orklah
f8628ef68c
fix errors
2021-10-02 10:01:05 +02:00
Bruce Weirdan
2e7e343ef8
Merge pull request #6423 from orklah/count-equal-0-negated-assertion
2021-10-02 00:53:03 +03:00
Bruce Weirdan
d232cc0d02
Merge pull request #6553 from orklah/exec-leak
2021-09-30 21:32:55 +03:00
orklah
02ef33c4ac
Merge pull request #6554 from simPod/use-a
...
Use correct English articles
2021-09-30 09:37:56 +02:00
Simon Podlipsky
4f5e30fd30
Use correct English articles
2021-09-30 09:19:08 +02:00
orklah
3133cd159a
fix NPE
2021-09-29 22:30:38 +02:00
orklah
2a2e7c5e32
prevent object leaking that lead to changes in callmap
2021-09-29 22:27:34 +02:00
orklah
ab6efe49b2
fix CS
2021-09-26 23:41:26 +02:00
orklah
38dac34846
unnecessary null initialization
2021-09-26 23:34:32 +02:00
orklah
9170b0af8f
replace list()
2021-09-26 23:34:32 +02:00
orklah
2315316b17
return types
2021-09-26 23:34:32 +02:00
orklah
72eab30a3a
coalesce operator
2021-09-26 23:34:31 +02:00
orklah
c11b32d414
redundant variable check
2021-09-26 22:37:17 +02:00
orklah
ae1afd90c6
coalesce operator
2021-09-26 22:37:17 +02:00
orklah
a5aa824258
unnecessary local variable
2021-09-26 22:37:17 +02:00
orklah
afbda6d0f6
Merge pull request #6535 from orklah/SA
...
Improvements
2021-09-25 20:16:38 +02:00
orklah
a9b1248e9f
unnecessary phpdoc is necessary
2021-09-25 17:13:58 +02:00
orklah
671a175deb
unnecessary phpdoc
2021-09-25 17:08:51 +02:00
orklah
f0b0540563
unparsable types
2021-09-25 17:08:38 +02:00
orklah
3e6bf6f35f
remove unused nullable on param types
2021-09-25 16:05:47 +02:00
orklah
a92fee8ae3
better combining
2021-09-25 11:21:06 +02:00
orklah
97e91e6bf0
code trimming
2021-09-25 02:34:21 +02:00
orklah
cc6ab8340b
improve type when min = max and add test
2021-09-23 21:24:16 +02:00
orklah
a7fa63547e
add tests, improve count behaviour on keyed arrays using integer range
2021-09-23 21:24:16 +02:00
741c9ee471
Fixes
2021-09-22 10:26:21 +02:00
f8a959c079
Fix silly bug
2021-09-21 14:11:33 +02:00
7e0b489efe
Merge remote-tracking branch 'origin/master' into if-this-is
2021-09-21 12:12:15 +02:00
Bruce Weirdan
cbcc38aab8
Merge pull request #6339 from niconoe-/allow-object-on-array_walk
2021-08-31 23:45:10 +03:00
Bruce Weirdan
103b2b7244
Warn about array_walk_recursive over objects
2021-08-31 23:18:20 +03:00
Bruce Weirdan
b370ce92aa
Report RawObjectIteration
when array_walk
is used on objects
2021-08-20 01:43:49 +03:00
Bruce Weirdan
9222b24ea1
Merge pull request #6321 from orklah/analyze-dynamic-classConstFetch
2021-08-20 01:06:56 +03:00
orklah
dbf3512b70
introduce $definite_class flag and use it to avoid using final keyword for simple inference
2021-08-19 23:19:59 +02:00
Barney Laurance
88276d7f1e
Fix error message for call to internal method from root namespace
2021-08-17 18:54:57 +01:00
Bruce Weirdan
4cb9d8ceec
Merge pull request #6205 from orklah/typos
...
fix typos
2021-07-29 22:31:03 +03:00
orklah
d0fe1528b6
fix typos
2021-07-29 20:59:52 +02:00
Bruce Weirdan
7aa5564047
Merge pull request #6192 from orklah/array_replace_not_nullable
...
