Brown
1745f5cafa
Fix too-long line
2020-07-02 15:32:13 -04:00
Brown
cb94764d22
Prevent false-positive for Exception::__toString overriding
2020-07-02 14:09:56 -04:00
Brown
0c582e9993
Fix #3685 - improve handling of if conditionals inside do
2020-07-02 13:59:59 -04:00
Brown
cf1a8ac5fc
Suppress taints in instance properties
2020-07-02 12:08:42 -04:00
Brown
67b2edc328
Allow more things to be suppressed with @psalm-suppress TaintedInput
2020-07-02 11:53:51 -04:00
Matthew Brown
fab07c58bd
Add slash
2020-07-02 01:32:40 -04:00
Brown
ea82cdc6ea
Fix #3726 - infer generic template from class-string
2020-07-02 01:11:46 -04:00
Brown
ae7c5b095b
Fix #3712 - allow taints to be suppressed with @psalm-suppress
2020-07-01 23:23:45 -04:00
Tyson Andre
e3d59bf5d4
Support taint detection on Throwable::getTraceAsString() ( #3731 )
...
And `__toString()`, which uses getTraceAsString().
Fixes #3696
```php
function login($username, $password, $secret) {
throw new RuntimeException('login failure');
}
try {
login('user', $_GET['pass'], SECRET);
} catch (Exception $e) {
// This output includes unescaped 'pass' and SECRET
echo $e, "\n";
echo $e->getTraceAsString();
}
```
2020-07-01 21:27:40 -04:00
Brown
0f548c83ea
Fix redundant condition
2020-07-01 19:31:10 -04:00
Brown
6c62e46d15
Only emit one error for erroneous array_map string closure types
2020-07-01 19:18:01 -04:00
Brown
4d73b2501b
Allow multiple args passed to array_map
2020-07-01 19:11:49 -04:00
Brown
70ab4c18f4
Fix #3720 - allow literal unions in keys to map to object-like arrays
2020-07-01 18:57:19 -04:00
Olle Härstedt
d8e8ce428e
Add new annotation: @psalm-self-out ( #3650 )
...
* Add new config: sealAllMethods
* Add some more tests
* Fix codesniffer issue with preg_quote
* Fix missing method in test
* New tag @self-out (WIP)
* Add self_out_type to method storage
* Add some notes
* More work on self-out (WIP)
* More work on self-out (WIP)
* Use psalm-self-out instead of self-out
* Remove extra file
* Cleanup
* Wrap around try-catch - how to check if a method has/should have storage?
* New method hasStorage()
* Fix indentation
* Fix some errors
* Fix indentation
* Cast storage type to type
* Add proper use-statement in method storage
* Correct test class name
* Allow self_out to be null
* method_id can be string (why, when?)
Co-authored-by: Olle <noemail>
2020-07-01 18:10:24 -04:00
Tyson Andre
b0a3de47e8
Mark create_function() as a taint sink ( #3729 )
...
create_function() is a thin wrapper around eval().
Fixes #3723
2020-07-01 18:09:30 -04:00
Brown
e13da22292
Allow cloning interfaces
2020-07-01 11:14:31 -04:00
Brown
fca350c498
Prevent a few crashes with really bad code
2020-07-01 10:30:10 -04:00
Brown
6047b7b6cb
Fix #3719 - prevent crash when cloning missing class
2020-07-01 10:10:55 -04:00
Brown
4c368da75e
Fix #3721 - prevent crash on empty @method
2020-07-01 09:00:33 -04:00
Brown
cceacde01d
Hide fixable issues when running with taint analysis
...
Fixes #3722
2020-07-01 08:55:58 -04:00
Brown
17558a5c0e
Fix #3676 - add multiline output for TaintedInput issues
2020-06-30 13:17:51 -04:00
Brown
671009a70c
Specialize constructor taints cc @TysonAndre
2020-06-29 21:08:43 -04:00
Brown
7288dfc620
Fix #3715 - unserialize is a taint sink
2020-06-29 17:54:47 -04:00
Brown
7253e01000
Fix #3716 - prevent crash for Foo|? return type
2020-06-29 17:52:55 -04:00
Brown
e56483bb54
Fix #3711 - generalize call of specialized class without specializations
2020-06-29 17:42:01 -04:00
Brown
ab29ac0e51
Only cast in echo when tracking taints
2020-06-29 15:06:11 -04:00
Brown
cff976049d
Remove unused vars
2020-06-29 13:24:05 -04:00
Brown
f6e2e0a84a
Perform string casting for taints in ArgumentAnalyzer
2020-06-29 13:21:33 -04:00
Brown
45c21853e5
Fix #3709 - don’t crash on inherited __toString tainting
2020-06-29 12:11:11 -04:00
Brown
aab90fb74e
Fix Psalm errors
2020-06-29 09:29:19 -04:00
Brown
38977d797e
Fix #3697 - cast types via implied __toString method
2020-06-29 09:13:19 -04:00
Brown
b54b832838
Break out method call tainting
2020-06-29 00:14:49 -04:00
Barney Laurance
3f8aa64ee9
Treat methods of internal or psalm internal classes as internal ( #3698 )
...
When both the method and the class are annotated as psalm-internal,
but to different namespaces, we consider the method internal to
whichever namespace is longer, i.e. the smaller code module.
