1
0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 05:41:20 +01:00

7782 Commits

Author SHA1 Message Date
Matt Brown
d6e4d0d526
Fix #4674 - is_readable should be impure 2021-01-29 11:46:23 +01:00
Matt Brown
371647bdf0
Fix #4674 - is_readable should be impure 2021-01-29 11:46:23 +01:00
Matt Brown
6f35c01bcb
Fix bug 2021-01-29 11:46:23 +01:00
Matt Brown
c165f072df
Fix bugs 2021-01-29 11:46:22 +01:00
Matt Brown
a0fee98962
Move param taint sink addition after arguuments have been analysed 2021-01-29 11:46:22 +01:00
Lukas Reschke
2f8a5028d5
Add more verbose description for TaintedHtml (#4668)
Ref https://github.com/vimeo/psalm/issues/4590
2021-01-29 11:46:22 +01:00
Matt Brown
3c7066f505
Fix tests 2021-01-29 11:46:22 +01:00
Matt Brown
ed9b81ce51
Prevent flows through TaintedInput-suppressed files 2021-01-29 11:46:22 +01:00
Matt Brown
aa4be209fc
Make sure conditional escaping works for static methods too 2021-01-29 11:46:22 +01:00
Matt Brown
30ee5334a1
Fix #4661 - support conditional escaping for functions 2021-01-29 11:46:22 +01:00
Matt Brown
4a06a03bc8
Break apart large function 2021-01-29 11:46:22 +01:00
Lukas Reschke
31c63a6c96
Add some more flows (#4659)
* Add some more flows

- Adds all relevant JSON flows https://www.php.net/manual/en/ref.json.php
- Adds all relevant misc flows https://www.php.net/manual/en/ref.misc.php
- Adds a small subset of URL flows https://www.php.net/manual/en/ref.url.php

* Update CoreGenericFunctions.phpstub
2021-01-29 11:46:21 +01:00
Matt Brown
684340cbe3
Fix #4656 - separate UnusedConstructor from UnusedMethod 2021-01-29 11:46:21 +01:00
orklah
2b19795f29
Only crash Psalm when the faulty file is in project (#4658) 2021-01-29 11:46:21 +01:00
orklah
ecb201a312
null operations should return mixed results (#4655) 2021-01-29 11:46:21 +01:00
Matt Brown
cd37174de4
Fix slash 2021-01-29 11:46:21 +01:00
Matt Brown
676a0ed2d1
Fix #4609 - add more attribute rules 2021-01-29 11:46:21 +01:00
Matt Brown
14807326fe
Fix #4475 - verify that used attributes actual use the Attribute attribute 2021-01-29 11:46:21 +01:00
Matt Brown
763eff2e8b
Fix #4611 - flag invalid attribute arguments correctly 2021-01-29 11:46:21 +01:00
Matt Brown
dc9a2a48e9
Fix #4615 - ensure promoted properties are not treated as uninitialized 2021-01-29 11:46:21 +01:00
Matt Brown
2fff4eb5c1
Fix #4653 - prevent crash with recursive type in root namespace 2021-01-29 11:46:20 +01:00
Matt Brown
56918001a8
Fix #4643 - use PHP8 union types when possible 2021-01-29 11:46:20 +01:00
Matt Brown
169dbf2545
Add instanceof check 2021-01-29 11:46:20 +01:00
Matt Brown
0565c47049
Remove unnecessary coercion 2021-01-29 11:46:20 +01:00
Matt Brown
48a58c56e3
Don’t erase already-known literal ints
Fixes #4644
2021-01-29 11:46:20 +01:00
Matt Brown
48fba8a6b9
Only run unused code analysis where necessary 2021-01-29 11:46:20 +01:00
Matt Brown
d43bb3923b
Break aparat type combiner 2021-01-29 11:46:20 +01:00
orklah
086bf2910f
return string in phpdoc for a literal class-string (#4652) 2021-01-29 11:46:20 +01:00
orklah
6fd28d188a
avoid formating useless type (#4651) 2021-01-29 11:46:20 +01:00
Lukas Reschke
b2143f1da5
Implement variadic taint propagation (#4649)
* Implement variadic taint propagation

* Lint code
2021-01-29 11:46:19 +01:00
orklah
83f5ee9db6
Unused psalm-suppress (#4646) 2021-01-29 11:46:19 +01:00
orklah
58ddeaafdf
use int|string in phpdoc format for array-key (#4645) 2021-01-29 11:46:19 +01:00
dq5studios
f9edf5d7e1
Fix whitespace in help output (#4642) 2021-01-29 11:46:19 +01:00
Lukas Reschke
4de2bf8f7f
Add psalm-flow for string functions from sscanf to wordwrap (#4591)
* Add string functions from sscanf to wordwrap

This should conclude all string functions from https://www.php.net/manual/en/book.strings.php

Continuation of https://github.com/vimeo/psalm/pull/4576

Ref https://github.com/vimeo/psalm/issues/3636

* Add StrTrReturnTypeProvider

* Fix psalm error

* phpcs

* Line length

* Ignore false return on vsprintf

Co-authored-by: Matthew Brown <github@muglug.com>
2021-01-29 11:46:19 +01:00
Matthew Brown
7edb8ef3f8
Fix taint description 2021-01-29 11:46:19 +01:00
Matt Brown
38d1dded4e
Fix test 2021-01-29 11:46:19 +01:00
Matt Brown
b539fdf70e
Allow Psalm to run in taint analysis mode without a config 2021-01-29 11:46:18 +01:00
Matt Brown
1bd087bd0d
Allow mixed in PHP 8 for manipulation 2021-01-29 11:46:18 +01:00
orklah
289a3b220b
allow static return type in PHP8 (#4641) 2021-01-29 11:46:18 +01:00
Matt Brown
fb1fce8723
Fix Phar platform check
Fixes #4640
2021-01-29 11:46:18 +01:00
Matt Brown
7f0ac653a1
First creation_function param isnÆt really a sink 2021-01-29 11:46:18 +01:00
Matt Brown
068907327d
Fix #4637 - prevent regression when negating function call with === false 2021-01-29 11:46:18 +01:00
Dalibor Karlović
ea089d9696
feature: allow plugin manager to work without config file (#4639) 2021-01-29 11:46:17 +01:00
Matt Brown
12e9a3d2ab
Fix #4636 - prevent crashes on aliased classes 2021-01-29 11:46:17 +01:00
Matthew Brown
2c14699ae4
Grammar 2021-01-29 11:46:17 +01:00
Matthew Brown
534b1d135a
Make Readme more punchy 2021-01-29 11:46:17 +01:00
Markus Staab
2c998aea7e
documented type in InternalTaintSinkMap (#4627) 2021-01-29 11:46:17 +01:00
Matt Brown
84348ec38d
Don’t taint foreach keys with array-fetch
We could use array-keyfetch or similar, but for now gives false-positives
2021-01-29 11:46:17 +01:00
orklah
5afbf5f831
return static instead of self when static context detected (#4632)
* return this instead of self when static context detected

* replace $this by static
2021-01-29 11:46:17 +01:00
Matt Brown
02b1cc2288
Change TaintedText to TaintedCallable 2021-01-29 11:46:17 +01:00