1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-14 18:36:58 +01:00
Commit Graph

3502 Commits

Author SHA1 Message Date
orklah
f7cfdaabd7
Allow reconciling between object and iterable (#4706)
* Allow reconciling between object and iterable

* add tests
2020-11-26 09:25:49 -05:00
orklah
4bbb72329e
Fix PHPMAXINT offset (#4707) 2020-11-26 09:24:32 -05:00
Matt Brown
01ceaf7006 Fix style issues 2020-11-25 21:36:37 -05:00
orklah
58736924dd
fix wrong cast to int when string offset is a number > MAX INT (#4702) 2020-11-25 15:48:53 -05:00
Matt Brown
f3e0201a99 Treat $a ?? $b identically to isset($a) ? $a : $b 2020-11-25 14:34:05 -05:00
Matt Brown
d40d63f180 Fix #4699 - treat isset like !== null when variable is defined 2020-11-25 14:04:55 -05:00
Matt Brown
6aa052475a Pass correct flags when referencing from finally 2020-11-25 14:04:55 -05:00
orklah
b6a3282589
Detect redundant cast (#4695)
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
2020-11-25 12:04:48 -05:00
Matt Brown
f8ddc7e58a Add slash 2020-11-24 15:07:15 -05:00
Matt Brown
e9c00b8395 Switch order to satisfy new refinement 2020-11-24 14:57:34 -05:00
Matt Brown
41af653bd4 Add support for some dependent types 2020-11-24 14:50:35 -05:00
orklah
2bf25d5f50
Emit an issue when returning a Stringable object when a string is expected (#4657)
* Emit an issue when returning a Stringable object when a string is expected

* Fix issue in Psalm codebase
2020-11-24 00:18:24 -05:00
Benjamin Morel
5748a4e25a
Fix PdoStatementReturnTypeProvider (#4683)
* Fix PdoStatementReturnTypeProvider

Methods returning scalars may return null as well.

* Fix tests
2020-11-23 18:41:12 -05:00
orklah
b6cb9785ac
Prevent illegal array keys (#4660)
* Emit an issue when an array-key is not legal

* tests
2020-11-23 15:20:39 -05:00
Markus Staab
e5493f59cd
Mark finfo_open and finfo_file as impure (#4678)
* Mark finfo_open and finfo_file as impure

* fix CS
2020-11-23 15:19:50 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
2020-11-23 13:10:51 -05:00
Markus Staab
d151f1c36e
mark file_get_contents as impurce (#4679) 2020-11-23 11:33:30 -05:00
Markus Staab
387bfbd9e0
is_file and is_dir should be impure (#4676)
* `is_file` and `is_dir` should be impure

* newline

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-23 09:53:39 -05:00
Matt Brown
8325317e16 Fix #4674 - is_readable should be impure 2020-11-23 08:54:11 -05:00
Matt Brown
17ceba5c06 Fix bug 2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843 Fix bugs 2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
853432a6aa Fix tests 2020-11-22 16:24:33 -05:00
Matt Brown
6399707dd6 Prevent flows through TaintedInput-suppressed files 2020-11-22 16:04:57 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
Matt Brown
bd612c476c Break apart large function 2020-11-22 13:24:33 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
orklah
97f0a78ac1
Only crash Psalm when the faulty file is in project (#4658) 2020-11-22 09:07:00 -05:00
orklah
a3217265ce
null operations should return mixed results (#4655) 2020-11-22 09:06:03 -05:00
Matt Brown
60b3086b9a Fix #4609 - add more attribute rules 2020-11-22 01:15:52 -05:00
Matt Brown
66d574b82e Fix #4475 - verify that used attributes actual use the Attribute attribute 2020-11-22 00:52:56 -05:00
Matt Brown
11825a2cc2 Fix #4611 - flag invalid attribute arguments correctly 2020-11-22 00:44:44 -05:00
Matt Brown
1fc1cae1d5 Fix #4615 - ensure promoted properties are not treated as uninitialized 2020-11-22 00:32:02 -05:00
Matt Brown
efafe2edd5 Add instanceof check 2020-11-21 20:15:13 -05:00
Matt Brown
19bb4aba56 Remove unnecessary coercion 2020-11-21 18:26:55 -05:00
Matt Brown
df2ec48018 Don’t erase already-known literal ints
Fixes #4644
2020-11-21 18:26:13 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649)
* Implement variadic taint propagation

* Lint code
2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Lukas Reschke
3943b55f8a
Add psalm-flow for string functions from sscanf to wordwrap (#4591)
* Add string functions from sscanf to wordwrap

This should conclude all string functions from https://www.php.net/manual/en/book.strings.php