Issue reported at https://github.com/vimeo/psalm/issues/3457
2020-06-28 13:15:54 -04:00
Simon Podlipsky
0f727e7607
Add RdKafka\ProducerTopic::producev() to CallMap ( #3700 )
2020-06-28 13:15:11 -04:00
Brown
c95ebfeb21
Fix #3694 - allow two args for PDO::query
2020-06-26 18:26:06 -04:00
Fabien Villepinte
c42dadaf0d
Redis::getDbNum|getHost can return false ( #3673 ) ( #3693 )
2020-06-26 18:14:10 -04:00
Tyson Andre
3a9c7432e1
Add psalm-taint-specialize for preg_replace_callback ( #3683 )
...
Fixes https://psalm.dev/r/517c4a169e
2020-06-26 08:58:57 -04:00
Brown
bcd7478352
Reduce memory footprint a little
2020-06-25 19:12:30 -04:00
Brown
8404fa0750
Allow use of a different baseline
...
Ref #3672
2020-06-25 17:31:03 -04:00
Brown
559b3d3471
Fix #3681 - taint exit like echo
2020-06-25 17:17:08 -04:00
Brown
07f7e5ccaf
Reconciling should preserve taints
...
Fixes #3680
2020-06-25 17:04:18 -04:00
Brown
9837a60853
Fix #3675 - add taints to filter_var return
...
Doesn’t yet take callback into account
2020-06-25 13:24:26 -04:00
Brown
9e7650586b
Fix bugs
2020-06-25 13:21:11 -04:00
Brown
95bf7f835b
Improve handling of array_map, faking out calls where nececssary
2020-06-25 13:05:34 -04:00
Brown
f458959af5
Add param type
2020-06-25 01:40:19 -04:00
Brown
d7f1bde6da
Refactor taint acccess checks
2020-06-25 01:32:57 -04:00
Brown
b8ebed0b85
Add a bit more accuracy
2020-06-25 01:00:11 -04:00
Brown
e26922010a
Improve accuracy of array nesting checks
2020-06-25 00:50:52 -04:00
Brown
b84cf74754
Fix #3668 - taint property types for magic properties without @property
2020-06-25 00:24:37 -04:00
Brown
dd25b81d3a
Fix #3670 - taint mixed foreach access
2020-06-24 19:16:30 -04:00
Brown
a6c7a48387
Add support for argument unpacking
...
Ref #3670
2020-06-24 18:43:15 -04:00
Tyson Andre
1670848267
Mark print() statement as the same sink type as echo ( #3669 )
2020-06-24 17:23:16 -04:00
Brown
de85e7c539
Fix blips
2020-06-24 13:19:14 -04:00
Brown
7a7cd91c24
Fix #3631 - better treatment for assignments in complex conditionals
2020-06-24 13:16:52 -04:00
Brown
9aa0aca949
Fix handling of coerced callmap args
2020-06-24 11:51:31 -04:00
Brown
c29b3744ec
Change storage of out types
2020-06-24 11:51:31 -04:00
Brown
96d05ab06b
Fix #3654 - use correct function id for namespaced functions
2020-06-23 16:53:11 -04:00
Brown
6a746b65ea
Fix #3655 - taint encapsulated strings
2020-06-23 16:38:59 -04:00
Brown
13fc8a75fd
Allow taints to flow where no return type exists
...
Fixes #3652
2020-06-23 15:52:19 -04:00
Brown
f46236ad71
Taint flows through preg_replace_callback
2020-06-23 15:28:31 -04:00
Brown
f72b609d42
Fix #3642 - detect missing property when name matches
2020-06-23 13:12:46 -04:00
Brown
4d6fc4d0ca
Fix get_class($foo) === static::class checks
2020-06-23 13:11:19 -04:00
Brown
9b860214d5
Fix #3639 - allow coerced types to count when picking callmap options
2020-06-22 20:24:34 -04:00
Brown
1f86afece7
Revert "Fix #3631 - apply assertions to RHS of equality in conditional"
...
This reverts commit 9c17795545
.
2020-06-22 20:01:27 -04:00
Brown
fc8212e207
Fix static call specialisation via annotation
2020-06-22 18:40:43 -04:00
Tyson Andre
bee10a2eb4
Add a --debug-emitted-issues flag ( #3637 )
...
And support --debug-by-line in psalter and psalm-refactor.
Those were previously not supported in getopt()
Fixes #3634
2020-06-22 18:16:47 -04:00
Brown
e8be2c500e
Support taint flows in more functions
2020-06-22 17:53:03 -04:00
Brown
7f05b3c530
Add $_REQUEST as a taint source
...
