1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 19:07:00 +01:00
Commit Graph

1332 Commits

Author SHA1 Message Date
Matt Brown
c2108e89db Warn about impossible/redundant conditions in RHS of || 2020-10-07 17:04:01 -04:00
Matt Brown
595b8178e0 Improve error message 2020-10-07 15:36:31 -04:00
Matt Brown
54ec83c5ee Use better locations for errors 2020-10-07 13:53:35 -04:00
Matt Brown
639ae61284 Always check LHS of or condition before applying to RHS 2020-10-07 13:40:09 -04:00
feek
8d2db4e673
feature: universal object crates (#3948)
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
2020-10-07 09:56:21 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
fb604bfacb 4.x - move class constants into their own storage object 2020-10-05 09:50:32 -04:00
Matt Brown
ea47548dd0 4.x - Prevent AfterFunctionCallAnalysisInterface from rewriting return types 2020-10-04 23:39:20 -04:00
Matt Brown
939297484c 4.x - rename TFn to TClosure 2020-10-04 23:32:01 -04:00
Matt Brown
127e66df65 Elevate trait mismatch issues in PHP 8.0 2020-10-03 22:59:43 -04:00
Matt Brown
1a11897849 4.x - add support for the nullsafe operator 2020-10-03 20:21:52 -04:00
Matt Brown
6a91c2f70e Fix @no-named-arguments more 2020-10-02 21:09:37 -04:00
Matt Brown
009b33b17d Support @no-named-args when calling in PHP 8 2020-10-02 20:58:51 -04:00
Matt Brown
5a94043a7f Unbreak gettype support 2020-10-02 20:33:35 -04:00
Matt Brown
63a11bae15 4.x - Support named arguments
Ref #4089
2020-10-02 20:27:01 -04:00
Matt Brown
5bcd1bbb75 4.x - add support for get_debug_type function
Ref #4089
2020-10-02 19:15:47 -04:00
Matt Brown
74934ffdbb 4.x - rename GetClassT to TDependentGetClass 2020-10-02 18:47:23 -04:00
Matt Brown
c9e47450a7 Fix #4266 - prevent OOM when analysing closure unioned with invokable class 2020-10-02 00:47:42 -04:00
Matt Brown
fc001cdf65 Treat func_get_args as using function params 2020-09-30 13:08:01 -04:00
Matt Brown
14efde286f 4.x - refactor unused variable detection
This turns unused variable detection into an explicit control-flow problem, where before we had a more simplistic mark-and-sweep algorithm
2020-09-30 12:28:13 -04:00
Brown
19f88a2e31 Add improvements from unused variable checks 2020-09-28 00:45:02 -04:00
Brown
da65a4327f Move taint graph functionality into its own object 2020-09-25 00:37:40 -04:00
orklah
83ca918824
preg_split can't take null in limit (#4236)
* preg_split can't take null in limit

* fix wrong type in preg_split
2020-09-22 13:46:37 -04:00
orklah
37a2f8a33d
unused use statements (#4228) 2020-09-22 01:10:46 -04:00
orklah
250fa8e42d
misc changes (#4227)
* misc changes

* misc changes
2020-09-22 00:44:31 -04:00
Brown
56cddd16bf Rename TaintGraph to ControlFlowGraph because it’s about to do more 2020-09-20 23:59:52 -04:00
Brown
0f6a271858 Improve file-based suppression of taints 2020-09-20 19:37:25 -04:00
Brown
5c23a3d7b3 Localise taint analysis better 2020-09-20 19:26:49 -04:00
Brown
2968b3b065 Add to StatementsAnalyzer taint object instead of Context 2020-09-20 18:42:21 -04:00
Brown
abb9502921 Rename Taint object to TaintGraph 2020-09-20 18:27:02 -04:00
orklah
de16308f2e
useless comparison (#4223)
* remove unused code

* fix wrong fix
2020-09-20 13:01:27 -04:00
orklah
24a38f21ce
Use array destructuring when possible (#4221)
* list usage

* fix inversion
2020-09-20 12:55:38 -04:00
orklah
1a1b88bb5e
add visibilities to constants (#4219) 2020-09-20 12:54:46 -04:00
Brown
ef3cf67f50 Fix #4198 - make analysis of class-string property assignments more robust 2020-09-20 09:18:35 -04:00
orklah
a9a364e363
Misc improvements (#4216)
* misc changes