Continuation of https://github.com/vimeo/psalm/pull/4576

Ref https://github.com/vimeo/psalm/issues/3636

* Add StrTrReturnTypeProvider

* Fix psalm error

* phpcs

* Line length

* Ignore false return on vsprintf

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-21 17:35:07 -05:00
orklah
6b72599ec5
allow static return type in PHP8 (#4641) 2020-11-20 18:46:35 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Dalibor Karlović
da632ca73a
feature: allow plugin manager to work without config file (#4639) 2020-11-20 09:54:14 -05:00
Matt Brown
ce8938263e Fix #4636 - prevent crashes on aliased classes 2020-11-20 09:29:24 -05:00
Matt Brown
c562e1dd52 Don’t taint foreach keys with array-fetch
We could use array-keyfetch or similar, but for now gives false-positives
2020-11-19 19:08:59 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c Closure calls aren’t sinks 2020-11-19 18:44:36 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630)
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
2020-11-19 17:47:29 -05:00
Matt Brown
70c9fd97c7 Return empty instead of throwing 2020-11-19 16:25:53 -05:00
Matt Brown
ead63894a1 Fix formatting 2020-11-19 16:09:30 -05:00
Matt Brown
b5d4b59c33 Be more refined 2020-11-19 15:57:05 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible
Now the flag passed to scrapeAssertions just determines the errors emitted
2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays"
This reverts commit 08ae85a735.
2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Matt Brown
4bb84f7f0a Add more attributes to fake PhpParser generated expressions
Ref #4600
2020-11-18 10:16:41 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Lukas Reschke
494ec40777
Add SARIF as report output (#4582)
https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html
2020-11-17 13:23:20 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575)
Closes #4563
2020-11-16 15:49:27 -05:00
Thomas Mauro Vargiu
4e8fb9c37f
Fix #4549 Better intersection between parent types (#4560) 2020-11-15 20:29:49 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
5b004a1d11 Fix #4558 - Don’t convert value-of to key-of template 2020-11-15 18:33:07 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
f65868c023 Fix style 2020-11-13 16:43:36 -05:00
Matt Brown
d97c8b750a Add closure-use termination for byref flows 2020-11-13 13:37:27 -05:00
Matt Brown
e7e5904d2d Remove unused uses in Psalm’s codebase 2020-11-13 13:16:39 -05:00
Matt Brown
2e47ca51d5 Fix #4547 - mark unused uses 2020-11-13 13:13:29 -05:00
Matt Brown
57125c7106 Uses by ref should be assigned that way 2020-11-13 12:50:01 -05:00
Matt Brown
4c1cf37d52 Improve error message for UnusedVariable 2020-11-13 12:36:17 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966 Move mutation checks to more appropriate place 2020-11-12 23:54:50 -05:00
Matt Brown
ec9762ce61 Prevent the same interface, repopulated, from confusing matters 2020-11-12 15:52:13 -05:00
Matt Brown
58c47ab32c Fix build 2020-11-12 14:22:54 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
929efcc1ac Use the same docblock as the source params, if possible 2020-11-12 09:14:40 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use
Fixes #4524
2020-11-11 19:22:23 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred
Ref #4485
2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Matt Brown
5a5cbb2892 Increase nesting 2020-11-10 18:27:28 -05:00
Matt Brown
165e0db157 Fix style 2020-11-10 16:19:24 -05:00
Matt Brown
46ebca4497 Fix coalesce operation tainting 2020-11-10 14:36:36 -05:00
Matt Brown
a82a9558d2 Experiment with refactor 2020-11-10 12:50:17 -05:00
Matt Brown
b731b53d5e Add debug stuff for code complexity 2020-11-10 12:49:42 -05:00
Matt Brown
81babf2430 Clone to prevent incorrect references 2020-11-10 09:01:46 -05:00
Matt Brown
e27cbfba57 Reduce size of data flow graph when analysing array assignments 2020-11-09 22:44:36 -05:00
Adrien LUCAS
4cb8e86737
Add a proxy capability to the flow annotation (#4495)
* Add a `passthru` capability to the flow annotation

