Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add phpstan. #88

Merged
merged 1 commit into from
Sep 13, 2024
Merged

Add phpstan. #88

merged 1 commit into from
Sep 13, 2024

Conversation

sandyyeah100
Copy link
Collaborator

No description provided.

@random1223 random1223 merged commit 6ca1b43 into main Sep 13, 2024
1 check failed
Copy link

Codety
Issues found in this pull request based on Codety's default factory settings:

Java

File Issue
..anner/analyzer/checkov/CheckovResultConverter.java 🟡 [Error Prone] [AvoidLiteralsInIfCondition] Avoid using literals in if statements view
🔴 [Code Style] [UnnecessaryImport] Unused import 'io.codety.scanner.analyzer.checkov.dto.*' view
🔴 [Code Style] [UnnecessaryImport] Unused import 'com.fasterxml.jackson.core.JsonProcessingException' view
..anner/analyzer/checkov/dto/CheckovCheckResult.java ⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'evaluated_keys' doesn't match '[a-z][a-zA-Z0-9]*' view
..anner/analyzer/checkov/dto/CheckovFailedCheck.java ⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'added_date' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'removed_date' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'added_by' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'removed_commit_hash' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'added_commit_hash' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'validation_status' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'definition_context_file_path' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'check_len' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'connected_node' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'vulnerability_details' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'short_description' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'bc_category' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'resource_address' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'caller_file_line_range' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'caller_file_path' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'entity_tags' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'fixed_definition' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'check_class' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'file_line_range' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'repo_file_path' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'file_abs_path' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'file_path' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'code_block' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'check_result' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'check_name' doesn't match '[a-z][a-zA-Z0-9]' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'bc_check_id' doesn't match '[a-z][a-zA-Z0-9]
' view
⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'check_id' doesn't match '[a-z][a-zA-Z0-9]*' view
..y/scanner/analyzer/checkov/dto/CheckovResults.java ⚪ [Code Style] [FormalParameterNamingConventions] The method parameter name 'failed_checks' doesn't match '[a-z][a-zA-Z0-9]*' view

The issue list was truncated due to too many issues were found in this pull request

Secrets detection

File Issue
code-issue-examples/secrets/github-secret.txt 🔴 [security] [github-access-token] Detected potential exposure of sensitive information view
🔴 [security] [github-access-token] Detected potential exposure of sensitive information view
..i/src/main/java/com/SecretExposureJavaExample.java 🔴 [security] [github-access-token] Detected potential exposure of sensitive information view
🔴 [security] [github-access-token] Detected potential exposure of sensitive information view
..lyzer/codety/CodetyDefaultFactoryAnalyzerTest.java 🔴 [security] [github-access-token] Detected potential exposure of sensitive information view

Javascript

File Issue
..resources/eslint/code-smell-examples/bad-html.html ⚪ [generic] [require-lang] Missing lang attribute in <html> tag. view
⚪ [Tag] [require-doctype] Missing <!DOCTYPE HTML> view
⚪ [generic] [indent] Expected indentation of 4 space but found no indent. view
⚪ [Tag] [require-closing-tags] Missing closing tag for div. view
⚪ [AttributeValue] [no-duplicate-id] The id '1' is duplicated. view
⚪ [AttributeValue] [no-duplicate-id] The id '1' is duplicated. view
⚪ [generic] [require-img-alt] Missing alt attribute at <img> tag view
code-issue-examples/html/bad-html.html ⚪ [generic] [require-lang] Missing lang attribute in <html> tag. view
⚪ [Tag] [require-doctype] Missing <!DOCTYPE HTML> view
⚪ [generic] [indent] Expected indentation of 4 space but found no indent. view
⚪ [Tag] [require-closing-tags] Missing closing tag for div. view
⚪ [AttributeValue] [no-duplicate-id] The id '1' is duplicated. view
⚪ [AttributeValue] [no-duplicate-id] The id '1' is duplicated. view
⚪ [generic] [require-img-alt] Missing alt attribute at <img> tag view