make array_replace and array_replace_recursive not nullable
2021-07-28 00:20:46 +03:00
orklah
d9df3211c5
make array_replace and array_replace_recursive not nullable
2021-07-27 23:02:41 +02:00
orklah
2259113727
fix wrong wording
2021-07-26 21:09:12 +02:00
orklah
52033f4b69
fix condition when scalar is allowed
2021-07-13 00:34:22 +02:00
orklah
1fc8982ca9
fix condition when bool is allowed
2021-07-13 00:19:13 +02:00
orklah
688367de38
Always emit InvalidArgument when the parameter is always false and not accepted
2021-07-13 00:06:36 +02:00
Bruce Weirdan
e93b37a225
Merge pull request #6060 from VincentLanglet/statement
2021-07-11 22:12:10 +03:00
Matthew Brown
acc7ee261c
Fix #6066 - introduce more robust system for capturing template constraints ( #6072 )
...
* Fix #6066 - add better system for capturing template constraints
* Fix comment
2021-07-11 12:03:21 -04:00
Vincent Langlet
3339ce1379
Use stmt instead of args
2021-07-11 11:22:13 +02:00
Matthew Brown
d883d73991
Fix template bound terminology
...
I had this flipped by mistake
2021-07-10 14:08:09 -04:00
Vincent Langlet
49ed7b045f
Pass statement to MethodReturnTypeProviderEvent
2021-07-08 00:02:36 +02:00
Matt Brown
19cc4cb4ee
Simplify lots of usage checks
2021-06-25 10:14:49 -04:00
Matt Brown
67d68a5dc0
Use more accurate variable name
2021-06-25 09:54:39 -04:00
Bruce Weirdan
6d4262edbd
Mark return values in as throw
argument as used ( #5989 )
...
Fixes vimeo/psalm#5975
2021-06-25 09:11:27 -04:00
Matthew Brown
c2f7422e80
Prevent crash with non-UTF-8 string
...
Fixes #5945
2021-06-17 12:26:18 -04:00
Matt Brown
47bf5ed567
Fix #5918 - add new issue to detect unquoted strings
2021-06-10 17:43:04 -04:00
Matthew Brown
6d09418a23
Detect unused return values ( #5917 )
...
* Detect unused return values
* Allow static-returning instance methods (presumed to be fluent)
* Make $is_used the default for Codebase::methodExists
2021-06-10 14:18:15 -04:00
Bruce Weirdan
6abce3525a
Enforce use
sort ( #5900 )
2021-06-07 22:55:21 -04:00
Matt Brown
f3fc112bae
Fix #4523 - fix short-circuiting for properties and method calls
2021-06-01 16:06:12 -04:00
Bruce Weirdan
0c77ccc238
Check whether constructor is internal on new
call ( #5843 )
...
Fixes vimeo/psalm#5841
2021-05-28 09:44:07 -04:00
Matt Brown
38c452ae58
Add example given in ticket and ensure that works too
2021-05-24 00:09:51 -04:00
Matt Brown
7354ec9903
Fix #5298 - improve handling of method that may write properties
2021-05-23 16:22:52 -04:00
Matt Brown
6a61298074
Fix #5810 - detect properties that are never read
2021-05-21 09:25:57 -04:00
Matt Brown
4f9067f5c8
Fix unused properties in Psalm’s own codebase
2021-05-21 09:15:23 -04:00
Matt Brown
4b17cc9a4b
Fix #5809 - remove unnecessary issue suppression
2021-05-21 07:35:01 -04:00
Matt Brown
1195335078
Fix #5768 - call methods with proper params
2021-05-14 22:50:11 -04:00
Matt Brown
5f780e7ef7
Improve count
inference
2021-05-14 20:12:28 -04:00
Matt Brown
c4aea7c82c
Fix #5434 - prevent crash with class-string-map
2021-05-14 19:44:11 -04:00
Matthew Brown
cc7ff94f7c
Prevent crash when method being called does not exist in reflection
...