Ref #3636
2020-06-22 17:16:15 -04:00
Tyson Andre
f2f5606ca8
Document other supported --report
file names ( #3633 )
2020-06-22 15:21:16 -04:00
Brown
9c17795545
Fix #3631 - apply assertions to RHS of equality in conditional
2020-06-22 15:16:16 -04:00
Brown
d46283075d
Add --taint-analysis to command line help
2020-06-22 11:39:46 -04:00
Brown
81e2745cf1
Add more options
2020-06-22 11:24:38 -04:00
Brown
dddc159694
Add explicit path object
2020-06-22 02:10:03 -04:00
Brown
36f1630e03
Add more steps for clearer output
2020-06-22 01:08:58 -04:00
Brown
02e8313c39
Allow taintedness to propagate to some stubbed methods
2020-06-21 18:07:39 -04:00
Brown
fbe3433edd
Use escape terminology
2020-06-21 11:43:08 -04:00
Brown
07adecc6eb
Use correct method id when creating taints
2020-06-21 02:06:08 -04:00
Brown
dc83c2e2fc
Add annotation for taint sources
2020-06-21 00:58:56 -04:00
Brown
cbd7ba8ed8
Fix return type
2020-06-20 23:34:39 -04:00
Brown
10e4e9ac65
Fix #3617 - prevent crash when constant class doesn’t exist
2020-06-20 23:30:36 -04:00
Brown
f21d3a8346
Remove html and sql taints for simple preg_replace patterns
2020-06-20 23:11:42 -04:00
Brown
8edee96d8d
Fix taint regression
2020-06-20 18:10:01 -04:00
Brown
80ed1daf33
Allow static method mixin to invoke instance method
2020-06-20 18:05:35 -04:00
Brown
2ccec821f8
Fix #3624 - inherit magic property annotations from traits
2020-06-20 16:53:17 -04:00
Brown
2c5c9e95e1
Don’t add two @return docblocks after @method
2020-06-20 15:30:47 -04:00
Brown
edbeec2c6a
Fix @method annotation namespacing
2020-06-20 15:18:22 -04:00
Ilija Tovilo
2f646d29db
Fix #3607 - constant string class reference with leading backslash ( #3612 )
2020-06-19 18:02:39 -04:00
Brown
51202c75ea
Add taint docs
2020-06-19 11:56:12 -04:00
Andrei Petre
6024fe4761
use original case in error messages when reporting undefined methods ( #3615 )
2020-06-19 11:51:08 -04:00
Brown
b1c836e5f3
Improve specialisation after call
2020-06-19 01:59:45 -04:00
Brown
8f2e28c36b
Improve tainting of specializable classes
2020-06-19 01:22:51 -04:00
Brown
078b8b7b1a
Fix #3618 - add way to load non-analyzed files
2020-06-19 00:13:09 -04:00
Brown
eecdc43ce7
Remove stray commas
2020-06-18 20:15:38 -04:00
Brown
49f0592794
Improve tracking of array taints
2020-06-18 18:48:19 -04:00
Brown
562a7c1ca4
Track taints from all tainted arrays
2020-06-18 13:45:58 -04:00
Brown
7d9a99a956
Fix #3609 - interpret strings as regular static calls
2020-06-18 11:56:08 -04:00
Brown
f609a01497
Move static property fetch analyzer to own class
2020-06-18 11:53:24 -04:00
Brown
98622783ec
Allow lists to have their types refined
...
Fixes #3605
2020-06-18 10:01:16 -04:00
Bruce Weirdan
6fb63903c1
Infer better types for magic constants used in const initializers ( #3602 )
...
Fixes vimeo/psalm#3464
2020-06-18 09:48:51 -04:00
Brown
137647a1a0
Fix #3603 - better typed value comparisons for loose equality
2020-06-18 09:31:38 -04:00
Brown
21e567832f
Add API method for adding custom taint sources
2020-06-18 00:16:19 -04:00
Brown
7fc1f50f54
Fix potential nullref
2020-06-17 16:40:35 -04:00
Brown
4870774ea4
Allow falsable issues on DateInterval::$days
2020-06-17 16:28:26 -04:00
Brown
0a8b9b56ab
Fix #3600 - conditional return should be removed before comparison
2020-06-17 12:57:50 -04:00
Jaik Dean
02b15b83ff
Fix argument types for Redis::zRevRangeByScore() and Redis::zRevRangeByLex() ( #3597 )
2020-06-17 11:50:03 -04:00
Teemu Koskinen
bfae4af030
tidyNode->child will be null if the node does not have any children ( #3599 )
...
https://github.com/php/php-src/blob/master/ext/tidy/tidy.c#L696
2020-06-17 09:29:23 -04:00
Olle Härstedt
e1cc27f7a2
Add new config: sealAllMethods ( #3578 )
...
* Add new config: sealAllMethods
* Add some more tests
* Fix codesniffer issue with preg_quote
* Fix missing method in test
Co-authored-by: Olle <noemail>
2020-06-15 22:36:42 -04:00
Brown
03e9649d49
Fix tainting of function calls absent taintable params
2020-06-15 20:59:48 -04:00
Brown
56ef220e49
Fix bugs in taint specialisation
2020-06-15 18:34:56 -04:00
Brown
bbada7ba8d
Ensure correct vars are used
2020-06-15 17:16:12 -04:00
Brown
05cb39814c
Improve performance of long switch checks
2020-06-15 16:23:19 -04:00
Brown
8c5a434dc8
Allow updating array by reference
2020-06-15 14:45:08 -04:00
Matthew Brown
8da80870e3
Optimise check
2020-06-14 22:07:04 -04:00
Matthew Brown
9a5089cc7e
Wrap template as types for more explicit results
...