* fix CI
2020-09-20 08:55:28 -04:00
orklah
b19f0a7034
Remove empty() and use strict comparison when safe (#4211)
* replace empty usage with stricter checks

* use strict comparison when safe

* replace is_null with === null for consistency
2020-09-19 18:26:51 -04:00
Brown
0ae436d335 Fix a couple of false-positive redundant conditions 2020-09-19 18:12:14 -04:00
orklah
191495328a
Fix errors in return types (#4189)
* FunctionLikeAnalyzer::verifyReturnType returns void

* ArrayFunctionArgumentsAnalyzer::checkArgumentsMatch returns void

* AssertionFinder::scrapeAssertions can't return null
2020-09-16 17:35:55 -04:00
Brown
dda013dc2e Only refine for matching closure union members
Ref #4136
2020-09-15 09:40:27 -04:00
Brown
77e84b3817 Fix a few more things 2020-09-13 23:28:31 -04:00
Brown
249903e18a Fix style issues 2020-09-13 21:45:07 -04:00
Brown
56bae3b587 Add check for strpos dictionaries
Ref #4070
2020-09-13 21:42:44 -04:00
orklah
da47588f91
replace return; by return null; in every non-void method, add return null; when mising, add return types, remove redundant phpdoc (#4176) 2020-09-13 16:39:06 -04:00
ygottschalk
5b0c9b1a28
added array-size max constraint to greater check (#4175)
added a few unit tests
2020-09-12 16:13:13 -04:00
Brown
09d22cb05c Fix #4169 - add appropriate bounds check 2020-09-12 11:33:26 -04:00
Toshiyuki Goto
ad437c5265
Workaround to PhpScoper group use bug in Box (#4174) 2020-09-12 11:24:40 -04:00
orklah
ead107fa9e
More return types (#4173)
* add native return types

* redundant phpdoc
2020-09-12 11:24:05 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs
Ref #4070
2020-09-10 22:54:32 -04:00
Brown
eda426a594 Improve unique issue solution 2020-09-10 22:54:30 -04:00
Brown
aaede393d4 Fix #4070 - prevent literal strpos argument 2020-09-10 18:28:34 -04:00
Brown
fe4af8ff1a Minor fixes 2020-09-07 17:22:43 -04:00
Brown
8737abf3b8 Fix real projects bug 2020-09-07 15:14:14 -04:00
Brown
88e0811cdd Fix #4136 - allow union type properly 2020-09-07 14:08:56 -04:00
Brown
d174fc6f3f Improve fix 2020-09-07 13:19:37 -04:00
Brown
afce416bfb Fix #4136 - allow inference of callabe type param in union of callables 2020-09-07 12:56:47 -04:00
Brown
f78fbbe4c9 Fix #4146 - allow null checks on Iterator::current output 2020-09-07 11:40:36 -04:00
orklah
8c7423505a
add native param types (#4137)
* add native param types

* redundant phpdoc

* add more param types and adds "?" to nullable types

* remove redundant phpdoc

* add more param types and remove redundant phpdoc

* add more param types and remove redundant phpdoc
2020-09-06 19:36:47 -04:00
Matthew Brown
422271b2cf Prevent variables named "haystack" from receiving literal strings
cc @staabm
2020-09-05 00:35:48 -04:00
Matthew Brown
3605eeee04 Support analysing preg_match_all args in reverse to infer matches type 2020-09-04 20:33:02 -04:00
Brown
4d82d3ddad Fix #4128 - improve understanding of preg_match_all 2020-09-04 18:10:14 -04:00
Brown
22fe7458d8 Break up large method 2020-09-04 17:45:22 -04:00
Brown
f4c2edf40b Fix #4132 - ignore purity of $this when checking for initialisation 2020-09-04 16:46:20 -04:00
orklah
f66d57f19d
add native return types (#4116)
* add native return types

* remove redundant phpdoc
2020-09-04 16:26:33 -04:00
Brown
68ebef2a2e Clean up immutable fix 2020-09-03 15:32:14 -04:00
Brown
8505ca2a23 Allow passing mutable object into immutable class to store reference 2020-09-03 15:28:09 -04:00
Brown
bd27e8b17b Fix #4109 - detect duplicate match condition 2020-09-02 20:08:09 -04:00
orklah
73f6fcde48
Short list syntax (#4102)
* Short list syntax

