1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-05 13:10:49 +01:00
Commit Graph

168 Commits

Author SHA1 Message Date
AndrolGenhald
0edf260d8b Improve class constant static analysis.
Add class const covariance support (fixes #5589).
Add check for overriding const from interface in PHP < 8.1 (fixes #7108).
Add check for ambiguous const inheritance.
2022-01-25 15:20:17 -06:00
AndrolGenhald
558208e44e Add type checking for class const assignments, fix several other const issues. 2022-01-22 17:06:54 -06:00
AndrolGenhald
c18a155f77 Support type annotations for class consts (fixes #942). 2022-01-22 17:06:53 -06:00
orklah
af1888b631 Merge remote-tracking branch 'upstream/4.x' into upstream-master4 2022-01-22 17:48:42 +01:00
ef4dd656d0
Update 2022-01-19 12:29:49 +01:00
9021b13b65
Update 2022-01-19 12:29:44 +01:00
d970661182
Add separate issue 2022-01-19 12:20:50 +01:00
orklah
5f749c8a33 remove forbidEcho 2022-01-18 18:14:39 +01:00
orklah
b633619a2c Merge remote-tracking branch 'upstream/4.x' into upstream-master 2022-01-14 21:01:25 +01:00
orklah
d786e9deef deprecate attribute forbidEcho 2022-01-14 19:31:03 +01:00
AndrolGenhald
6d385fd8f0 Fix documentation for ComplexMethod/ComplexFunction.
Looks like I misunderstood them.
2022-01-12 14:37:52 -06:00
AndrolGenhald
240032568c Add test for issues.md to ensure all documented issues are listed. 2022-01-12 14:29:23 -06:00
d6ca1d727e
Fix typo in documentation filename 2022-01-11 14:18:04 +01:00
Matthew Brown
ae0063051a
Add better documentation 2022-01-02 14:56:18 +02:00
edc797d1c2
Add docs 2021-12-30 11:56:16 +01:00
Philip Hofstetter
fdeb1954c2
update docs for enum case deprecation 2021-12-22 06:16:42 +01:00
Kamil Tekiela
01d64e606c
Removed misleading parentheses after language construct 2021-12-18 15:20:58 +00:00
Bruce Weirdan
85f2083acb
Flag duplicate constants
Fixes vimeo/psalm#6882
Addresses p1 from vimeo/psalm#6471
2021-11-11 00:44:17 +02:00
Bruce Weirdan
0f8ef45110
Forbid properties on enums
Fixes vimeo/psalm#6472
2021-11-06 21:57:49 +02:00
orklah
0e83afdb86
Merge pull request #6518 from orklah/fix-truthy
improvements of alwaysTruthy/alwaysFalsy
2021-10-04 13:29:49 +02:00
orklah
28edc25f65 fix doc 2021-10-02 10:01:05 +02:00
741c9ee471
Fixes 2021-09-22 10:26:21 +02:00
7e0b489efe
Merge remote-tracking branch 'origin/master' into if-this-is 2021-09-21 12:12:15 +02:00
Bruce Weirdan
b4f024b1fe
Basic enum checks
* Duplicate cases
* Duplicate case values
* Invalid case values: value on a pure enum case, missing value on a
backed enum case, backing type / case type mismatch
* Literal expression evaluation for case values

Fixes vimeo/psalm#6426
Fixes vimeo/psalm#6427
2021-09-07 12:35:38 +03:00
Bruce Weirdan
7b11024886
Flag invalid backing types for enums
Fixes vimeo/psalm#6428
2021-09-05 20:12:24 +03:00
Tyson Andre
0ae573a158 [skip ci] Fix typos in docs/ 2021-08-05 16:39:14 -04:00
Grégoire Paris
26f8e5b333
Add negated identity with false case
This is the opposite of === true and works the same.
2021-07-17 03:20:23 +03:00
Antonio Mangiacapra
3bc519512c
Fix typo in ConfigIssue.md
"future versions" instead of "feature versions"
2021-07-02 11:59:26 +02:00
Matthew Brown
fc88f4f0ee
Simplify UnusedForeachValue example 2021-06-21 13:57:53 -04:00
Bruce Weirdan
e552925af6
Emit separate type of issue when foreach value is unused (#5932)
* Emit separate type of issue when foreach value is unused