Crash seen when running this test in PHP 7.4 because the method does not exist, but the call map includes it in 8.0
2021-05-13 12:40:39 -04:00
Matthew Brown
859b4a2caa
Fix #5725 – don’t transform non-docblock types unnecessarily
2021-05-09 12:03:42 -04:00
Matthew Brown
832a190dd4
Support enums ( #5699 )
...
* Add initial enum preparation
* Support cases method
* Ignore bad use error
cc @weirdan
* Fix type
2021-05-03 17:54:09 -04:00
Bruce Weirdan
105c6f3a1c
Remove (and prevent) unused uses ( #5704 )
...
* Updates `slevomat/coding-standard`
* Removes unused uses
* Prevents unused uses
* Fixes a number of symbol case mismatches
2021-05-03 17:22:15 -04:00
Matt Brown
0f5b117534
Migrate ClassLikeName options to object
2021-04-30 15:01:33 -04:00
Matt Brown
2fa55d147a
Allow parent class to call child protected method
2021-04-25 12:44:53 -04:00
Matt Brown
419114e1f0
Fix #5662 — prevent crash when reporting mixed issue on virtual arg
2021-04-23 15:34:35 -04:00
Matthew Brown
e505cd58b4
Add use
2021-04-12 23:52:50 -04:00
Matt Brown
b7f122425f
Use proper variable
2021-04-10 21:48:50 -04:00
Matt Brown
012dafad79
Fix #5383 - prevent unsound use of new static for generics
2021-04-10 13:16:19 -04:00
AndrolGenhald
870c433dc2
Check oldest ancestor for protected method visibility ( fixes #5595 ) ( #5597 )
2021-04-07 22:01:41 -04:00
Matt Brown
a469c82653
Fix #5587 - detect final class calls when routed through parent
2021-04-06 12:35:09 -04:00
Matt Brown
517b2030c9
Fix #5545 - throwing uses method
2021-04-04 21:17:12 -04:00
Matt Brown
150dd00060
Fix #5540 - function is used inside throw expression
2021-03-31 10:03:25 -04:00
Matt Brown
9a714b759e
Fix #5496 - ensure params extended in properties are properly fleshed out
2021-03-28 23:10:38 -04:00
Matt Brown
93743d1465
Also add better message for MixedArgumentTypeCoercion
2021-03-28 11:32:38 -04:00
Saif Eddin Gmati
9f74676524
allow dismissing return value of pure functions with by-reference arguments ( #5463 )
2021-03-25 09:05:59 -04:00
Jean-Nicolas
30f64b79de
Checks the intersection type if the magic method does not exist ( #5473 )
2021-03-24 15:34:05 -04:00
Matt Brown
efa9b136d3
Fix linting issues
2021-03-23 19:42:56 -04:00
Saif Eddin Gmati
477ae33cd6
allow dismissing return value of no-return pure functions ( #5461 )
2021-03-23 19:34:12 -04:00
Matt Brown
a96645d2e3
Fix many uses of offsets
2021-03-23 01:30:51 -04:00
Matt Brown
bf578d1024
Fix potential crash when calling magic setter
2021-03-22 23:08:38 -04:00
AndrolGenhald
de5a031088
Improve @no-named-arguments support and variadics. ( #5455 )
...
* Improve @no-named-arguments support and variadics.
Handling of argument unpacking and variadics still needs a pretty big makeover, but this is a good start.
Fixes #5420
Improves #5453 (iterable works, array still causes issues)
* Remove unneeded imports.
2021-03-22 19:58:22 -04:00
Sergey Yakimov
fb94db9b1f
Add proper handling of unpacked arguments with string keys ( #5446 )
...
* Add proper handling of unpacked arguments with string keys
* Fix undefined array key error
* Fix missed named arguments handling
* Fix false-positive on variadic parameter
* Add tests
2021-03-22 09:08:05 -04:00
Matt Brown
b73223f9c1
Add use statements
2021-03-20 22:17:22 -04:00
Matt Brown
44c6d3035b
Add more mixed origin information
2021-03-20 21:45:38 -04:00
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. ( #5398 )
...
