danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-05 20:48:45 +01:00
Code Issues Projects Releases Wiki Activity
7,772 Commits 43 Branches 314 Tags 108 MiB
d40d63f180
Commit Graph

1547 Commits

Author SHA1 Message Date
Matt Brown
d40d63f180 Fix #4699 - treat isset like !== null when variable is defined 2020-11-25 14:04:55 -05:00
Matt Brown
6aa052475a Pass correct flags when referencing from finally 2020-11-25 14:04:55 -05:00
orklah
b6a3282589
Detect redundant cast (#4695) 
* detect redundant cast

* fix redundant cast issues

* fix redundant cast in tests
 2020-11-25 12:04:48 -05:00
Matt Brown
f8ddc7e58a Add slash 2020-11-24 15:07:15 -05:00
Matt Brown
e9c00b8395 Switch order to satisfy new refinement 2020-11-24 14:57:34 -05:00
Matt Brown
41af653bd4 Add support for some dependent types 2020-11-24 14:50:35 -05:00
orklah
b6cb9785ac
Prevent illegal array keys (#4660) 
* Emit an issue when an array-key is not legal

* tests
 2020-11-23 15:20:39 -05:00
erikjwaxx
25d8c6d21e
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680) 
* A <=> operator has a literal type of -1|0|1 and not simply int

* Test to verify inferred type of $a <=> $b is -1|0|1
 2020-11-23 13:10:51 -05:00
Matt Brown
17ceba5c06 Fix bug 2020-11-22 23:32:14 -05:00
Matt Brown
f164a45843 Fix bugs 2020-11-22 19:45:54 -05:00
Matt Brown
9a03a9a5d0 Move param taint sink addition after arguuments have been analysed 2020-11-22 19:39:40 -05:00
Matt Brown
b782dd4225 Make sure conditional escaping works for static methods too 2020-11-22 13:39:32 -05:00
Matt Brown
af008953a8 Fix #4661 - support conditional escaping for functions 2020-11-22 13:24:33 -05:00
orklah
a3217265ce
null operations should return mixed results (#4655) 2020-11-22 09:06:03 -05:00
Matt Brown
f0ae0e5cb4 Break aparat type combiner 2020-11-21 18:11:29 -05:00
Lukas Reschke
ffb0c4ae17
Implement variadic taint propagation (#4649) 
* Implement variadic taint propagation

* Lint code
 2020-11-21 17:41:40 -05:00
orklah
ae0486529e
Unused psalm-suppress (#4646) 2020-11-21 17:39:40 -05:00
Matt Brown
1cead18760 Fix #4637 - prevent regression when negating function call with === false 2020-11-20 09:56:53 -05:00
Matt Brown
ce8938263e Fix #4636 - prevent crashes on aliased classes 2020-11-20 09:29:24 -05:00
Matt Brown
c562e1dd52 Don’t taint foreach keys with array-fetch 
We could use array-keyfetch or similar, but for now gives false-positives
 2020-11-19 19:08:59 -05:00
Matt Brown
78d644d1a1 Change TaintedText to TaintedCallable 2020-11-19 19:01:19 -05:00
Matt Brown
4c315ec45c Closure calls aren’t sinks 2020-11-19 18:44:36 -05:00
Matt Brown
70c9fd97c7 Return empty instead of throwing 2020-11-19 16:25:53 -05:00
Matt Brown
ead63894a1 Fix formatting 2020-11-19 16:09:30 -05:00
Matt Brown
b5d4b59c33 Be more refined 2020-11-19 15:57:05 -05:00
Matt Brown
de49892525 Fix #4626 - array_key_exists should infer type for first arg where possible 2020-11-19 15:40:27 -05:00
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible 
Now the flag passed to scrapeAssertions just determines the errors emitted
 2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays" 
This reverts commit 08ae85a735.
 2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575) 
Closes #4563
 2020-11-16 15:49:27 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966 Move mutation checks to more appropriate place 2020-11-12 23:54:50 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred 
Ref #4485
 2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Matt Brown
46ebca4497 Fix coalesce operation tainting 2020-11-10 14:36:36 -05:00