* Fix passthru-calls type

* Fix types and rename to proxy

* Allow to proxy a method

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-09 15:22:35 -05:00
Matt Brown
32d526bde9 Add descendant variables for closure uses
Fixes #4522
2020-11-09 15:20:28 -05:00
Matt Brown
e97a9c86eb Fix #4517 - track type contradiction issues in match expressions 2020-11-09 10:00:53 -05:00
Matt Brown
3aaa1d8447 Fix #4516 - treat exit() as the empty type 2020-11-09 08:44:03 -05:00
Matt Brown
683546e024 Fix #4519 - prevent crash with empty match 2020-11-09 08:36:59 -05:00
Matt Brown
8799e1a337 Break apart complex method 2020-11-09 00:58:45 -05:00
Matt Brown
6acd667e55 Fix #4509 - treat expression-derived constants as mixed 2020-11-08 15:36:38 -05:00
Matt Brown
ab2ab826d2 Add slashes 2020-11-08 14:34:09 -05:00
Matt Brown
0be4f2fedf Fix/ignore reflection bugs 2020-11-08 14:27:37 -05:00
Wouter J
58318282c5
Add support for PHP 8 union types (#4505) 2020-11-08 14:23:03 -05:00
Matt Brown
20e37d8cb6 Add a comment to show workings 2020-11-08 13:08:45 -05:00
Matt Brown
24c9702aa5 Remove unused imports 2020-11-08 12:31:21 -05:00
Matt Brown
6da0905478 Separate out good from the bad 2020-11-08 12:29:23 -05:00
Matt Brown
b635353cf4 Fix redundant thing 2020-11-08 10:18:32 -05:00
Matt Brown
dccf236d16 Fix #4503 - don’t ignore assertions on possibly-null mixed 2020-11-08 10:06:39 -05:00
Matt Brown
b8f5d16e9f Consolidate similar functionality 2020-11-07 00:58:20 -05:00
Matt Brown
bb5b5142d6 Add more info to mic drop code 2020-11-06 21:36:38 -05:00
Matt Brown
45b3dce631 Break apart IfElseAnalyzer 2020-11-06 21:01:17 -05:00
Matt Brown
3359e7699a Rename IfAnalyzer 2020-11-06 20:51:14 -05:00
Axel H
271e0d86be
Fix type inference when unpacking typed iterables (#4487)
* Add test for unpacking typed iterables

