danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 19:07:00 +01:00
Code Issues Projects Releases Wiki Activity
8,501 Commits 43 Branches 314 Tags 108 MiB
47bf5ed567
Commit Graph

592 Commits

Author SHA1 Message Date
Matt Brown
fb88145780 Fix #4767 - rescan directly-affected class-interface relationships 2020-12-04 01:19:51 -05:00
Matt Brown
1a629ccc82 Fix a few issues 2020-12-01 18:26:15 -05:00
Matt Brown
75a6d88773 Fix #4705 - clear documenting method ids when scanning stubs 2020-12-01 11:23:38 -05:00
orklah
a760a2418a
support shift and bitwise operations in constants (#4740) 2020-11-29 21:43:49 -05:00
Matt Brown
4d22723525 Break out replacement of templated types with their inferred result 2020-11-29 16:16:16 -05:00
Matt Brown
15a5bd5e29 Simplify storage and retrieval of extended template params 2020-11-29 15:05:32 -05:00
Matt Brown
b717356f95 Simplify more things 2020-11-27 17:48:39 -05:00
Matt Brown
2626f008be Only show possibly unused params on methods that don’t extend others 2020-11-27 17:17:03 -05:00
Matt Brown
6db8132b4c Simplify call analysers a bit 
Ref #4714
 2020-11-27 16:31:10 -05:00
Matt Brown
5f065d3d74 Turn template bound tuples into object 
Ref #4714
 2020-11-27 11:43:30 -05:00
orklah
b6a3282589
Detect redundant cast (#4695) 
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
 2020-11-25 12:04:48 -05:00
orklah
2bf25d5f50
Emit an issue when returning a Stringable object when a string is expected (#4657) 
* Emit an issue when returning a Stringable object when a string is expected

* Fix issue in Psalm codebase
 2020-11-24 00:18:24 -05:00
Markus Staab
e5493f59cd
Mark finfo_open and finfo_file as impure (#4678) 
* Mark finfo_open and finfo_file as impure

* fix CS
 2020-11-23 15:19:50 -05:00
Markus Staab
d151f1c36e
mark file_get_contents as impurce (#4679) 2020-11-23 11:33:30 -05:00
Markus Staab
387bfbd9e0
is_file and is_dir should be impure (#4676) 
* `is_file` and `is_dir` should be impure

* newline

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-11-23 09:53:39 -05:00
Matt Brown
8325317e16 Fix #4674 - is_readable should be impure 2020-11-23 08:54:11 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
853432a6aa Fix tests 2020-11-22 16:24:33 -05:00
Matt Brown
6399707dd6 Prevent flows through TaintedInput-suppressed files 2020-11-22 16:04:57 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630) 
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
 2020-11-19 17:47:29 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Thomas Mauro Vargiu
4e8fb9c37f
Fix #4549 Better intersection between parent types (#4560) 2020-11-15 20:29:49 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
ec9762ce61 Prevent the same interface, repopulated, from confusing matters 2020-11-12 15:52:13 -05:00
Matt Brown
58c47ab32c Fix build 2020-11-12 14:22:54 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
929efcc1ac Use the same docblock as the source params, if possible 2020-11-12 09:14:40 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use 
Fixes #4524
 2020-11-11 19:22:23 -05:00
Matt Brown
5a5cbb2892 Increase nesting 2020-11-10 18:27:28 -05:00
Matt Brown
165e0db157 Fix style 2020-11-10 16:19:24 -05:00
Matt Brown
b731b53d5e Add debug stuff for code complexity 2020-11-10 12:49:42 -05:00
Matt Brown
ab2ab826d2 Add slashes 2020-11-08 14:34:09 -05:00
Matt Brown
0be4f2fedf Fix/ignore reflection bugs 2020-11-08 14:27:37 -05:00
Wouter J
58318282c5
Add support for PHP 8 union types (#4505) 2020-11-08 14:23:03 -05:00
Matt Brown
3bde327f1b Break up CommentAnalyzer 2020-11-04 23:25:08 -05:00
Matt Brown
b5a3f45d52 Remove use of PHP 7.2 function 2020-11-04 11:02:34 -05:00
Matt Brown
938cebc9f8 Use better inference for getAttributes return type 
Fixes #4367
 2020-10-30 17:37:16 -04:00
Matt Brown
dab1aac9d4 Protect more calls 2020-10-28 13:48:13 -04:00
Matt Brown
4aef96bbac Use lists everywhere for args 2020-10-28 12:45:26 -04:00
Matt Brown
ad5a8c247b Fix #4386 - fix issues with property promotion 2020-10-21 14:41:15 -04:00
orklah
ceaaa39ec3
improve phpdoc (#4352) 2020-10-17 12:36:44 -04:00
Matt Brown
9f29e77adc Fix #4354 - allow assignments on RHS of || in if conditional 2020-10-17 12:29:57 -04:00
orklah
ffe7874906
Misc improvements (#4314) 
* extract the operation out of the loop when possible

