Taint analysis bugfixes & features
- allow taints to flow when no return type is given (#3652)
- taint encapsulated strings based on their contents (#3655)
- @TysonAndre added
print
,unserialize
,create_function
and more as sinks - allow taints to flow through unpacked arguments and mixed
foreach
(#3670) - taint property types for magic getters/setters even in the absence of a
@property
annotation (#3668) - add taints to
filter_var
(#3675) - preserve taints after
is_string
checks (#3680) - taint the contents of
exit
just asecho
is (#3681) - @TysonAndre improved handling of
preg_replace_callback
- allow taints to flow through implied
__toString
methods (#3697) - specialize constructor taints as nececssary
- allow any part of a taint path to be suppressed with
@psalm-suppress TaintedInput
Other features
@olleharstedt added support for @psalm-self-out
, which allows some typestate-oriented programming in Psalm (#3650)
Bugfixes
- allow comparison of
get_class($foo) === static::class
- fix false-negative around missing property declarations (#3642)
- improve treatment of comparisons after assignment in conditional (#3631)
- @villfa improved reflection info for
Redis
(#3673) PDO::query
now allows two arguments (#3694)- @simPod improved reflection for
RdKafka\ProducerTopic::producev
(#3700) - @bdsl added a change that propagates
@internal
annotations on classes to their methods (#3698) - prevent crash with a
Foo|?
return type (#3716) - prevent crash on empty
@method
(#3721) - @jarstelfox fixed up the example
TemplateChecker
plugin - prevent crash when
clone
-ing undefined class (#3719) - infer template params from a class-string where appropriate (#3726)
- improve handling of
if
conditionals insidedo {...} while();
(#3685) - @lhchavez fixed a bug in docblock parsing where data was lost if a comment referred to a tag (#3776)
- allow
false
to be removed from template params (#3737) - allow storing references to impure classes via the class names inside immutable classes (#3738)