* Added event to prevent tainting.
* Remove optional codebase parameter.
* Removed falsy check for codebase.
* Use two separate hooks for adding and removing taints
* Add slashes
* Update add/remove taint test name.
* Cleaned up SafeArrayKeyChecker example plugin.
* Added more AddRemoveTaintsEvent calls to codebase.
* Fix type check error with $added_taints param.
* Added AddRemoveTaintsEvent to remaining classes.
* Fix post-merge error.
* Add comma
* Remove $int_offset that never existed
Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
Matt Brown
42d3bceb4e
Use more accurate return type
2021-03-18 15:19:29 -04:00
Matt Brown
b7a68edd0b
Simplify complex methods
2021-03-18 15:09:03 -04:00
Matt Brown
d19088bb10
Add better origins for calls
2021-03-17 19:37:21 -04:00
Matt Brown
b549989ba7
Prevent overwriting storage type during analysis
2021-03-13 14:12:55 -05:00
Bruce Weirdan
71a0457284
Emit ImplicitToStringCast in more places ( #5344 )
...
* Emit ImplicitToStringCast in more places
Fixes vimeo/psalm#5320
`to_string_cast` is set on successful comparison, thus it needs to
always bubble up (it will be ignored in UnionTypeComparator if some part
does not match).
* Fix implicit casts
* Fix handling of string method references in self-out context
2021-03-11 00:07:39 -05:00
Matt Brown
96e0743892
Fix #5325 – remove all memoised methods when calling a method with property mutations
2021-03-05 00:39:25 -05:00
Matt Brown
bca09d74ad
Fix style issues
2021-02-25 21:24:18 -05:00
Matt Brown
474ebf912e
Fix #5229 - new SomeTemplatedClass should expand out params even if none passed
2021-02-25 21:20:05 -05:00
Matt Brown
d4841993b2
Fix #5279 - don’t convert get_class($templated) into dependent type
2021-02-25 18:43:04 -05:00
Matt Brown
b2c35834ff
Remove mistakenly-duplicated code for get_* functions
2021-02-25 18:40:05 -05:00
Matt Brown
7958ef6889
Decomplicate method
2021-02-24 00:03:55 -05:00
Matt Brown
cafbdb6831
Fix #5264 - use accurate static type when calling parent method in trait
2021-02-23 20:48:22 -05:00
Matt Brown
78577fd624
Fix #5257 - allow object::foo() call
2021-02-23 17:31:14 -05:00
elnoro
e1d6f2f491
Fixed 4788 ( #5263 )
2021-02-22 09:21:28 -05:00
Matt Brown
6ba899e34e
Only replace static type once
2021-02-22 00:25:13 -05:00
Matt Brown
3106635953
Fix inference of conditional types when wildcard constant given
2021-02-20 12:21:52 -05:00
orklah
5191dac3fa
Introduce Virtual Nodes in order to differentiate real nodes in plugins ( #5222 )
2021-02-15 16:18:41 -05:00
Matt Brown
bd6efd7cf2
Improve completion for namespaced classes
...
cc @joehoyle - this mainly allows us to get a correct list when the user starts typing Foo (without the new before it) inside a namespace
2021-02-14 23:25:13 -05:00
Matt Brown
6fb7423c68
Fix #5211 - prevent infinite loop in template inference
2021-02-13 16:16:58 -05:00
Matt Brown
044602a244
Fix #5196 - fix type before assigning default property values
2021-02-11 09:38:04 -05:00
Matt Brown
ccdb29abfa
Improve handling of property-mutating calls
2021-02-10 12:09:21 -05:00
Matt Brown
2b9d307cab
Fix #5184 - remove this vars from parent context where possible
2021-02-09 10:23:22 -05:00
Matt Brown
8b5e0fc754
Fix #5172 - prevent calling function with implicitly-broader type
2021-02-07 11:07:22 -05:00
orklah
343d020408
improve psalter capacities for anonymous class extending real classes ( #5146 )
2021-02-04 09:59:38 -05:00
Matt Brown
7dbdc8c59e
Fix #5144 - prevent exception during taint analysis
2021-02-02 14:16:15 -05:00
Matt Brown
0f2a07a9a3
Fix #5137 – support @psalm-flow in methods
2021-01-31 22:40:48 -05:00
Matt Brown
359a0166e3
Fix #4631 - prevent reusing named params
2021-01-27 22:53:55 -05:00
Matt Brown
4807d38507
Fix using std library functions
2021-01-27 22:28:33 -05:00
Matt Brown
76269658ca
Fix #5107 - treat function-bound templated parameters the same
...
