danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-12-14 18:36:58 +01:00
Code Issues Projects Releases Wiki Activity
7,690 Commits 43 Branches 314 Tags 108 MiB
ff3fff56d4
Commit Graph

3149 Commits

Author SHA1 Message Date
Matt Brown
ff3fff56d4 Simplify assertion negations, centralising as much as possible 
Now the flag passed to scrapeAssertions just determines the errors emitted
 2020-11-19 14:32:49 -05:00
Matt Brown
7803cc228b Revert "Fix #4624 - allow in_array to work with list arrays" 
This reverts commit 08ae85a735.
 2020-11-19 12:49:26 -05:00
Matt Brown
08ae85a735 Fix #4624 - allow in_array to work with list arrays 2020-11-19 09:26:41 -05:00
Matt Brown
95de6cf177 Allow immutable classes to be specialised through calls 2020-11-19 01:38:20 -05:00
Matt Brown
d60abaf858 Unfix fixes 2020-11-18 19:19:07 -05:00
Matt Brown
8dd229f6c0 Only ignore literal flows when tainting 2020-11-18 18:43:41 -05:00
Matt Brown
be275ae972 Fix #4605 - taint parent-declared property 2020-11-18 13:34:47 -05:00
Matt Brown
236292ff05 Fix #4600 - set attributes in a bunch of places 2020-11-18 12:44:59 -05:00
Lukas Reschke
ddbfbb28e6
Split LDAP into custom category (#4604) 
- Adds ldap_escape as sanitizer
- Defines the right parameters to ldap_search as sink
- Wrote documentation
- Added tests
 2020-11-18 11:39:36 -05:00
Matt Brown
4bb84f7f0a Add more attributes to fake PhpParser generated expressions 
Ref #4600
 2020-11-18 10:16:41 -05:00
Matt Brown
3f7f959726 Fix #4599 - propagate taints to parent callers where necessary 2020-11-18 09:59:54 -05:00
Lukas Reschke
5ba4681c17
Add SSRF sinks (#4592) 2020-11-18 00:52:48 -05:00
Matt Brown
28dee4146a Fix tests 2020-11-17 17:53:46 -05:00
Matt Brown
f6591e6d0f Use resolution that works in multithreaded mode 2020-11-17 17:24:46 -05:00
Matt Brown
2aa98bc5d0 Simplify tainted output a bit, removing duplicate paths 2020-11-17 17:17:18 -05:00
Matt Brown
adeaa33a64 Don’t propagate taints to child constructor args 2020-11-17 16:49:29 -05:00
Matt Brown
4e5111f1a8 Fix #4472 - if something flows into a byref var it’s used 2020-11-17 15:30:53 -05:00
Lukas Reschke
494ec40777
Add SARIF as report output (#4582) 
https://docs.oasis-open.org/sarif/sarif/v2.0/sarif-v2.0.html
 2020-11-17 13:23:20 -05:00
Matt Brown
43af3b1a57 Break out TaintedInput issues into a lot of separate ones 2020-11-17 12:44:31 -05:00
Matt Brown
42802e11d1 Allow PHP major version to determine substr return type 2020-11-16 16:31:33 -05:00
Dusk
0fe3e1f83b
Allow named arguments to variadic functions (#4575) 
Closes #4563
 2020-11-16 15:49:27 -05:00
Thomas Mauro Vargiu
4e8fb9c37f
Fix #4549 Better intersection between parent types (#4560) 2020-11-15 20:29:49 -05:00
orklah
6f8b463860
Detect trying to access to a list with a negative offset (#4552) 2020-11-15 20:26:50 -05:00
Matt Brown
5b004a1d11 Fix #4558 - Don’t convert value-of to key-of template 2020-11-15 18:33:07 -05:00
Matt Brown
26b4cd1fb9 Fix #4529 - allow unsetting with complex array key 2020-11-14 08:57:25 -05:00
Matt Brown
f65868c023 Fix style 2020-11-13 16:43:36 -05:00
Matt Brown
d97c8b750a Add closure-use termination for byref flows 2020-11-13 13:37:27 -05:00
Matt Brown
e7e5904d2d Remove unused uses in Psalm’s codebase 2020-11-13 13:16:39 -05:00
Matt Brown
2e47ca51d5 Fix #4547 - mark unused uses 2020-11-13 13:13:29 -05:00
Matt Brown
57125c7106 Uses by ref should be assigned that way 2020-11-13 12:50:01 -05:00
Matt Brown
4c1cf37d52 Improve error message for UnusedVariable 2020-11-13 12:36:17 -05:00
Matt Brown
086237aab7 Fix #4544 - improve handling of get_class in match 2020-11-13 11:55:42 -05:00
Matt Brown
13b83e6132 Fix #4545 - allow intersections in more places 2020-11-13 09:43:30 -05:00
Matt Brown
5a62dc5c40 Fix #4540 - use correct method when simulating property setting 2020-11-12 23:56:29 -05:00
Matt Brown
556fb12966 Move mutation checks to more appropriate place 2020-11-12 23:54:50 -05:00
Matt Brown
ec9762ce61 Prevent the same interface, repopulated, from confusing matters 2020-11-12 15:52:13 -05:00
Matt Brown
58c47ab32c Fix build 2020-11-12 14:22:54 -05:00
Matt Brown
3dd185e395 Fix #4537 - use more rigorous inerhitance for return and param types 2020-11-12 13:54:27 -05:00
Matt Brown
929efcc1ac Use the same docblock as the source params, if possible 2020-11-12 09:14:40 -05:00
Matt Brown
b7551e712a Use better way to determine which signture to use 
Fixes #4524
 2020-11-11 19:22:23 -05:00
Matt Brown
2f7bf2a144 Bind lower bounds to upper bounds as well when no upper bound can be inferred 
Ref #4485
 2020-11-11 17:46:09 -05:00
Matt Brown
a8d7248c31 Fix #4524 - do better template param inheritance 2020-11-11 13:25:17 -05:00
Matt Brown
5ad1e80e99 Fix #4527 - improve interpolated string types 2020-11-11 00:38:26 -05:00
Matt Brown
5a5cbb2892 Increase nesting 2020-11-10 18:27:28 -05:00
Matt Brown
165e0db157 Fix style 2020-11-10 16:19:24 -05:00
Matt Brown
46ebca4497 Fix coalesce operation tainting 2020-11-10 14:36:36 -05:00
Matt Brown
a82a9558d2 Experiment with refactor 2020-11-10 12:50:17 -05:00
Matt Brown
b731b53d5e Add debug stuff for code complexity 2020-11-10 12:49:42 -05:00
Matt Brown
81babf2430 Clone to prevent incorrect references 2020-11-10 09:01:46 -05:00
Matt Brown
e27cbfba57 Reduce size of data flow graph when analysing array assignments 2020-11-09 22:44:36 -05:00