1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-15 10:57:08 +01:00
Commit Graph

6956 Commits

Author SHA1 Message Date
Matt Brown
419114e1f0 Fix #5662 — prevent crash when reporting mixed issue on virtual arg 2021-04-23 15:34:35 -04:00
Matt Brown
ecd5e3b7ae Fix #5652 - use accurate type combination rules when replacing templated union 2021-04-22 00:33:49 -04:00
Vincent Langlet
39e61ae942
Add support for phpstan import-type and type annotations (#5648)
* Add support for phpstan import-type and type annotations

* Add test

* Fix cs
2021-04-19 22:56:08 -04:00
Matt Brown
40b6860881 Workaround Phar compaction error 2021-04-18 23:28:34 -04:00
Matt Brown
642f2f435c Fix #5640 - improve handling of assignments in conditional 2021-04-18 16:16:54 -04:00
Matt Brown
bb0bfda7c5 Improve mic drop variable name 2021-04-18 15:50:50 -04:00
Matt Brown
0acc02e184 Use more descriptive names for properties & variables of if/else handling 2021-04-18 15:38:12 -04:00
Bruce Weirdan
93946d0827
Forbid rejecting named arguments when parent allows them (#5627)
Fixes vimeo/psalm#5622
2021-04-15 06:55:13 -04:00
Matthew Brown
e505cd58b4
Add use 2021-04-12 23:52:50 -04:00
Matt Brown
f874740c83 Fix phpcs 2021-04-10 22:01:07 -04:00
Matt Brown
b7f122425f Use proper variable 2021-04-10 21:48:50 -04:00
Abdul Malik Ikhsan
2a31b66978
Add json_last_error to impure function (#5613)
* Add json_last_error to impure function

* add 'json_encode', 'json_decode' as well

* revert json_encode and json_decode
2021-04-10 20:38:02 -04:00
Matt Brown
012dafad79 Fix #5383 - prevent unsound use of new static for generics 2021-04-10 13:16:19 -04:00
orklah
bb88cff28a
Int and Float can be reconciled with Numeric (#5611) 2021-04-09 23:59:59 -04:00
3b3065c881
Allow variable keys with array_key_exists (#5606)
* Allow variable keys with array_key_exists

* Switch to elseif
2021-04-09 11:29:45 -04:00
AndrolGenhald
9f0d13998f
Fix race condition creating parser cache directory (fixes #4483) (#5603)
I wasn't able to reproduce the error under normal conditions, but I set a
breakpoint on the `mkdir` call, created the directory, then continued, and it
seems to handle it correctly.
2021-04-09 11:29:09 -04:00
AndrolGenhald
518d0af895
Strict int/float comparison for conditional types, improve range return type (#5601) 2021-04-09 11:28:48 -04:00
Cyril PASCAL
c45e47d8ad Allow to use string key for preg_replace_callback callable argument 2021-04-09 15:33:16 +02:00
orklah
5f4a21190f
Numeric can be Falsy (#5598) 2021-04-07 22:02:13 -04:00
AndrolGenhald
870c433dc2
Check oldest ancestor for protected method visibility (fixes #5595) (#5597) 2021-04-07 22:01:41 -04:00
AndrolGenhald
9a03598a6d
Improve type resolution of class constants. (#5591)
Handle array plus operator (fixes #5588).
Handle array spread operator.
Improve string concatenation to resolve to literal instead of unknown string.

I feel like it should be possible to let ConstantTypeResolver take advantage of
the better type analysis in ArrayAnalyzer, ConcatAnalyzer, etc, but it would
require a restructuring that's beyond me for the time being.
2021-04-07 21:56:35 -04:00
Matt Brown
a469c82653 Fix #5587 - detect final class calls when routed through parent 2021-04-06 12:35:09 -04:00
Matt Brown
7080bc3bff Fix #5578 - variables always set in conditionals should be combined 2021-04-06 11:11:40 -04:00
Matt Brown
517b2030c9 Fix #5545 - throwing uses method 2021-04-04 21:17:12 -04:00
Bruce Weirdan
f07b6e675e
Support array of objects in array_column() (#5567)
Fixes vimeo/psalm#5460
2021-04-04 00:01:01 -04:00
Bruce Weirdan
34cb21c7fc
Report cases where object is coerced into object with properties (#5566)
Fixes vimeo/psalm#5565
2021-04-04 00:00:31 -04:00
Bruce Weirdan
106c7db5d1
Provide more detailed return type for get_object_vars() (#5557)
Handle keyed objects and named objects, including support for property
visibility.
2021-04-02 15:39:43 -04:00
Valentin Udaltsov
31096d9361
Marked iterator_to_array as an impure function (#5532) 2021-04-02 15:38:15 -04:00
AndrolGenhald
d022910599
ConcatAnalyzer improvements and non-falsy-string fixes. (#5544)
* ConcatAnalyzer improvements.

Deduplicate code.
Improve type inference.
Allow literal type inference when only one side has multiple types (fixes #5483).
Fix invalid type inference with negative int as right operand.

* Fix inference to be lowercase-string when concatenating int.

* Fix TNonEmptyLowercaseString to not be subtype of TNonFalsyString.

'0' is a non-empty-lowercase-string that is falsy.

* Fix other issues with non-falsy-string.

* Nest ands and ors

Co-authored-by: Matthew Brown <github@muglug.com>
2021-03-31 23:16:21 -04:00
Matt Brown
fe97aa0722 Fix #5542 - nullsafe method calls are assumed used 2021-03-31 10:08:52 -04:00
Matt Brown
150dd00060 Fix #5540 - function is used inside throw expression 2021-03-31 10:03:25 -04:00
Valentin Udaltsov
59b7de5647
Closes #3238 Marked flock as an impure function (#5543) 2021-03-31 09:55:36 -04:00
Matt Brown
ece138562f Fix too-long line 2021-03-30 18:39:51 -04:00
Bruce Weirdan
cd002e6a87
Do not consider isset checks on static properties as redundant (#5525)
* Do not consider isset checks on static properties as redundant

Unlike normal properties, static properties do not have a prescribed
initialization sequence, so they can always be uninitialized (or unset).
Thus `isset()` checks on them are never redundant.

Fixes vimeo/psalm#5489

* Fix issue with nullable is_static
2021-03-30 11:56:08 -04:00
Martin Gold
667568d925
Double directory separator on "Cannot resolve stubfile path" (#5509)
* fix: double directory separator on invalid stubfile path

* fix: non-existing stubfile error message
2021-03-30 11:55:33 -04:00
Bruce Weirdan
8753c28a1b
Marked more functions as impure (#5524)
Fixes vimeo/psalm#5519
2021-03-30 11:55:09 -04:00
Bruce Weirdan
6bd7f5b867
Forbid template annotation on closures (#5499)
They don't work properly anyway.

Fixes vimeo/psalm#5472
2021-03-29 15:10:04 -04:00
orklah
adc5368b97
fix Int overflow for pow (#5510) 2021-03-29 15:09:44 -04:00
Matt Brown
17e147935a Fix #5506 – make array_values and iterator_to_array respect nested templates 2021-03-29 09:37:51 -04:00
Bruce Weirdan
d57dde0d15
Allow phantom classes in instanceof expression (#5498)
Fixes vimeo/psalm#5481
2021-03-29 00:11:45 -04:00
Matt Brown
d4377c0baf Check upper bound too 2021-03-28 23:54:38 -04:00
Matt Brown
2d197e3e12 Allow older composer/semver cc @xurizaemon 2021-03-28 23:45:52 -04:00
Bruce Weirdan
ec7de89f0c
Do not let string subtypes subsume class-strings (#5497)
Previously, Psalm would treat unions like `class-string|numeric-string`
as `numeric-string`, while the only case when string should subsume
`class-string` is when we're combining `class-string` with non-specific
`string`.

Fixes vimeo/psalm#5491
2021-03-28 23:12:23 -04:00
Matt Brown
9a714b759e Fix #5496 - ensure params extended in properties are properly fleshed out 2021-03-28 23:10:38 -04:00
Matt Brown
f41deeab0a Taint through reset call 2021-03-28 13:14:35 -04:00
Matt Brown
f24ef253e3 Add better trace for MixedOperand issues 2021-03-28 12:09:16 -04:00
Matt Brown
93743d1465 Also add better message for MixedArgumentTypeCoercion 2021-03-28 11:32:38 -04:00
Matt Brown
54ac13b190 Allow nested template unwrapping inside reset, end
Fixes #5208
2021-03-28 09:52:23 -04:00
Matt Brown
72226c500a Add level to shepherd data 2021-03-27 22:24:38 -04:00
Matt Brown
c64e879178 Only check param-out when no exception is thrown 2021-03-27 09:50:20 -04:00
orklah
12cd9590c8
allow $var::class on templates (#5484) 2021-03-26 21:21:38 -04:00
sji
19554de6f6
Add @ignore-var and @psalm-ignore-var (#5488)
* add `@ignore-var` and `@psalm-ignore-var`

* Change two words

Co-authored-by: Matthew Brown <github@muglug.com>
2021-03-26 21:20:23 -04:00
Saif Eddin Gmati
9f74676524
allow dismissing return value of pure functions with by-reference arguments (#5463) 2021-03-25 09:05:59 -04:00
Matt Brown
929f931c14 Taint mixed keys too 2021-03-24 16:42:30 -04:00
Jean-Nicolas
30f64b79de
Checks the intersection type if the magic method does not exist (#5473) 2021-03-24 15:34:05 -04:00
Matt Brown
10ccbdd8be Add tainting for array keys
Fixes #5470
2021-03-24 15:32:56 -04:00
Matt Brown
937e68cc75 Change taint path names to prepare for allowing array key tainting 2021-03-24 15:23:56 -04:00
Matt Brown
9ad88256d1 Fix error message 2021-03-24 14:32:01 -04:00
b61ff8cffb
Allow string template params in concatenation (#5468) 2021-03-24 09:52:10 -04:00
Matt Brown
efa9b136d3 Fix linting issues 2021-03-23 19:42:56 -04:00
Saif Eddin Gmati
477ae33cd6
allow dismissing return value of no-return pure functions (#5461) 2021-03-23 19:34:12 -04:00
Matt Brown
a96645d2e3 Fix many uses of offsets 2021-03-23 01:30:51 -04:00
Matt Brown
15b0542260 Prevent more offset issues 2021-03-22 23:26:03 -04:00
Matt Brown
bf578d1024 Fix potential crash when calling magic setter 2021-03-22 23:08:38 -04:00
AndrolGenhald
de5a031088
Improve @no-named-arguments support and variadics. (#5455)
* Improve @no-named-arguments support and variadics.