Ref #3583
2020-06-14 21:47:23 -04:00
Matthew Brown
081a284759
Fix #3567 - remember which variables a callable sets byref in use
2020-06-14 11:58:50 -04:00
Matthew Brown
a49a0e5650
Fix #3551 - count method can be impure
2020-06-14 11:06:53 -04:00
Matthew Brown
683bde9540
Fix #3573 - allow UnnecessaryVarAnnotation to be suppressed
2020-06-13 16:48:10 -04:00
Matthew Brown
19ba53f28c
Fix too-long line
2020-06-13 16:45:54 -04:00
Matthew Brown
427f470806
Fix #3586 - ensure templated trait params more accurate
2020-06-13 16:37:39 -04:00
Matthew Brown
58a8cafaf2
Fix #3588 - a really long literal string is non-empty
2020-06-13 16:08:51 -04:00
Matthew Brown
edb2b4c5ef
Get type of requires
2020-06-13 15:48:12 -04:00
Gabriel Ostrolucký
8ca7a88c41
Mark fgetcsv impure ( #3582 )
...
fgetcsv standalone is used to skip current row for consecutive reads
2020-06-13 00:32:00 -04:00
Andrei Petre
3497ca07b6
Extending final class is prohibited #3037 ( #3576 )
2020-06-13 00:29:59 -04:00
Bruce Weirdan
a99f92ae3a
Fix vimeo/psalm#3572 ( #3575 )
...
session_decode has side effects
2020-06-13 00:28:56 -04:00
Brown
9bfe50b20a
Always analyse cast expressions
...
Fixes #3577
2020-06-12 17:25:46 -04:00
Brown
211f014356
Fix #3571 - make callable():void valid for callable():?Foo
2020-06-12 14:26:31 -04:00
Brown
45ea5d0bfe
Add a couple more shortcuts for common pattern
...
Fixes #3563
2020-06-12 11:18:34 -04:00
Brown
9ca6c868b7
Fix #3563 - add workaround for == true
2020-06-12 10:58:44 -04:00
Tim van Dijen
7fa48f3508
Fix return type for preg_grep ( #3565 )
2020-06-11 11:59:14 -04:00
Brown
f67b61f6cc
Fix reconciliation of template param to literal string
...
Fixes #3510
2020-06-11 11:58:31 -04:00
Brown
16189782ab
Inherit whether methods are sealed from parent
...
Ref #3561
2020-06-11 11:28:41 -04:00
Brown
ec0a4c7c96
Require ReflectionMethod get a class-string
2020-06-11 11:07:57 -04:00
Jáchym Toušek
c6611cfcd1
Update ext-ds stubs ( #3559 )
2020-06-10 17:27:39 -04:00
Gregor Harlan
235093ecc4
Add PharData::offsetGet/offsetExists to CallMap ( #3557 )
2020-06-10 17:26:22 -04:00
Brown
5617e9d7c9
Fix array_values call
2020-06-09 19:06:08 -04:00
Brown
286a8f911a
Add support for static mixin calls
...
Fixes #3552
2020-06-09 18:39:52 -04:00
Andrei Petre
2eb0d34696
Fix #3521 - Add --set-baseline filename to --config file if present ( #3547 )
2020-06-09 09:18:52 -04:00
Joe Hoyle
b9311f62fb
Support global functions in getSymbolInformation and getSymbolLocation ( #3477 )
...
* Support global functions in getSymbolInformation and getSymbolLocation
Currently codebase-wide defined function are not found in `Codebase::getSymbolLocation` or `Codebase::getSymbolInformation`. This means hovers via the LSP on functions not in the current file, or "go to definition" do not work for non-locally defined functions.
It looks to me that this might have been an oversight, as methods do support this.
For stubbed functions, "go to definition" will open the stub file, which is also quite hadny.
* No need to catch expections, they are already in a try block.
* Add empty checks returning null
Co-authored-by: Matthew Brown <github@muglug.com>
2020-06-08 11:20:54 -04:00
Brown
a6c0991073
Fix #3532 - expand type alias types recursively
2020-06-07 12:01:04 -04:00
Matthew Brown
91e76f7173
Fix #3536 - Make method return type provider aware of original called method
2020-06-06 23:35:08 -04:00
Matthew Brown
0ac739fd48
Fix #3534 - allow magic method call on mixin
2020-06-06 23:28:32 -04:00
Matthew Brown
739d23e5f0
Use alias
2020-06-06 23:27:25 -04:00
Matthew Brown
3d7288afcb
Fix #3529 - static intersected with itself is static
2020-06-06 20:10:50 -04:00
Matthew Brown
ce445636e7
Fix #3535 - match template param class constants properly
2020-06-06 20:02:14 -04:00
Matthew Brown
74a34f066c
Don’t check classes if literal strings are allowed
...
