danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-12 17:27:28 +01:00
Code Issues Projects Releases Wiki Activity
8,052 Commits 43 Branches 314 Tags 108 MiB
76269658ca
Commit Graph

226 Commits

Author SHA1 Message Date
Matthew Brown
7764a4ce6c Fix #4912 - detect mismatching property type 2020-12-29 16:37:03 +00:00
Matt Brown
e7f9ce6da0 Break out RedundantCast issues 2020-12-01 17:25:45 -05:00
Matthew Brown
60ac109c01
Add RedundantPropertyInitializationCheck (#4732) 
* Add RedundantPropertyInitializationCheck

* add documentation for RedundantPropertyInitializationCheck (#4734)

Co-authored-by: orklah <orklah@users.noreply.github.com>
 2020-11-29 11:57:20 -05:00
Matt Brown
ffabce19c5 Add complex issue error 2020-11-27 17:02:37 -05:00
Matt Brown
bf696bf82e Add complexity function name echoing 2020-11-27 05:28:55 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630) 
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
 2020-11-19 17:47:29 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
388e804ed8 Allow opt-in to strict return type checking 2020-11-05 18:20:04 -05:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
82f35c1454 Ensure Stringable is always available to tests that need it 2020-10-29 19:41:10 -04:00
Matt Brown
f8eee22f77 Add basic support for PHP attributes 
Ref #4367 - supports creation and argument checks
 2020-10-24 00:10:22 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361) 
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
 2020-10-19 15:08:18 -04:00
feek
8d2db4e673
feature: universal object crates (#3948) 
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
 2020-10-07 09:56:21 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
30795281c6 Add config and docs for InvalidNamedArgument 2020-10-02 20:35:23 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs 
Ref #4070
 2020-09-10 22:54:32 -04:00
orklah
c6ea274180
Config reportInfo to speed up analysis for big projects (#4095) 2020-09-01 09:22:05 -04:00
Bruce Weirdan
ffb316a9e6
Converted MissingPropertyType to property issue (#4099) 
Fixes vimeo/psalm#2200
 2020-09-01 09:21:03 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Brown
92239add4d Add some backwards-incompatible changes for 4.x 2020-08-30 11:44:14 -04:00
Tom Klingenberg
46013a35c8
Revert config schema, fix b/c break (#4046) 
Previous in d5055ea the allowCoercionFromStringToClassConst attribute has
been removed from the XML configuration file per its schema.

While technically correct (was removed in 3.0), this breaks b/c between
minor versions, breaks with the release of 3.14.0.

Fix is revert.

Ref: d5055ea1d4
Caused-by: #3982
 2020-08-24 00:56:45 -04:00
Brown
10f7031080 Prevent use of $this in pure functions 2020-08-23 18:37:46 -04:00
Matthew Brown
7e13ab9cc9 Fix docs 2020-08-23 13:03:25 -04:00
Michel Hunziker
3538fe1955
Add configuration attribute to find unused @psalm-suppress (#4041) 2020-08-22 10:01:26 -04:00
Bruce Weirdan
7adc25c421
Improve import errors (#3997) 
* Better errors for invalid type imports

Fixes vimeo/psalm#3885

* Finishing touches

Docs, schema, CS

* Drop unused import

* Drop more unused imports
 2020-08-16 22:53:53 -04:00
Matthew Brown
72ecb57def Improve names of things 2020-08-14 00:27:33 -04:00
Bruce Weirdan
d5055ea1d4
Removed obsolete documenation (#3982) 
`allowCoercionFromStringToClassConst` was removed in 3.0 and never
worked since.

Refs vimeo/psalm#3976
 2020-08-11 07:30:09 -04:00
Brown
6def99d653 Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch 2020-08-10 12:26:25 -04:00
Matthew Brown
6085e42fc1 Detect mismatching param names effectively 2020-08-10 09:58:43 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true (#3893) 
Using === true on a known boolean results in the same boolean.
 2020-07-25 17:27:45 -04:00
Nat Zimmermann
a1a403e046
make meta path optional (#3833) 2020-07-17 10:09:42 -04:00
kesselb
aaba3a08ec
Add option to supress a referenced but undefined global variable. (#3827) 2020-07-16 09:49:59 -04:00
Jon Ursenbach
6aca4c169e
feat: adding a runTaintAnalysis option into the config (#3800) 2020-07-10 13:22:03 -04:00
Bruce Weirdan
e569f08f23
Drop missing issues from XSD schema (#3657) 
Two unknown issues (that were only present in schema) are dropped and a
test to validate that all issues are covered by XSD schema is added.
 2020-06-23 16:56:39 -04:00
Brown
078b8b7b1a Fix #3618 - add way to load non-analyzed files 2020-06-19 00:13:09 -04:00
Olle Härstedt
e1cc27f7a2
Add new config: sealAllMethods (#3578) 
* Add new config: sealAllMethods

* Add some more tests

* Fix codesniffer issue with preg_quote

* Fix missing method in test

Co-authored-by: Olle <noemail>
 2020-06-15 22:36:42 -04:00
Andrei Petre
3497ca07b6
Extending final class is prohibited #3037 (#3576) 2020-06-13 00:29:59 -04:00
Ivan Kurnosov
08943ea409
Fix #3517 - Changed ignoreInternalFunctionFalseReturn default to true (#3518) 
In config.xsd and the documentation
 2020-06-03 22:29:09 -04:00
Brown
953be61cf2 Allow limiting connected taint paths 2020-05-25 23:28:11 -04:00
Brown
3c5b4dec06 Add documentation for MixedClone 2020-05-18 17:20:57 -04:00
Evgeniy
04a576708c
Correct analyze clone expression (#3382) 
* Correct analyze clone, add PossibleInvalidClone issue type

* Infer mixed type when possible incorrect clone

* Remove unused variable
 2020-05-18 16:22:50 -04:00
m0003r
28f740fddb
@psalm-trace is now a specific low-level issue, because plain debug print breaks structured output (after #3080) (#3106) 2020-04-08 21:03:05 -04:00
Matthew Brown
0d62fbdf98 Detect erroneous abstract static method calls 2020-03-11 10:18:40 -04:00
Philip Hofstetter
d315822bfa make skipping of checks after invalid includes configurable 
as suggested in the PR it's best to make the setting configurable.

In order not to break existing installations, we default to keeping the
old behaviour, but in a later version of psalm, we might change the
default.
 2020-02-27 18:49:23 -05:00
Matthew Brown
a706f4d722 Fix #2242 - warn when using mutable dependencies 2020-02-22 10:04:46 -05:00