1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 10:57:08 +01:00
Commit Graph

47 Commits

Author SHA1 Message Date
Oliver Hader
38d3b15f8d
[BUGFIX] Specialize TaintSink in IncludeAnalyzer (#5986)
* [TEST] Assert more details in TaintTest

* [TEST] Add test for multiple tainted includes

* [BUGFIX] Specialize TaintSink in IncludeAnalyzer

Fixes: #5986
2021-06-23 08:27:03 -04:00
Bruce Weirdan
6abce3525a
Enforce use sort (#5900) 2021-06-07 22:55:21 -04:00
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. (#5398)
* Added event to prevent tainting.

* Remove optional codebase parameter.

* Removed falsy check for codebase.

* Use two separate hooks for adding and removing taints

* Add slashes

* Update add/remove taint test name.

* Cleaned up SafeArrayKeyChecker example plugin.

* Added more AddRemoveTaintsEvent calls to codebase.

* Fix type check error with $added_taints param.

* Added AddRemoveTaintsEvent to remaining classes.

* Fix post-merge error.

* Add comma

* Remove $int_offset that never existed

Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
Tyson Andre
00b42bf4f7
Check if included files are listed in mustBeIgnored (#4911)
Previously, when a file was included in `include()`, it was not subject
to ignoreFiles

Related to #4876
2020-12-29 14:05:17 +00:00
orklah
8974da5610
preserve analyzers until the end of file (#4834)
* preserve analyzers until the end of file

* remove unused variable
2020-12-13 01:17:13 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
724b25b918 Change control_flow_graph to data_flow_graph 2020-10-13 17:28:12 -04:00
Matt Brown
516141a380 Rename ControlFlowGraph to more appropriate DataFlowGraph 2020-10-13 16:49:03 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211)
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
2020-09-19 18:26:51 -04:00
orklah
8c7423505a
add native param types (#4137)
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
2020-09-06 19:36:47 -04:00
orklah
f66d57f19d
add native return types (#4116)
* add native return types

* remove redundant phpdoc
2020-09-04 16:26:33 -04:00
Matthew Brown
ef0486ce35 Add some pure annotations 2020-08-23 13:52:31 -04:00
Brown
ae7c5b095b Fix #3712 - allow taints to be suppressed with @psalm-suppress 2020-07-01 23:23:45 -04:00
Brown
dddc159694 Add explicit path object 2020-06-22 02:10:03 -04:00
Brown
49f0592794 Improve tracking of array taints 2020-06-18 18:48:19 -04:00
Matthew Brown
edb2b4c5ef Get type of requires 2020-06-13 15:48:12 -04:00
Brown
953be61cf2 Allow limiting connected taint paths 2020-05-25 23:28:11 -04:00
Brown
118b700436 Simplify sink mapping for internal calls 2020-05-25 13:10:06 -04:00
Brown
ee493909d7 Fix bugs 2020-05-23 00:08:16 -04:00
Brown
dc73e25157 Detect taints in include calls 2020-05-22 23:53:37 -04:00
Brown
5ee1487a01 Make ExpressionAnalyzer more beautiful 2020-05-18 15:13:27 -04:00
Matthew Brown
309a229db1 Add codes to all issues 2020-03-17 09:19:47 -04:00
Philip Hofstetter
d315822bfa make skipping of checks after invalid includes configurable
as suggested in the PR it's best to make the setting configurable.

In order not to break existing installations, we default to keeping the
old behaviour, but in a later version of psalm, we might change the
default.
2020-02-27 18:49:23 -05:00
Philip Hofstetter
f2277ebb6d don't disable checks when includes can't be resolved
Any unresolvable include (even suppressed ones) would lead to some
subsequent tests being disabled as a side-effect.

this fixes #2817
2020-02-27 18:49:23 -05:00
Brown
0bcb7863f3 Use better system for storing inferred types and assertions 2019-11-25 11:44:54 -05:00
Brown
b5614d03f8 Add detection for unused function calls 2019-08-13 13:15:23 -04:00
Matthew Brown
ea1f9874fb Remove more memory leaks 2019-08-02 01:55:24 -04:00
Matthew Brown
3d4adee6b3 Reduce with / before converting back 2019-07-21 11:03:02 -04:00
Brown
1208437b4c Fix #1940 - allow proper evaluation of /a/b/../../ 2019-07-12 14:28:21 -04:00
LeSuisse
f29826b958 Fully qualify constants and function calls (#1849)
This should give a small performance boost.
Part of #1837.

The change is enforced via phpcs and can be autofixed
with phpcbf.
2019-06-26 16:52:29 -04:00
Ilija Tovilo
5a14e4b1cf Progress bar (#1709)
* Revert "Revert "Implement better progress""

This reverts commit 4302596654.

* Revert "Revert "Implement dots progress bar""

This reverts commit e41733d789.

* Revert "Revert "Switch to VoidProgress by default""

This reverts commit 304ffeb0a3.

* Revert "Revert "Pass success flag to progress""

This reverts commit 62a690ee4e.

* Improve socket communication

* Use an underscore

* Add means to disable progress

* Add extra newline before progress bar
2019-05-30 10:30:41 -04:00
Matthew Brown
4302596654 Revert "Implement better progress"
This reverts commit 042070d0fd.
2019-05-27 13:07:02 -04:00
Ilija Tovilo
042070d0fd Implement better progress 2019-05-26 23:18:48 -04:00
Brown
21b1c04c1d Fix #1526 - ignore files if they weren’t picked up in scanning step 2019-04-03 10:43:48 -04:00
Matthew Brown
8650f9eb1a Fix #1356 - improve assertion system to work better on function calls 2019-02-26 01:03:33 -05:00
Matthew Brown
b32000fa05 Fix #689 - add checks for @internal annotations 2018-12-01 18:37:49 -05:00
Matthew Brown
0f90309819 Do all normalisation on / before conversion to \ 2018-11-18 17:18:05 -05:00
Matthew Brown
fa2e7f1f70 More finagling of windows file names 2018-11-18 17:06:11 -05:00
Matthew Brown
2a3c3ed223 Fix #1071 - improve resolution of include paths 2018-11-18 16:53:46 -05:00
Matthew Brown
4d79b61e93 Change _checker to _analyzer 2018-11-12 11:20:59 -05:00
Matthew Brown
4688b25fd9 Move internal classes to own namespace 2018-11-12 11:20:59 -05:00