Handling of argument unpacking and variadics still needs a pretty big makeover, but this is a good start.

Fixes #5420
Improves #5453 (iterable works, array still causes issues)

* Remove unneeded imports.
2021-03-22 19:58:22 -04:00
Matt Brown
9f3f420a5b Turn on unused variable detection by default on level 1 2021-03-22 09:44:40 -04:00
Sergey Yakimov
fb94db9b1f
Add proper handling of unpacked arguments with string keys (#5446)
* Add proper handling of unpacked arguments with string keys

* Fix undefined array key error

* Fix missed named arguments handling

* Fix false-positive on variadic parameter

* Add tests
2021-03-22 09:08:05 -04:00
Bruce Weirdan
4eca6acebd
Don't crash on index types used in a conditional type (#5447)
Fixes crash reported in vimeo/psalm#5423
2021-03-22 09:07:14 -04:00
Matt Brown
b73223f9c1 Add use statements 2021-03-20 22:17:22 -04:00
Matt Brown
f69cab8c02 Fix extra issue tests 2021-03-20 21:55:17 -04:00
Matt Brown
44c6d3035b Add more mixed origin information 2021-03-20 21:45:38 -04:00
Matt Brown
7f8d522912 Make all mixed issues implement MixedIssue 2021-03-20 21:44:04 -04:00
Matt Brown
d1740394aa Detect mixed echo argument when unused variable detection is turned on 2021-03-20 20:53:51 -04:00
Samuel Mortenson
e07337650b
Make taint source keys unique to the added taints. (#5444) 2021-03-20 15:42:24 -04:00
AndrolGenhald
0579c1109b
Fix bugs with array spread operator (fixes #5421) (#5433) 2021-03-19 22:43:58 -04:00
Samuel Mortenson
4aabb411a8
Added event to prevent tainting. (#5398)
* Added event to prevent tainting.

* Remove optional codebase parameter.

* Removed falsy check for codebase.

* Use two separate hooks for adding and removing taints

* Add slashes

* Update add/remove taint test name.

* Cleaned up SafeArrayKeyChecker example plugin.

* Added more AddRemoveTaintsEvent calls to codebase.

* Fix type check error with $added_taints param.

* Added AddRemoveTaintsEvent to remaining classes.

* Fix post-merge error.

* Add comma

* Remove $int_offset that never existed

Co-authored-by: Matt Brown <github@muglug.com>
2021-03-19 22:41:41 -04:00
AndrolGenhald
843305c8e0
Support template property invariance (fixes #5371) (#5414)
* Support property invariance with templates.

* Fix false positive NonInvariantDocblockPropertyType with grandchild.

* Redo templated property invariance check to fix issues.

* Add template covariant test.

* Fix property invariance false positive with template-covariant.
2021-03-19 21:55:50 -04:00
AndrolGenhald
17f23ccb30
Fix false-positive with non-empty object like array (fixes #5436) (#5437) 2021-03-19 21:54:01 -04:00
AndrolGenhald
b859fba52d
Fix array spread false negative that crashes (fixes #5431, reverts #2852) (#5432) 2021-03-19 21:51:36 -04:00
AndrolGenhald
d4590711d6
Fix object-like array keys when combining string and automatic keys (fixes #5427). (#5428)
* Fix object-like array keys (fixes #5427).

* Fix incorrect return types for tests.

* Fix false positive list with literal int key.
2021-03-19 21:44:44 -04:00
Matt Brown
42d3bceb4e Use more accurate return type 2021-03-18 15:19:29 -04:00
Matt Brown
b7a68edd0b Simplify complex methods 2021-03-18 15:09:03 -04:00
Matt Brown
a871d0dd58 Fix dumb bug 2021-03-18 11:27:32 -04:00
Matt Brown
e919e41114 Improve labelling 2021-03-18 11:18:49 -04:00
Matt Brown
04f3e29f94 Expand documentation method return type to ensure we’re giving a fair shot 2021-03-18 11:07:02 -04:00
AndrolGenhald
45694d37d4
Fix composer major.minor version detection (fixes #5415) (#5416)
* Fix composer major.minor version detection (fixes #5415)

* Add PHP 8 polyfill dependency.

* Fix version check.
2021-03-18 09:42:01 -04:00
Matt Brown
d19088bb10 Add better origins for calls 2021-03-17 19:37:21 -04:00
Matt Brown
3046468d1e Add hints for MixedAssignment issues 2021-03-17 01:10:42 -04:00
Bruce Weirdan
97fe86c4e1
Fix BC break introduced in 4.6.3 (#5410)
Fixes vimeo/psalm#5405

Requires new patch release.

This PR reverts changes to the signature of `IssueBuffer::finish()` and
introduces separate method to be used to capture `$_SERVER`
2021-03-16 19:28:18 -04:00
Matt Brown
9d979e3467 Fix #5406 - track more changes to assertion type 2021-03-16 16:33:09 -04:00
orklah
2777b62d0b
String can be reconciled with Scalar (#5402) 2021-03-16 13:46:23 -04:00
orklah
ff5a6cb297
iterator_to_array must always return array-key (#5400) 2021-03-16 13:45:34 -04:00
AndrolGenhald
9d840ee87b
Disable property invariance checks for properties with templates (#5380)
* Disable property invariance checks for templates

Property invariance checks were already disabled for template
properties, this also disabled the checks for arrays, lists,
class-string-maps, and iterables that contain templates.

Partially fixes #5371

* CS fixes

* Fix and simplify hasTemplate.

Add hasTemplate to TypeNode and simplify implementation with getChildNodes.

* Revert hasTemplate change and add containsTemplate.

* Check class-string too.
2021-03-16 13:43:30 -04:00
Bruce Weirdan
ae247d09a3
Don't mark promoted properties as unused params (#5404)
If anything, they should be marked as unused properties.

Fixes vimeo/psalm#4964
2021-03-16 13:41:43 -04:00
Matt Brown
817d1cf3fe Fix #5408 - avoid nullref when parser param cannot be found 2021-03-16 13:40:16 -04:00
Matt Brown
f1a840727d Improve min/max return type cc @orklah
Type::combineUnionTypes preserves metadata for union types, and is more accurate
2021-03-13 19:28:24 -05:00
Matt Brown
b549989ba7 Prevent overwriting storage type during analysis 2021-03-13 14:12:55 -05:00
orklah
90fd1c5d1f
fix usage of callable with array_map (#5373) 2021-03-12 14:05:22 -05:00
orklah
cddef00692
fix int overflow (#5369) 2021-03-12 13:24:00 -05:00
Bruce Weirdan
205fdd197e
Wrap entrypoints into IIFE to protect their variables (#5366)
* Wrap entrypoints into IIFE to protect their variables

Fixes vimeo/psalm#5359

* Add tests for Psalm variable isolation

* Capture environment before registering autoloader
2021-03-11 00:14:22 -05:00
orklah
0a4ad5733b
add stubs for min/max (#5353) 2021-03-11 00:13:17 -05:00
Bruce Weirdan
4f8ba04236
Provide more specific explode() return type (#5350)
Fixes vimeo/psalm#5347

`explode()` now omits `false` from the return type  when separator is a
definitely non-empty string.
2021-03-11 00:09:15 -05:00
Bruce Weirdan
8be77aaa2e
Track variable usage in bool to int casts (#5349)
Fixes vimeo/psalm#4956
2021-03-11 00:08:32 -05:00
Bruce Weirdan
185827a7ab
Continue analysis after unknown exception being caught (#5348)
Fixes vimeo/psalm#5188
2021-03-11 00:08:02 -05:00
Bruce Weirdan
71a0457284
Emit ImplicitToStringCast in more places (#5344)
* Emit ImplicitToStringCast in more places

Fixes vimeo/psalm#5320

`to_string_cast` is set on successful comparison, thus it needs to
always bubble up (it will be ignored in UnionTypeComparator if some part
does not match).

* Fix implicit casts

* Fix handling of string method references in self-out context
2021-03-11 00:07:39 -05:00
Bruce Weirdan
7138678c63
Allow undefined variable detection in arrow functions (#5343)
Previously Psalm would assume that any variable it sees in the arrow
function body is defined (and mixed, if it's not available in the outer
scope). This prevented undefined variable detection. Dropping that
assumption allows it to work.