Fixes vimeo/psalm#5929

* Fixed var name case sensitivity
2021-06-17 00:40:24 -04:00
Matthew Brown
d4164d4452 Revert "Add better example"
This reverts commit bfd2ab07de.
2021-06-10 22:18:18 -04:00
Matthew Brown
bfd2ab07de
Add better example 2021-06-10 18:32:38 -04:00
Matthew Brown
eb3e395138
Update TaintedTextWithQuotes.md 2021-06-10 17:55:07 -04:00
Matt Brown
47bf5ed567 Fix #5918 - add new issue to detect unquoted strings 2021-06-10 17:43:04 -04:00
Matthew Brown
6d09418a23
Detect unused return values (#5917)
* Detect unused return values

* Allow static-returning instance methods (presumed to be fluent)

* Make $is_used the default for Codebase::methodExists
2021-06-10 14:18:15 -04:00
Matt Brown
5c1d8489da Improve test cases 2021-06-10 12:57:13 -04:00
Bruce Weirdan
86050df4d0
Formally deprecate allowCoercionFromStringToClassConst (#5897)
* Mark allowCoercionFromStringToClassConst as deprecated in xml schema

* Emit deprecation warning for `allowCoercionFromStringToClassConst`
2021-06-07 10:46:26 -04:00
Bruce Weirdan
c98b20247b
Flag unexpected tags on function docblocks (#5845)
* Flag unexpected tags on function docblocks

Fixes vimeo/psalm#5782

* Document new issue

* Fix spacing

Co-authored-by: Matthew Brown <github@muglug.com>
2021-05-28 09:47:39 -04:00
Vincent Langlet
587b144f0e
Check for ParamName even for method with only one param (#5732)
* Check for ParamName even for method with only one param

* Fix tests
2021-05-08 19:33:48 -04:00
Matt Brown
012dafad79 Fix #5383 - prevent unsound use of new static for generics 2021-04-10 13:16:19 -04:00
AndrolGenhald
3ce41d71a4
Clean up issues list, add documentation to help with named variadic confusion. (#5511)
* Clean up issues list, add documentation to help with named variadic confusion.

* Add ComplexFunction and ComplexMethod back to issues list.

I removed them because the documentation files don't exist, but they're used and the documentation just needs to be added.
2021-03-29 15:10:49 -04:00
AndrolGenhald
de5a031088
Improve @no-named-arguments support and variadics. (#5455)
* Improve @no-named-arguments support and variadics.

Handling of argument unpacking and variadics still needs a pretty big makeover, but this is a good start.

Fixes #5420
Improves #5453 (iterable works, array still causes issues)

* Remove unneeded imports.
2021-03-22 19:58:22 -04:00
Matt Brown
4d76f7545c Allow property type invariance on templated properties
This is a bit of a hack – the comparison should be similar to the ones done in MethodComparator, but this avoids false-positives for now
2021-02-07 01:45:48 -05:00
Matt Brown
f2d202e2bb Add less severe issue for docblock property type invariance cc @bdsl
This is less likely to break everything
2021-02-07 00:52:29 -05:00
Bruce Weirdan
04bb2b1182
Prevent invalid Traversable implementation (#5171)
* Prevent invalid Traversable implementation

Fixes vimeo/psalm#5167

* Document new issue

* CS fix
2021-02-06 22:10:05 -05:00
Barney Laurance
0cd5442c47
Enforce property type invariance (#5131)
* Implement NonInvariantChildProperty detection

See https://github.com/vimeo/psalm/issues/4184

* Delete test cases with 'parentSetsWiderTypeInConstructor'

As I understand it these are not valid test cases. They
emit NonInvariantPropertyType issues which seems correct - the property
type variation is I think a latent bug in the sample code.

