gdejong
|
45c51eb121
|
Migrate PHPUnit configuration (#4710)
Co-authored-by: Gijs de Jong <gijs.de.jong@munisense.com>
|
2021-01-29 11:46:27 +01:00 |
|
Matt Brown
|
7e486565d1
|
Skip missing function params in taint analysis
|
2021-01-29 11:46:27 +01:00 |
|
Matt Brown
|
9539c0f27f
|
Fix generic ArrayAccess creation cc @orklah
|
2021-01-29 11:46:27 +01:00 |
|
orklah
|
1966766a79
|
Allow reconciling between object and iterable (#4706)
* Allow reconciling between object and iterable
* add tests
|
2021-01-29 11:46:27 +01:00 |
|
orklah
|
1511989521
|
Fix PHPMAXINT offset (#4707)
|
2021-01-29 11:46:27 +01:00 |
|
Matt Brown
|
33d2561c1c
|
Fix style issues
|
2021-01-29 11:46:26 +01:00 |
|
Matt Brown
|
ecbb5c77b2
|
Fix test failures
|
2021-01-29 11:46:26 +01:00 |
|
Markus Staab
|
86af28aa31
|
Document more taint types (#4704)
* Document more taint types
Taken from the TaintKind enum
* Add more of a description
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:26 +01:00 |
|
LeSuisse
|
2a56a3a0c9
|
Fix incorrect taint sink map for \rmdir (#4703)
Closes #4690
|
2021-01-29 11:46:26 +01:00 |
|
Markus Staab
|
6474d7ee6c
|
Declare PdoStatement->fetchObject($class_name) a taint sink (#4701)
* Declare PdoStatement
* Change to a callable sink
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:26 +01:00 |
|
orklah
|
3593a41060
|
fix wrong cast to int when string offset is a number > MAX INT (#4702)
|
2021-01-29 11:46:26 +01:00 |
|
Matt Brown
|
033a209950
|
Treat $a ?? $b identically to isset($a) ? $a : $b
|
2021-01-29 11:46:26 +01:00 |
|
Matt Brown
|
5228ff6369
|
Fix #4699 - treat isset like !== null when variable is defined
|
2021-01-29 11:46:26 +01:00 |
|
Matt Brown
|
31249d7c85
|
Pass correct flags when referencing from finally
|
2021-01-29 11:46:26 +01:00 |
|
Markus Staab
|
4206a4f59e
|
Added PDOStatement->fetchObject() stub (#4693)
* Added PDOStatement->fetchObject() stub
* fix stub param
* fix Xdebug spelling
* Use extension_loaded check instead
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:25 +01:00 |
|
orklah
|
005373bbc2
|
Detect redundant cast (#4695)
* detect redundant cast
* fix redundant cast issues
* fix redundant cast in tests
|
2021-01-29 11:46:25 +01:00 |
|
Matthew Brown
|
51fed99c5d
|
Fix core return types
|
2021-01-29 11:46:25 +01:00 |
|
Matt Brown
|
3f8fead1f7
|
Remove suppressed issuue
|
2021-01-29 11:46:25 +01:00 |
|
Markus Staab
|
526319dc47
|
fixed exception message (#4692)
|
2021-01-29 11:46:25 +01:00 |
|
Matt Brown
|
b5483b42cf
|
Add slash
|
2021-01-29 11:46:25 +01:00 |
|
orklah
|
30f1a498a3
|
restore str_split as a list (#4694)
|
2021-01-29 11:46:25 +01:00 |
|
Matt Brown
|
e469e7179e
|
Switch order to satisfy new refinement
|
2021-01-29 11:46:25 +01:00 |
|
Matt Brown
|
e5f25c7780
|
Add support for some dependent types
|
2021-01-29 11:46:25 +01:00 |
|
Matt Brown
|
8a7a1124a4
|
Fix some stubs
|
2021-01-29 11:46:24 +01:00 |
|
Matt Brown
|
9c6c6cdee4
|
Remove debugging error
|
2021-01-29 11:46:24 +01:00 |
|
orklah
|
26410ad19d
|
Emit an issue when returning a Stringable object when a string is expected (#4657)
* Emit an issue when returning a Stringable object when a string is expected
* Fix issue in Psalm codebase
|
2021-01-29 11:46:24 +01:00 |
|
Benjamin Morel
|
e9c608e7cb
|
Fix PdoStatementReturnTypeProvider (#4683)
* Fix PdoStatementReturnTypeProvider
Methods returning scalars may return null as well.
* Fix tests
|
2021-01-29 11:46:24 +01:00 |
|
Matthew Brown
|
2ea96069eb
|
Add example from @ludofleury's solution
|
2021-01-29 11:46:24 +01:00 |
|
Benjamin Morel
|
ec89cc623a
|
Fix PDOStatement::fetchObject() return type (#4682)
|
2021-01-29 11:46:24 +01:00 |
|
Matt Brown
|
8155a5c7aa
|
Fix tests
|
2021-01-29 11:46:24 +01:00 |
|
Olivier Doucet
|
9dcdc3a58d
|
add CodeClimate output format (#4387)
* add CodeClimate output format
* cosmetic fixes
* add CodeClimate output format
* cosmetic fixes
* phpcs fixes
|
2021-01-29 11:46:24 +01:00 |
|
orklah
|
597b7aa064
|
Prevent illegal array keys (#4660)
* Emit an issue when an array-key is not legal
* tests
|
2021-01-29 11:46:23 +01:00 |
|
Markus Staab
|
fe4423de78
|
Mark finfo_open and finfo_file as impure (#4678)
* Mark finfo_open and finfo_file as impure
* fix CS
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
401573c696
|
Fix test
|
2021-01-29 11:46:23 +01:00 |
|
erikjwaxx
|
62ca9f42bc
|
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int
* Test to verify inferred type of $a <=> $b is -1|0|1
|
2021-01-29 11:46:23 +01:00 |
|
Markus Staab
|
f4b9c75625
|
mark file_get_contents as impurce (#4679)
|
2021-01-29 11:46:23 +01:00 |
|
Markus Staab
|
0ea09762b5
|
is_file and is_dir should be impure (#4676)
* `is_file` and `is_dir` should be impure
* newline
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
d6e4d0d526
|
Fix #4674 - is_readable should be impure
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
371647bdf0
|
Fix #4674 - is_readable should be impure
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
6f35c01bcb
|
Fix bug
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
c165f072df
|
Fix bugs
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
a0fee98962
|
Move param taint sink addition after arguuments have been analysed
|
2021-01-29 11:46:22 +01:00 |
|
Lukas Reschke
|
2f8a5028d5
|
Add more verbose description for TaintedHtml (#4668)
Ref https://github.com/vimeo/psalm/issues/4590
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
3c7066f505
|
Fix tests
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
ed9b81ce51
|
Prevent flows through TaintedInput-suppressed files
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
aa4be209fc
|
Make sure conditional escaping works for static methods too
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
30ee5334a1
|
Fix #4661 - support conditional escaping for functions
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
4a06a03bc8
|
Break apart large function
|
2021-01-29 11:46:22 +01:00 |
|
Lukas Reschke
|
31c63a6c96
|
Add some more flows (#4659)
* Add some more flows
- Adds all relevant JSON flows https://www.php.net/manual/en/ref.json.php
- Adds all relevant misc flows https://www.php.net/manual/en/ref.misc.php
- Adds a small subset of URL flows https://www.php.net/manual/en/ref.url.php
* Update CoreGenericFunctions.phpstub
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
684340cbe3
|
Fix #4656 - separate UnusedConstructor from UnusedMethod
|
2021-01-29 11:46:21 +01:00 |
|