* revert unrelated CS
2020-09-02 00:17:41 -04:00
Brown
f105f6aca9 Fix Psalm errors 2020-09-01 13:21:24 -04:00
Brown
b5279cd7d4 Fix erroneous Closure::__invoke return type 2020-09-01 12:33:25 -04:00
Bruce Weirdan
ffb316a9e6
Converted MissingPropertyType to property issue (#4099)
Fixes vimeo/psalm#2200
2020-09-01 09:21:03 -04:00
Brown
4f578b42b8 Fix exhaustiveness checks for const value 2020-08-31 23:23:24 -04:00
Brown
ab063e80d7 Keep going 2020-08-31 23:11:16 -04:00
Brown
3cdb13f7ab Fix issues 2020-08-31 23:03:36 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Brown
9935f647ab Fix some magic method calls when a return type provider exists 2020-08-31 18:56:45 -04:00
Brown
940b673a36 Fix fns 2020-08-30 18:29:28 -04:00
Brown
2cbe89d55a Fix Psalm errors 2020-08-30 16:30:43 -04:00
Brown
5c043b0d41 Ignore redundant conditions inside match potentially in perpetuity? 2020-08-30 16:23:53 -04:00
Brown
54a781ad28 Support match expressions and throw expressions 2020-08-30 16:08:22 -04:00
Brown
92239add4d Add some backwards-incompatible changes for 4.x 2020-08-30 11:44:14 -04:00
Brown
c13b0efd49 Improve understanding of negated count queries 2020-08-30 11:32:01 -04:00
Brown
3ca4a576e7 Fix treatment of closure params in array_map 2020-08-29 11:10:09 -04:00
Brown
df0d426f61 Fix #4081 - better inference of positive ints 2020-08-28 16:38:50 -04:00
Brown
98ce590e9d Remove some redundant calls 2020-08-28 12:48:33 -04:00
Brown
efe143a396 Fix #4077 - always track closure purity 2020-08-28 12:42:55 -04:00
Brown
5f5ce6eb32 Fix typo 2020-08-26 18:16:12 -04:00
Brown
e64d45b644 Fix #4061 - allow indirect null comparison check 2020-08-26 17:58:01 -04:00
Saif Eddin G
5a20092fbd
add pure-callable type (#4066) 2020-08-26 16:51:22 -04:00
Brown
988e17f11d Make clause fully immutable 2020-08-26 15:35:29 -04:00
Brown
b2b329d1a9 Prevent unset on immutable properties 2020-08-26 12:18:34 -04:00
Brown
8ad1c2eeb1 Use immutable data structures for clause calculations 2020-08-26 10:41:47 -04:00
Brown
346d475f55 Create empty params by default for SplObjectStorage
Fixes #4055
2020-08-25 11:52:21 -04:00
Brown
4e10a0ed6f Fix #4036 - add immutable annotations automatically too 2020-08-24 19:29:00 -04:00
Brown
6103cf0f51 Fix ImpureVariable test 2020-08-23 22:07:02 -04:00
Brown
140d37c7ef Prevent isset on uknown property in pure function 2020-08-23 18:50:17 -04:00
Brown
10f7031080 Prevent use of $this in pure functions 2020-08-23 18:37:46 -04:00
Matthew Brown
ef0486ce35 Add some pure annotations 2020-08-23 13:52:31 -04:00
Matthew Brown
89dd5ee563 Nest new impure checks 2020-08-23 13:39:08 -04:00
Matthew Brown
9418be79cc Restrict pure annotation addition a little more 2020-08-23 13:34:32 -04:00
Matthew Brown
6a8ad1876f Static property fetching is bad 2020-08-23 13:10:47 -04:00
Brown
c8ea4b4e8b Prohibit property fetches from pure contexts except when they’re on immutable objects 2020-08-23 10:57:24 -04:00
Brown
67f9adb33c Allow adding pure annotations to functions
Ref #4036
2020-08-23 10:28:26 -04:00
Brown
ebe37392eb Fix #4019 - new static isn’t static if class is final 2020-08-18 11:25:11 -04:00
Daniel Melchior
17ed440f2e
fix #4013: prevent exception when two mixins declare methods with same name (#4018)
fixes #4013
2020-08-18 08:38:30 -04:00
Brown
42c3a703b5 Fix #3741 - detect scalar class constants in if-true assertions 2020-08-12 17:03:41 -04:00
m0003r
e81593f359
Localize types on magic properties (#3971)
* Fix #3949 - localize types on magic properties

