1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-16 03:17:02 +01:00
Commit Graph

270 Commits

Author SHA1 Message Date
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
388e804ed8 Allow opt-in to strict return type checking 2020-11-05 18:20:04 -05:00
Matt Brown
579327a470 Detect when targets are incorrectly targeted 2020-10-30 13:28:45 -04:00
Matt Brown
82f35c1454 Ensure Stringable is always available to tests that need it 2020-10-29 19:41:10 -04:00
Matt Brown
f8eee22f77 Add basic support for PHP attributes
Ref #4367 - supports creation and argument checks
2020-10-24 00:10:22 -04:00
Niclas van Eyk
0261024aa6
Initial proposal for psalm-require-{extends, implements} (#4361)
* initial implementation of psalm-require-extends

* Added @psalm-require-implements

* Added shortcode for ExtensionRequirementViolation

* Docs & cofig entries for @pasalm-require-{implements,extends}

* Added requirement violations to issues.md
2020-10-19 15:08:18 -04:00
feek
8d2db4e673
feature: universal object crates (#3948)
* feature: universal object crates

* docs: document universal object crate config option

Co-authored-by: Matthew Brown <github@muglug.com>
2020-10-07 09:56:21 -04:00
Matt Brown
377dc8da8f 4.x - change/remove some default config values 2020-10-05 10:08:41 -04:00
Matt Brown
30795281c6 Add config and docs for InvalidNamedArgument 2020-10-02 20:35:23 -04:00
Brown
6ffe471525 Make new InvalidLiteralArgument issue for strpos refs
Ref #4070
2020-09-10 22:54:32 -04:00
orklah
c6ea274180
Config reportInfo to speed up analysis for big projects (#4095) 2020-09-01 09:22:05 -04:00
Bruce Weirdan
ffb316a9e6
Converted MissingPropertyType to property issue (#4099)
Fixes vimeo/psalm#2200
2020-09-01 09:21:03 -04:00
Brown
940459787a Catch unmatched matches 2020-08-31 22:59:47 -04:00
Brown
92239add4d Add some backwards-incompatible changes for 4.x 2020-08-30 11:44:14 -04:00
Tom Klingenberg
46013a35c8
Revert config schema, fix b/c break (#4046)
Previous in d5055ea the allowCoercionFromStringToClassConst attribute has
been removed from the XML configuration file per its schema.

While technically correct (was removed in 3.0), this breaks b/c between
minor versions, breaks with the release of 3.14.0.

Fix is revert.

Ref: d5055ea1d4
Caused-by: #3982
2020-08-24 00:56:45 -04:00
Brown
10f7031080 Prevent use of $this in pure functions 2020-08-23 18:37:46 -04:00
Matthew Brown
7e13ab9cc9 Fix docs 2020-08-23 13:03:25 -04:00
Michel Hunziker
3538fe1955
Add configuration attribute to find unused @psalm-suppress (#4041) 2020-08-22 10:01:26 -04:00
Olle
3630b4a2f9 Merge remote-tracking branch 'remotes/upstream/master' 2020-08-18 15:59:46 +00:00
Bruce Weirdan
7adc25c421
Improve import errors (#3997)
* Better errors for invalid type imports

Fixes vimeo/psalm#3885

* Finishing touches

Docs, schema, CS

* Drop unused import

* Drop more unused imports
2020-08-16 22:53:53 -04:00
Matthew Brown
72ecb57def Improve names of things 2020-08-14 00:27:33 -04:00
Bruce Weirdan
d5055ea1d4
Removed obsolete documenation (#3982)
`allowCoercionFromStringToClassConst` was removed in 3.0 and never
worked since.