Fixes #3538
2020-06-06 19:31:42 -04:00
Brown
4f87cca55b
Fix #3537 - improve parsing for @mixin annotations
2020-06-06 18:15:24 -04:00
Matthew Brown
243c09de37
Make property protected
2020-06-06 12:24:16 -04:00
Brown
fcf0a681d9
Fix #3531 - ignore mixed returns from template
2020-06-06 10:33:49 -04:00
Brown
438eb17e58
Fix #3367 - ensure --diff works after second run, not third
2020-06-05 12:09:38 -04:00
Brown
cf92361338
Fix #3522 - only use property pass-through when it’s visible
2020-06-04 16:15:07 -04:00
Brown
a4aa44494f
Fix #3519 - prevent empty callable string
2020-06-04 15:40:53 -04:00
Šimon Podlipský
596213c2c3
Make ext-ds to array return list<V> ( #3520 )
2020-06-04 09:56:00 -04:00
Matthew Brown
c9ee691595
Fix suppression
2020-06-04 09:55:32 -04:00
Brown
5c80dc3299
Fix #3515 - add merge method to Vector
2020-06-03 16:50:01 -04:00
Brown
fd74d3284d
Add support for PHPParser 4.5.0
2020-06-03 14:58:08 -04:00
LeSuisse
1f8dc26d1d
Fix signatures of stream_filter_append and stream_filter_prepend ( #3514 )
...
filterparams is not restricted to an array, it is perfectly to pass a
class or any other value.
See https://github.com/php/php-src/blob/php-7.4.6/ext/standard/streamsfuncs.c#L1171
2020-06-03 12:50:40 -04:00
Brown
7caaa64825
Fix #3418 - don’t override with send type when @psalm-yield is given
2020-06-02 13:27:17 -04:00
Brown
4d149de764
Fix #3506 - prevent black classes in throws check
2020-06-01 14:56:27 -04:00
Markus Staab
efcc28be02
Fixed mysql::$insert_id type ( #3496 )
...
* Fixed mysql::$insert_id type
* Update PropertyMap.php
* Update src/Psalm/Internal/PropertyMap.php
2020-05-31 18:53:30 -04:00
Brown
be8fd3ea19
Fix #3481 - treat an iterable like a Traversable when comparing to object
2020-05-31 01:22:43 -04:00
Brown
86b894eca5
Treat iterables as traversable when comparing to named object
2020-05-31 00:55:45 -04:00
Brown
c1d8912a9b
Bust cache more
2020-05-30 19:11:57 -04:00
Brown
4e21e54ee1
Fix #3491 - provide correct types for substitution
2020-05-30 19:11:41 -04:00
Markus Staab
0e298a6f13
Removed unexisting property mysqli::stat ( #3501 )
2020-05-30 17:03:04 -04:00
orklah
76f5def268
Use scandir and glob flags to reduce their performance impact ( #3499 )
...
* Use scandir and glob flags to reduce their performance impact
* Order seem to impact Tests here
2020-05-30 17:02:35 -04:00
Markus Staab
f24d7abcd9
Made mysqli_warning::$sqlstate a string ( #3497 )
2020-05-30 17:01:20 -04:00
orklah
428beb21fb
Improve stubs for str_replace and preg_replace ( #3495 )
...
* expand accepted values for str_replace and preg_replace. Make return conditional based on type of $subject
* Remove int|float from str_replace/preg_replace
Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-30 16:59:18 -04:00
orklah
51bf7f38de
Fix #3438 ( #3494 )
2020-05-30 16:55:55 -04:00
El Azimov
bed5a74065
Add wildcard support for class constants in template. ( #3489 )
...
Co-authored-by: El Azimov <el.azimov@rocks>
2020-05-30 16:55:18 -04:00
orklah
1621a9f3ea
Add checks for duplicated params and returns ( #3487 )
2020-05-30 16:54:16 -04:00
orklah
062db0ffcf
Fix #3437 ( #3493 )
2020-05-30 14:38:12 -04:00
Brown
db67be5965
Fix #3483 - analyse variable static property access properly
2020-05-29 09:28:34 -04:00
Brown
235704ad49
Fix #3484 - use better method to determine constant existence in wildcard checks
2020-05-29 09:09:59 -04:00
Matthew Brown
73797f7498
Add more default sinks
2020-05-29 00:24:07 -04:00
Brown
30907f0269
Clean up comment parsing
2020-05-28 22:14:41 -04:00
Brown
b932163d5d
Make parser a little cleaner
2020-05-28 14:31:17 -04:00
feek
5330dcbd7a
fix: pass along final ( #3471 )
2020-05-28 01:59:24 -04:00
still-dreaming-1
1bb884bd84
__TRAIT__ can be string or non-empty-string ( #3469 )
...
depending on whether or not it is used from inside a __TRAIT__
2020-05-27 19:23:46 -04:00
still-dreaming-1
9189335715
Fixes #3464 by typing __DIR__, __TRAIT__, and __FILE__ as non-empty-s… ( #3468 )
...
* Fixes #3464 by typing __DIR__, __TRAIT__, and __FILE__ as non-empty-string
* __TRAIT__ should stay string in case used outside a trait
Co-authored-by: <jesse@LAPTOP-73CA4O5T.localdomain>
2020-05-27 18:21:26 -04:00
Brown
3c60609c21
Support better mixin handling
2020-05-27 11:12:09 -04:00
Brown
203ed6d94f
Remove newline
2020-05-27 09:29:30 -04:00
Brown
9b413cfccc
Improved understanding of array_key_exists
...
Fixes #3463
2020-05-27 09:03:36 -04:00
Brown
b9ea115487
Support string class_alias calls with leading backslash
...
Fixes #3465
2020-05-27 08:14:47 -04:00
Brown
ef53ee3a3b
Fix crash on aliased exception
...