Fixes vimeo/psalm#5331
2021-03-11 00:06:23 -05:00
Claas Augner
3c66b755e2
Always return type inference summary, even if no files were analyzed due to caching (#5329)
* Fix #5319 – Always return type inference summary

Even if no files were analyzed (e.g. due to caching).

* fix code style
2021-03-06 17:20:01 -05:00
Bruce Weirdan
65f0fb0288
Allow multiple version-dependent method stubs (#5337)
Fixed vimeo/psalm#4836
2021-03-06 17:18:51 -05:00
Matt Brown
c97ee5ccdb Fix #5258 - allow ReflectionParameeter::hasType() to inform getType() return 2021-03-06 16:54:23 -05:00
Matt Brown
ca331f5afa Consolidate assertion sanitisation 2021-03-06 16:43:11 -05:00
Matt Brown
c05a3ea073 Break up CoreGenericClasses 2021-03-06 16:05:14 -05:00
Matt Brown
96e0743892 Fix #5325 – remove all memoised methods when calling a method with property mutations 2021-03-05 00:39:25 -05:00
Matt Brown
4c65d3b424 Fix #5310 - allow iterable coercion from generic object 2021-03-03 00:13:00 -05:00
404db2bb1a
Fix JSON reports with long UTF8 strings (#5300)
* Fix JSON reports with long UTF8 strings

* CS fix

* UTF8-safe snippets
2021-03-01 11:23:21 -05:00
Matt Brown
f5ed12f038 Fix tests by removing references 2021-02-28 23:58:21 -05:00
Matt Brown
3f4bb25a35 Simplify reference map updates 2021-02-28 10:36:36 -05:00
Matt Brown
ad82c93edb Fix #5297 - be more sensitive to additions and deletions in language server mode 2021-02-28 01:36:06 -05:00
Matt Brown
7db742dee3 Fix #5295 - offer static methods for completion too in instance mode 2021-02-27 11:36:19 -05:00
Matt Brown
44f8d71e72 Fix #5290 - improve inference of nested class-string template types 2021-02-27 01:00:05 -05:00
Matt Brown
216e500ea6 Fix copy/paste error 2021-02-27 00:56:01 -05:00
Matt Brown
98eb40c4ca Improve unwrapping inference in nested templates
Ref #5290
2021-02-27 00:22:31 -05:00
Matt Brown
bca09d74ad Fix style issues 2021-02-25 21:24:18 -05:00
Matt Brown
474ebf912e Fix #5229 - new SomeTemplatedClass should expand out params even if none passed 2021-02-25 21:20:05 -05:00
Matt Brown
d4841993b2 Fix #5279 - don’t convert get_class($templated) into dependent type 2021-02-25 18:43:04 -05:00
Matt Brown
b2c35834ff Remove mistakenly-duplicated code for get_* functions 2021-02-25 18:40:05 -05:00
Matt Brown
924f6b6f94 Propagate mutation removal up the context parent tree
Fixes #5231
2021-02-25 18:11:58 -05:00
Maximilian Bösing
5169bd735e
bugfix: do not throw ConfigException when missing files are allowed (#5280)
Signed-off-by: Maximilian Bösing <2189546+boesing@users.noreply.github.com>
2021-02-25 17:43:02 -05:00
Joe Hoyle
e59670ef68
Add documentation to LSP (#5267)
* Add documention to LSP

Add descriptions for all Classes, Functions, Methods, Class Constants for LSP methods for Hover, SignatureInformation and Completions

* Descriptions for class name completions

* PHPCS

* Fix docblock being overriden

* Remove trailing comma in args

* Add description to function param before early `continue`

* Update php-language-server-protocol to 1.5

* Break up long array docblocks

* Break up docblock onto newline

Co-authored-by: Matthew Brown <github@muglug.com>
2021-02-24 10:14:04 -05:00
Matt Brown
f8cbb229f6 Fix #5236 - improve reconciliation of interfaces when unioned with class 2021-02-24 00:05:12 -05:00
Matt Brown
7958ef6889 Decomplicate method 2021-02-24 00:03:55 -05:00
Matt Brown
cafbdb6831 Fix #5264 - use accurate static type when calling parent method in trait 2021-02-23 20:48:22 -05:00
Matt Brown
def7326ae1 Remove static from return type when final
Fixes #5244
2021-02-23 19:06:45 -05:00
Matt Brown
78577fd624 Fix #5257 - allow object::foo() call 2021-02-23 17:31:14 -05:00
orklah
69eb8e4999
display PHP version when not understanding an expression (#5268) 2021-02-22 13:15:34 -05:00
elnoro
e1d6f2f491
Fixed 4788 (#5263) 2021-02-22 09:21:28 -05:00
Egor Talantsev
a4c4215fab
Change code-climate line reference (#5262) 2021-02-22 09:20:33 -05:00
Bruce Weirdan
26978fcea1
Convert PHP errors / warnings / notices to exceptions (#5260)
* Sort uses

* Add ErrorHandler

* Use new error handler

* Drop old exception handler

* Suppress error-triggered exceptions during external autoload calls
2021-02-22 09:19:34 -05:00
Matt Brown
6ba899e34e Only replace static type once 2021-02-22 00:25:13 -05:00
Bruce Weirdan
1f84fdf110
Fix vimeo/psalm#5255 (#5256) 2021-02-20 20:15:46 -05:00
Matt Brown
3106635953 Fix inference of conditional types when wildcard constant given 2021-02-20 12:21:52 -05:00
Matt Brown
e93e532e4e Fix #5239 - make replacement work in 7.1-7.3 2021-02-17 16:54:11 -05:00
Matt Brown
9d6d3916da Revert "Prevent TypeParseException when dealing with nested template in assertion"
This reverts commit 196f24aac3.
2021-02-17 09:46:54 -05:00
Matt Brown
686f9fcaaa Don’t throw an exceptin when parsing invalid type 2021-02-16 20:24:16 -05:00
Matt Brown
196f24aac3 Prevent TypeParseException when dealing with nested template in assertion 2021-02-16 20:06:15 -05:00
orklah
7b24552534
Fix not always positive bit operations (#5233)
* Fix not always positive bit operations

* Fix not always positive bit operations

* add test
2021-02-15 23:10:42 -05:00
orklah
5191dac3fa
Introduce Virtual Nodes in order to differentiate real nodes in plugins (#5222) 2021-02-15 16:18:41 -05:00
Matt Brown
77feecb370 Apply the partial diff hack earlier 2021-02-15 15:32:35 -05:00
Matt Brown
09281aba25 Specify it’s a snippet 2021-02-15 14:05:54 -05:00
Matt Brown
bc13001533 Put cursor in first param position 2021-02-15 13:21:05 -05:00
Matt Brown
86ba3b02f6 Improve documentation further 2021-02-15 11:40:45 -05:00
Matt Brown
472fbf790b Update comment 2021-02-15 11:33:56 -05:00
Matt Brown
a115d311b6 Fix small things 2021-02-15 11:31:34 -05:00
Matt Brown
bfe8bf523c Add slash 2021-02-15 11:13:50 -05:00
Matt Brown
e60c333f2d Fix completion of Foo:: before an if statement 2021-02-15 11:12:04 -05:00
Matt Brown
b7792ab0b4 Fix static method call completion with variable assignment after 2021-02-15 00:45:39 -05:00
Matt Brown
bd6efd7cf2 Improve completion for namespaced classes
cc @joehoyle - this mainly allows us to get a correct list when the user starts typing Foo (without the new before it) inside a namespace
2021-02-14 23:25:13 -05:00
Matt Brown
6b53e79505 When there’s an irrecoverqable syntax error invalidate all issues in the file 2021-02-14 21:16:12 -05:00
Matt Brown
1d5020f59f Only match functions where the first character has the same case as stub
cc @joehoyle - this prevents seeing lots of date_* functions when writing Date
2021-02-14 20:08:31 -05:00
Matt Brown
8834a54934 Fix #5219 - invalidate cache for changed params 2021-02-14 12:07:15 -05:00
Vincent Langlet
a80d5b736b
Rename stub to avoid phpstorm conflict (#5213) 2021-02-13 18:42:34 -05:00
Matt Brown
00288c14c5 Fix param 2021-02-13 16:23:11 -05:00
Matt Brown
6fb7423c68 Fix #5211 - prevent infinite loop in template inference 2021-02-13 16:16:58 -05:00
Leighton Thomas
e476625c1e
Allow @psalm-type and @psalm-import-type to be used in extends/implements (#5205)
* Fix #4240 - allow type aliases to be used as type parameters

* Fix issues that phpcs found

* Fix #4240 - stop type aliases being everywhere in the same file

* Fix #4240- re-add stuff that was deleted unnecessarily
2021-02-12 17:02:24 -05:00
Alexandru Pătrănescu
8c0a5b7059
Remove the trailing comma for function call as minimum support version is 7.1 (#5201) 2021-02-12 17:00:58 -05:00
Alberto Piai
144bb37f76
Fix array_key_exists() with all int literal keys (#5197)
When checking code like the following:

```
<?php

function checkNegated(string $key): void {
    $arr = [
        0 => "foo",
        1 => "bar",
    ];

    if (!array_key_exists($key, $arr)) {
        printf("not found\n");
    }
}

function check(string $key): void {
    $arr = [
        0 => "foo",
        1 => "bar",
    ];

    if (array_key_exists($key, $arr)) {
        printf("found\n");
    }
}
```

the `if` in `checkNegated` would cause:

```
ERROR: RedundantCondition - 9:10 - Type string for $key is never =int(0)
```

This happens when the array keys are all int literals, but the "needle"
is a string.