* Fix type inference when unpacking typed iterables into arrays

* Fix possibly undefined array offset
2020-11-06 17:24:01 -05:00
Matt Brown
9daa534656 Ensure we flush out re-assigned vars also referenced
Fixes #4488
2020-11-06 12:51:41 -05:00
Matt Brown
6b06ecec39 Fix #4491 - support assertions in new calls 2020-11-06 11:55:19 -05:00
Matt Brown
debedf2c96 Support pure-Closure annotation 2020-11-06 00:38:57 -05:00
Matthew Brown
1c66646e72
Fix formatting 2020-11-05 19:23:54 -05:00
Matt Brown
388e804ed8 Allow opt-in to strict return type checking 2020-11-05 18:20:04 -05:00
Matt Brown
d47d817843 Fix #4479 - use correct keys in message 2020-11-05 10:13:08 -05:00
Matt Brown
e9dd16f336 Fix #4481 - ReflectionProperty implements Reflector 2020-11-05 09:29:20 -05:00
Matt Brown
b3ff107c20 Add functions 2020-11-04 23:34:38 -05:00
Matt Brown
3bde327f1b Break up CommentAnalyzer 2020-11-04 23:25:08 -05:00
Matt Brown
f3c6d70a9b Use more accurate type for div of ints 2020-11-04 22:39:27 -05:00
Matt Brown
eacc05e73f Fix #2132 - get value of literal int division 2020-11-04 22:32:33 -05:00
Matt Brown
3e9c5d3600 Add support for @return never 2020-11-04 12:30:02 -05:00
Matt Brown
b5a3f45d52 Remove use of PHP 7.2 function 2020-11-04 11:02:34 -05:00
Matt Brown
590af31449 Improve output of Clause::__toString 2020-11-03 17:02:37 -05:00
Matt Brown
91d9dc3759 Fix overeager inference 2020-11-03 16:44:24 -05:00
Matt Brown
b35db3e523 Reorganise things a little 2020-11-03 16:15:54 -05:00
Matt Brown
16bfbd9224 Fix function 2020-11-02 00:54:12 -05:00
Matt Brown
3d4e77beb6 Fix int-mask-of expansion 2020-11-02 00:40:36 -05:00
Matt Brown
09228131d8 Use falsy value 2020-11-01 22:57:30 -05:00
Matt Brown
6922caf9f6 Fix #4466 use better differentiation for class_exists second param 2020-11-01 13:14:17 -05:00
Matt Brown
966b139504 Fix dupe semicolons 2020-11-01 11:42:09 -05:00
Matt Brown
024d93b7fd Fix #4467 - variables are only the same if they were set in the same location 2020-11-01 11:26:42 -05:00
Matt Brown
f0a30b9fd0 Invalidate child methods when signature changes 2020-11-01 09:46:21 -05:00
Matt Brown
667220408c Fix #4464 - bust cache when Psalm’s version changes, not just composer’s 2020-11-01 09:01:53 -05:00
Matt Brown
957a554c4b Support a bunch of attributes 2020-10-30 21:38:27 -04:00
Matt Brown
938cebc9f8 Use better inference for getAttributes return type
Fixes #4367
2020-10-30 17:37:16 -04:00
Matt Brown
67554dd017 Fix #4453 - sanitise @extends types before attempting to parse 2020-10-30 15:08:23 -04:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
4ea87b9054 Add support for int-mask<...> and int-mask-of<...> 2020-10-30 13:28:45 -04:00
Joe Hoyle
4bb675ea72
Pass CodeLocation to FunctionParamsProviderInterface interface (#4444)
Currently the `getFunctionParams()` method of the `FunctionParamsProviderInterface` is never passed the CodeLocation of the analyzed function call. As this is in-scope in the only call site, we can pass the CodeLocation. This means the `getFunctionParams()` is able to issue it's own Issues (which required the code location to attached the Issue to)
2020-10-29 19:53:21 -04:00
Matt Brown
82f35c1454 Ensure Stringable is always available to tests that need it 2020-10-29 19:41:10 -04:00
Matt Brown
5c784dc7cb Fix #4435 - ensure casts are always flow-sensitive 2020-10-28 14:06:05 -04:00
Matt Brown
dab1aac9d4 Protect more calls 2020-10-28 13:48:13 -04:00
Matt Brown
f43dba8c4c Use more accurate comparison for non-empty-lists 2020-10-28 13:32:55 -04:00
Matt Brown
083102a862 Fix count call 2020-10-28 13:10:30 -04:00
Matt Brown
4aef96bbac Use lists everywhere for args 2020-10-28 12:45:26 -04:00
Matt Brown
fee5eab671 If interface implements __toString it’s also Stringable 2020-10-28 09:06:52 -04:00
Matt Brown
d00a02a06b Fix #4429 - any class with a __toString method in PHP8 assumed to implement Stringable 2020-10-27 15:41:04 -04:00
Matt Brown
d27d86a84c Fix #4422 - be aware of nested template params 2020-10-27 10:01:17 -04:00
Matt Brown
1da6615ac2 Fix comma 2020-10-27 09:13:57 -04:00
Matt Brown
b91370e4ae Fix #4407 - always scan types in @var docblocks regardless of next element 2020-10-26 12:35:29 -04:00
Matt Brown
d3464cb22a Fix #4418 - improve try analysis for mixed, too 2020-10-26 09:05:48 -04:00
Matt Brown
462f8ba32b Fix #4397 - allow offsetGet on inside isset 2020-10-25 22:16:43 -04:00
Matt Brown
b6dbc34523 Track final-ness of class when evaluating trait returns 2020-10-25 12:20:18 -04:00
Matt Brown
18f3a3721f Fix #4414 - allow multiple @psalm-assert-if-true on same var 2020-10-25 10:49:39 -04:00
Matt Brown
94e26b2257 Empty checks variables are really falsy checks 2020-10-24 12:46:27 -04:00
Matt Brown
5ff3f1377d Fix a few bugs 2020-10-24 12:23:59 -04:00
Matt Brown
f8eee22f77 Add basic support for PHP attributes
Ref #4367 - supports creation and argument checks
2020-10-24 00:10:22 -04:00
Matt Brown
f3cc7a7f2f Break apart ReflectorVisitor 2020-10-23 19:53:04 -04:00
Matt Brown
6e262ca753 Add slash 2020-10-22 18:30:36 -04:00
Matt Brown
1c836ad2fb Invalidate signature types when use changes 2020-10-22 18:07:27 -04:00
Matthew Brown
0f9b4003f8
arraylike-object should include countable
Fixes #4398
2020-10-22 11:48:24 -04:00
Matt Brown
ad5a8c247b Fix #4386 - fix issues with property promotion 2020-10-21 14:41:15 -04:00
Matt Brown
f72e2d7de5 Fix #4374 - prevent paradox and allow Psalm to understand more assignments in conditionals 2020-10-20 14:43:05 -04:00
Matt Brown
66780716aa Fix #3625 - getIterator call is used inside loop 2020-10-20 10:59:09 -04:00
Matt Brown
e7d1fa6798 Fix #4372 - count implicitly-used short-closure vars as used 2020-10-20 09:32:08 -04:00
Matt Brown
3803bbfce0 Fix #4368 - improve handling of try with finally 2020-10-20 09:07:10 -04:00
Matt Brown
7afd817a3b Add back use 2020-10-19 15:10:35 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361)
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
2020-10-19 15:08:18 -04:00
Matt Brown
32787169d7 Fix language server 2020-10-19 13:13:50 -04:00
Matt Brown
1a6b684993 Fix #4366 - possibly-undefined vars in finally block should not error 2020-10-19 09:56:38 -04:00
Matt Brown
fe294a4dc0 Don’t overwrite true flag 2020-10-18 01:24:36 -04:00
Matt Brown
a6c7336c69 Fix bad replacement 2020-10-18 00:54:07 -04:00
Matt Brown
0897abf5cb Be more explicit about negation 2020-10-18 00:39:43 -04:00
Matt Brown
3c29ffd0b7 Ignore just-coerced vars 2020-10-17 23:35:24 -04:00
Matt Brown
b646414304 Prevent unnecessary assignments 2020-10-17 18:44:42 -04:00
Matt Brown
055fe551c1 Suppress errors from fake statements 2020-10-17 18:35:55 -04:00
Matt Brown
9502e51a08 Fix reversed negation check 2020-10-17 17:46:00 -04:00
Matt Brown
c0f6afbd87 Improve binary op || analysis for chain 2020-10-17 17:16:47 -04:00
Matt Brown
559abb7b6a Fix style 2020-10-17 14:50:14 -04:00
orklah
ceaaa39ec3
improve phpdoc (#4352) 2020-10-17 12:36:44 -04:00
Matt Brown
9f29e77adc Fix #4354 - allow assignments on RHS of || in if conditional 2020-10-17 12:29:57 -04:00
Matt Brown
be1cd5275e Fix #4349 - improve types for suggested unions 2020-10-16 17:56:31 -04:00
Matt Brown
234eae6ad0 Fix algebra more 2020-10-16 11:17:52 -04:00
Matt Brown
083cc29c04 Fix #4347 - fix combinatorial expansion when negating if conditions 2020-10-16 10:23:15 -04:00
orklah
ffe7874906
Misc improvements (#4314)
* extract the operation out of the loop when possible

