erikjwaxx
|
62ca9f42bc
|
Narrow inference of $a <=> $b from "int" to "-1|0|1" (#4680)
* A <=> operator has a literal type of -1|0|1 and not simply int
* Test to verify inferred type of $a <=> $b is -1|0|1
|
2021-01-29 11:46:23 +01:00 |
|
Markus Staab
|
f4b9c75625
|
mark file_get_contents as impurce (#4679)
|
2021-01-29 11:46:23 +01:00 |
|
Markus Staab
|
0ea09762b5
|
is_file and is_dir should be impure (#4676)
* `is_file` and `is_dir` should be impure
* newline
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
d6e4d0d526
|
Fix #4674 - is_readable should be impure
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
371647bdf0
|
Fix #4674 - is_readable should be impure
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
6f35c01bcb
|
Fix bug
|
2021-01-29 11:46:23 +01:00 |
|
Matt Brown
|
c165f072df
|
Fix bugs
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
a0fee98962
|
Move param taint sink addition after arguuments have been analysed
|
2021-01-29 11:46:22 +01:00 |
|
Lukas Reschke
|
2f8a5028d5
|
Add more verbose description for TaintedHtml (#4668)
Ref https://github.com/vimeo/psalm/issues/4590
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
3c7066f505
|
Fix tests
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
ed9b81ce51
|
Prevent flows through TaintedInput-suppressed files
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
aa4be209fc
|
Make sure conditional escaping works for static methods too
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
30ee5334a1
|
Fix #4661 - support conditional escaping for functions
|
2021-01-29 11:46:22 +01:00 |
|
Matt Brown
|
4a06a03bc8
|
Break apart large function
|
2021-01-29 11:46:22 +01:00 |
|
Lukas Reschke
|
31c63a6c96
|
Add some more flows (#4659)
* Add some more flows
- Adds all relevant JSON flows https://www.php.net/manual/en/ref.json.php
- Adds all relevant misc flows https://www.php.net/manual/en/ref.misc.php
- Adds a small subset of URL flows https://www.php.net/manual/en/ref.url.php
* Update CoreGenericFunctions.phpstub
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
684340cbe3
|
Fix #4656 - separate UnusedConstructor from UnusedMethod
|
2021-01-29 11:46:21 +01:00 |
|
orklah
|
2b19795f29
|
Only crash Psalm when the faulty file is in project (#4658)
|
2021-01-29 11:46:21 +01:00 |
|
orklah
|
ecb201a312
|
null operations should return mixed results (#4655)
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
cd37174de4
|
Fix slash
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
676a0ed2d1
|
Fix #4609 - add more attribute rules
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
14807326fe
|
Fix #4475 - verify that used attributes actual use the Attribute attribute
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
763eff2e8b
|
Fix #4611 - flag invalid attribute arguments correctly
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
dc9a2a48e9
|
Fix #4615 - ensure promoted properties are not treated as uninitialized
|
2021-01-29 11:46:21 +01:00 |
|
Matt Brown
|
2fff4eb5c1
|
Fix #4653 - prevent crash with recursive type in root namespace
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
56918001a8
|
Fix #4643 - use PHP8 union types when possible
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
169dbf2545
|
Add instanceof check
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
0565c47049
|
Remove unnecessary coercion
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
48a58c56e3
|
Don’t erase already-known literal ints
Fixes #4644
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
48fba8a6b9
|
Only run unused code analysis where necessary
|
2021-01-29 11:46:20 +01:00 |
|
Matt Brown
|
d43bb3923b
|
Break aparat type combiner
|
2021-01-29 11:46:20 +01:00 |
|
orklah
|
086bf2910f
|
return string in phpdoc for a literal class-string (#4652)
|
2021-01-29 11:46:20 +01:00 |
|
orklah
|
6fd28d188a
|
avoid formating useless type (#4651)
|
2021-01-29 11:46:20 +01:00 |
|
Lukas Reschke
|
b2143f1da5
|
Implement variadic taint propagation (#4649)
* Implement variadic taint propagation
* Lint code
|
2021-01-29 11:46:19 +01:00 |
|
orklah
|
83f5ee9db6
|
Unused psalm-suppress (#4646)
|
2021-01-29 11:46:19 +01:00 |
|
orklah
|
58ddeaafdf
|
use int|string in phpdoc format for array-key (#4645)
|
2021-01-29 11:46:19 +01:00 |
|
dq5studios
|
f9edf5d7e1
|
Fix whitespace in help output (#4642)
|
2021-01-29 11:46:19 +01:00 |
|
Lukas Reschke
|
4de2bf8f7f
|
Add psalm-flow for string functions from sscanf to wordwrap (#4591)
* Add string functions from sscanf to wordwrap
This should conclude all string functions from https://www.php.net/manual/en/book.strings.php
Continuation of https://github.com/vimeo/psalm/pull/4576
Ref https://github.com/vimeo/psalm/issues/3636
* Add StrTrReturnTypeProvider
* Fix psalm error
* phpcs
* Line length
* Ignore false return on vsprintf
Co-authored-by: Matthew Brown <github@muglug.com>
|
2021-01-29 11:46:19 +01:00 |
|
Matthew Brown
|
7edb8ef3f8
|
Fix taint description
|
2021-01-29 11:46:19 +01:00 |
|
Matt Brown
|
38d1dded4e
|
Fix test
|
2021-01-29 11:46:19 +01:00 |
|
Matt Brown
|
b539fdf70e
|
Allow Psalm to run in taint analysis mode without a config
|
2021-01-29 11:46:18 +01:00 |
|
Matt Brown
|
1bd087bd0d
|
Allow mixed in PHP 8 for manipulation
|
2021-01-29 11:46:18 +01:00 |
|
orklah
|
289a3b220b
|
allow static return type in PHP8 (#4641)
|
2021-01-29 11:46:18 +01:00 |
|
Matt Brown
|
fb1fce8723
|
Fix Phar platform check
Fixes #4640
|
2021-01-29 11:46:18 +01:00 |
|
Matt Brown
|
7f0ac653a1
|
First creation_function param isnÆt really a sink
|
2021-01-29 11:46:18 +01:00 |
|
Matt Brown
|
068907327d
|
Fix #4637 - prevent regression when negating function call with === false
|
2021-01-29 11:46:18 +01:00 |
|
Dalibor Karlović
|
ea089d9696
|
feature: allow plugin manager to work without config file (#4639)
|
2021-01-29 11:46:17 +01:00 |
|
Matt Brown
|
12e9a3d2ab
|
Fix #4636 - prevent crashes on aliased classes
|
2021-01-29 11:46:17 +01:00 |
|
Matthew Brown
|
2c14699ae4
|
Grammar
|
2021-01-29 11:46:17 +01:00 |
|
Matthew Brown
|
534b1d135a
|
Make Readme more punchy
|
2021-01-29 11:46:17 +01:00 |
|
Markus Staab
|
2c998aea7e
|
documented type in InternalTaintSinkMap (#4627)
|
2021-01-29 11:46:17 +01:00 |
|