:55 -04:00
Matt Brown
8a2983e5e9 Fix #4336 - don’t merge sources twice for null coalesce 2020-10-15 09:57:37 -04:00
Matt Brown
2902a8cc60 Fix #4326 - Prevent later remapping of properties 2020-10-14 21:35:57 -04:00
Matt Brown
4539a2f27e Fix #4326 - prevent more mapping than necessary 2020-10-14 21:22:51 -04:00
Matt Brown
d8d17a6587 Fix #4327 - make sure loop always returns 2020-10-14 20:19:55 -04:00
Marcus Bointon
e172e88274
Fix preg_match_all stub (#4325) 
* preg_match_all can return false

* Test for preg_match_all returning false

* Fix test

* Add @psalm-ignore-falsable-return
 2020-10-14 19:59:07 -04:00
Matt Brown
4488d5fb1f Use more accurate arguments count 2020-10-14 18:51:15 -04:00
Matt Brown
864a7bbb4c Add better support for get_debug_type 2020-10-14 17:30:08 -04:00
Matt Brown
a0fbac347e Prevent features pre-php-8 2020-10-14 17:09:56 -04:00
Matt Brown
62c15b2a4f Avoid crash when callable type is missing 2020-10-14 11:01:46 -04:00
Pol Dellaiera
31c924c314
Add more standard iterators (#4320) 
* Add CachingIterator, LimitIterator, InfiniteIterator, CallbackFilterIterator, NoRewindIterator.

Signed-off-by: Pol Dellaiera <pol.dellaiera@protonmail.com>

* Add related Iterator tests.

Signed-off-by: Pol Dellaiera <pol.dellaiera@protonmail.com>
 2020-10-13 11:35:49 -04:00
Matt Brown
1ae9a6127e Fix #4315 - prevent crash when setting unknown property in finally 2020-10-13 08:32:26 -04:00
Matt Brown
bb7d7132f7 Do arithmetic for preg_split arguments 2020-10-12 20:26:02 -04:00
Matt Brown
fee3b63122 Fix #4274 - don’t ignore mixed union in array_shift operation 2020-10-12 15:17:22 -04:00
orklah
10f2966dcb
return types (#4311) 
* return types

* remove willReturn for void methods
 2020-10-12 15:02:52 -04:00
Matt Brown
fcfa746ba8 Fix #4310 - prevent literal class check on union 2020-10-12 14:45:11 -04:00
Matt Brown
464795d86c Fix #4309 - improve reuse of callmap callable inference 2020-10-12 13:46:43 -04:00
Matt Brown
f83b50460a Add better return type for preg_split 2020-10-12 13:04:28 -04:00
Matt Brown
5743471a19 Don’t merge array and Traversable to iterable when there are intersections 2020-10-12 12:45:31 -04:00
Matt Brown
d8a74ca383 4.x - Prevent passing empty array to max or min 2020-10-12 12:09:12 -04:00
Matt Brown
7cf6495461 4.x - skip Stringable test if not in PHP 8.0 2020-10-12 11:35:14 -04:00
Matt Brown
7e65355513 4.x - detect falty !is_resource checks 2020-10-12 09:57:11 -04:00
Matt Brown
5be7276a17 Fix #4306 - negating positive-numeric is useless, avoid crash 2020-10-11 23:16:43 -04:00
Matt Brown
7195275993 Fix #4299 - only allow unpacking for the zeroeth-indexed element 2020-10-08 09:51:27 -04:00
Matt Brown
e9b520d72d Ignore precondition issues in loop 2020-10-07 20:24:50 -04:00
Matt Brown
443025eab8 Fix addition of int and string type 2020-10-07 18:01:41 -04:00
Matt Brown
1f2d2764ab Fix #4287 - intersection of regular arrays should not result in crash 2020-10-07 17:47:17 -04:00
Matt Brown
c2108e89db Warn about impossible/redundant conditions in RHS of || 2020-10-07 17:04:01 -04:00
Matt Brown
595b8178e0 Improve error message 2020-10-07 15:36:31 -04:00
Matt Brown
639ae61284 Always check LHS of or condition before applying to RHS 2020-10-07 13:40:09 -04:00
feek
8d2db4e673
feature: universal object crates (#3948) 
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-10-07 09:56:21 -04:00
Matt Brown
db4d5bca95 Fix tests 2020-10-05 10:14:39 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
bf98e5b30c Remove by-ref 2020-10-05 09:16:01 -04:00
Matt Brown
ea47548dd0 4.x - Prevent AfterFunctionCallAnalysisInterface from rewriting return types 2020-10-04 23:39:20 -04:00
Matt Brown
d532133325 Add support for Stringable 2020-10-04 00:17:16 -04:00
Matt Brown
ec3501b244 Ensure PHP 8 continuation of 7.4 method signature features 2020-10-03 23:34:29 -04:00
Matt Brown
8f490f0f88 Skip faulty documentation key 2020-10-03 23:22:26 -04:00
Matt Brown
1a11897849 4.x - add support for the nullsafe operator 2020-10-03 20:21:52 -04:00
Matt Brown
6a91c2f70e Fix @no-named-arguments more 2020-10-02 21:09:37 -04:00
Matt Brown
63a11bae15 4.x - Support named arguments 
Ref #4089
 2020-10-02 20:27:01 -04:00
Matt Brown
2cd306b75c Promoted properties are always initialized 2020-10-02 19:44:58 -04:00
Matt Brown
211553c53f Support property type promotion ref #4089 2020-10-02 18:31:32 -04:00
Matt Brown
c9e47450a7 Fix #4266 - prevent OOM when analysing closure unioned with invokable class 2020-10-02 00:47:42 -04:00
Matt Brown
6ad5e1c013 Fix #4264 - prevent crash when analysing file with duplicate classes 2020-10-01 15:07:25 -04:00
Matt Brown
fc001cdf65 Treat func_get_args as using function params 2020-09-30 13:08:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection 
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
 2020-09-30 12:28:13 -04:00
Matt Brown
169b2b7023 Fix analysis when there’s a break in a loop after a reassignment 2020-09-30 00:04:07 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
4b401f0a77 Add more unused variable tests 2020-09-27 18:12:53 -04:00
Brown
1afbce82ca Ensure loop marks vars as possibly assigned 2020-09-27 17:50:48 -04:00
Bruce Weirdan
d9776aa710
Fixes crash due to class/filename mismatch (#4247) 
Introduced in 56cddd16bf
 2020-09-26 13:31:38 -04:00
Brown
4f28b38556 Fix unused var in finally false-positive 2020-09-25 10:20:22 -04:00
Brown
c17bacd682 Prevent duplicate switch return types 2020-09-25 09:45:20 -04:00
Brown
ea08e0c613 Fix test result 2020-09-25 08:42:27 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
Brown
d879b4d199 Add more tests for unused variables 2020-09-25 00:14:27 -04:00
orklah
37a2f8a33d
unused use statements (#4228) 2020-09-22 01:10:46 -04:00
Brown
b501db6dd2 Skip currently-failing undefined variable test 2020-09-21 16:01:14 -04:00
Brown
3e0f449163 Detect more issues inside finally block 2020-09-21 15:16:19 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
6334c50c07 Add back necessary suppression 2020-09-20 21:25:35 -04:00
Brown
ef612ea598 Fix tests 2020-09-20 20:58:34 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
7093253eea
fix test on windows (#4225) 2020-09-20 13:00:30 -04:00
orklah
24a38f21ce
Use array destructuring when possible (#4221) 
* list usage