`array_key_exists()` uses a loose equality comparison, but the generated
assertions for this specific case
(`AssertionFinder::getArrayKeyExistsAssertions`) was generating strict
equality clauses. This commit fixes it by changing the generated clause
from `=` to `~`.
2021-02-12 17:00:38 -05:00
Joe Hoyle
4077de2c93
Add completions for functions (#5128)
* Add completions for functions

Provide autocompletions in the LSP for all global functions and functions from namespaces used in the current context.

* Uncomment code

* PHPCS

* Simplify functions map

Co-authored-by: Matthew Brown <github@muglug.com>

* Switch to storing lowercase function string in array key

* Fix spacing

Co-authored-by: Matthew Brown <github@muglug.com>
2021-02-12 16:59:47 -05:00
Matt Brown
fa337375ae Fix #5198 - allow is_array check on templated 2021-02-12 12:32:24 -05:00
Matt Brown
c9ff1eee63 Fix syntax issue in PHP 7.2
Fixes #5206
2021-02-12 11:09:41 -05:00
Matt Brown
257a1ca672 Fix #5194 - don’t warn when redefining core class properties 2021-02-11 14:12:25 -05:00
Matt Brown
044602a244 Fix #5196 - fix type before assigning default property values 2021-02-11 09:38:04 -05:00
Matt Brown
ccdb29abfa Improve handling of property-mutating calls 2021-02-10 12:09:21 -05:00
Matt Brown
2dc86651a4 Check context var exists 2021-02-09 14:13:24 -05:00
orklah
88fe805c27
Prevent throwing a division by zero when encountering a literal division by zero (#5182) 2021-02-09 11:48:59 -05:00
Matt Brown
c7b7da46e9 Add slashes 2021-02-09 11:48:24 -05:00
Matt Brown
61478bb003 Use generics to allow property subclassing
cc @bdsl
2021-02-09 11:40:52 -05:00
Matt Brown
8aaa489733 Make more operations generic-safe 2021-02-09 11:37:48 -05:00
Matt Brown
b9dac8c46c Add slashes 2021-02-09 10:57:19 -05:00
Matt Brown
a955dabfe5 Account for context var not existing 2021-02-09 10:46:33 -05:00
Matt Brown
2b9d307cab Fix #5184 - remove this vars from parent context where possible 2021-02-09 10:23:22 -05:00
Matt Brown
ecfc4726d7 Limit removal of vars further 2021-02-09 00:53:09 -05:00
Matt Brown
ad0b575080 Better fix for #5180 2021-02-08 23:31:49 -05:00
Matt Brown
9b8fdf154d Revert "Allow refinement of $this properties based on subclass"
This reverts commit 1d5d2403e2.
2021-02-08 22:50:50 -05:00
Matt Brown
1d5d2403e2 Allow refinement of $this properties based on subclass
Fixes #5180
2021-02-08 22:46:32 -05:00
Matt Brown
2b2d1c1060 Add null check 2021-02-08 09:44:46 -05:00
Barney Laurance
509aadc08a
Remove all (but one) properity declarations that needed NonInvariantDocblockPropertyType suppressed (#5174)
The remaining property
\Psalm\Internal\Analyzer\NamespaceAnalyzer::$source seems a bit harder
to fix
2021-02-08 09:36:42 -05:00
Matt Brown
876a772edc Fix #5176 - substitute in actual argument when instance type found 2021-02-08 09:29:41 -05:00
Matt Brown
3be1bb7342 Limited fix for #5028 2021-02-07 22:56:37 -05:00
Bruce Weirdan
e3d73a3166
Allow suppressing thrown interfaces and their descendants (#5178)
Fixes vimeo/psalm#5177
2021-02-07 21:08:29 -05:00
Matt Brown
3bf7a73c61 Simplify TypeExpander::expandAtomic 2021-02-07 13:14:26 -05:00
Matt Brown
649d1f6ad6 Don’t recursively expand generic types 2021-02-07 11:31:42 -05:00
Matt Brown
8b5e0fc754 Fix #5172 - prevent calling function with implicitly-broader type 2021-02-07 11:07:22 -05:00
Matt Brown
5e2d252edb Fix invariance checks 2021-02-07 01:58:03 -05:00
Matt Brown
4d76f7545c Allow property type invariance on templated properties
This is a bit of a hack – the comparison should be similar to the ones done in MethodComparator, but this avoids false-positives for now
2021-02-07 01:45:48 -05:00
Matt Brown
049b2c3f7a Prevent check triggering for commonly-extended classes 2021-02-07 01:24:08 -05:00
Matt Brown
f2d202e2bb Add less severe issue for docblock property type invariance cc @bdsl
This is less likely to break everything
2021-02-07 00:52:29 -05:00
Bruce Weirdan
04bb2b1182
Prevent invalid Traversable implementation (#5171)
* Prevent invalid Traversable implementation

Fixes vimeo/psalm#5167

* Document new issue

* CS fix
2021-02-06 22:10:05 -05:00
Bruce Weirdan
b72c5a0fa2
Mark variables in throw arguments as used (#5166)
Fixes vimeo/psalm#5164
2021-02-06 22:07:01 -05:00
Saif Eddin Gmati
d740c1679c
allow libraries to provide psalm plugins (#5165) 2021-02-06 22:06:00 -05:00
orklah
343d020408
improve psalter capacities for anonymous class extending real classes (#5146) 2021-02-04 09:59:38 -05:00
Matt Brown
ff325b3e70 Fix #5141 - combine numeric-string and non-empty-string to non-empty-string 2021-02-03 17:40:41 -05:00
Matt Brown
a0420fb704 Add non-falsy-string to allow more accurate checks 2021-02-03 17:19:48 -05:00
Matt Brown
03665b9646 Revert "Correct Psalm’s concept of string emptiness"
This reverts commit 331ce8ead4.

It was too hasty
2021-02-03 01:09:58 -05:00
Matt Brown
331ce8ead4 Correct Psalm’s concept of string emptiness
It contrasted with PHP’s idea
2021-02-02 23:07:51 -05:00
Matt Brown
7dbdc8c59e Fix #5144 - prevent exception during taint analysis 2021-02-02 14:16:15 -05:00
Matt Brown
0eed186edf Fix #5140 - always replace closure return types, whether or not a matching input type is present 2021-02-01 21:40:30 -05:00
Matt Brown
0f2a07a9a3 Fix #5137 – support @psalm-flow in methods 2021-01-31 22:40:48 -05:00
Matt Brown
c1d868f950 Fix #5127 - delay transformation of base classes based on inheritance until later 2021-01-31 12:33:07 -05:00
Barney Laurance
0cd5442c47
Enforce property type invariance (#5131)
* Implement NonInvariantChildProperty detection

See https://github.com/vimeo/psalm/issues/4184

* Delete test cases with 'parentSetsWiderTypeInConstructor'

As I understand it these are not valid test cases. They
emit NonInvariantPropertyType issues which seems correct - the property
type variation is I think a latent bug in the sample code.

* Reduce shortcode for NonInvariantPropertyType to 1+max used shortcode on master
2021-01-31 11:32:24 -05:00
Joe Hoyle
a3dcc52e9a
Track references on global variables (#5122)
* Track references on global variables

Add global type references to the type map, and fix up unused detection on global variables.

* Add null assertions

* PHPCS
2021-01-28 18:58:02 -05:00
Joe Hoyle
5759472168
Add constant fetch to reference map (#5115)
* Add constant fetch to reference map

To support showing constant types on hover of constant references, we need to add them to the ref map.

* Fix root constants

* PHPCBF
2021-01-28 11:18:28 -05:00
Matt Brown
359a0166e3 Fix #4631 - prevent reusing named params 2021-01-27 22:53:55 -05:00
Matt Brown
4807d38507 Fix using std library functions 2021-01-27 22:28:33 -05:00
Matt Brown
dd11e541a7 Fix #4010 – don’t create interface intersections unless there’s no overlap 2021-01-27 12:48:32 -05:00
Matt Brown
3c58220f3a Fix #5097 - memoise more things during null coalesce 2021-01-26 23:10:57 -05:00
Matt Brown
76269658ca Fix #5107 - treat function-bound templated parameters the same
Previously they were treated differently depending on whether or not they were inside a method
2021-01-26 22:43:42 -05:00
Joe Hoyle
c946242683
Completions for array keys and type literals (#5105)
* Add completions for known array keys

* Use dynamic gap value

* Provide completions for known type contexts

* Fix formatting

* Remove trailing comma

* PHPCS fixes

* Remove support for literal floats

* Fix test for floats
2021-01-26 21:34:46 -05:00
Matt Brown
15e87b13b8 Prevent infinite loop while scanning in some situations 2021-01-26 15:51:15 -05:00
Matt Brown
62a5a74640 Fix #5108 - prevent crash on 0 type 2021-01-26 14:06:43 -05:00
Matt Brown
0624098865 Ensure getId() output can always be parsed as a type
Ref #5105
2021-01-25 23:41:51 -05:00
Matt Brown
dc7ffe2810 Fix long line 2021-01-24 14:02:55 -05:00
Bruce Weirdan
0489dd1fd8
Use separate exit code to indicate Psalm finding issues (#5087)
* Use separate exit code to indicate Psalm finding issues

This will allow to distinguish successful run that found some issues
from crashes.