Refs vimeo/psalm#3976
2020-08-11 07:30:09 -04:00
Brown
6def99d653 Add ConstructorSignatureMismatch issue distinct from MethodSignatureMismatch 2020-08-10 12:26:25 -04:00
Matthew Brown
6085e42fc1 Detect mismatching param names effectively 2020-08-10 09:58:43 -04:00
Brown
c0b0036109 Fix #3934 - prevent unsafe use of new static 2020-08-05 19:39:27 -04:00
Grégoire Paris
2f673fbbd7
Detect redundant identity with true (#3893)
Using === true on a known boolean results in the same boolean.
2020-07-25 17:27:45 -04:00
Nat Zimmermann
a1a403e046
make meta path optional (#3833) 2020-07-17 10:09:42 -04:00
kesselb
aaba3a08ec
Add option to supress a referenced but undefined global variable. (#3827) 2020-07-16 09:49:59 -04:00
Olle
0965fbf989 Add if-this-is mismatch to config.xsd 2020-07-12 20:16:01 +00:00
Jon Ursenbach
6aca4c169e
feat: adding a runTaintAnalysis option into the config (#3800) 2020-07-10 13:22:03 -04:00
Bruce Weirdan
e569f08f23
Drop missing issues from XSD schema (#3657)
Two unknown issues (that were only present in schema) are dropped and a
test to validate that all issues are covered by XSD schema is added.
2020-06-23 16:56:39 -04:00
Brown
078b8b7b1a Fix #3618 - add way to load non-analyzed files 2020-06-19 00:13:09 -04:00
Olle Härstedt
e1cc27f7a2
Add new config: sealAllMethods (#3578)
* Add new config: sealAllMethods

* Add some more tests

* Fix codesniffer issue with preg_quote

* Fix missing method in test

Co-authored-by: Olle <noemail>
2020-06-15 22:36:42 -04:00
Andrei Petre
3497ca07b6
Extending final class is prohibited #3037 (#3576) 2020-06-13 00:29:59 -04:00
Ivan Kurnosov
08943ea409
Fix #3517 - Changed ignoreInternalFunctionFalseReturn default to true (#3518)
In config.xsd and the documentation
2020-06-03 22:29:09 -04:00
Brown
953be61cf2 Allow limiting connected taint paths 2020-05-25 23:28:11 -04:00
Brown
3c5b4dec06 Add documentation for MixedClone 2020-05-18 17:20:57 -04:00
Evgeniy
04a576708c
Correct analyze clone expression (#3382)
* Correct analyze clone, add PossibleInvalidClone issue type

* Infer mixed type when possible incorrect clone

* Remove unused variable
2020-05-18 16:22:50 -04:00
m0003r
28f740fddb
@psalm-trace is now a specific low-level issue, because plain debug print breaks structured output (after #3080) (#3106) 2020-04-08 21:03:05 -04:00
Matthew Brown
0d62fbdf98 Detect erroneous abstract static method calls 2020-03-11 10:18:40 -04:00
Philip Hofstetter
d315822bfa make skipping of checks after invalid includes configurable
as suggested in the PR it's best to make the setting configurable.

In order not to break existing installations, we default to keeping the
old behaviour, but in a later version of psalm, we might change the
default.
2020-02-27 18:49:23 -05:00
Matthew Brown
a706f4d722 Fix #2242 - warn when using mutable dependencies 2020-02-22 10:04:46 -05:00
Brown
7d99a15072 Fix #2805 - forbid passing in mutable class to mutation-free context 2020-02-21 18:25:35 -05:00
Matthew Brown
2e4154d76e Add better defaults and documentation 2020-02-18 20:30:37 -05:00
Brown
520b646ef6 Add suppressMixedIssues config flag to hide mixed issues 2020-02-18 17:23:48 -05:00
Matthew Brown
320f3ec863 Update level config name 2020-02-17 22:43:13 -05:00
Matthew Brown
ced092874a Make config generation smarter 2020-02-17 22:05:58 -05:00
Orklah
5eabc2e6a9 add config missing from implementation in #2737 2020-02-10 17:10:42 -05:00
Philip Hofstetter
f6983fd883 allow setting php version from config or composer.json
if a composer.json is present and a PHP version requirement is
configured, we set the php version to the minimal PHP version that
satisfies the composer requirement.