Previously they were treated differently depending on whether or not they were inside a method
2021-01-26 22:43:42 -05:00
Matt Brown
6f30399189
Fix #5070 – fix static return type inference in static methods
2021-01-22 09:58:09 -05:00
Matthew Brown
28d2795e59
Fix #5078 - when unpacking with missing array item, Use the param’s default type if param has one
2021-01-22 00:20:51 -05:00
Marco Pivetta
a53cc23809
#4997 added more precise type inference for count()
returning 0
or positive-int
on known arrays ( #4999 )
...
* #4997 added more precise stub for `count()` returning `0` or `positive-int` on known types
* #4997 updated `count()` to support `\SimpleXmlElement` and `\ResourceBundle` counting, as well as handling hardcoded 2-element-arrays cases
This patch:
* adds support for `count(\SimpleXmlElement)` (https://www.php.net/manual/en/simplexmlelement.count.php )
* adds support for `count(\ResourceBundle)` (https://www.php.net/manual/en/resourcebundle.count.php )
* removes usage of global constants from stub (not supported - see https://www.php.net/manual/en/function.count.php )
* adds support for identifying fixed-element-count arrays, for example `count(callable&array)`, which is always `2`
* #4997 adapted `FunctionCallReturnTypeFetcher` to infer `TPositiveInt` for `count(TNonEmptyArray)` and `count(TNonEmptyList)`
* The `FunctionCallReturnTypeFetcher` is responsible for defining the precise type of a `\count(T)`
expression when given a `T`, so we baked the whole type resolution for `positive-int`, `0` and
`positive-int|0` directly in there.
While this complicates things, it is also true that it is not possible right now (for the stubs)
to provide the level of detail around `count()` that is required by the type inference system
for such a complex function with so many different semantics.
2021-01-13 09:48:38 -05:00
Adrien LUCAS
493c57eedf
Trigger dispatch even when only legacy hooks ( #4962 )
2021-01-08 19:51:26 -05:00
Adrien LUCAS
d1398f2b12
Avoid false positives for taint specialized calls even when not using a variable ( #4948 )
2021-01-07 16:39:51 -05:00
orklah
0e17a3354f
add stubs for standard iterators ( #4725 )
...
* add stubs for standard iterators
* Apply suggestions from code review cc @weirdan
Co-authored-by: Bruce Weirdan <weirdan@gmail.com>
* complete stub + delete code made redundant by stubs + fix some syntax in stubs
* fix parse error
Co-authored-by: Bruce Weirdan <weirdan@gmail.com>
2021-01-07 10:07:07 -05:00
Adrien LUCAS
0f5886746f
Taint specialized calls even when not using a variable ( #4940 )
2021-01-06 14:14:52 -05:00
orklah
f9fccb2b2d
implement DTO for plugins ( #4881 )
...
* implement DTO for plugins
* introduce EventHandler + reintroduce legacy API for plugins
2021-01-06 09:05:53 -05:00
Matthew Brown
3fd47f9e10
Add comments to AtomicMethodCallAnalyzer and suppress ComplexMethod
2021-01-05 19:03:50 -05:00
Matthew Brown
e4b1a4fa55
Uncomment erroneously-commented return
2021-01-05 17:49:17 -05:00
Matthew Brown
ddd99970a9
Fix #4901 - simplify mapping of template types within class
2020-12-29 12:24:33 +00:00
2e3s
d8d6811ed4
Memoize private inferred mutation-free methods ( #4832 )
2020-12-12 10:26:14 -05:00
Matt Brown
524084a64c
Tighten up rules arouund when mutation-free methods get memoised
2020-12-08 16:39:06 -05:00
2e3s
e46c68b1e5
Overwrite memoized return type after sum-type candidate is calculated ( #4805 )
...