Ref #3465
2020-05-27 08:09:58 -04:00
Brown
769ac5c052
Fix #3458 - scope templated mixin accurately
2020-05-26 23:32:07 -04:00
Brown
d04e21ee5a
Define mixin declaring classname
2020-05-26 23:32:07 -04:00
still-dreaming-1
700b5dda02
Fix #3461 by removing file from issues after removing last issue ( #3462 )
2020-05-26 22:52:36 -04:00
Brown
b4855b3ecd
Catch errors during yield annotation tokenisation
...
Fixes #3430
2020-05-26 17:57:55 -04:00
Brown
3da3d61270
Fix #3434 by removing extraneous call to simplifyType
2020-05-26 17:55:54 -04:00
Brown
0ef00f5756
Fix #3460 - allow isset checks on static properties
2020-05-26 17:40:27 -04:00
Brown
f0a5bd74b6
Detect never-return statement same as a throw
2020-05-26 15:02:23 -04:00
Brown
a2b6326a84
Change specialize-call to taint-specialize
2020-05-26 14:18:43 -04:00
Brown
ecb179c784
Migrate min/max function calls back to CallMap
2020-05-26 12:28:56 -04:00
Brown
a266d4748b
Fix build
2020-05-26 07:50:11 -04:00
Brown
953be61cf2
Allow limiting connected taint paths
2020-05-25 23:28:11 -04:00
Brown
7e7456c863
Make taint checks more thorough
2020-05-25 17:10:53 -04:00
Brown
2e6fc24867
Template callmap methods too
...
Fixes #3453
2020-05-25 14:21:06 -04:00
Brown
118b700436
Simplify sink mapping for internal calls
2020-05-25 13:10:06 -04:00
Brown
109920be88
Expand template param before comparison
2020-05-25 11:51:10 -04:00
Brown
be847472a2
Fix #3453 - allow conditional return types on instance methods
2020-05-25 09:39:30 -04:00
Brown
3416e33348
Fix indentation
2020-05-25 01:23:28 -04:00
Brown
240b2f898c
Add some negative test cases for @mixin
...
Also fix #3452
2020-05-25 00:19:52 -04:00
Matthew Brown
806db80d63
Fix #3440 - literal string doesn’t contain numeric-string
2020-05-24 22:42:08 -04:00
Brown
ff5c17c044
Switch subtype messagearg order
2020-05-24 09:43:54 -04:00
orklah
72435757ea
Add false to possible parse_url return types ( #3359 ) ( #3445 )
...
* Add false to possible parse_url return types (#3359 )
* fix test
2020-05-24 09:19:58 -04:00
Brown
92a9a7efdf
Handle flows into arguments a little better
2020-05-23 23:54:16 -04:00
Matthew Brown
1d17c02fba
Fix #3442 - support broader type after initial array assignment
2020-05-23 23:23:50 -04:00
Matthew Brown
15e753e279
Fix #3443 - add InvalidDocblock issue for @psalm-assert Foo|!Bar
2020-05-23 22:52:21 -04:00
Brown
a198b09eb7
Add intermediary concat op node
2020-05-23 21:38:09 -04:00
Brown
f5a0622ad2
Fix style
2020-05-23 08:06:31 -04:00
Matthew Brown
0dee85d0b7
Remove redundancy
2020-05-23 01:48:56 -04:00
Brown
16af6a5773
Improve concat taint propagation
2020-05-23 01:11:16 -04:00
Brown
ee493909d7
Fix bugs
2020-05-23 00:08:16 -04:00
Brown
10c106f7eb
Add eval sink
2020-05-23 00:03:29 -04:00
Brown
dc73e25157
Detect taints in include calls
2020-05-22 23:53:37 -04:00
Brown
e72288c85f
Don’t error on badly-formatted taint annotation
2020-05-22 22:38:03 -04:00
Brown
e82c317d53
Adjust tolerances
2020-05-22 21:37:18 -04:00
Brown
fb3cb2c4d1
Only use plain return type if we’re not memoizing
2020-05-22 17:05:39 -04:00
Brown
bbc30a1747
Only recreate taints if non-null
2020-05-22 16:55:36 -04:00
Brown
4b1c3db760
Don’t memoize method call where we have a getter standin
...
Fixes #3427
2020-05-22 15:54:32 -04:00
Brown
4010129e96
Fix #3420 - add ds\vector::toArray method
2020-05-22 15:26:19 -04:00
Brown
0cb211784d
Fix #3415 - flesh out Closure return type
2020-05-22 14:26:37 -04:00
Brown
27a009fd69
Fix #3417 - Treat $this as static-y
2020-05-22 13:32:26 -04:00
Brown
bebfac0ab6
Fix #3426 - allow falsy reconciliation for templated params
2020-05-22 13:16:48 -04:00
Brown
1b84fc2c12
Fix #3419 - don’t add null to return type when template/conditional return is used
2020-05-22 12:44:19 -04:00
Brown
8632cdb3cd
Improve taint tracking during scanning phase
2020-05-22 12:33:48 -04:00
Brown
63c3678ae5
Improve property location resolution
2020-05-22 12:33:38 -04:00
Matthew Brown
187b944680
Add faster taint analysis
2020-05-22 12:33:29 -04:00
Matthew Brown
6784a90b2f
Fix #3423 - allow conditional with func_num_args() in namespace
2020-05-21 11:29:54 -04:00
Joe Hoyle
6f28d741bc
Display variable assignment type in LSP hovers ( #3401 )
...