Additionally, this adds a `phpVersion` attribute to the <psalm> tag. If
that's set, it takes precedence over what has been detected in
composer.json.

And finally, the --php-version command line flag continues to work and
takes precedence over the setting in the <psalm> tag

this fixes #2628
2020-01-30 08:48:53 -05:00
Matthew Brown
5c3ec7a531 Fix #2696 - make sure static property references are prevented in pure functions 2020-01-27 22:55:20 -05:00
Brown
0f659d996d Add documentation for new issue 2020-01-23 14:33:07 -05:00
Brown
083fbc55e1 Add more specific UndefinedMagicMethod issue 2020-01-06 14:23:33 -05:00
Matthew Brown
4e85967184 Fix tests 2020-01-05 21:58:18 -05:00
Brown
af5f83602e Break out more specific possibly defined offset errors 2019-11-11 09:59:56 -05:00
Bruce Weirdan
79acbadfad Added InvalidParent issue (#2320)
Refs vimeo/psalm#2304
2019-11-11 00:21:43 -05:00
Dalibor Karlović
d2161dcd73 docs: change boolean flags to be xs:boolean (instead of xs:string) (#2274)
The schema now better reflects the actual data model, with the more
exact type and the defaults, where known.
2019-10-25 16:07:52 +02:00
Brown
b0aaede9e1 Add support for checking integer array offsets 2019-10-04 11:08:08 -04:00
Matthew Brown
260c25c930 Fix config 2019-09-21 22:56:40 -04:00
Matthew Brown
9c629414a7 Fix #2138 - complain when inheriting from immutable interfaces without annotation 2019-09-21 22:52:30 -04:00
Brown
c5ef2516b5 Fix #2150 - add detection for unnecessary @var annotations
And also remove them from codebase
2019-09-19 11:59:43 -04:00
Matthew Brown
9ad6c36d9b
Conditionally verify that array offsets exist (#2147)
* Check array offsets idea

* Clean up some issues

* Add a few light fixes

* Add docs
2019-09-18 14:21:06 -04:00
SignpostMarv
943705ce0e load an xdebug stub when required, re: vimeo/psalm#2118 (#2133)
* load an xdebug stub when required, re: vimeo/psalm#2118

* correcting case sensitivity of XDebug to Xdebug

* only load the Xdebug stub when needed
2019-09-14 10:13:39 -04:00
Matthew Brown
51e552665e Fix #2061 - add config to allow suppression of string increment issues 2019-09-01 17:49:37 -04:00
Matthew Brown
dee2cf3281 Detect use of static inside pure function 2019-08-31 21:31:53 -04:00
Matthew Brown
6d07663d70 Annotate method getters more accurately 2019-08-30 16:40:32 -04:00
Brown
95c61db513 Add a PossibleRawObjectIteration issue 2019-08-20 12:06:02 -04:00
Matthew Brown
2a5e0d8f39 Fix #1444 - track unused suppressions 2019-08-18 14:27:50 -04:00
Brown
b5614d03f8 Add detection for unused function calls 2019-08-13 13:15:23 -04:00
Matthew Brown
b2c0993cdc Add framework for taint analysis to Psalm
Ref #611
2019-08-04 10:37:36 -04:00
Matthew Brown
3df248eea2 Add concept of purity to functions and methods 2019-07-18 01:31:48 -04:00
SignpostMarv
9ac78b5d10 add psalm config attribute re: #1804 (#1936)
* add psalm config attribute for controlling the default inclusion of php & php extension version info in the error baseline

* using method recommended by @bdsl in https://github.com/vimeo/psalm/pull/1936#discussion_r302727993
2019-07-12 10:31:12 -04:00
Barney Laurance
94f934627c Work in progress - resolve directories from config file location (#1904)
* Add resolveFromConfigFile config option

Treats all paths as relative to the location of the config file, not
the current working directory of the process.

This commit just changes psalm, further commits will be needed to
apply the change to psalter and the LSP server.

* Copy asset xml files into project root for testing, delete during teardown

Needed since paths are now resolved relative to the position of the
file.

