1
0
mirror of https://github.com/danog/psalm.git synced 2024-12-16 03:17:02 +01:00
Commit Graph

1018 Commits

Author SHA1 Message Date
Brown
07adecc6eb Use correct method id when creating taints 2020-06-21 02:06:08 -04:00
Brown
dc83c2e2fc Add annotation for taint sources 2020-06-21 00:58:56 -04:00
Brown
f21d3a8346 Remove html and sql taints for simple preg_replace patterns 2020-06-20 23:11:42 -04:00
Brown
8edee96d8d Fix taint regression 2020-06-20 18:10:01 -04:00
Brown
80ed1daf33 Allow static method mixin to invoke instance method 2020-06-20 18:05:35 -04:00
Ilija Tovilo
2f646d29db
Fix #3607 - constant string class reference with leading backslash (#3612) 2020-06-19 18:02:39 -04:00
Andrei Petre
6024fe4761
use original case in error messages when reporting undefined methods (#3615) 2020-06-19 11:51:08 -04:00
Brown
b1c836e5f3 Improve specialisation after call 2020-06-19 01:59:45 -04:00
Brown
8f2e28c36b Improve tainting of specializable classes 2020-06-19 01:22:51 -04:00
Brown
eecdc43ce7 Remove stray commas 2020-06-18 20:15:38 -04:00
Brown
49f0592794 Improve tracking of array taints 2020-06-18 18:48:19 -04:00
Brown
562a7c1ca4 Track taints from all tainted arrays 2020-06-18 13:45:58 -04:00
Brown
7d9a99a956 Fix #3609 - interpret strings as regular static calls 2020-06-18 11:56:08 -04:00
Brown
f609a01497 Move static property fetch analyzer to own class 2020-06-18 11:53:24 -04:00
Bruce Weirdan
6fb63903c1
Infer better types for magic constants used in const initializers (#3602)
Fixes vimeo/psalm#3464
2020-06-18 09:48:51 -04:00
Brown
137647a1a0 Fix #3603 - better typed value comparisons for loose equality 2020-06-18 09:31:38 -04:00
Olle Härstedt
e1cc27f7a2
Add new config: sealAllMethods (#3578)
* Add new config: sealAllMethods

* Add some more tests

* Fix codesniffer issue with preg_quote

* Fix missing method in test

Co-authored-by: Olle <noemail>
2020-06-15 22:36:42 -04:00
Brown
03e9649d49 Fix tainting of function calls absent taintable params 2020-06-15 20:59:48 -04:00
Brown
8c5a434dc8 Allow updating array by reference 2020-06-15 14:45:08 -04:00
Matthew Brown
081a284759 Fix #3567 - remember which variables a callable sets byref in use 2020-06-14 11:58:50 -04:00
Matthew Brown
a49a0e5650 Fix #3551 - count method can be impure 2020-06-14 11:06:53 -04:00
Matthew Brown
683bde9540 Fix #3573 - allow UnnecessaryVarAnnotation to be suppressed 2020-06-13 16:48:10 -04:00
Matthew Brown
edb2b4c5ef Get type of requires 2020-06-13 15:48:12 -04:00
Brown
9bfe50b20a Always analyse cast expressions
Fixes #3577
2020-06-12 17:25:46 -04:00
Brown
45ea5d0bfe Add a couple more shortcuts for common pattern
Fixes #3563
2020-06-12 11:18:34 -04:00
Brown
5617e9d7c9 Fix array_values call 2020-06-09 19:06:08 -04:00
Brown
286a8f911a Add support for static mixin calls
Fixes #3552
2020-06-09 18:39:52 -04:00
Matthew Brown
91e76f7173 Fix #3536 - Make method return type provider aware of original called method 2020-06-06 23:35:08 -04:00
Matthew Brown
0ac739fd48 Fix #3534 - allow magic method call on mixin 2020-06-06 23:28:32 -04:00
Matthew Brown
74a34f066c Don’t check classes if literal strings are allowed
Fixes #3538
2020-06-06 19:31:42 -04:00
Brown
cf92361338 Fix #3522 - only use property pass-through when it’s visible 2020-06-04 16:15:07 -04:00
Brown
a4aa44494f Fix #3519 - prevent empty callable string 2020-06-04 15:40:53 -04:00
Brown
7caaa64825 Fix #3418 - don’t override with send type when @psalm-yield is given 2020-06-02 13:27:17 -04:00
Brown
4e21e54ee1 Fix #3491 - provide correct types for substitution 2020-05-30 19:11:41 -04:00
El Azimov
bed5a74065
Add wildcard support for class constants in template. (#3489)
Co-authored-by: El Azimov <el.azimov@rocks>
2020-05-30 16:55:18 -04:00
Brown
db67be5965 Fix #3483 - analyse variable static property access properly 2020-05-29 09:28:34 -04:00
feek
5330dcbd7a
fix: pass along final (#3471) 2020-05-28 01:59:24 -04:00
still-dreaming-1
1bb884bd84
__TRAIT__ can be string or non-empty-string (#3469)
depending on whether or not it is used from inside a __TRAIT__
2020-05-27 19:23:46 -04:00
still-dreaming-1
9189335715
Fixes #3464 by typing __DIR__, __TRAIT__, and __FILE__ as non-empty-s… (#3468)
* Fixes #3464 by typing __DIR__, __TRAIT__, and __FILE__ as non-empty-string