* Reduce shortcode for NonInvariantPropertyType to 1+max used shortcode on master
2021-01-31 11:32:24 -05:00
Matthew Brown
7764a4ce6c Fix #4912 - detect mismatching property type 2020-12-29 16:37:03 +00:00
Matt Brown
e7f9ce6da0 Break out RedundantCast issues 2020-12-01 17:25:45 -05:00
Matthew Brown
60ac109c01
Add RedundantPropertyInitializationCheck (#4732)
* Add RedundantPropertyInitializationCheck

* add documentation for RedundantPropertyInitializationCheck (#4734)

Co-authored-by: orklah <orklah@users.noreply.github.com>
2020-11-29 11:57:20 -05:00
orklah
e2030b4a1e
fix #3282 (#4724) 2020-11-28 09:03:03 -05:00
Lukas Reschke
a36c1af846
Add more verbose description for TaintedHtml (#4668)
Ref https://github.com/vimeo/psalm/issues/4590
2020-11-22 19:14:48 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630)
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
2020-11-19 17:47:29 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
74749d20cc Improve documentation for taints a little
Ref #4590
2020-11-17 16:03:50 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matthew Brown
43f6921efa
Update MixedOperand.md 2020-11-08 14:41:08 -05:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
a3755a1d1f Fix tests 2020-10-27 22:29:49 -04:00
Matt Brown
40dddc5e3f Add docs 2020-10-24 00:14:27 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361)
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
2020-10-19 15:08:18 -04:00
Matt Brown
1839b3e701 Fix test 2020-10-02 21:01:55 -04:00
Matt Brown
30795281c6 Add config and docs for InvalidNamedArgument 2020-10-02 20:35:23 -04:00
Lexidor Digital
43d91665c6
[easy fix] Update example for @no-named-arguments (#4170)
The text mentions `@no-named-arguments`, but the example shows `@no-named-params`.
`@no-named-params` can not be found in the psalm source.
Updated example to `@no-named-arguments`.
[https://github.com/vimeo/psalm/search?q=no-named-params&unscoped_q=no-named-params](search for no-named-params) 1 result (this example)
[https://github.com/vimeo/psalm/search?q=no-named-arguments&unscoped_q=no-named-arguments](search for no-named-arguments) 2 results (this example and in CommentAnalyzer.php)
2020-09-11 23:36:10 -04:00
Brown
6d8641ac09 Fix documentation 2020-09-10 22:58:26 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs
Ref #4070
2020-09-10 22:54:32 -04:00
Brown
00ad09816f Fix tests 2020-09-10 19:05:47 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Alfred Bez
921b8e206c
InvalidClass is also reported if the casing in the namespace is wrong (#4090) 2020-08-31 10:05:03 -04:00
Brown
10f7031080 Prevent use of $this in pure functions 2020-08-23 18:37:46 -04:00
Matthew Brown
7e13ab9cc9 Fix docs 2020-08-23 13:03:25 -04:00
Olle
3630b4a2f9 Merge remote-tracking branch 'remotes/upstream/master' 2020-08-18 15:59:46 +00:00
Matthew Brown
f48a362fcd
Add reference to automatic fix 2020-08-17 11:58:30 -04:00
Bruce Weirdan
7adc25c421
Improve import errors (#3997)
* Better errors for invalid type imports

