orklah
870ee4ff93
->args to ->getArgs
2021-10-09 23:37:04 +02:00
Matt Brown
67d68a5dc0
Use more accurate variable name
2021-06-25 09:54:39 -04:00
Bruce Weirdan
6abce3525a
Enforce use
sort ( #5900 )
2021-06-07 22:55:21 -04:00
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. ( #5398 )
...
* Added event to prevent tainting.
* Remove optional codebase parameter.
* Removed falsy check for codebase.
* Use two separate hooks for adding and removing taints
* Add slashes
* Update add/remove taint test name.
* Cleaned up SafeArrayKeyChecker example plugin.
* Added more AddRemoveTaintsEvent calls to codebase.
* Fix type check error with $added_taints param.
* Added AddRemoveTaintsEvent to remaining classes.
* Fix post-merge error.
* Add comma
* Remove $int_offset that never existed
Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" ( #4680 )
...
* A <=> operator has a literal type of -1|0|1 and not simply int
* Test to verify inferred type of $a <=> $b is -1|0|1
2020-11-23 13:10:51 -05:00
Matt Brown
724b25b918
Change control_flow_graph to data_flow_graph
2020-10-13 17:28:12 -04:00
Matt Brown
516141a380
Rename ControlFlowGraph to more appropriate DataFlowGraph
2020-10-13 16:49:03 -04:00
Matt Brown
14efde286f
4.x - refactor unused variable detection
...
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Brown
19f88a2e31
Add improvements from unused variable checks
2020-09-28 00:45:02 -04:00
Brown
56cddd16bf
Rename TaintGraph to ControlFlowGraph because it’s about to do more
2020-09-20 23:59:52 -04:00
Brown
0f6a271858
Improve file-based suppression of taints
2020-09-20 19:37:25 -04:00
Brown
2968b3b065
Add to StatementsAnalyzer taint object instead of Context
2020-09-20 18:42:21 -04:00
Brown
abb9502921
Rename Taint object to TaintGraph
2020-09-20 18:27:02 -04:00
Brown
eda426a594
Improve unique issue solution
2020-09-10 22:54:30 -04:00
Brown
efe143a396
Fix #4077 - always track closure purity
2020-08-28 12:42:55 -04:00
Brown
4e10a0ed6f
Fix #4036 - add immutable annotations automatically too
2020-08-24 19:29:00 -04:00
Brown
67f9adb33c
Allow adding pure annotations to functions
...
Ref #4036
2020-08-23 10:28:26 -04:00
Brown
a8c0d81dc1
Prevent bool > 1 in strict mode
2020-07-30 11:25:47 -04:00
Brown
cb979262c7
Add slash
2020-07-24 10:51:04 -04:00
Matthew Brown
84945a7d1b
Fix #3877 - prevent impossible subtr comparisons
2020-07-24 10:08:57 -04:00
Brown
ae7c5b095b
Fix #3712 - allow taints to be suppressed with @psalm-suppress
2020-07-01 23:23:45 -04:00
Brown
49f0592794
Improve tracking of array taints
2020-06-18 18:48:19 -04:00
Brown
f609a01497
Move static property fetch analyzer to own class
2020-06-18 11:53:24 -04:00
Brown
953be61cf2
Allow limiting connected taint paths
2020-05-25 23:28:11 -04:00
Brown
a198b09eb7
Add intermediary concat op node
2020-05-23 21:38:09 -04:00
Brown
f5a0622ad2
Fix style
2020-05-23 08:06:31 -04:00
Matthew Brown
0dee85d0b7
Remove redundancy
2020-05-23 01:48:56 -04:00
Brown
16af6a5773
Improve concat taint propagation
2020-05-23 01:11:16 -04:00
Brown
e82c317d53
Adjust tolerances
2020-05-22 21:37:18 -04:00
Brown
666cc3b4c9
Fix BinaryOp analysis
2020-05-18 23:00:53 -04:00
Brown
8e5b330c5a
Break apart CallAnalyzer
2020-05-18 22:57:00 -04:00
Brown
ace049a068
Beautify BinaryOpAnalyzer
2020-05-18 18:57:09 -04:00
Brown
5ee1487a01
Make ExpressionAnalyzer more beautiful
2020-05-18 15:13:27 -04:00
Brown
111303d913
Add non-empty-lowercase-string type
2020-05-15 10:18:05 -04:00
Brown
2af0a17d03
Fix #3236 - allow use-checking of more methods starting with __
2020-05-12 22:39:26 -04:00
Matthew Brown
1b2017e4f4
Add slash
2020-03-29 10:44:38 -04:00
Matthew Brown
0e919a0696
Allow arithmetic on simple templated types
2020-03-29 10:34:46 -04:00
Matthew Brown
47c1470e3b
Refactor reference checks to use more appropriate properties
2020-03-28 16:30:56 -04:00
Matthew Brown
bfb919d26a
Break out methods into their own classes
2020-03-11 23:04:52 -04:00
Brown
0a8bb32115
Fix #2866 - prevent use of impure __toString via concatenation in pure contexts
2020-02-24 14:50:34 -05:00
Matthew Brown
f1a9b73a78
Fix message
2020-02-23 18:24:43 -05:00
Matthew Brown
ed4f4e35b8
Fix null checks
2020-02-23 18:20:59 -05:00
Matthew Brown
41e076e0ee
Fix bad
2020-02-23 18:19:53 -05:00
Matthew Brown
618ae77846
Prevent implicit __toString method calls in a pure context
2020-02-23 18:18:25 -05:00
Matthew Brown
3efe271819
Remove blank line
2020-02-13 18:36:37 -05:00
Brown
bc0ccbda99
Add better inference for lower-cased methods
2020-02-13 17:30:00 -05:00
Brown
0ffb833bf3
Fix #2677 - use better assertion for null coalesce
2020-01-23 14:52:35 -05:00
Matthew Brown
c3edbdbc19
Allow checking $_SESSION for null without altering type
2020-01-14 21:51:04 -05:00
Brown
0f6b61d62d
Clone isset type before contradicting
2020-01-14 18:28:32 -05:00
Matthew Brown
e1daf26202
Improve support for null coalesce checks
2020-01-14 00:53:38 -05:00