* Add node references for variable assignments
* Break up line
Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-20 17:40:22 -04:00
Matthew Brown
3effdc5b69
Improve yield type substitution
2020-05-20 09:12:24 -04:00
Matthew Brown
2d02064962
Fix #3407 - allow multiple matching generic classes in union
2020-05-20 09:11:17 -04:00
Jáchym Toušek
8855b6c1d9
Fix Ds\Map methods ( #3412 )
2020-05-20 07:27:25 -04:00
Brown
2ec76f01c2
Fix redundant condition
2020-05-19 20:11:25 -04:00
Brown
27cb660377
Respect possibly-undefined array keys while merging
...
Fixes #3393
2020-05-19 20:10:01 -04:00
Brown
a4141a7581
Fix #3327 - convert void to null when comparing conditional type with nullable
2020-05-19 19:48:11 -04:00
Brown
f335560b69
Allow setting property on templated type
2020-05-19 17:31:05 -04:00
Brown
6ec5763847
Filter out traversable possibly-mixed too
2020-05-19 16:26:00 -04:00
Brown
a3214012a6
Only convert userland functions
2020-05-19 16:15:41 -04:00
Brown
baeb86ca8f
Fix #3403 - remove possibly-mixed key
2020-05-19 16:12:37 -04:00
Brown
4415e0f69c
Fix special case calling callable param with string non-global function
...
Fixes #3411
2020-05-19 15:48:31 -04:00
Matthew Brown
777b6e8d91
Simplify conditional
2020-05-19 15:07:30 -04:00
Brown
b5ae0167a2
Fix typo
2020-05-19 14:58:53 -04:00
Brown
b38d945b12
Cast null and false to empty string
...
Ref #3408
2020-05-19 14:53:06 -04:00
Brown
8becefda04
Forbid :: in object-like key name
...
Ref #3399
2020-05-19 14:38:46 -04:00
Šimon Podlipský
dc82243edc
Add RdKafka:flush() to CallMap ( #3410 )
2020-05-19 12:56:58 -04:00
Brown
0b2da18f1e
Break up StatementsAnalyzer
2020-05-19 12:56:30 -04:00
Joe Hoyle
588be3b269
Fix getSymbolInformation() for symbols containing ":" ( #3400 )
...
Currently a Symbol like `10-15:array{foo: string}` will return ` string}`, as the regex does not specify a string-start caret.
2020-05-19 10:15:13 -04:00
Šimon Podlipský
47cf69ded1
Fix RdKafka maps ( #3404 )
...
Resolves #3388
2020-05-19 10:13:25 -04:00
Brown
666cc3b4c9
Fix BinaryOp analysis
2020-05-18 23:00:53 -04:00
Brown
8e5b330c5a
Break apart CallAnalyzer
2020-05-18 22:57:00 -04:00
Brown
5b06c206e0
Move classes into deeper namespace
2020-05-18 22:52:33 -04:00
Brown
ace049a068
Beautify BinaryOpAnalyzer
2020-05-18 18:57:09 -04:00
orklah
478bb267d8
stubs for array_sum ( #3395 )
2020-05-18 17:23:21 -04:00
Brown
8c86d47eb7
Downgrade some PossiblyInvalidClone
issues
2020-05-18 17:18:13 -04:00
Brown
4ca83ca30d
Add slash
2020-05-18 17:05:47 -04:00
Brown
3a582dde8d
Allow merging of numeric-string and literal string
2020-05-18 16:57:16 -04:00
Brown
2312523318
Support merging of numeric-string with literal
2020-05-18 16:56:09 -04:00
Brown
b62f646388
Fix #3391 - move_uploaded_file mutates
2020-05-18 16:26:08 -04:00
Evgeniy
04a576708c
Correct analyze clone expression ( #3382 )
...
* Correct analyze clone, add PossibleInvalidClone issue type
* Infer mixed type when possible incorrect clone
* Remove unused variable
2020-05-18 16:22:50 -04:00
feek
d60ece752c
chore: mark as lowercase string ( #3392 )
2020-05-18 16:02:46 -04:00
Brown
ea0a99d3a8
Fix bad merge
2020-05-18 16:02:10 -04:00
Brown
5ee1487a01
Make ExpressionAnalyzer more beautiful
2020-05-18 15:13:27 -04:00
SignpostMarv
911ac2d363
Infer numeric-string from (string)$numeric ( #3390 )
...
* adding test for vimeo/psalm#3370
* check if typecast will result in numeric-string
* int & float as per examples in vimeo/psalm#3370
* numeric & numeric-string because they shouldn't lose numericness.
* satisfy phpcs
* adjusting assertions to reflect typecasting change
2020-05-18 13:42:47 -04:00
Brown
21798efed2
Fix #3388 - eliminate null after < 0 check
2020-05-18 08:52:44 -04:00
Mark Sch
9aa46221f6
Use pretty print for JSON reporting. ( #3364 )
...
* Use pretty print for JSON reporting.
* Use pretty print for JSON reporting.
* Use pretty-print option on CLI for BC.