* fix inversion
 2020-09-20 12:55:38 -04:00
Brown
ef3cf67f50 Fix #4198 - make analysis of class-string property assignments more robust 2020-09-20 09:18:35 -04:00
orklah
cb7065ae07
replace deprecated methods with their equivalent (#4217) 2020-09-20 08:56:49 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211) 
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
 2020-09-19 18:26:51 -04:00
Brown
0ae436d335 Fix a couple of false-positive redundant conditions 2020-09-19 18:12:14 -04:00
Brown
941643ca59 Fix tests 2020-09-19 17:04:35 -04:00
Brown
72d1d799b1 Fix #4208 - array with possibly-undefined keys isn‘t really sealed 2020-09-19 15:46:54 -04:00
Brown
f973937aec Fix #4209 - allow hinting arrow function return type 2020-09-19 14:59:19 -04:00
Brown
a8a2a4cb66 Fix #4210 - fix __invoke declaration tracing 2020-09-19 14:18:52 -04:00
Brown
0b209864fe Improve accuracy of array_filter 2020-09-14 13:31:53 -04:00
Brown
8d7fe83e2a Improve array_merge return type 2020-09-14 13:06:15 -04:00
Brown
1f3215d36b Support more array intersections in type parsing 2020-09-14 12:13:33 -04:00
Brown
17a0ecb60e Fix regression – detect unused params with defaults again 2020-09-14 10:58:36 -04:00
Brown
79f4e9c354 Do no writing when saving parser cache in tests 2020-09-14 09:56:39 -04:00
Brown
77e84b3817 Fix a few more things 2020-09-13 23:28:31 -04:00
Brown
c4450b930c Fix various things 2020-09-13 22:39:03 -04:00
Brown
3f911662f7 Fix stub test 2020-09-13 22:13:39 -04:00
Brown
56bae3b587 Add check for strpos dictionaries 
Ref #4070
 2020-09-13 21:42:44 -04:00
Brown
8f8dbfbd72 Fix #4122 - detect yield in function arguments 2020-09-13 17:13:26 -04:00
Brown
f180fb23bc Fix #4178 - always detect missing property types 2020-09-13 16:50:50 -04:00
Bruce Weirdan
689027c92d
Support multiple issue types in @psalm-suppress (#4179) 
* Accept multiple issue names in `@psalm-suppress`

