mirror of
https://github.com/danog/psalm.git
synced 2024-12-11 08:49:52 +01:00
ea52b9d23a
While I was searching for some code, ran across these.
501 B
501 B
Custom Taint Sinks
The @psalm-taint-sink <taint-type> <param-name>
annotation allows you to define a taint sink.
Any tainted value matching the given taint type will be reported as an error by Psalm.
Example
Here the PDOWrapper
class has an exec
method that should not receive tainted SQL, so we can prevent its insertion:
<?php
class PDOWrapper {
/**
* @psalm-taint-sink sql $sql
*/
public function exec(string $sql) : void {}
}