Not sure why I only saw a test failre for 1.xml - would have expected it
for all eight files.

* Fix following rebase

* Move psalm --init handly code above working directory setting code

If there's no psalm.xml yet we can't use the location of psalm.xml to
set our working directory

* Move Psalm version output code above working directory resolution

Working directory doesn't need to be known to output version constant

* Rely on new config file based working directory in end to end test

* Dont use rely on config dir for --alter - not currently working

* Fix code style error

* Add failing test for supporting config without `resolveFromConfigFile="true"`

* Don't treat config directory as a path to check

* Document resolveFromConfigFile setting
2019-07-06 12:21:39 -04:00
Matthew Brown
5a64e97f0f Fix #1793 - warn on deprecated function 2019-06-15 12:09:15 -04:00
Brown
9aeaf1a4ed Fix #1746 - allow DeprecatedInterface to be suppressed with referencedClass 2019-06-06 14:48:33 -04:00
Brown
4a434d9a2f Add separate issue for undefined classes in docblocks 2019-05-15 18:41:26 -04:00
Brown
30cbcb6c36 Add ImplementedParamTypeMismatch issue
Fixes #1633
2019-05-14 15:44:46 -04:00
Brown
0e4c8ce482 Split apart TypeCoercion issues, allowing more granular issue filtering 2019-04-25 18:02:19 -04:00
Brown
cf5fb43a66 Add missing config options 2019-04-22 11:32:06 -04:00
bugreportuser
2e147585a1 Allow ignoring exceptions only in global scope 2019-04-16 22:42:45 -04:00
Brown
af4d10cb63 Fix #1499 - use TraitMethodSignatureMismatch when dealing with trait methods 2019-03-29 14:09:06 -04:00
bugreportuser
976c2c5ef3 Add an error for throws in global scope 2019-03-24 23:03:37 -04:00
Matthew Brown
472ab29d74 Add PossiblyInvalidCast for more refined checks 2019-03-17 17:10:51 -04:00
Brown
b3a59d2638 Fix #1435 - prevent classes extending interfaces 2019-03-07 11:16:40 -05:00
bugreportuser
056e5a5b1e Allow setting globals in config 2019-03-06 15:59:41 -05:00
Brown
bd372e93af Add config flags for findUnusedVariables and findUnusedCode 2019-03-05 15:45:09 -05:00
Matthew Brown
cdae79b9fe Fix unnecessary params in Psalm codebase 2019-02-23 11:31:33 -05:00
Brown
3deea3980d Add checks for unitialized properties
Fixes #1328
2019-02-13 13:32:19 -05:00
Matthew Brown
c58100e3af Fix #1313 - don’t allow mixed function calls 2019-02-10 16:15:52 -05:00
Brown
3f289731bb Add ability to check descendants in ignored exceptions 2019-01-31 18:40:40 -05:00
Brown
b5059f45a0 Allow users to ignore missing ignorefiles 2019-01-28 11:50:18 -05:00
Brown
fcc9d1a979 Fix #1244 and fix #1243 - add template-extends checks 2019-01-25 15:31:17 -05:00
Brown
cd0a7441d9 Add warnings for extended template param counts off 2019-01-24 17:55:03 -05:00
Brown
fb28362fb9 Fix NoInterfaceProperties to allow referencedClass 2019-01-23 17:41:15 -05:00
Matthew Brown
bd9f2ec546 Add separate issue type for undefined interface method 2019-01-13 13:07:53 -05:00
Matthew Brown
195cb289ed Add float-checking plugin, and support for custom plugin issues 2019-01-07 08:38:56 -05:00
Matthew Brown
214fd7d461 Add DuplicateFunction issue
Fixes #49
2019-01-06 16:40:44 -05:00
Brown
2b4b55fd33 Add support for @return no-return
Fixes #1155
2019-01-02 17:05:39 -05:00
Brown
1d300ec342 Fix #1150 2019-01-02 11:18:22 -05:00