* Fix e2e test expectations

* Documented exit statuses
2021-01-24 13:30:35 -05:00
Joe Hoyle
531cd36767
Support completions on class references (#5085)
* Support compleitions on class references

This provides completions on class references (as opposed to initiated objects via the type map), so you can do `MyClass::` and get completitions for static methods and constants etc.

* Only provide completions for references that don't exist
2021-01-24 13:29:21 -05:00
orklah
b61831345c
only transform a Keyed array into callable-array if there's two elements (#5086)
* only transform a Keyed array into callable-array if there's two elements in array

* add tests
2021-01-22 16:14:29 -05:00
Joe Hoyle
ba43e6d0f3
Remove file map cache when re-analyzing files (#5084)
* Remove file map cache when re-analyzing files

When the project is re-analyzed under the single thread condition (not using a process pool), the filemaps are not cleared before re-analyzing files. This means that file maps only get appended to. If you delete the contents of a file via the LSP, the file map will still be populated with all the old values for example.

In doing this I had to write a few more tests to check my assumptions too, so adding those additional tests.

* Rename test

* Formatting

* Formatting again!
2021-01-22 16:05:28 -05:00
Adrien LUCAS
6f1f680b2d
Add option to dump taint graph (#5080)
* Add option to dump taint graph

* Fix types

* Simplify types

Co-authored-by: Matthew Brown <github@muglug.com>
2021-01-22 16:04:15 -05:00
Matt Brown
6f30399189 Fix #5070 – fix static return type inference in static methods 2021-01-22 09:58:09 -05:00
Matthew Brown
28d2795e59 Fix #5078 - when unpacking with missing array item, Use the param’s default type if param has one 2021-01-22 00:20:51 -05:00
Bruce Weirdan
d659957b88
Resolve class aliases when accessing properties (#5068)
* Resolve class aliases when accessing properties

* Moved Properties::getClasslikeStorage() to ClassLikes::getStorageFor()
2021-01-21 19:38:17 -05:00
Vincent Langlet
c912b6c2b9
Catch InvalidArgumentException (#5061) 2021-01-20 17:42:45 -05:00
Bruce Weirdan
d296c4bb9a
Add missing dataflow population in array spreads (#5059)
Fixes vimeo/psalm#5057
2021-01-20 17:42:11 -05:00
81b75a7884
Check iterator types on yield from (#5042)
* Check iterator types on yield from

* Switch to NodeAbstract

* Make Foo iterable
2021-01-20 17:41:15 -05:00
Matt Brown
f1107ab4d9 Fix #5049 - assertion of !empty on bool makes true 2021-01-19 17:19:47 -05:00
Matt Brown
2f58c6afc8 Fix #5020 - remove previous catch var assertions when assigning inside catch 2021-01-17 14:28:28 -05:00
Matt Brown
bca58863ad Fix #5017 - handle combining literal and non-empty strings 2021-01-17 12:22:29 -05:00
Matt Brown
4378bec917 Fix #5025 - prevent crash in assert function during reflection 2021-01-17 12:08:19 -05:00
Matt Brown
3049301da8 Fix #5028 - avoid false-positive on dynamic property fetch after ternary 2021-01-17 11:59:59 -05:00
orklah
72c21c5fa6
Calculate more literal values (#5032)
* try to calculate more literal values

* add test

* improve test
2021-01-17 10:55:32 -05:00
Matt Brown
ef0d19ed9f Fix #5029 - remember staticness of types when combining 2021-01-16 01:12:18 -05:00
Daniele Santini
df4a541c97
Add codeclimate.json report (#5030) 2021-01-16 00:48:35 -05:00
Matt Brown
9fd7a7d885 Only create after analysis event if they exist
Fixes #5008 - this does some git execing, so we don’t want it to always run
2021-01-14 16:44:29 -05:00
orklah
7a40443ffb
don't throw InvalidArrayOffset when dealing with templates (#5019) 2021-01-14 16:35:06 -05:00
Thomas Bley
080cf61064
fix #5010 function exec() is disabled (#5012)
* fix #5010 function exec() is disabled

* Improve error message

Co-authored-by: Thomas Bley <thomas.bley@bringmeister.de>
Co-authored-by: Matthew Brown <github@muglug.com>
2021-01-14 16:33:49 -05:00
Matt Brown
ef4afd72bc Unset should change array with keyed offsets 2021-01-13 18:10:59 -05:00
Matt Brown
d10a06837d Fix #5001 - update variables after context after type change from empty
Empty is the invalid state, and some old logic here was causing a bug
2021-01-13 11:35:52 -05:00
Marco Pivetta
a53cc23809
#4997 added more precise type inference for count() returning 0 or positive-int on known arrays (#4999)
* #4997 added more precise stub for `count()` returning `0` or `positive-int` on known types

* #4997 updated `count()` to support `\SimpleXmlElement` and `\ResourceBundle` counting, as well as handling hardcoded 2-element-arrays cases

This patch:

 * adds support for `count(\SimpleXmlElement)` (https://www.php.net/manual/en/simplexmlelement.count.php)
 * adds support for `count(\ResourceBundle)` (https://www.php.net/manual/en/resourcebundle.count.php)
 * removes usage of global constants from stub (not supported - see https://www.php.net/manual/en/function.count.php)
 * adds support for identifying fixed-element-count arrays, for example `count(callable&array)`, which is always `2`

* #4997 adapted `FunctionCallReturnTypeFetcher` to infer `TPositiveInt` for `count(TNonEmptyArray)` and `count(TNonEmptyList)`

* The `FunctionCallReturnTypeFetcher` is responsible for defining the precise type of a `\count(T)`
expression when given a `T`, so we baked the whole type resolution for `positive-int`, `0` and
`positive-int|0` directly in there.

While this complicates things, it is also true that it is not possible right now (for the stubs)
to provide the level of detail around `count()` that is required by the type inference system
for such a complex function with so many different semantics.
2021-01-13 09:48:38 -05:00
Matt Brown
1afce4d613 Improve treatment of strict equality 2021-01-12 12:07:36 -05:00
Matt Brown
5beb3ad4b9 Simplify assertion when mixed 2021-01-11 17:45:03 -05:00
Matt Brown
4faa6bb320 Fix #4976 - improve type narrowing 2021-01-11 17:14:23 -05:00
Matt Brown
951afcf4af Fix #4982 - ensure destructuring assignments are seen inside a loop 2021-01-11 12:46:02 -05:00
Matt Brown
104647745b Fix #4955 - catch invalid passing class constant where templated class string expected 2021-01-11 00:28:44 -05:00
Matt Brown
e299e914f8 Fix #4958 - honour template as inheritance when comparing template types 2021-01-09 18:58:29 -05:00
Matt Brown
6ef0f2e63e Fix #4943
Prevent input types becoming part of the inferred generic params when a match is found
2021-01-09 18:08:02 -05:00
Bruce Weirdan
c1a710999c
Skip conditional includes when registering autoload files (#4967)
This should allow analysis of forward-compatible polyfills used in
codebases targeting older PHP versions.

The following previously problematic polyfills should now emit no parse
errors:

* `symfony/polyfill-ctype`
* `symfony/polyfill-intl-grapheme`
* `symfony/polyfill-intl-normalizer`
* `symfony/polyfill-mbstring`

The pattern that is now works as intended looks like this:
```php
if (\PHP_VERSION_ID >= 80000) {
    require __DIR__ . '/bootstrap80.php';
    return;
}
```

Previously Psalm would scan the required file even when codebase
targeted older PHP versions, and would emit parse errors when that file
contained PHP 8 syntax.

Fixes #4961 and #4965
2021-01-09 16:14:58 -05:00
Adrien LUCAS
493c57eedf
Trigger dispatch even when only legacy hooks (#4962) 2021-01-08 19:51:26 -05:00
Adrien LUCAS
d1398f2b12
Avoid false positives for taint specialized calls even when not using a variable (#4948) 2021-01-07 16:39:51 -05:00
Matt Brown
603ecadbb7 Fix #4945 - use assertion string for scalar templated assertions 2021-01-07 10:27:35 -05:00
orklah
0e17a3354f
add stubs for standard iterators (#4725)
* add stubs for standard iterators

* Apply suggestions from code review cc @weirdan

Co-authored-by: Bruce Weirdan <weirdan@gmail.com>

* complete stub + delete code made redundant by stubs + fix some syntax in stubs

* fix parse error

Co-authored-by: Bruce Weirdan <weirdan@gmail.com>
2021-01-07 10:07:07 -05:00
orklah
81e557e3a8
adds statements list in the event (#4835) 2021-01-07 09:04:50 -05:00
orklah
1bbcbddfcf
pass args through event (#4864) 2021-01-07 09:02:05 -05:00
Adrien LUCAS
0f5886746f
Taint specialized calls even when not using a variable (#4940) 2021-01-06 14:14:52 -05:00
Matt Brown
7ffea7c425 Fix #4917 - allow array_reduce to be called with a single arg 2021-01-06 12:59:51 -05:00
orklah
f9fccb2b2d
implement DTO for plugins (#4881)
* implement DTO for plugins