* Change static:: const to self::
Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-18 08:40:20 -04:00
orklah
3e7f5df7e1
Solve more cases when docblock rendering is not needed ( #3387 )
2020-05-18 07:16:18 -04:00
Matthew Brown
b0ffaf0077
Fix type coercion
2020-05-17 22:51:48 -04:00
Matthew Brown
3ecef8bee7
Fix #3386 - non-empty-array = non-empty-array<array-key, mixed>
2020-05-17 22:49:20 -04:00
RJ Garcia
fd15bfc65d
Infer Return Types for Arrow Functions #3376 ( #3385 )
...
* Infer Return Types for Arrow Functions #3376
- Made a small patch to check for closure or arrow
function when attempting to infer the functions
params
- Added new isExprClosureLike to start to consolidate
all checks on closure/arrow fns
Signed-off-by: RJ Garcia <ragboyjr@icloud.com>
* Use better check
* Remove unused method
Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-17 22:17:35 -04:00
orklah
dd4927a14c
Avoid regenerating docblock when no modification is made ( #3374 )
...
* Avoid regenerating docblock when no modification is made
* Generate empty docblock before, in case there was no docblock at all
2020-05-16 16:44:47 -04:00
Jefersson Nathan
f824cc380a
Add more test case scenario for @psalm-import-type ( #3375 )
...
* Add test case scenario for @psalm-import-type
Signed-off-by: Jefersson Nathan <malukenho.dev@gmail.com>
* Add fix for @psalm-import-type test
Signed-off-by: Jefersson Nathan <malukenho.dev@gmail.com>
* Add test for import ocross namespaces
Signed-off-by: Jefersson Nathan <malukenho.dev@gmail.com>
* Add tests for failing cases
Signed-off-by: Jefersson Nathan <malukenho.dev@gmail.com>
2020-05-16 16:43:35 -04:00
Matthew Brown
4dd0a2b775
Fix #3380 - allow comparisons between template param and empty array
2020-05-16 16:41:07 -04:00
Matthew Brown
f6342a40d9
Remove unnecesary conditional check for do
...
Fixes #3378
2020-05-16 16:32:36 -04:00
Nobu Funaki
abef8008bc
Fix InvalidCast after is_callable([$val, '__toString']) check ( #3372 )
...
Support is_callable() with an array argument similar to method_exists()
2020-05-16 08:50:43 -04:00
Brown
e7db21fd44
Fix type method
2020-05-15 16:23:50 -04:00
Brown
c62e08a88e
Support intersection of type aliases
2020-05-15 16:18:52 -04:00
Brown
111303d913
Add non-empty-lowercase-string type
2020-05-15 10:18:05 -04:00
Brown
013467dc0e
Add reference to ensure proper hydration
2020-05-15 00:31:55 -04:00
Brown
0086eb25a2
Remove duplicate types with @psalm-import-type
2020-05-15 00:16:20 -04:00
Brown
2d92943625
Add support for expansion of type aliases
2020-05-15 00:15:48 -04:00
Brown
9f3f7bb946
Consolidate ThreadData types
2020-05-14 23:44:22 -04:00
Brown
c212c03e40
Don’t stop analysing when encountering an UndefinedGlobalVariable
...
Fixes #3366
2020-05-14 22:51:51 -04:00
Brown
ae48c1895f
Fix #3365 - add support for negated empty string checks
2020-05-14 22:09:37 -04:00
Brown
48504aa88c
Pass through typa aliases where appropriate
2020-05-14 00:48:58 -04:00
Brown
006c6e09f1
Add more details to type alias creation
2020-05-14 00:41:50 -04:00
Brown
2327a0db6b
Add TTypeAlias object with a creation path
2020-05-13 19:49:03 -04:00
Brown
190c9ce27e
Use TypeAlias object to allow future extension
2020-05-13 19:29:59 -04:00
Brown
0fc3398631
Move parsing methods into internal namespace
2020-05-13 19:12:45 -04:00
Brown
2af0a17d03
Fix #3236 - allow use-checking of more methods starting with __
2020-05-12 22:39:26 -04:00
Markus Staab
3f3a2267ea
send php native warnings/errors/notices on stderr instead of stdout ( #3355 )
2020-05-12 20:44:09 -04:00
Matthew Brown
8c236f411a
Fix #3353 - allow extending nested when nested as type is mixed
2020-05-12 15:07:16 -04:00
Brown
3e58163180
Prevent empty function id
...
Ref #3354
2020-05-12 12:54:06 -04:00
Brown
d8cd30b34a
Fix #3340 - catch more errors in @method type parsing
2020-05-11 18:39:07 -04:00
Brown
0d5d7c8938
Add null check
2020-05-11 11:56:07 -04:00
Brown
291018034b
Remove unnecessary PHP code
2020-05-11 11:36:50 -04:00
Brown
3554aa4435
Fix crash newly introduced
2020-05-11 09:34:07 -04:00
Brown
813302206a
Improve rendering of tuples
2020-05-11 09:08:53 -04:00
Brown
8bfe91787d
Add the is_list flag to object-like tuples
2020-05-11 08:33:05 -04:00
Brown
eefd2e743b
Use generic function definition for sscanf
...
cc @villfa
2020-05-10 23:58:51 -04:00