* Overwrite memoized return type after sum-type candidate is calculated
* Fix mismatched types
* Fix code style
2020-12-08 09:35:11 -05:00
Matthew Brown
d406d5b112
Fix typo
2020-12-07 01:32:18 -05:00
Matt Brown
e702e472fc
Support simple list assignment in foreach
...
Ref #4741
2020-12-06 19:14:52 -05:00
Matt Brown
9c0e9a3d7e
Taint all when conditional return is used
...
Ref #4792
2020-12-06 11:24:48 -05:00
Matt Brown
cec8d7138f
Fix #4782 - don’t replace closure types with upper bounds when replacing class param types
2020-12-05 11:58:55 -05:00
Matt Brown
1bb8b73f99
Return earlier
2020-12-05 10:25:34 -05:00
Denis Smetannikov
11576951f6
Update ExistingAtomicStaticCallAnalyzer.php ( #4761 )
...
The invalid syntax for PHP 7.1+
2020-12-03 09:24:34 -05:00
Matt Brown
1feca322d5
Fix loading imported functions
2020-12-02 00:52:35 -05:00
Matt Brown
e7f9ce6da0
Break out RedundantCast issues
2020-12-01 17:25:45 -05:00
Matt Brown
f5494bc407
Fix typos caused by Macbook Pro’s bad keyboard
2020-12-01 14:14:09 -05:00
Matt Brown
3b1fa58413
Break apart method as much as possible
2020-11-30 14:07:18 -05:00
Matt Brown
2204728824
Break apart NewAnalyzer::analyze
...
Ref #4714
2020-11-30 13:24:24 -05:00
Matt Brown
4d81682fdd
Fix #4731 - expand out class-bound generic types when evaluating instance method
2020-11-29 21:36:50 -05:00
Matt Brown
86b6d6a506
Fix #4733 - don’t replace template types when they’re defined on the same class
2020-11-29 19:12:22 -05:00
Matt Brown
601c1d8cd0
Expand out constants in param types earlier
2020-11-29 19:07:35 -05:00
Matt Brown
46b202731c
Fix check
2020-11-29 18:28:32 -05:00
Matt Brown
58b306b6e3
Ensure class template types are mapped to static methods where necessary
...
Ref #4733
2020-11-29 17:40:52 -05:00
Matt Brown
ea314cc1c0
Simplify calling of replacer methods
2020-11-29 16:27:00 -05:00
Matt Brown
4d22723525
Break out replacement of templated types with their inferred result
2020-11-29 16:16:16 -05:00
Matt Brown
15a5bd5e29
Simplify storage and retrieval of extended template params
2020-11-29 15:05:32 -05:00
Matt Brown
0efd4ebd7d
Detect some erroneous issets
2020-11-29 09:26:39 -05:00
Matthew Brown
fd53192ad2
Fix redundant mappings
2020-11-28 21:05:31 -05:00
Matt Brown
8adc0918ae
Fix the bug
2020-11-28 09:55:40 -05:00
Matt Brown
de1fa03f77
Fix template type selection
2020-11-28 09:53:11 -05:00
Matt Brown
73cd07a01f
Simplify FunctionCallAnalyzer
...
Ref #4714
2020-11-27 16:34:27 -05:00
Matt Brown
6db8132b4c
Simplify call analysers a bit
...
Ref #4714
2020-11-27 16:31:10 -05:00
Matt Brown
5f065d3d74
Turn template bound tuples into object
...
