stable

Clone or download

Read-only

Psalm can be launched in the taint analysis mode

This contribution introduces a new helper in the root Makefile: `make psalm-taint-analysis` A few changes have been done to the rest of the code so we can launch it without errors. A shortcut has been taken to annotate the Codendi_HTMLPurifier::purify method as the CONFIG_DISABLED mode should not remove the html taint of the input. Improvements will be done later on. Part request #15015: Initiate usage of Psalm taint analysis feature Change-Id: I65a95345f679dc96c4860874b82dca7b800ece69

Modified Files

Name
M Makefile +4 −0 Go to diff View file
M src/common/Project/Admin/Reference/ReferenceAdministrationViews.php +3 −3 Go to diff View file
M src/common/include/Codendi_HTMLPurifier.class.php +4 −1 Go to diff View file
M src/common/include/URLVerification.class.php +1 −3 Go to diff View file
M src/common/layout/BaseLayout.php +15 −5 Go to diff View file
M tests/lib/Builders/TestLayout.php +1 −1 Go to diff View file