* introduce EventHandler + reintroduce legacy API for plugins
2021-01-06 09:05:53 -05:00
orklah
bcc378bd20
handle concatenation with int parts (#4938) 2021-01-06 09:01:53 -05:00
Matthew Brown
3fd47f9e10 Add comments to AtomicMethodCallAnalyzer and suppress ComplexMethod 2021-01-05 19:03:50 -05:00
Matthew Brown
0533ce61cb Break apart type combiner 2021-01-05 18:33:33 -05:00
Matthew Brown
b1028adc5a Break out large chunk to simplify function 2021-01-05 17:50:23 -05:00
Matthew Brown
13497b8d2b Break out parent and implemented class checks 2021-01-05 17:49:55 -05:00
Matthew Brown
e4b1a4fa55 Uncomment erroneously-commented return 2021-01-05 17:49:17 -05:00
Matthew Brown
630f646bd4 Break out large chunk 2021-01-05 17:47:15 -05:00
Matthew Brown
b3b2389aff Ignore recently-deleted files for scanning 2021-01-04 19:00:44 +00:00
orklah
c47230c690
Infer result of modulo 1 operation statically (#4926) 2021-01-03 16:56:04 +00:00
Lukas Bestle
2d17b744ce
SARIF report: Include help links (#4924) 2021-01-03 01:45:21 +00:00
Lukas Bestle
245a331be3
Full support for $this in @var annotations (#4922)
Fixes #4916.
2021-01-03 01:44:35 +00:00
Matthew Brown
7764a4ce6c Fix #4912 - detect mismatching property type 2020-12-29 16:37:03 +00:00
Tyson Andre
00b42bf4f7
Check if included files are listed in mustBeIgnored (#4911)
Previously, when a file was included in `include()`, it was not subject
to ignoreFiles

Related to #4876
2020-12-29 14:05:17 +00:00
Matthew Brown
ddd99970a9 Fix #4901 - simplify mapping of template types within class 2020-12-29 12:24:33 +00:00
orklah
1d9987e0ed
fix phpdoc (#4905) 2020-12-29 11:42:41 +00:00
orklah
09fb141e49
Document lowercase-string when possible (#4904)
* document lowercase-string

* fix missing strtolower
2020-12-29 11:42:12 +00:00
orklah
3684ceff4c
Illegal offset (#4865)
* Illegal offset access

* add tests

* fix tests
2020-12-26 10:33:49 +00:00
Matthew Brown
3390097b35 Fix #4874 - remove strok stub 2020-12-21 17:14:25 +00:00
Fran Moreno
fcd9dcb9b5
Allow by reference parameters in method docblock (#4873) 2020-12-21 17:11:34 +00:00
Bruce Weirdan
89ff4282df
Allow assertions on static class properties (#4833)
* Minimal implementation for assertions on static properties

* Added inheritance tests

* Add support for `ClassName::$var`

* Import strpos() to keep phpcs happy

* Add support for conditional assertions on static properties
2020-12-21 17:05:44 +00:00
Matt Brown
add536760f Fix phpcs 2020-12-16 12:12:26 -05:00
Matt Brown
6eae582763 Prevent mixed array offset in array creation
Fixes #4846
2020-12-16 08:18:18 -05:00
Matt Brown
c7087c150b Fix #4848 - use better inference when incorrect array keys are passed 2020-12-16 08:07:57 -05:00
Matt Brown
f9f82f1da6 Fix #4851 - use better methhod for determining incorrect stub docblocks 2020-12-16 07:31:28 -05:00
Matt Brown
05e319a6ed Fix #4827 - don’t eradicate double after int check 2020-12-14 23:08:07 -05:00
Matt Brown
4b12cd9e18 Fix #4837 - bind correct static class when checking mixin types 2020-12-14 22:51:32 -05:00
Matt Brown
e43f2259ea Fix #4839 - undefined possibly set in by-reference should be treated as such 2020-12-14 16:57:48 -05:00
Matt Brown
fbaaf05f48 Fix psl inheritance stuff cc @azjezz 2020-12-13 16:58:03 -05:00
orklah
8974da5610
preserve analyzers until the end of file (#4834)
* preserve analyzers until the end of file

* remove unused variable
2020-12-13 01:17:13 -05:00
2e3s
d8d6811ed4
Memoize private inferred mutation-free methods (#4832) 2020-12-12 10:26:14 -05:00
Matt Brown
cc1c643168 Fix #4829 – don’t crash when yielding non-existent class 2020-12-11 10:04:28 -05:00
Matt Brown
a27c674cee Add test for #4825 2020-12-10 13:51:49 -05:00
Matt Brown
8cae4047b0 Fix #4825 - check for finally var set 2020-12-10 11:48:43 -05:00
Matt Brown
2a92025737 Union types if stmt already has one 2020-12-10 01:40:20 -05:00
Matt Brown
b7a7e2fb87 Fix get magic property checks 2020-12-10 01:29:07 -05:00
Matt Brown
37659445f0 Improve accuracy of optional example 2020-12-10 01:12:58 -05:00
Matt Brown
e6dad6e65f Be smarter when choosing inherited param types
Ref #4803
2020-12-10 00:15:37 -05:00
Matt Brown
beefa2aea3 Fix #4817 - allow optional inference 2020-12-09 19:32:56 -05:00
Matt Brown
5e845260c1 Remove unnecessary null check 2020-12-09 18:30:36 -05:00
Matt Brown
9423324d65 Fix #4791 - only generate special has-array-key assertions for unknown key types 2020-12-08 19:45:47 -05:00
Matt Brown
524084a64c Tighten up rules arouund when mutation-free methods get memoised 2020-12-08 16:39:06 -05:00
Matt Brown
be3f30ff1d Fix #4812 - reconcile array assertion on template as type correctly 2020-12-08 14:17:37 -05:00
Matt Brown
1e0bcc1876 Fix #4803 - always derive method params the same way 2020-12-08 11:27:51 -05:00
Matt Brown
387ab14bda Use better stubs for Serializable and SoapClient 2020-12-08 11:27:51 -05:00
2e3s
e46c68b1e5
Overwrite memoized return type after sum-type candidate is calculated (#4805)
* Overwrite memoized return type after sum-type candidate is calculated

* Fix mismatched types

* Fix code style
2020-12-08 09:35:11 -05:00
Matt Brown
91ee4aeca3 Fix #4797 - sanitise assertion output of template result 2020-12-07 19:11:56 -05:00
Matt Brown
8a76a43d8c Fix #4798 - improve conversion from type back to PhpParser node 2020-12-07 14:39:58 -05:00
Matt Brown
f5dd6e76f8 Fix #4802 - don’t clone context when analysing coalesce 2020-12-07 14:30:57 -05:00
Matthew Brown
d406d5b112
Fix typo 2020-12-07 01:32:18 -05:00
Matt Brown
e702e472fc Support simple list assignment in foreach
Ref #4741
2020-12-06 19:14:52 -05:00
Matt Brown
dff2943096 Fix #4794 - invvalidate dependent types when their variables change 2020-12-06 18:16:22 -05:00
Jack Bentley
7fe8e5a1cf
Fix functions being resolved to other functions (#4793)
Fixes #4750 

Reusing the $function_id variable causes an incorrect global function to be added at line 654
2020-12-06 17:28:19 -05:00
Bruce Weirdan
cd576f8e02
Adjust check for file modification time (#4789)
This solves the issue where Psalm didn't notice the files created in the
same second as the last run was started.
2020-12-06 12:40:55 -05:00
orklah
1901ea56de
Don't add link if the issue doesn't have a shortcode (#4786) 2020-12-06 11:29:05 -05:00
Matt Brown
9c0e9a3d7e Taint all when conditional return is used
Ref #4792
2020-12-06 11:24:48 -05:00
Matt Brown
4d1aae43f9 Fix #4778 - remove already-initialized properties when checking initialisation 2020-12-06 11:07:59 -05:00
Matt Brown
cec8d7138f Fix #4782 - don’t replace closure types with upper bounds when replacing class param types 2020-12-05 11:58:55 -05:00
Matt Brown
1bb8b73f99 Return earlier 2020-12-05 10:25:34 -05:00
Vincent Langlet
eb9d6f66ab
Fix support of extraFiles (#4785) 2020-12-05 09:54:05 -05:00
Matt Brown
3f155792a7 Allow nested specialisation 2020-12-04 15:44:29 -05:00
Matt Brown
fd67d41120 Fix #4769 – don’t use unique ids for new generated nodes 2020-12-04 15:44:29 -05:00
Matt Brown
ca915e5028 Fix redundancies 2020-12-04 15:10:50 -05:00
Matt Brown
4a0e2f543e Fix implicit void closure not getting recognised 2020-12-04 13:16:05 -05:00
Matt Brown
fb88145780 Fix #4767 - rescan directly-affected class-interface relationships 2020-12-04 01:19:51 -05:00
orklah
62d5ea83a1
Allow int casts if the type comes from calculation (#4768) 2020-12-03 23:15:07 -05:00
Matt Brown
0411049559 Mixed array access should mark vars as used just in case 2020-12-03 13:09:08 -05:00
Matt Brown
2feba22a00 Make more try vars potentially undefined
Fixes #4764
2020-12-03 11:44:10 -05:00
Matt Brown
51a92aa223 Fix interface property regression 2020-12-03 11:13:10 -05:00
Matt Brown
833f132cb3 Fix #4760 - prevent unpacked vars from breaking call when checking unitialised properties 2020-12-03 10:12:54 -05:00
Matt Brown
bef9ab37e6 Fix #4759 – don’t generate assertion when assigning to same-named variable 2020-12-03 09:42:26 -05:00
Denis Smetannikov
11576951f6
Update ExistingAtomicStaticCallAnalyzer.php (#4761)
The invalid syntax for PHP 7.1+
2020-12-03 09:24:34 -05:00
Matt Brown
1a5d5e4476 Simplify FunctionLikeDocblockScanner 2020-12-03 00:19:01 -05:00
Matt Brown
e2a2e8ee87 Break apart AtomicPropertyFetchAnalyzer::analyze 2020-12-02 23:37:29 -05:00
Matt Brown
a4ac52aea4 Simplify AssertionReconciler 2020-12-02 22:49:01 -05:00
Matt Brown
2f00500c91 Improve message 2020-12-02 22:08:14 -05:00
Matt Brown
6f916553a8 Ref #4753 - allow int literals to inform key type 2020-12-02 17:13:45 -05:00
Matt Brown
db8a3ab846 Fix #4751 - allow MethodSignatureMismatch to be overridable when info comes from docblock 2020-12-02 15:13:28 -05:00
Matt Brown
e2bb02e93c Don’t suggest a potential value that’s undefined
Fixes #4754
2020-12-02 14:49:30 -05:00
Matt Brown
a2b20f094d Fix #4752 - add property base assertions too 2020-12-02 12:43:21 -05:00
Matt Brown
496ce463ca Break out method 2020-12-02 12:28:21 -05:00
Matt Brown
f0876b86f4 Avoid false-positives while analysing memoised coalesce 2020-12-02 02:25:15 -05:00
Matt Brown
394eceb01c Memoize coalesce expression in more scenarios 2020-12-02 02:15:17 -05:00
Matt Brown
928fdda00f Don’t do new isset conversion on try-set vars 2020-12-02 01:47:49 -05:00
Matt Brown
1feca322d5 Fix loading imported functions 2020-12-02 00:52:35 -05:00
Matt Brown
7bd4d969a4 Ensure that strict empty handling always happens 2020-12-01 22:50:21 -05:00
Matt Brown
5a200ca442 Fix assertions on unions 2020-12-01 21:12:03 -05:00
Matt Brown
61e374f33b Fix null array access complaints 2020-12-01 20:10:48 -05:00
Matt Brown
1a629ccc82 Fix a few issues 2020-12-01 18:26:15 -05:00
Matt Brown
e7f9ce6da0 Break out RedundantCast issues 2020-12-01 17:25:45 -05:00
Matt Brown
2963efc9a5 Use fallback assignment type when the property doesn’t exist on the class 2020-12-01 16:59:44 -05:00
Matt Brown
f5494bc407 Fix typos caused by Macbook Pro’s bad keyboard 2020-12-01 14:14:09 -05:00
orklah
f0c0ac0616
handle return flag for a try/catch/finally (#4746)
* handle return flag for a try/catch/finally