Ref #4714
2020-11-27 11:43:30 -05:00
Matt Brown
6de97e3779
Skip missing function params in taint analysis
2020-11-26 11:58:14 -05:00
Matt Brown
d40d63f180
Fix #4699 - treat isset like !== null when variable is defined
2020-11-25 14:04:55 -05:00
Matt Brown
17ceba5c06
Fix bug
2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843
Fix bugs
2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0
Move param taint sink addition after arguuments have been analysed
2020-11-22 19:39:40 -05:00
Matt Brown
b782dd4225
Make sure conditional escaping works for static methods too
2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8
Fix #4661 - support conditional escaping for functions
2020-11-22 13:24:33 -05:00
Matt Brown
f0ae0e5cb4
Break aparat type combiner
2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation ( #4649 )
...
* Implement variadic taint propagation
* Lint code
2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress ( #4646 )
2020-11-21 17:39:40 -05:00
Matt Brown
ce8938263e
Fix #4636 - prevent crashes on aliased classes
2020-11-20 09:29:24 -05:00
Matt Brown
78d644d1a1
Change TaintedText to TaintedCallable
2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c
Closure calls aren’t sinks
2020-11-19 18:44:36 -05:00
Matt Brown
ff3fff56d4
Simplify assertion negations, centralising as much as possible
...
Now the flag passed to scrapeAssertions just determines the errors emitted
2020-11-19 14:32:49 -05:00
Matt Brown
95de6cf177
Allow immutable classes to be specialised through calls
2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858
Unfix fixes
2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0
Only ignore literal flows when tainting
2020-11-18 18:43:41 -05:00
Matt Brown
236292ff05
Fix #4600 - set attributes in a bunch of places
2020-11-18 12:44:59 -05:00
Matt Brown
3f7f959726
Fix #4599 - propagate taints to parent callers where necessary
2020-11-18 09:59:54 -05:00
Matt Brown
28dee4146a
Fix tests
2020-11-17 17:53:46 -05:00
Matt Brown
adeaa33a64
Don’t propagate taints to child constructor args
2020-11-17 16:49:29 -05:00
Matt Brown
43af3b1a57
Break out TaintedInput issues into a lot of separate ones
2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1
Allow PHP major version to determine substr return type
2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions ( #4575 )
...
Closes #4563
2020-11-16 15:49:27 -05:00
Matt Brown
5a62dc5c40
Fix #4540 - use correct method when simulating property setting
2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966
Move mutation checks to more appropriate place
2020-11-12 23:54:50 -05:00
Matt Brown
2f7bf2a144
Bind lower bounds to upper bounds as well when no upper bound can be inferred
...
Ref #4485
2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31
Fix #4524 - do better template param inheritance
2020-11-11 13:25:17 -05:00
Matt Brown
b731b53d5e
Add debug stuff for code complexity
2020-11-10 12:49:42 -05:00
Matt Brown
e27cbfba57
Reduce size of data flow graph when analysing array assignments
2020-11-09 22:44:36 -05:00
Adrien LUCAS
4cb8e86737
Add a proxy
capability to the flow annotation ( #4495 )
...
* Add a `passthru` capability to the flow annotation
* Fix passthru-calls type
* Fix types and rename to proxy
* Allow to proxy a method
Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-09 15:22:35 -05:00
Matt Brown
8799e1a337
Break apart complex method
2020-11-09 00:58:45 -05:00
Matt Brown
0be4f2fedf
Fix/ignore reflection bugs
2020-11-08 14:27:37 -05:00
Matt Brown
20e37d8cb6
Add a comment to show workings
2020-11-08 13:08:45 -05:00
Matt Brown
24c9702aa5
Remove unused imports
2020-11-08 12:31:21 -05:00
Matt Brown
6da0905478
Separate out good from the bad
2020-11-08 12:29:23 -05:00
Matt Brown
b8f5d16e9f
Consolidate similar functionality
2020-11-07 00:58:20 -05:00
Matt Brown
6b06ecec39
Fix #4491 - support assertions in new calls
2020-11-06 11:55:19 -05:00
Matt Brown
3e9c5d3600
Add support for @return never
2020-11-04 12:30:02 -05:00
Matt Brown
b5a3f45d52
Remove use of PHP 7.2 function
2020-11-04 11:02:34 -05:00
Matt Brown
91d9dc3759
Fix overeager inference
2020-11-03 16:44:24 -05:00