* remove unnecessary interfaces when already inherited in parent

* simplify expressions

* avoid using alias functions

* redundant phpdoc

* unused imports
2020-10-15 13:23:35 -04:00
Matt Brown
b69e28f26a Fix default value 2020-10-15 13:20:42 -04:00
Matt Brown
8d2e88ef41 Fix #4333 - don’t get tripped up on try with no catches 2020-10-15 10:15:55 -04:00
Matt Brown
8a2983e5e9 Fix #4336 - don’t merge sources twice for null coalesce 2020-10-15 09:57:37 -04:00
Matt Brown
da257a0fa5 Break apart InstancePropertyFetchAnalyzer and others 2020-10-15 09:21:44 -04:00
Matt Brown
2902a8cc60 Fix #4326 - Prevent later remapping of properties 2020-10-14 21:35:57 -04:00
Matt Brown
4539a2f27e Fix #4326 - prevent more mapping than necessary 2020-10-14 21:22:51 -04:00
Matt Brown
d8d17a6587 Fix #4327 - make sure loop always returns 2020-10-14 20:19:55 -04:00
Matt Brown
b2382cdf18 Use correct count 2020-10-14 18:56:49 -04:00
Matt Brown
4488d5fb1f Use more accurate arguments count 2020-10-14 18:51:15 -04:00
Matt Brown
864a7bbb4c Add better support for get_debug_type 2020-10-14 17:30:08 -04:00
Matt Brown
a0fbac347e Prevent features pre-php-8 2020-10-14 17:09:56 -04:00
Matt Brown
62c15b2a4f Avoid crash when callable type is missing 2020-10-14 11:01:46 -04:00
Matt Brown
724b25b918 Change control_flow_graph to data_flow_graph 2020-10-13 17:28:12 -04:00
Matt Brown
516141a380 Rename ControlFlowGraph to more appropriate DataFlowGraph 2020-10-13 16:49:03 -04:00
Matt Brown
1ae9a6127e Fix #4315 - prevent crash when setting unknown property in finally 2020-10-13 08:32:26 -04:00
Matt Brown
bb7d7132f7 Do arithmetic for preg_split arguments 2020-10-12 20:26:02 -04:00
Matt Brown
b08d70f977 Fix #4252 - fix xml generation 2020-10-12 18:39:26 -04:00
orklah
62e79fb7ea
param types (#4313) 2020-10-12 15:46:47 -04:00
Matt Brown
fee3b63122 Fix #4274 - don’t ignore mixed union in array_shift operation 2020-10-12 15:17:22 -04:00
orklah
10f2966dcb
return types (#4311)
* return types