* __TRAIT__ should stay string in case used outside a trait

Co-authored-by:  <jesse@LAPTOP-73CA4O5T.localdomain>
2020-05-27 18:21:26 -04:00
Brown
3c60609c21 Support better mixin handling 2020-05-27 11:12:09 -04:00
Brown
9b413cfccc Improved understanding of array_key_exists
Fixes #3463
2020-05-27 09:03:36 -04:00
Brown
769ac5c052 Fix #3458 - scope templated mixin accurately 2020-05-26 23:32:07 -04:00
Brown
d04e21ee5a Define mixin declaring classname 2020-05-26 23:32:07 -04:00
Brown
3da3d61270 Fix #3434 by removing extraneous call to simplifyType 2020-05-26 17:55:54 -04:00
Brown
0ef00f5756 Fix #3460 - allow isset checks on static properties 2020-05-26 17:40:27 -04:00
Brown
ecb179c784 Migrate min/max function calls back to CallMap 2020-05-26 12:28:56 -04:00
Brown
a266d4748b Fix build 2020-05-26 07:50:11 -04:00
Brown
953be61cf2 Allow limiting connected taint paths 2020-05-25 23:28:11 -04:00
Brown
7e7456c863 Make taint checks more thorough 2020-05-25 17:10:53 -04:00
Brown
2e6fc24867 Template callmap methods too
Fixes #3453
2020-05-25 14:21:06 -04:00
Brown
118b700436 Simplify sink mapping for internal calls 2020-05-25 13:10:06 -04:00
Brown
be847472a2 Fix #3453 - allow conditional return types on instance methods 2020-05-25 09:39:30 -04:00
Brown
3416e33348 Fix indentation 2020-05-25 01:23:28 -04:00
Brown
240b2f898c Add some negative test cases for @mixin
Also fix #3452
2020-05-25 00:19:52 -04:00
Brown
ff5c17c044 Switch subtype messagearg order 2020-05-24 09:43:54 -04:00
Brown
92a9a7efdf Handle flows into arguments a little better 2020-05-23 23:54:16 -04:00
Matthew Brown
1d17c02fba Fix #3442 - support broader type after initial array assignment 2020-05-23 23:23:50 -04:00
Brown
a198b09eb7 Add intermediary concat op node 2020-05-23 21:38:09 -04:00
Brown
f5a0622ad2 Fix style 2020-05-23 08:06:31 -04:00
Matthew Brown
0dee85d0b7
Remove redundancy 2020-05-23 01:48:56 -04:00
Brown
16af6a5773 Improve concat taint propagation 2020-05-23 01:11:16 -04:00
Brown
ee493909d7 Fix bugs 2020-05-23 00:08:16 -04:00
Brown
10c106f7eb Add eval sink 2020-05-23 00:03:29 -04:00
Brown
dc73e25157 Detect taints in include calls 2020-05-22 23:53:37 -04:00
Brown
e82c317d53 Adjust tolerances 2020-05-22 21:37:18 -04:00
Brown
fb3cb2c4d1 Only use plain return type if we’re not memoizing 2020-05-22 17:05:39 -04:00
Brown
4b1c3db760 Don’t memoize method call where we have a getter standin
Fixes #3427
2020-05-22 15:54:32 -04:00
Brown
8632cdb3cd Improve taint tracking during scanning phase 2020-05-22 12:33:48 -04:00
Brown
63c3678ae5 Improve property location resolution 2020-05-22 12:33:38 -04:00
Matthew Brown
187b944680 Add faster taint analysis 2020-05-22 12:33:29 -04:00
Joe Hoyle
6f28d741bc
Display variable assignment type in LSP hovers (#3401)
* Add node references for variable assignments