Fixes vimeo/psalm#3885

* Finishing touches

Docs, schema, CS

* Drop unused import

* Drop more unused imports
2020-08-16 22:53:53 -04:00
Matthew Brown
72ecb57def Improve names of things 2020-08-14 00:27:33 -04:00
Farhad Safarov
057d2cc678
ForbiddenCode configure docs (#3989) 2020-08-13 09:21:13 -04:00
Brown
6def99d653 Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch 2020-08-10 12:26:25 -04:00
Matthew Brown
6085e42fc1 Detect mismatching param names effectively 2020-08-10 09:58:43 -04:00
Tom Klingenberg
ea52b9d23a
Fix minor typos in docs (#3956)
While I was searching for some code, ran across these.
2020-08-08 08:09:41 -04:00
Brown
278addd93d Fix strtolower calls and docs 2020-08-05 21:46:15 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Chad Edwards
c5f71b669c
Update MissingReturnType.md (#3942)
* Update MissingReturnType.md

It would be useful if these pages included the fix.

* Update MissingReturnType.md

Co-authored-by: Matthew Brown <github@muglug.com>
2020-08-05 15:48:18 -04:00
Brown
6949a34ded Put RedundantIdentityWithTrue behind a flag cc @greg0ire 2020-07-30 10:25:59 -04:00
Grégoire Paris
8fe1fbc085
Fix typo in filename (#3902) 2020-07-27 14:16:55 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true (#3893)
Using === true on a known boolean results in the same boolean.
2020-07-25 17:27:45 -04:00
Jack Leigh
367d5947ae
Update MissingThrowsDocblock.md (#3878) 2020-07-24 09:33:50 -04:00
Barney Laurance
3bc91b9944
Fix multiple issues with @internal and @psalm-internal (#3841)
* Add passing tests for property fetch on an @internal class

I'm trying to work out why the equivilent InvalidCodeParse test is
failing for PsalmInternal

* Treat all properties of a psalm-internal class as psalm-internal

* Remove all $internal properties from storage - use psalm_internal instead

@internal can be represented as internal to the namespace root, avoiding
the need to check for both properties in storage later.

* Raise InternalClass issue when an internal class is used with e.g. instanceOf

* fix docs and tests

* Add return type declartion to code example in doc

* Don't allow class psalm-internal to overide a tighter method psalm-internal

* Break up long line

* Code style - move && from EOL to SOL

* Restore misplaced &&

* Fix code style

* Fix namespace fetching so it works

Co-authored-by: Matthew Brown <github@muglug.com>
2020-07-22 19:27:35 -04:00
Brown
c56e29b114 Fix example 2020-07-16 16:19:29 -04:00
Olle
4b98bf485e Add doc for ifthisismismatch exception 2020-07-14 18:00:22 +00:00
binarious
ff990e5f8f
docs(MoreSpecificImplementedParamType): less to more (#3725) 2020-07-01 09:01:58 -04:00
Andrei Petre
ce39bab966
Update InvalidExtendClass.md (#3616)
suggestion by @weirdan
2020-06-19 11:51:30 -04:00
Bruce Weirdan
e496aa406f
Documented using underscore to suppress unused(param/variable) issues (#3580)
Previously it was undocumented, as pointed out in vimeo/psalm#3574
2020-06-13 00:31:37 -04:00
Andrei Petre
3497ca07b6
Extending final class is prohibited #3037 (#3576) 2020-06-13 00:29:59 -04:00
Brown
3c5b4dec06 Add documentation for MixedClone 2020-05-18 17:20:57 -04:00
Evgeniy
04a576708c
Correct analyze clone expression (#3382)
* Correct analyze clone, add PossibleInvalidClone issue type

* Infer mixed type when possible incorrect clone

* Remove unused variable
2020-05-18 16:22:50 -04:00
flip111
d475a601f0
Update MissingPropertyType.md (#3299) 2020-05-04 14:49:19 -04:00
Valentin Udaltsov
29394552a2
Update MixedArgumentTypeCoercion.md (#3129) 2020-04-12 19:52:50 -04:00
m0003r
28f740fddb
@psalm-trace is now a specific low-level issue, because plain debug print breaks structured output (after #3080) (#3106) 2020-04-08 21:03:05 -04:00