* remove willReturn for void methods
2020-10-12 15:02:52 -04:00
Matt Brown
fcfa746ba8 Fix #4310 - prevent literal class check on union 2020-10-12 14:45:11 -04:00
Matt Brown
d16c0de872 Add slash 2020-10-12 14:32:44 -04:00
Matt Brown
464795d86c Fix #4309 - improve reuse of callmap callable inference 2020-10-12 13:46:43 -04:00
Matt Brown
5743471a19 Don’t merge array and Traversable to iterable when there are intersections 2020-10-12 12:45:31 -04:00
Matt Brown
ce90466ad4 Change name to arraylike-object 2020-10-12 12:39:48 -04:00
Matt Brown
8319278ef1 4.x - Add support for array-like-object
Ref #4308
2020-10-12 12:32:02 -04:00
Matt Brown
d8a74ca383 4.x - Prevent passing empty array to max or min 2020-10-12 12:09:12 -04:00
Matt Brown
7e65355513 4.x - detect falty !is_resource checks 2020-10-12 09:57:11 -04:00
Matt Brown
b85cbd01a7 4.x - add support for PHP 8 callmap 2020-10-12 09:41:25 -04:00
Matt Brown
f3b05f5ab5 Move static code out of src 2020-10-12 00:59:19 -04:00
Matt Brown
5be7276a17 Fix #4306 - negating positive-numeric is useless, avoid crash 2020-10-11 23:16:43 -04:00
Matt Brown
7195275993 Fix #4299 - only allow unpacking for the zeroeth-indexed element 2020-10-08 09:51:27 -04:00
Matt Brown
e9b520d72d Ignore precondition issues in loop 2020-10-07 20:24:50 -04:00
Matt Brown
3b19913b44 Unbreak CI 2020-10-07 18:50:30 -04:00
Matt Brown
a9c145a725 Convert numeric literal strings to their int/float equivalents for numeric operations 2020-10-07 18:06:41 -04:00
Matt Brown
443025eab8 Fix addition of int and string type 2020-10-07 18:01:41 -04:00
Matt Brown
8b7657f379 Fix #4297 - use correct property id for each different MissingConstructor error 2020-10-07 17:54:00 -04:00
Matt Brown
1f2d2764ab Fix #4287 - intersection of regular arrays should not result in crash 2020-10-07 17:47:17 -04:00
Matt Brown
c8d4bafb85 Improve accuracy of messages 2020-10-07 17:26:37 -04:00
Matt Brown
c2108e89db Warn about impossible/redundant conditions in RHS of || 2020-10-07 17:04:01 -04:00
Matt Brown
595b8178e0 Improve error message 2020-10-07 15:36:31 -04:00
Matt Brown
54ec83c5ee Use better locations for errors 2020-10-07 13:53:35 -04:00
Matt Brown
639ae61284 Always check LHS of or condition before applying to RHS 2020-10-07 13:40:09 -04:00
Matt Brown
26a674dcb4 Improve message even more 2020-10-07 12:41:36 -04:00
Matt Brown
8f188877ae Improve language further 2020-10-07 12:34:28 -04:00
Matt Brown
95ec310807 Clarify names 2020-10-07 12:24:36 -04:00
Matt Brown
f49884a30d Fix bug 2020-10-07 12:04:54 -04:00
Matt Brown
f655b97330 Simplified even more 2020-10-07 12:00:53 -04:00
Matt Brown
8aaebfc2c4 Simplify more 2020-10-07 11:55:57 -04:00
Matt Brown
21a6f34088 Fix linting 2020-10-07 11:52:02 -04:00
Matt Brown
02e18c0cde Improve clause-to-string conversion 2020-10-07 11:46:53 -04:00
feek
8d2db4e673
feature: universal object crates (#3948)
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
2020-10-07 09:56:21 -04:00
Marco Perone
a12fbb7f90
add some more stubs for array functions (#4271)
* add some more stubs for array functions