* fix failing tests

* fix code style

Co-authored-by: m03r <m03r@m03r.net>
2020-08-10 12:45:21 -04:00
Brown
6def99d653 Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch 2020-08-10 12:26:25 -04:00
kazusuke sasezaki
90a50be9f0
quit using combineUnionTypes, when specific TSend provided. (#3966) 2020-08-09 08:26:10 -04:00
the-toster
3a1c861c43
minor: typo in message (#3960) 2020-08-08 08:08:57 -04:00
Brown
afce2dc66f Tighten up rules around instantiation a bit more 2020-08-06 10:18:55 -04:00
Matthew Brown
ccd4eaa8e7 Clarify language a little 2020-08-06 09:02:24 -04:00
Brown
bcf0df4170 Fix a bug with lowercase-string unions 2020-08-05 20:05:57 -04:00
Brown
488a899823 Fix Psalm issues 2020-08-05 19:49:09 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Brown
e0f5595307 Fix #3932 - try to get assertions of negated expression if instant negation fails 2020-08-05 16:53:30 -04:00
Daniel Melchior
fa73c7c9d9
Fix #3757 - allow multiple mixins (#3772) 2020-08-05 15:49:19 -04:00
Brown
38bfc12b98 Fix array_shift behaviour to be more accurate with lists
Fixes #3941
2020-08-05 12:43:37 -04:00
Matthew Brown
9dfdcbef31 Fix #3928 - preserve list-ness when assigning with no offset 2020-08-03 12:30:58 -04:00
Brown
bc053e5ee8 Fix #3923 - remember class name when appending array with key 2020-08-03 01:34:46 -04:00
Matthew Brown
ab64ccab88 Fix #3913 properly 2020-07-31 14:56:29 -04:00
Brown
fd4ced42a7 Don’t register new assignment inside isset expr 2020-07-31 12:44:01 -04:00
Brown
57cd21346c Fix #3914 - treat $i++ like $i = $i + 1 2020-07-31 11:26:54 -04:00
Brown
a8c0d81dc1 Prevent bool > 1 in strict mode 2020-07-30 11:25:47 -04:00
Brown
6949a34ded Put RedundantIdentityWithTrue behind a flag cc @greg0ire 2020-07-30 10:25:59 -04:00
Brown
abe91adbe7 Fix #3801 - convert static to Foo&static when @method is given 2020-07-30 09:42:23 -04:00
Brown
d9d5fdd6c9 Add more rules around positive ints 2020-07-26 18:29:17 -04:00
Brown
4a5f74c091 Add positive-int type 2020-07-26 15:51:55 -04:00
Brown
657f9db2e0 Fix bugs 2020-07-26 15:21:05 -04:00
Brown
23f5d66516 Fix #3897 - support aliasing final methods 2020-07-26 14:46:52 -04:00
Brown
eddd7b8c11 Fix #1916 - support @var docblock annotations in more places 2020-07-26 13:23:21 -04:00
Brown
e398535f9f Fix #3872 - detect namespace violations in non-methods 2020-07-26 10:42:04 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true (#3893)
Using === true on a known boolean results in the same boolean.
2020-07-25 17:27:45 -04:00
Matthew Brown
ab714a40c4 Allow binding of static to current final class
Ref #3892
2020-07-25 17:26:07 -04:00
Brown
b1e583ebed Detect concat operation on property
Ref #3870
2020-07-24 16:01:45 -04:00
Brown
3687d34a5a Detect bad class constants more explicitly 2020-07-24 15:38:56 -04:00
Brown
cb979262c7 Add slash 2020-07-24 10:51:04 -04:00
Matthew Brown
84945a7d1b Fix #3877 - prevent impossible subtr comparisons 2020-07-24 10:08:57 -04:00
Barney Laurance
ff432ff73d
Simplify error messages and implementation for internal errors (#3881)
* Use more consistent language for Internal errors

There's no meaningful distinction between something being internal and
being 'marked as internal'.

* Rename property psalm_internal to internal in all storage classes

This property holds metadata that can be set using either @internal
or @psalm-internal in docblocks

* Change types of internal properties in storage from ?string to string

Simpler type is easier to handle. Non-internal methods can be considered
to be internal to the entire universe of PHP code, i.e. that code whose
namespace starts with the empty string. It's not a special case.
2020-07-24 09:32:54 -04:00
Brown
344a732829 Warn about simple assignments 2020-07-23 02:40:35 -04:00
Barney Laurance
3bc91b9944
Fix multiple issues with @internal and @psalm-internal (#3841)
* Add passing tests for property fetch on an @internal class

I'm trying to work out why the equivilent InvalidCodeParse test is
failing for PsalmInternal

* Treat all properties of a psalm-internal class as psalm-internal

* Remove all $internal properties from storage - use psalm_internal instead

@internal can be represented as internal to the namespace root, avoiding
the need to check for both properties in storage later.