* add tests for psalter
2020-12-01 12:55:27 -05:00
Matt Brown
75a6d88773 Fix #4705 - clear documenting method ids when scanning stubs 2020-12-01 11:23:38 -05:00
Matt Brown
c6d0561612 Fix nullref 2020-12-01 00:48:09 -05:00
Matt Brown
7295e28e20 Fix #4743 - simplify assertions generated from array_key_exists check 2020-11-30 22:10:17 -05:00
Matt Brown
6f86201f34 Break up AssignmentAnalyzer::analyze 2020-11-30 14:57:35 -05:00
Matt Brown
3b1fa58413 Break apart method as much as possible 2020-11-30 14:07:18 -05:00
Matt Brown
2427606563 Fix lint 2020-11-30 13:25:27 -05:00
Matt Brown
2204728824 Break apart NewAnalyzer::analyze
Ref #4714
2020-11-30 13:24:24 -05:00
Matt Brown
4baf143ff7 Break apart ArrayAssignmentAnalyzer::updateArrayType
Ref #4714
2020-11-30 13:08:42 -05:00
Matt Brown
5430effb2b Break apart InstancePropertyAssignmentAnalyzer
Ref #4714
2020-11-30 12:09:09 -05:00
orklah
d59ad152a0
Remove fixable flag for Complexity issues (#4742) 2020-11-30 08:43:18 -05:00
Matt Brown
31e2522adb Actually not a bug 2020-11-30 01:32:38 -05:00
Matt Brown
817db55140 Fix typo 2020-11-30 01:29:40 -05:00
Matt Brown
cf6dedc11d Break up AssertionFinder methods
Ref #4714
2020-11-30 01:20:28 -05:00
Matt Brown
29fbdaf263 Simplify getting type from tree
Ref #4714
2020-11-30 00:40:25 -05:00
orklah
a760a2418a
support shift and bitwise operations in constants (#4740) 2020-11-29 21:43:49 -05:00
orklah
b60c42adca
improve Atomic Types documentation (#4735)
* improve Atomic Types documentation

* add doc

* add doc
2020-11-29 21:41:36 -05:00
orklah
5222cadfb3
Check from_docblock property to emit the right issue (#4736) 2020-11-29 21:40:13 -05:00
Matt Brown
4d81682fdd Fix #4731 - expand out class-bound generic types when evaluating instance method 2020-11-29 21:36:50 -05:00
Matt Brown
eeb9cb0b07 Add some documentation for template_types 2020-11-29 19:22:54 -05:00
Matt Brown
86b6d6a506 Fix #4733 - don’t replace template types when they’re defined on the same class 2020-11-29 19:12:22 -05:00
Matt Brown
601c1d8cd0 Expand out constants in param types earlier 2020-11-29 19:07:35 -05:00
Matt Brown
46b202731c Fix check 2020-11-29 18:28:32 -05:00
Matt Brown
58b306b6e3 Ensure class template types are mapped to static methods where necessary
Ref #4733
2020-11-29 17:40:52 -05:00
Matt Brown
8da676f5bf Improve param name 2020-11-29 17:26:42 -05:00
Matt Brown
ea314cc1c0 Simplify calling of replacer methods 2020-11-29 16:27:00 -05:00
Matt Brown
4d22723525 Break out replacement of templated types with their inferred result 2020-11-29 16:16:16 -05:00
Matt Brown
15a5bd5e29 Simplify storage and retrieval of extended template params 2020-11-29 15:05:32 -05:00
Matthew Brown
60ac109c01
Add RedundantPropertyInitializationCheck (#4732)
* Add RedundantPropertyInitializationCheck

* add documentation for RedundantPropertyInitializationCheck (#4734)

Co-authored-by: orklah <orklah@users.noreply.github.com>
2020-11-29 11:57:20 -05:00
Matt Brown
0efd4ebd7d Detect some erroneous issets 2020-11-29 09:26:39 -05:00
Matthew Brown
fd53192ad2
Fix redundant mappings 2020-11-28 21:05:31 -05:00
Matt Brown
8adc0918ae Fix the bug 2020-11-28 09:55:40 -05:00
Matt Brown
de1fa03f77 Fix template type selection 2020-11-28 09:53:11 -05:00
orklah
e2030b4a1e
fix #3282 (#4724) 2020-11-28 09:03:03 -05:00
Matt Brown
4af7e818b2 Simplify ArrayFetchAnalyzer::getArrayAccessTypeGivenOffset
Ref #4714
2020-11-27 23:36:47 -05:00
Bruce Weirdan
fc29d26879
Added test to enforce that all supported annotations are documented (#4723)
* Added test to enforce that all supported annotations are documented

Well, at least mentioned.

Refs vimeo/psalm#3816

* Type things

* Make things pretty

* Only check @psalm- annotations, group

* Add documentation for `@psalm-require-extends` and `@psalm-require-implements`

* Dropped logicalOr that has become redundant

* Add explicit tag

* Document @psalm-template

* Add @psalm-template-covariant

* Document `@psalm-method`

* Add list of undocumented docblock annotations

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-27 21:48:16 -05:00
Matt Brown
53c5e52ef2 Fix #3017 - use correct keys when converting list to array 2020-11-27 20:05:16 -05:00
Matt Brown
b717356f95 Simplify more things 2020-11-27 17:48:39 -05:00
Matt Brown
2626f008be Only show possibly unused params on methods that don’t extend others 2020-11-27 17:17:03 -05:00
orklah
32bf18dff0
fix array_column with possibly_undefined keys (#4719) 2020-11-27 17:05:54 -05:00
orklah
f19cac6ecf
add annotation @psalm-param-out (#4717)
* add annotation @psalm-param-out

* add tag in documentation
2020-11-27 17:05:26 -05:00
Matt Brown
ffabce19c5 Add complex issue error 2020-11-27 17:02:37 -05:00
Matt Brown
73cd07a01f Simplify FunctionCallAnalyzer
Ref #4714
2020-11-27 16:34:27 -05:00
Matt Brown
6db8132b4c Simplify call analysers a bit
Ref #4714
2020-11-27 16:31:10 -05:00
Matt Brown
5dd4912a99 Simplify ArrayAnalyzer
Ref #4714
2020-11-27 14:19:55 -05:00
Matt Brown
1ce45516db Don’t alter behaviour 2020-11-27 11:47:12 -05:00
Matt Brown
5f065d3d74 Turn template bound tuples into object
Ref #4714
2020-11-27 11:43:30 -05:00
orklah
b60182c514
better fix for reconciling iterable and object (#4712) 2020-11-27 09:10:55 -05:00
Matt Brown
bf696bf82e Add complexity function name echoing 2020-11-27 05:28:55 -05:00
orklah
74c07bbc08
Allow <false|T as object> to be falsy (#4711) 2020-11-26 16:47:44 -05:00
Matt Brown
6de97e3779 Skip missing function params in taint analysis 2020-11-26 11:58:14 -05:00
Matt Brown
b224970281 Fix generic ArrayAccess creation cc @orklah 2020-11-26 10:00:03 -05:00
orklah
f7cfdaabd7
Allow reconciling between object and iterable (#4706)
* Allow reconciling between object and iterable