* remove unnecessary interfaces when already inherited in parent

* simplify expressions

* avoid using alias functions

* redundant phpdoc

* unused imports
 2020-10-15 13:23:35 -04:00
Matt Brown
516141a380 Rename ControlFlowGraph to more appropriate DataFlowGraph 2020-10-13 16:49:03 -04:00
orklah
62e79fb7ea
param types (#4313) 2020-10-12 15:46:47 -04:00
orklah
10f2966dcb
return types (#4311) 
* return types

* remove willReturn for void methods
 2020-10-12 15:02:52 -04:00
Matt Brown
464795d86c Fix #4309 - improve reuse of callmap callable inference 2020-10-12 13:46:43 -04:00
Matt Brown
d8a74ca383 4.x - Prevent passing empty array to max or min 2020-10-12 12:09:12 -04:00
Matt Brown
b85cbd01a7 4.x - add support for PHP 8 callmap 2020-10-12 09:41:25 -04:00
Matt Brown
f3b05f5ab5 Move static code out of src 2020-10-12 00:59:19 -04:00
Matt Brown
fb604bfacb 4.x - move class constants into their own storage object 2020-10-05 09:50:32 -04:00
Matt Brown
939297484c 4.x - rename TFn to TClosure 2020-10-04 23:32:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection 
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
 2020-09-30 12:28:13 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
orklah
250fa8e42d
misc changes (#4227) 
* misc changes

* misc changes
 2020-09-22 00:44:31 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
Brown
cf8dcc163e Use shuffled files 2020-09-20 12:59:32 -04:00
orklah
1a1b88bb5e
add visibilities to constants (#4219) 2020-09-20 12:54:46 -04:00
orklah
a9a364e363
Misc improvements (#4216) 
* misc changes

* fix CI
 2020-09-20 08:55:28 -04:00
Brown
1ac527bbf1 Meke staticy methods properly static 2020-09-19 18:24:36 -04:00
Brown
94ed53b25a func_num_args is pure 
fixes #4215
 2020-09-19 13:58:29 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
orklah
ead107fa9e
More return types (#4173) 
* add native return types

* redundant phpdoc
 2020-09-12 11:24:05 -04:00
Brown
877a81f808 Always detect return type mismatches from docblock parents 2020-09-07 16:42:25 -04:00
orklah
8c7423505a
add native param types (#4137) 
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
 2020-09-06 19:36:47 -04:00
Matthew Brown
422271b2cf Prevent variables named "haystack" from receiving literal strings 
cc @staabm
 2020-09-05 00:35:48 -04:00
orklah
f66d57f19d
add native return types (#4116) 
* add native return types

* remove redundant phpdoc
 2020-09-04 16:26:33 -04:00
orklah
73f6fcde48
Short list syntax (#4102) 
* Short list syntax