* Raise InternalClass issue when an internal class is used with e.g. instanceOf

* fix docs and tests

* Add return type declartion to code example in doc

* Don't allow class psalm-internal to overide a tighter method psalm-internal

* Break up long line

* Code style - move && from EOL to SOL

* Restore misplaced &&

* Fix code style

* Fix namespace fetching so it works

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-22 19:27:35 -04:00
Brown
983f233026 Improve unpacking 2020-07-22 00:35:18 -04:00
Brown
962265e98e Hopefully final fixes 2020-07-21 23:59:11 -04:00
Brown
7ef3d4711f Fix some more tests 2020-07-21 23:16:56 -04:00
Brown
76bd5b6278 Refactor type comparison 2020-07-21 19:40:35 -04:00
Brown
3ce5478e5e Fix what source we give the afterMethodCall analysis hook 2020-07-21 15:00:47 -04:00
Brown
ae89a71c84 Prevent false-positive comparing template to true 2020-07-21 12:59:50 -04:00
Brown
223b0619c5 Fix #3858 - support @psalm-assert falsy for abort_if expressions 2020-07-21 12:55:11 -04:00
Gregor Harlan
5212bd1f9c
Readonly: allow assignments in __unserialize (#3845) 2020-07-20 04:50:50 -04:00
Evgeniy
2c51f47ff6
Fix invalid UndefinedClass using array|callable (#3842)
* Do not treat string array argument as callable if it can be traeted just as string array.

* cs
2020-07-20 04:50:07 -04:00
Brown
9ca8fb80b7 Carry over taints after @var docblock type hints 2020-07-17 11:30:44 -04:00
Brown
26a61c47c0 Prevent mixed erasure in get_class call 2020-07-16 13:56:42 -04:00
Brown
a2dbd31371 Fix usage of array_push results 2020-07-16 13:44:51 -04:00
Brown
262bb9fd89 Invalidate memoized getter method results after property assignment 2020-07-16 12:59:49 -04:00
Brown
b361b44889 Rip out plain getter property logic cc @m0003r
It gets in the way of the other IMO more useful memoisation logic (e.g. when a getter is declared final)
2020-07-16 12:42:59 -04:00
Brown
96bfd144df Fix #3825 - ensure final getters are treated as mutation free 2020-07-16 11:58:27 -04:00
kesselb
aaba3a08ec
Add option to supress a referenced but undefined global variable. (#3827) 2020-07-16 09:49:59 -04:00
Brown
8fbc8de98a Fix #3820 - don’t treat a method call as memoisable if it has assertions 2020-07-15 15:09:19 -04:00
Brown
f0a5463834 Catch string subtypes that cannot be identical 2020-07-14 10:08:31 -04:00
Brown
2399643472 Fix #3811 - allow more complex negations inside boolean expressions 2020-07-13 21:31:58 -04:00
Brown
9177ad5ce0 Add back fix 2020-07-10 17:13:11 -04:00
Brown
8d022307d2 Fix #3797 - prevent many chained assignments crashing Psalm 2020-07-10 16:49:45 -04:00
Brown
d71f12d250 Fix #3802 - allow increment inside isset expression 2020-07-10 16:14:24 -04:00
Brown
4f872674f9 Add space 2020-07-10 14:40:25 -04:00
Brown
cd8420aa94 Skip optimisation for unpacked args 2020-07-10 13:04:37 -04:00
Brown
d8eca89b44 Remove redundancy 2020-07-10 10:35:26 -04:00
Brown
38fdf4bef6 Treat array_push($a, ... as $a[]= ... 2020-07-10 10:20:02 -04:00
Brown
33a834bb0b Fix some property inference bugs 2020-07-08 14:43:36 -04:00
Brown
619c384509 Add indentation as necessary between property docblocks 2020-07-08 14:32:16 -04:00
Brown
f173ef6ef0 Add mixed types to prevent bad recommendations 2020-07-08 12:18:36 -04:00
Brown
0034f2e4bd Don’t manipulate property storage during analysis 2020-07-07 19:32:44 -04:00
Brown
ada2fe033e Remove comma 2020-07-05 15:21:44 -04:00
Brown
ab6df0a5d1 Fix #3753 - resolve self-references in trait as statements earlier 2020-07-05 12:05:25 -04:00
Brown
42a3cedd31 Fix #3742 - add null to type after possibly null array access 2020-07-05 09:12:07 -04:00
jarstelfox
3096afed99
Fix echo false issue (#3751)
* Echo: add failing test case