Fixes vimeo/psalm#1575

* Accept multiple issue types on statement docblocks as well

* Proper highlighting of individual issues in compound suppressions
 2020-09-13 16:41:14 -04:00
Bruce Weirdan
cd110c7e2f
Added @psalm-stub-override for classlikes and methods (#4177) 
Fixes vimeo/psalm#1252
 2020-09-13 16:40:31 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
Brown
9ed09d2679 Fix #4127 - improve error message for unused closure var 2020-09-12 17:03:11 -04:00
ygottschalk
5b0c9b1a28
added array-size max constraint to greater check (#4175) 
added a few unit tests
 2020-09-12 16:13:13 -04:00
Brown
09d22cb05c Fix #4169 - add appropriate bounds check 2020-09-12 11:33:26 -04:00
orklah
ead107fa9e
More return types (#4173) 
* add native return types

* redundant phpdoc
 2020-09-12 11:24:05 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
00ad09816f Fix tests 2020-09-10 19:05:47 -04:00
Brown
aaede393d4 Fix #4070 - prevent literal strpos argument 2020-09-10 18:28:34 -04:00
Brown
2100dbd8aa Fix #4167 - allow many issues for the same position 2020-09-10 17:41:45 -04:00
Brown
29efab5cc2 Fix #4154 - treat literal numeric strings as numeric 2020-09-07 23:29:46 -04:00
Brown
877a81f808 Always detect return type mismatches from docblock parents 2020-09-07 16:42:25 -04:00
Brown
4ffdbe0a21 Fix some signatures 2020-09-07 16:00:27 -04:00
Brown
f78fbbe4c9 Fix #4146 - allow null checks on Iterator::current output 2020-09-07 11:40:36 -04:00
Brown
02a58f787b Fix #4148 - add Closure to scanned classes when arrow function is seen 2020-09-07 11:11:01 -04:00
orklah
8c7423505a
add native param types (#4137) 
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
 2020-09-06 19:36:47 -04:00
Matthew Brown
422271b2cf Prevent variables named "haystack" from receiving literal strings 
cc @staabm
 2020-09-05 00:35:48 -04:00
Matthew Brown
3605eeee04 Support analysing preg_match_all args in reverse to infer matches type 2020-09-04 20:33:02 -04:00
Brown
d3d8c4ed87 Hard code possible bit-shift values 2020-09-04 18:31:50 -04:00
Brown
4d82d3ddad Fix #4128 - improve understanding of preg_match_all 2020-09-04 18:10:14 -04:00
Brown
f4c2edf40b Fix #4132 - ignore purity of $this when checking for initialisation 2020-09-04 16:46:20 -04:00
orklah
f66d57f19d
add native return types (#4116) 
* add native return types

* remove redundant phpdoc
 2020-09-04 16:26:33 -04:00
Brown
66251d8d59 Improve tests a little 2020-09-03 16:51:43 -04:00
Brown
68ebef2a2e Clean up immutable fix 2020-09-03 15:32:14 -04:00
Brown
8505ca2a23 Allow passing mutable object into immutable class to store reference 2020-09-03 15:28:09 -04:00
Brown
bd27e8b17b Fix #4109 - detect duplicate match condition 2020-09-02 20:08:09 -04:00
Brown
28a107e620 Fix #4112 - allow slashes in docblock tag names 2020-09-02 19:39:59 -04:00
orklah
73f6fcde48
Short list syntax (#4102) 
* Short list syntax

* revert unrelated CS
 2020-09-02 00:17:41 -04:00
Brown
c2f492a4ca Add more accomodations for TPositiveInt 2020-09-01 13:03:57 -04:00
Brown
b5279cd7d4 Fix erroneous Closure::__invoke return type 2020-09-01 12:33:25 -04:00
Brown
548ac1129c Fix crash with @var over echo 2020-09-01 00:12:12 -04:00
Brown
4f578b42b8 Fix exhaustiveness checks for const value 2020-08-31 23:23:24 -04:00
Brown
3cdb13f7ab Fix issues 2020-08-31 23:03:36 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Brown
9935f647ab Fix some magic method calls when a return type provider exists 2020-08-31 18:56:45 -04:00
Brown
40e88095d8 Fix #4093 - prevent redundant condition in presence of positive-int 2020-08-31 10:02:23 -04:00
Brown
5c043b0d41 Ignore redundant conditions inside match potentially in perpetuity? 2020-08-30 16:23:53 -04:00
Brown
54a781ad28 Support match expressions and throw expressions 2020-08-30 16:08:22 -04:00
Brown
5759c12fa9 Support mixed type natively 2020-08-30 13:38:03 -04:00
Brown
99d6af0f9a Support static return type 2020-08-30 13:32:42 -04:00
Brown
f34e54ec41 Support PHP 8 union types 2020-08-30 13:16:37 -04:00
Brown
2f82f312b2 Change version test 2020-08-30 12:44:01 -04:00