* revert unrelated CS
 2020-09-02 00:17:41 -04:00
orklah
6d36f8f5cc
Nullable strings (#4096) 2020-09-01 09:19:50 -04:00
Brown
9935f647ab Fix some magic method calls when a return type provider exists 2020-08-31 18:56:45 -04:00
Brown
92239add4d Add some backwards-incompatible changes for 4.x 2020-08-30 11:44:14 -04:00
Brown
c13b0efd49 Improve understanding of negated count queries 2020-08-30 11:32:01 -04:00
Brown
efe143a396 Fix #4077 - always track closure purity 2020-08-28 12:42:55 -04:00
Brown
4e10a0ed6f Fix #4036 - add immutable annotations automatically too 2020-08-24 19:29:00 -04:00
Brown
4026b717b9 Allow function manipulators to work in threaded mode 2020-08-23 18:05:48 -04:00
Matthew Brown
ef0486ce35 Add some pure annotations 2020-08-23 13:52:31 -04:00
Matthew Brown
06c231fbba glob is impure 2020-08-23 13:41:43 -04:00
Matthew Brown
f6135bcefc Add more impure functions 2020-08-23 13:15:27 -04:00
Bruce Weirdan
1cf5153700
Test parallelization (#4045) 
* Run tests in random order

Being able to run tests in any order is a pre-requisite for being able
to run them in parallel.

* Reset type coverage between tests, fix affected tests

* Reset parser and lexer between test runs and on php version change

Previously lexer was reset, but parser kept the reference to the old
one, and reference to the parser was kept by StatementsProvider. This
resulted in order-dependent tests - if the parser was first initialized
with phpVersion set to 7.4 then arrow functions worked fine, but were
failing when the parser was initially constructed with settings for 7.3

This can be demonstrated on current master by upgrading to
nikic/php-parser:4.9 and running:

```
vendor/bin/phpunit --no-coverage --filter="inferredArgArrowFunction" tests/ClosureTest.php
```

Now all tests using PHP 7.4 features must set the PHP version
accordingly.

* Marked more tests using 7.4 syntax

* Reset newline-between-annotation flag between tests

* Resolve real paths before passing them to checkPaths

When checkPaths is called from psalm.php the paths are resolved, so we
just mimicking SUT behaviour here.

* Restore newline-between-annotations in DocCommentTest

* Tweak Appveyor caches

* Tweak TravisCI caches

* Tweak CircleCI caches

* Run tests in parallel

Use `vendor/bin/paratest` instead of `vendor/bin/phpunit`

* Use default paratest runner on Windows

WrapperRunner is not supported on Windows.

* TRAVIS_TAG could be empty

* Restore appveyor conditional caching
 2020-08-23 10:32:07 -04:00
SignpostMarv
9822043ca4
flag class_exists as impure per vimeo/psalm#3975 (#4004) 
`class_exists()` interacts with PHP's autoloader feature, which allows
user-defined behaviour to take place when PHP tries to load a given
class or interface.
 2020-08-17 15:48:48 -04:00
Gabriel Ostrolucký
81a117be85
Mark fgets impure (#4006) 
This function is used to skip line of text
 2020-08-17 15:48:28 -04:00
Matthew Brown
73321339a3 Bump nikic/php-parser 2020-08-09 16:23:43 -04:00
ygottschalk
f831ebdbcf
narrowed reset and end return type (#3950) 
* narrowed `reset` return type
BUT psalm seems to ignore the stub

* narrowed `reset` and `end` return type, this time for real

* fixed UnusedVariable Issue

* fixed RedundantCondition Issue
caused by `end`s return type being more precise

* Improve solution slightly

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-08-07 12:23:20 -04:00
Brown
bcf0df4170 Fix a bug with lowercase-string unions 2020-08-05 20:05:57 -04:00
Brown
488a899823 Fix Psalm issues 2020-08-05 19:49:09 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Daniel Melchior
fa73c7c9d9
Fix #3757 - allow multiple mixins (#3772) 2020-08-05 15:49:19 -04:00
SignpostMarv
06d4b9d6dd
mark bcscale as impure, re: vimeo/psalm#3918 (#3926) 2020-08-03 10:15:59 -04:00
Brown
6919e88423 Add performance logging under a --debug-performance flag 2020-07-30 15:30:19 -04:00