* add function brackets to stubs

* add parameter names

* remove redundant brackets

* remove stubs already defined in return type providers
2020-10-06 09:13:19 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
fb604bfacb 4.x - move class constants into their own storage object 2020-10-05 09:50:32 -04:00
Matt Brown
ea47548dd0 4.x - Prevent AfterFunctionCallAnalysisInterface from rewriting return types 2020-10-04 23:39:20 -04:00
Matt Brown
939297484c 4.x - rename TFn to TClosure 2020-10-04 23:32:01 -04:00
Matt Brown
549b200aa7 Remove mixed assignment issue 2020-10-04 17:53:26 -04:00
Matt Brown
ad8bda9eeb Fix indentation 2020-10-04 00:18:55 -04:00
Matt Brown
d532133325 Add support for Stringable 2020-10-04 00:17:16 -04:00
Matt Brown
ec3501b244 Ensure PHP 8 continuation of 7.4 method signature features 2020-10-03 23:34:29 -04:00
Matt Brown
127e66df65 Elevate trait mismatch issues in PHP 8.0 2020-10-03 22:59:43 -04:00
Matt Brown
1a11897849 4.x - add support for the nullsafe operator 2020-10-03 20:21:52 -04:00
Saif Eddin G
0475f379aa
add support for 'COMPOSER' env variable for alternate name of 'composer.json' (#4275) 2020-10-03 02:26:37 -04:00
Matt Brown
6a91c2f70e Fix @no-named-arguments more 2020-10-02 21:09:37 -04:00
Matt Brown
009b33b17d Support @no-named-args when calling in PHP 8 2020-10-02 20:58:51 -04:00
Matt Brown
5a94043a7f Unbreak gettype support 2020-10-02 20:33:35 -04:00
Matt Brown
63a11bae15 4.x - Support named arguments
Ref #4089
2020-10-02 20:27:01 -04:00
Matt Brown
2cd306b75c Promoted properties are always initialized 2020-10-02 19:44:58 -04:00
Matt Brown
5bcd1bbb75 4.x - add support for get_debug_type function
Ref #4089
2020-10-02 19:15:47 -04:00
Matt Brown
74934ffdbb 4.x - rename GetClassT to TDependentGetClass 2020-10-02 18:47:23 -04:00
Matt Brown
211553c53f Support property type promotion ref #4089 2020-10-02 18:31:32 -04:00
Matt Brown
6866e443dc Small refactor 2020-10-02 18:24:46 -04:00
orklah
17d53974e6
change label (#4272) 2020-10-02 15:08:26 -04:00
Matt Brown
c9e47450a7 Fix #4266 - prevent OOM when analysing closure unioned with invokable class 2020-10-02 00:47:42 -04:00
Matt Brown
6ad5e1c013 Fix #4264 - prevent crash when analysing file with duplicate classes 2020-10-01 15:07:25 -04:00
Matt Brown
35081c0d21 Ensure catch variables are marked as used 2020-09-30 13:51:02 -04:00
Matt Brown
fc001cdf65 Treat func_get_args as using function params 2020-09-30 13:08:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Matt Brown
169b2b7023 Fix analysis when there’s a break in a loop after a reassignment 2020-09-30 00:04:07 -04:00
1eca537209
Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs (#4255)
* Add SplStack, SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue stubs

* Add SplFixedArray
2020-09-29 11:27:12 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
1afbce82ca Ensure loop marks vars as possibly assigned 2020-09-27 17:50:48 -04:00
Bruce Weirdan
d9776aa710
Fixes crash due to class/filename mismatch (#4247)
Introduced in 56cddd16bf
2020-09-26 13:31:38 -04:00
Brown
4f28b38556 Fix unused var in finally false-positive 2020-09-25 10:20:22 -04:00
Brown
c17bacd682 Prevent duplicate switch return types 2020-09-25 09:45:20 -04:00
Brown
d52d7ef6aa Add extra loops for more reliable analysis 2020-09-25 00:59:58 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
orklah
83ca918824
preg_split can't take null in limit (#4236)
* preg_split can't take null in limit

* fix wrong type in preg_split
2020-09-22 13:46:37 -04:00
orklah
37a2f8a33d
unused use statements (#4228) 2020-09-22 01:10:46 -04:00
Brown
3593a120f3 Add missing = true 2020-09-22 01:10:11 -04:00
orklah
250fa8e42d
misc changes (#4227)
* misc changes

* misc changes
2020-09-22 00:44:31 -04:00
Brown
275c6bf4e7 Propagate has_returned flag 2020-09-22 00:43:13 -04:00
Brown
3015aca2df Fix fudging var 2020-09-21 16:23:44 -04:00
Brown
b501db6dd2 Skip currently-failing undefined variable test 2020-09-21 16:01:14 -04:00
Brown
cdb2b5caf6 Be a little bit more robust in finally handling 2020-09-21 15:37:10 -04:00
Brown
3e0f449163 Detect more issues inside finally block 2020-09-21 15:16:19 -04:00
Brown
fe94ae0603 Make sure to union try-set vars 2020-09-21 14:33:34 -04:00
Brown
7bd1c43be1 Don’t forget control actions 2020-09-21 11:18:30 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
70b8c8c0e4 Revert StatementsAnalyzer change 2020-09-20 21:01:59 -04:00
Brown
ef612ea598 Fix tests 2020-09-20 20:58:34 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
de16308f2e
useless comparison (#4223)
* remove unused code

* fix wrong fix
2020-09-20 13:01:27 -04:00
Brown
cf8dcc163e Use shuffled files 2020-09-20 12:59:32 -04:00
orklah
24a38f21ce
Use array destructuring when possible (#4221)
* list usage

* fix inversion
2020-09-20 12:55:38 -04:00
orklah
1a1b88bb5e
add visibilities to constants (#4219) 2020-09-20 12:54:46 -04:00
Brown
ef3cf67f50 Fix #4198 - make analysis of class-string property assignments more robust 2020-09-20 09:18:35 -04:00
orklah
cb7065ae07
replace deprecated methods with their equivalent (#4217) 2020-09-20 08:56:49 -04:00
orklah
a9a364e363
Misc improvements (#4216)
* misc changes