* add tests
2020-11-26 09:25:49 -05:00
orklah
4bbb72329e
Fix PHPMAXINT offset (#4707) 2020-11-26 09:24:32 -05:00
Matt Brown
01ceaf7006 Fix style issues 2020-11-25 21:36:37 -05:00
Matt Brown
0c477da310 Fix test failures 2020-11-25 20:05:09 -05:00
orklah
58736924dd
fix wrong cast to int when string offset is a number > MAX INT (#4702) 2020-11-25 15:48:53 -05:00
Matt Brown
f3e0201a99 Treat $a ?? $b identically to isset($a) ? $a : $b 2020-11-25 14:34:05 -05:00
Matt Brown
d40d63f180 Fix #4699 - treat isset like !== null when variable is defined 2020-11-25 14:04:55 -05:00
Matt Brown
6aa052475a Pass correct flags when referencing from finally 2020-11-25 14:04:55 -05:00
Markus Staab
d393b4a69d
Added PDOStatement->fetchObject() stub (#4693)
* Added PDOStatement->fetchObject() stub

* fix stub param

* fix Xdebug spelling

* Use extension_loaded check instead

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-25 12:08:04 -05:00
orklah
b6a3282589
Detect redundant cast (#4695)
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
2020-11-25 12:04:48 -05:00
Matt Brown
39f26d9047 Remove suppressed issuue 2020-11-25 09:22:41 -05:00
Markus Staab
3dc311fd45
fixed exception message (#4692) 2020-11-24 16:04:34 -05:00
Matt Brown
f8ddc7e58a Add slash 2020-11-24 15:07:15 -05:00
Matt Brown
e9c00b8395 Switch order to satisfy new refinement 2020-11-24 14:57:34 -05:00
Matt Brown
41af653bd4 Add support for some dependent types 2020-11-24 14:50:35 -05:00
Matt Brown
8ede667cad Remove debugging error 2020-11-24 08:06:26 -05:00
orklah
2bf25d5f50
Emit an issue when returning a Stringable object when a string is expected (#4657)
* Emit an issue when returning a Stringable object when a string is expected

* Fix issue in Psalm codebase
2020-11-24 00:18:24 -05:00
Benjamin Morel
5748a4e25a
Fix PdoStatementReturnTypeProvider (#4683)
* Fix PdoStatementReturnTypeProvider

Methods returning scalars may return null as well.

* Fix tests
2020-11-23 18:41:12 -05:00
Olivier Doucet
70a130f11e
add CodeClimate output format (#4387)
* add CodeClimate output format

* cosmetic fixes

* add CodeClimate output format

* cosmetic fixes

* phpcs fixes
2020-11-23 15:34:51 -05:00
orklah
b6cb9785ac
Prevent illegal array keys (#4660)
* Emit an issue when an array-key is not legal

* tests
2020-11-23 15:20:39 -05:00
Markus Staab
e5493f59cd
Mark finfo_open and finfo_file as impure (#4678)
* Mark finfo_open and finfo_file as impure

* fix CS
2020-11-23 15:19:50 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
2020-11-23 13:10:51 -05:00
Markus Staab
d151f1c36e
mark file_get_contents as impurce (#4679) 2020-11-23 11:33:30 -05:00
Markus Staab
387bfbd9e0
is_file and is_dir should be impure (#4676)
* `is_file` and `is_dir` should be impure

* newline

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-23 09:53:39 -05:00
Matt Brown
8325317e16 Fix #4674 - is_readable should be impure 2020-11-23 08:54:11 -05:00
Matt Brown
10c0bcc4e2 Fix #4674 - is_readable should be impure 2020-11-23 08:45:27 -05:00
Matt Brown
17ceba5c06 Fix bug 2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843 Fix bugs 2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
853432a6aa Fix tests 2020-11-22 16:24:33 -05:00
Matt Brown
6399707dd6 Prevent flows through TaintedInput-suppressed files 2020-11-22 16:04:57 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
Matt Brown
bd612c476c Break apart large function 2020-11-22 13:24:33 -05:00
Matt Brown
2c77424e16 Fix #4656 - separate UnusedConstructor from UnusedMethod 2020-11-22 11:48:17 -05:00
orklah
97f0a78ac1
Only crash Psalm when the faulty file is in project (#4658) 2020-11-22 09:07:00 -05:00
orklah
a3217265ce
null operations should return mixed results (#4655) 2020-11-22 09:06:03 -05:00
Matt Brown
0d0ed8be15 Fix slash 2020-11-22 09:04:44 -05:00
Matt Brown
60b3086b9a Fix #4609 - add more attribute rules 2020-11-22 01:15:52 -05:00
Matt Brown
66d574b82e Fix #4475 - verify that used attributes actual use the Attribute attribute 2020-11-22 00:52:56 -05:00
Matt Brown
11825a2cc2 Fix #4611 - flag invalid attribute arguments correctly 2020-11-22 00:44:44 -05:00
Matt Brown
1fc1cae1d5 Fix #4615 - ensure promoted properties are not treated as uninitialized 2020-11-22 00:32:02 -05:00
Matt Brown
6b1112e6ea Fix #4653 - prevent crash with recursive type in root namespace 2020-11-22 00:26:14 -05:00
Matt Brown
baca927aab Fix #4643 - use PHP8 union types when possible 2020-11-21 22:50:56 -05:00
Matt Brown
efafe2edd5 Add instanceof check 2020-11-21 20:15:13 -05:00
Matt Brown
19bb4aba56 Remove unnecessary coercion 2020-11-21 18:26:55 -05:00
Matt Brown
df2ec48018 Don’t erase already-known literal ints
Fixes #4644
2020-11-21 18:26:13 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
orklah
f21f6f40e5
return string in phpdoc for a literal class-string (#4652) 2020-11-21 17:42:53 -05:00
orklah
98370b65d7
avoid formating useless type (#4651) 2020-11-21 17:42:26 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649)
* Implement variadic taint propagation

* Lint code
2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
orklah
509a937d1b
use int|string in phpdoc format for array-key (#4645) 2020-11-21 17:38:40 -05:00
Lukas Reschke
3943b55f8a
Add psalm-flow for string functions from sscanf to wordwrap (#4591)
* Add string functions from sscanf to wordwrap

This should conclude all string functions from https://www.php.net/manual/en/book.strings.php

Continuation of https://github.com/vimeo/psalm/pull/4576

Ref https://github.com/vimeo/psalm/issues/3636

* Add StrTrReturnTypeProvider

* Fix psalm error

* phpcs

* Line length

* Ignore false return on vsprintf

Co-authored-by: Matthew Brown <github@muglug.com>
2020-11-21 17:35:07 -05:00
Matt Brown
23ab0f1ddb Allow Psalm to run in taint analysis mode without a config 2020-11-20 19:02:44 -05:00
Matt Brown
67478949c2 Allow mixed in PHP 8 for manipulation 2020-11-20 18:53:48 -05:00
orklah
6b72599ec5
allow static return type in PHP8 (#4641) 2020-11-20 18:46:35 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Dalibor Karlović
da632ca73a
feature: allow plugin manager to work without config file (#4639) 2020-11-20 09:54:14 -05:00
Matt Brown
ce8938263e Fix #4636 - prevent crashes on aliased classes 2020-11-20 09:29:24 -05:00
Matt Brown
c562e1dd52 Don’t taint foreach keys with array-fetch
We could use array-keyfetch or similar, but for now gives false-positives
2020-11-19 19:08:59 -05:00
orklah
e04f219948
return static instead of self when static context detected (#4632)
* return this instead of self when static context detected

* replace $this by static
2020-11-19 19:02:25 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c Closure calls aren’t sinks 2020-11-19 18:44:36 -05:00
Lukas Reschke
78f4a0691c
Add dedicated types for 'file', 'header' and 'cookie' (#4630)
* [WIP] Add dedicated sinks for 'file', 'header' and 'cookie'

* Add documentation

* Add mapping for taint flows

* Add tests

* Fix test
2020-11-19 17:47:29 -05:00
Matt Brown
70c9fd97c7 Return empty instead of throwing 2020-11-19 16:25:53 -05:00
Matt Brown
ead63894a1 Fix formatting 2020-11-19 16:09:30 -05:00
Matt Brown
b5d4b59c33 Be more refined 2020-11-19 15:57:05 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible
Now the flag passed to scrapeAssertions just determines the errors emitted
2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays"
This reverts commit 08ae85a735.
2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
7c02fa76d1 Fix #4620 - reconciled literal strings cannot carry taints 2020-11-19 09:06:25 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
39c508f9d1 Fix #4603 - fix arithmetic to prevent end column 0 2020-11-18 13:19:54 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604)
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
2020-11-18 11:39:36 -05:00
Matt Brown
4bb84f7f0a Add more attributes to fake PhpParser generated expressions
Ref #4600
2020-11-18 10:16:41 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
f3cde30b77 Only create vendor dir in config if it exists 2020-11-18 00:06:58 -05:00
Matt Brown
6e39c24a17 Don’t exit with 1 when running security analysis in GitHub Actions and generating a file 2020-11-17 22:49:25 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
854a5b2ec5 Allow TaintedInput to suppress all emitted issues 2020-11-17 16:08:05 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Lukas Reschke
494ec40777
Add SARIF as report output (#4582)
https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html
2020-11-17 13:23:20 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575)
Closes #4563
2020-11-16 15:49:27 -05:00