Comments (4)
Thanks. You can already disallow any function you want but maybe there should be a file with security-oriented deprecated calls, like md5
, sha1
, mysql_query
etc.
from phpstan-disallowed-calls.
I see this package as an automatic guarantee that it will check all common errors for me. I manage hundreds of projects and I don't have the ability to manually configure what to control in each one.
What do these basic functions (as you write) control directly and, if necessary, allow the user to disable this control?
from phpstan-disallowed-calls.
This package is not designed to check all common errors for you, that would be an impossible task and there's no such guarantee.
The definition of "common error" varies project by project but if you want to check all projects for common errors (as defined by you as a maintainer) which are not checked (yet?) by this package, you can always create a config file and include
it in all your projects just like you require this package. This is how the example .neon
files in this repository were born 😀 and this is what I plan to do for a framework-specific calls in https://github.com/spaze/phpstan-disallowed-calls-nette
I think having an extra "deprecated" file (similar to the "dangerous" one) is a good idea but I'd say it's blocked by #62 in this particular case, just to manage expectations.
from phpstan-disallowed-calls.
The new bundled config file (disallowed-insecure-calls.neon) was released in 1.8.0
from phpstan-disallowed-calls.
Related Issues (20)
- Invalid configuration: Unexpected item 'parameters › disallowedFunctionCalls'. HOT 2
- allowParams* reports invalid configuration HOT 3
- When a call is disallowed due to a parameter rule, display a different message
- Rename branch to `main` HOT 2
- Union types are not supported in params
- allowExceptParams fails on v2.11.3 when concatenation with object param HOT 1
- Add support for disallowing conditions on attributes HOT 4
- Add support for disallowing things when used inside class with certain attribute HOT 5
- Extension parameters in `extension.neon` should be defined as a structure HOT 1
- FeatureRequest: `disallowDirectory` HOT 4
- disallowedMethodCalls should also be triggered on inherited classes HOT 3
- Wrong file order in tests/bootstrap.php HOT 2
- After update psalm dies to unknown class HOT 4
- Do not add ", because reasons" when no message is defined HOT 2
- Supporting attributes restrictions on more targets, i.e. properties HOT 4
- It would be cool if I could disallow a call with an empty array, e.g. `func([])`
- Having multiple `allowExceptCaseInsensitiveParams` together with `disallowedAttributes` does not work HOT 3
- No tests for `disallowedAttributes` HOT 2
- Add support enum dynamic constant HOT 8
- `disallowed-loose-calls.neon` broke with PHPStan 1.10.58 HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpstan-disallowed-calls.