* fix CI
2020-09-20 08:55:28 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211)
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
2020-09-19 18:26:51 -04:00
Brown
1ac527bbf1 Meke staticy methods properly static 2020-09-19 18:24:36 -04:00
Brown
0ae436d335 Fix a couple of false-positive redundant conditions 2020-09-19 18:12:14 -04:00
Brown
72d1d799b1 Fix #4208 - array with possibly-undefined keys isn‘t really sealed 2020-09-19 15:46:54 -04:00
Brown
f973937aec Fix #4209 - allow hinting arrow function return type 2020-09-19 14:59:19 -04:00
Brown
a8a2a4cb66 Fix #4210 - fix __invoke declaration tracing 2020-09-19 14:18:52 -04:00
Brown
94ed53b25a func_num_args is pure
fixes #4215
2020-09-19 13:58:29 -04:00
Brown
363887a445 Add explicit offset
Fixes #4202
2020-09-17 21:35:30 -04:00
Daniel Badura
7d5dbd3f38
add random_int as stub, returns positive-int if min is positive-int (#4199) 2020-09-17 08:31:31 -04:00
orklah
191495328a
Fix errors in return types (#4189)
* FunctionLikeAnalyzer::verifyReturnType returns void

* ArrayFunctionArgumentsAnalyzer::checkArgumentsMatch returns void

* AssertionFinder::scrapeAssertions can't return null
2020-09-16 17:35:55 -04:00
Brown
dda013dc2e Only refine for matching closure union members
Ref #4136
2020-09-15 09:40:27 -04:00
Brown
0b209864fe Improve accuracy of array_filter 2020-09-14 13:31:53 -04:00
Brown
8d7fe83e2a Improve array_merge return type 2020-09-14 13:06:15 -04:00
Brown
b10c1ac280 Fix style 2020-09-14 12:19:30 -04:00
Brown
1f3215d36b Support more array intersections in type parsing 2020-09-14 12:13:33 -04:00
Brown
02b725f8a2 Add back suppression 2020-09-14 11:02:04 -04:00
Brown
17a0ecb60e Fix regression – detect unused params with defaults again 2020-09-14 10:58:36 -04:00
Brown
1df3c9365c Fix template check 2020-09-14 10:00:09 -04:00
Brown
77e84b3817 Fix a few more things 2020-09-13 23:28:31 -04:00
Brown
c4450b930c Fix various things 2020-09-13 22:39:03 -04:00
Brown
249903e18a Fix style issues 2020-09-13 21:45:07 -04:00
Brown
56bae3b587 Add check for strpos dictionaries
Ref #4070
2020-09-13 21:42:44 -04:00
Brown
8f8dbfbd72 Fix #4122 - detect yield in function arguments 2020-09-13 17:13:26 -04:00
Brown
f180fb23bc Fix #4178 - always detect missing property types 2020-09-13 16:50:50 -04:00
Bruce Weirdan
689027c92d
Support multiple issue types in @psalm-suppress (#4179)
* Accept multiple issue names in `@psalm-suppress`

Fixes vimeo/psalm#1575

* Accept multiple issue types on statement docblocks as well

* Proper highlighting of individual issues in compound suppressions
2020-09-13 16:41:14 -04:00
Bruce Weirdan
cd110c7e2f
Added @psalm-stub-override for classlikes and methods (#4177)
Fixes vimeo/psalm#1252
2020-09-13 16:40:31 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
Brown
ded9237176 Fix bad error flagging 2020-09-13 16:38:32 -04:00
Brown
9ed09d2679 Fix #4127 - improve error message for unused closure var 2020-09-12 17:03:11 -04:00
ygottschalk
5b0c9b1a28
added array-size max constraint to greater check (#4175)
added a few unit tests
2020-09-12 16:13:13 -04:00
Brown
09d22cb05c Fix #4169 - add appropriate bounds check 2020-09-12 11:33:26 -04:00
Toshiyuki Goto
ad437c5265
Workaround to PhpScoper group use bug in Box (#4174) 2020-09-12 11:24:40 -04:00
orklah
ead107fa9e
More return types (#4173)
* add native return types

* redundant phpdoc
2020-09-12 11:24:05 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs
Ref #4070
2020-09-10 22:54:32 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
aaede393d4 Fix #4070 - prevent literal strpos argument 2020-09-10 18:28:34 -04:00
Brown
2100dbd8aa Fix #4167 - allow many issues for the same position 2020-09-10 17:41:45 -04:00
Craig Francis
993e112236
Additional MySQL sinks, ref Issue #4155 (#4158) 2020-09-08 11:54:23 -04:00