echo false; is a noop, not an issue

* Echo: Fix failing test case
2020-07-05 08:55:42 -04:00
Brown
6419788a49 Remove false from template param as necessary
Fixes #3737
2020-07-03 01:07:50 -04:00
Brown
cf1a8ac5fc Suppress taints in instance properties 2020-07-02 12:08:42 -04:00
Brown
67b2edc328 Allow more things to be suppressed with @psalm-suppress TaintedInput 2020-07-02 11:53:51 -04:00
Brown
ea82cdc6ea Fix #3726 - infer generic template from class-string 2020-07-02 01:11:46 -04:00
Brown
ae7c5b095b Fix #3712 - allow taints to be suppressed with @psalm-suppress 2020-07-01 23:23:45 -04:00
Brown
0f548c83ea Fix redundant condition 2020-07-01 19:31:10 -04:00
Brown
6c62e46d15 Only emit one error for erroneous array_map string closure types 2020-07-01 19:18:01 -04:00
Brown
70ab4c18f4 Fix #3720 - allow literal unions in keys to map to object-like arrays 2020-07-01 18:57:19 -04:00
Olle Härstedt
d8e8ce428e
Add new annotation: @psalm-self-out (#3650)
* Add new config: sealAllMethods

* Add some more tests

* Fix codesniffer issue with preg_quote

* Fix missing method in test

* New tag @self-out (WIP)

* Add self_out_type to method storage

* Add some notes

* More work on self-out (WIP)

* More work on self-out (WIP)

* Use psalm-self-out instead of self-out

* Remove extra file

* Cleanup

* Wrap around try-catch - how to check if a method has/should have storage?

* New method hasStorage()

* Fix indentation

* Fix some errors

* Fix indentation

* Cast storage type to type

* Add proper use-statement in method storage

* Correct test class name

* Allow self_out to be null

* method_id can be string (why, when?)

Co-authored-by: Olle <noemail>
2020-07-01 18:10:24 -04:00
Brown
e13da22292 Allow cloning interfaces 2020-07-01 11:14:31 -04:00
Brown
fca350c498 Prevent a few crashes with really bad code 2020-07-01 10:30:10 -04:00
Brown
6047b7b6cb Fix #3719 - prevent crash when cloning missing class 2020-07-01 10:10:55 -04:00
Brown
671009a70c Specialize constructor taints cc @TysonAndre 2020-06-29 21:08:43 -04:00
Brown
cff976049d Remove unused vars 2020-06-29 13:24:05 -04:00
Brown
f6e2e0a84a Perform string casting for taints in ArgumentAnalyzer 2020-06-29 13:21:33 -04:00
Brown
45c21853e5 Fix #3709 - don’t crash on inherited __toString tainting 2020-06-29 12:11:11 -04:00
Brown
aab90fb74e Fix Psalm errors 2020-06-29 09:29:19 -04:00
Brown
38977d797e Fix #3697 - cast types via implied __toString method 2020-06-29 09:13:19 -04:00
Brown
b54b832838 Break out method call tainting 2020-06-29 00:14:49 -04:00
Brown
559b3d3471 Fix #3681 - taint exit like echo 2020-06-25 17:17:08 -04:00
Brown
95bf7f835b Improve handling of array_map, faking out calls where nececssary 2020-06-25 13:05:34 -04:00
Brown
b84cf74754 Fix #3668 - taint property types for magic properties without @property 2020-06-25 00:24:37 -04:00
Brown
dd25b81d3a Fix #3670 - taint mixed foreach access 2020-06-24 19:16:30 -04:00
Brown
a6c7a48387 Add support for argument unpacking
Ref #3670
2020-06-24 18:43:15 -04:00
Tyson Andre
1670848267
Mark print() statement as the same sink type as echo (#3669) 2020-06-24 17:23:16 -04:00
Brown
7a7cd91c24 Fix #3631 - better treatment for assignments in complex conditionals 2020-06-24 13:16:52 -04:00