Brown
|
9c17795545
|
Fix #3631 - apply assertions to RHS of equality in conditional
|
2020-06-22 15:16:16 -04:00 |
|
Brown
|
29eb83001f
|
Remove taint annotation as it could confuse
|
2020-06-22 12:45:41 -04:00 |
|
Brown
|
d46283075d
|
Add --taint-analysis to command line help
|
2020-06-22 11:39:46 -04:00 |
|
Brown
|
e2545790dc
|
Add reference to new command
|
2020-06-22 11:37:30 -04:00 |
|
Brown
|
81e2745cf1
|
Add more options
|
2020-06-22 11:24:38 -04:00 |
|
Brown
|
dddc159694
|
Add explicit path object
|
2020-06-22 02:10:03 -04:00 |
|
Brown
|
36f1630e03
|
Add more steps for clearer output
|
2020-06-22 01:08:58 -04:00 |
|
Brown
|
07a38706f6
|
Fix #3610 - add security analysis documeentation
|
2020-06-22 00:18:15 -04:00 |
|
Olle
|
a615f4423b
|
More work on self-out (WIP)
|
2020-06-21 23:06:04 +00:00 |
|
Olle
|
fffbccdacb
|
More work on self-out (WIP)
|
2020-06-21 22:18:14 +00:00 |
|
Brown
|
02e8313c39
|
Allow taintedness to propagate to some stubbed methods
|
2020-06-21 18:07:39 -04:00 |
|
Brown
|
317571f1b2
|
Fix reset call
|
2020-06-21 13:03:55 -04:00 |
|
Brown
|
fbe3433edd
|
Use escape terminology
|
2020-06-21 11:43:08 -04:00 |
|
Brown
|
07adecc6eb
|
Use correct method id when creating taints
|
2020-06-21 02:06:08 -04:00 |
|
Brown
|
5e9dc9520e
|
Improve docs
|
2020-06-21 01:02:00 -04:00 |
|
Brown
|
dc83c2e2fc
|
Add annotation for taint sources
|
2020-06-21 00:58:56 -04:00 |
|
Brown
|
cbd7ba8ed8
|
Fix return type
|
2020-06-20 23:34:39 -04:00 |
|
Brown
|
10e4e9ac65
|
Fix #3617 - prevent crash when constant class doesn’t exist
|
2020-06-20 23:30:36 -04:00 |
|
Brown
|
f21d3a8346
|
Remove html and sql taints for simple preg_replace patterns
|
2020-06-20 23:11:42 -04:00 |
|
Brown
|
8edee96d8d
|
Fix taint regression
|
2020-06-20 18:10:01 -04:00 |
|
Brown
|
80ed1daf33
|
Allow static method mixin to invoke instance method
|
2020-06-20 18:05:35 -04:00 |
|
Brown
|
2ccec821f8
|
Fix #3624 - inherit magic property annotations from traits
|
2020-06-20 16:53:17 -04:00 |
|
Brown
|
2c5c9e95e1
|
Don’t add two @return docblocks after @method
|
2020-06-20 15:30:47 -04:00 |
|
Brown
|
edbeec2c6a
|
Fix @method annotation namespacing
|
2020-06-20 15:18:22 -04:00 |
|
Ilija Tovilo
|
2f646d29db
|
Fix #3607 - constant string class reference with leading backslash (#3612)
|
2020-06-19 18:02:39 -04:00 |
|
Brown
|
5bc657504d
|
Add more docs
|
2020-06-19 12:12:28 -04:00 |
|
Brown
|
67f7079c1a
|
More better docs
|
2020-06-19 11:57:34 -04:00 |
|
Brown
|
51202c75ea
|
Add taint docs
|
2020-06-19 11:56:12 -04:00 |
|
Andrei Petre
|
ce39bab966
|
Update InvalidExtendClass.md (#3616)
suggestion by @weirdan
|
2020-06-19 11:51:30 -04:00 |
|
Andrei Petre
|
6024fe4761
|
use original case in error messages when reporting undefined methods (#3615)
|
2020-06-19 11:51:08 -04:00 |
|
Brown
|
a7a23b4c1c
|
Remove letter
|
2020-06-19 09:41:25 -04:00 |
|
Jeroen De Dauw
|
8d4df25b87
|
Document the new extraFiles config (#3619)
Follow up to 078b8b7b1a
|
2020-06-19 02:28:20 -04:00 |
|
Brown
|
b1c836e5f3
|
Improve specialisation after call
|
2020-06-19 01:59:45 -04:00 |
|
Brown
|
8f2e28c36b
|
Improve tainting of specializable classes
|
2020-06-19 01:22:51 -04:00 |
|
Brown
|
078b8b7b1a
|
Fix #3618 - add way to load non-analyzed files
|
2020-06-19 00:13:09 -04:00 |
|
Olle
|
2efe135291
|
Add some notes
|
2020-06-19 00:37:49 +00:00 |
|
Brown
|
eecdc43ce7
|
Remove stray commas
|
2020-06-18 20:15:38 -04:00 |
|
Brown
|
49f0592794
|
Improve tracking of array taints
|
2020-06-18 18:48:19 -04:00 |
|
Olle
|
9d284f1331
|
Add self_out_type to method storage
|
2020-06-18 21:55:43 +00:00 |
|
Olle
|
20cde0ca2c
|
New tag @self-out (WIP)
|
2020-06-18 20:46:49 +00:00 |
|
Brown
|
562a7c1ca4
|
Track taints from all tainted arrays
|
2020-06-18 13:45:58 -04:00 |
|
Brown
|
7d9a99a956
|
Fix #3609 - interpret strings as regular static calls
|
2020-06-18 11:56:08 -04:00 |
|
Brown
|
f609a01497
|
Move static property fetch analyzer to own class
|
2020-06-18 11:53:24 -04:00 |
|
Brown
|
98622783ec
|
Allow lists to have their types refined
Fixes #3605
|
2020-06-18 10:01:16 -04:00 |
|
Bruce Weirdan
|
6fb63903c1
|
Infer better types for magic constants used in const initializers (#3602)
Fixes vimeo/psalm#3464
|
2020-06-18 09:48:51 -04:00 |
|
Brown
|
137647a1a0
|
Fix #3603 - better typed value comparisons for loose equality
|
2020-06-18 09:31:38 -04:00 |
|
Brown
|
21e567832f
|
Add API method for adding custom taint sources
|
2020-06-18 00:16:19 -04:00 |
|
Brown
|
7fc1f50f54
|
Fix potential nullref
|
2020-06-17 16:40:35 -04:00 |
|
Brown
|
4870774ea4
|
Allow falsable issues on DateInterval::$days
|
2020-06-17 16:28:26 -04:00 |
|
Brown
|
0a8b9b56ab
|
Fix #3600 - conditional return should be removed before comparison
|
2020-06-17 12:57:50 -04:00 |
|