* Break up line

Co-authored-by: Matthew Brown <github@muglug.com>
2020-05-20 17:40:22 -04:00
Matthew Brown
3effdc5b69 Improve yield type substitution 2020-05-20 09:12:24 -04:00
Brown
2ec76f01c2 Fix redundant condition 2020-05-19 20:11:25 -04:00
Brown
27cb660377 Respect possibly-undefined array keys while merging
Fixes #3393
2020-05-19 20:10:01 -04:00
Brown
f335560b69 Allow setting property on templated type 2020-05-19 17:31:05 -04:00
Brown
a3214012a6 Only convert userland functions 2020-05-19 16:15:41 -04:00
Brown
4415e0f69c Fix special case calling callable param with string non-global function
Fixes #3411
2020-05-19 15:48:31 -04:00
Brown
b5ae0167a2 Fix typo 2020-05-19 14:58:53 -04:00
Brown
b38d945b12 Cast null and false to empty string
Ref #3408
2020-05-19 14:53:06 -04:00
Brown
0b2da18f1e Break up StatementsAnalyzer 2020-05-19 12:56:30 -04:00
Brown
666cc3b4c9 Fix BinaryOp analysis 2020-05-18 23:00:53 -04:00
Brown
8e5b330c5a Break apart CallAnalyzer 2020-05-18 22:57:00 -04:00
Brown
5b06c206e0 Move classes into deeper namespace 2020-05-18 22:52:33 -04:00
Brown
ace049a068 Beautify BinaryOpAnalyzer 2020-05-18 18:57:09 -04:00
Brown
8c86d47eb7 Downgrade some PossiblyInvalidClone issues 2020-05-18 17:18:13 -04:00
Brown
4ca83ca30d Add slash 2020-05-18 17:05:47 -04:00
Evgeniy
04a576708c
Correct analyze clone expression (#3382)
* Correct analyze clone, add PossibleInvalidClone issue type

* Infer mixed type when possible incorrect clone

* Remove unused variable
2020-05-18 16:22:50 -04:00
Brown
ea0a99d3a8 Fix bad merge 2020-05-18 16:02:10 -04:00
Brown
5ee1487a01 Make ExpressionAnalyzer more beautiful 2020-05-18 15:13:27 -04:00
Brown
21798efed2 Fix #3388 - eliminate null after < 0 check 2020-05-18 08:52:44 -04:00
Matthew Brown
4dd0a2b775 Fix #3380 - allow comparisons between template param and empty array 2020-05-16 16:41:07 -04:00
Nobu Funaki
abef8008bc
Fix InvalidCast after is_callable([$val, '__toString']) check (#3372)
Support is_callable() with an array argument similar to method_exists()
2020-05-16 08:50:43 -04:00
Brown
111303d913 Add non-empty-lowercase-string type 2020-05-15 10:18:05 -04:00
Brown
c212c03e40 Don’t stop analysing when encountering an UndefinedGlobalVariable
Fixes #3366
2020-05-14 22:51:51 -04:00
Brown
2af0a17d03 Fix #3236 - allow use-checking of more methods starting with __ 2020-05-12 22:39:26 -04:00
Brown
0d5d7c8938 Add null check 2020-05-11 11:56:07 -04:00
Brown
291018034b Remove unnecessary PHP code 2020-05-11 11:36:50 -04:00
Brown
eefd2e743b Use generic function definition for sscanf
cc @villfa
2020-05-10 23:58:51 -04:00
Brown
8f2f2617d4 Improve refactor 2020-05-10 22:45:01 -04:00
Brown
5f4d162dd5 Break out type expander into separate class 2020-05-10 22:39:18 -04:00