Python

File Issue
..esources/pylint/code-smell-examples/consistency.py 🟡 [convention] [wrong-import-order] standard import "typing.Optional" should be placed before third party import "torch" view
🟡 [convention] [missing-module-docstring] Missing module docstring view
🟡 [error] [import-error] Unable to import 'torch' view
..test/resources/pylint/code-smell-examples/test1.py 🟡 [error] [undefined-variable] Undefined variable 'a2' view
🟡 [convention] [missing-module-docstring] Missing module docstring view
🟡 [convention] [invalid-name] Constant name "b3" doesn't conform to UPPER_CASE naming style view
code-issue-examples/python/consistency.py 🟡 [convention] [wrong-import-order] standard import "typing.Optional" should be placed before third party import "torch" view
🟡 [convention] [missing-module-docstring] Missing module docstring view
🟡 [error] [import-error] Unable to import 'torch' view
code-issue-examples/python/bad-python-code.py 🟡 [error] [undefined-variable] Undefined variable 'a2' view
🟡 [convention] [missing-module-docstring] Missing module docstring view
🟡 [convention] [invalid-name] Module name "bad-python-code" doesn't conform to snake_case naming style view
🟡 [convention] [invalid-name] Constant name "b3" doesn't conform to UPPER_CASE naming style view
🟡 [refactor] [duplicate-code] Similar lines in 2 files==consistency:[46:72]==consistency:[46:72] if src_weights is None: ... view

IaC

File Issue
..amples/iac/terraform/vpc-3-layer-example/alb_sg.tf 🔴 [security] [CKV_AWS_260] Ensure no security groups allow ingress from 0.0.0.0:0 to port 80 view
🔴 [security] [CKV_AWS_23] Ensure every security group and rule has a description view
..amples/iac/terraform/vpc-3-layer-example/app_sg.tf 🔴 [security] [CKV_AWS_23] Ensure every security group and rule has a description view
..-examples/iac/terraform/vpc-3-layer-example/ec2.tf 🔴 [security] [CKV_AWS_79] Ensure Instance Metadata Service Version 1 is not enabled view
🔴 [security] [CKV_AWS_135] Ensure that EC2 is EBS optimized view
🔴 [security] [CKV_AWS_8] Ensure all data stored in the Launch configuration or instance Elastic Blocks Store is securely encrypted view
🔴 [security] [CKV_AWS_126] Ensure that detailed monitoring is enabled for EC2 instances view
🔴 [security] [CKV2_AWS_41] Ensure an IAM role is attached to EC2 instance view
🔴 [security] [CKV_AWS_79] Ensure Instance Metadata Service Version 1 is not enabled view
🔴 [security] [CKV_AWS_135] Ensure that EC2 is EBS optimized view
🔴 [security] [CKV_AWS_8] Ensure all data stored in the Launch configuration or instance Elastic Blocks Store is securely encrypted view
🔴 [security] [CKV_AWS_126] Ensure that detailed monitoring is enabled for EC2 instances view
🔴 [security] [CKV2_AWS_41] Ensure an IAM role is attached to EC2 instance view
..iac/terraform/vpc-3-layer-example/load-balancer.tf 🔴 [security] [CKV_AWS_261] Ensure HTTP HTTPS Target group defines Healthcheck view
🔴 [security] [CKV_AWS_150] Ensure that Load Balancer has deletion protection enabled view
🔴 [security] [CKV_AWS_131] Ensure that ALB drops HTTP headers view
🔴 [security] [CKV_AWS_91] Ensure the ELBv2 (Application/Network) has access logging enabled view
🔴 [security] [CKV2_AWS_28] Ensure public facing ALB are protected by WAF view
..mples/iac/terraform/vpc-3-layer-example/subnets.tf 🔴 [security] [CKV_AWS_130] Ensure VPC subnets do not assign public IP by default view
🔴 [security] [CKV_AWS_130] Ensure VPC subnets do not assign public IP by default view
..amples/iac/terraform/vpc-3-layer-example/web_sg.tf 🔴 [security] [CKV_AWS_23] Ensure every security group and rule has a description view
..-examples/iac/terraform/vpc-3-layer-example/vpc.tf 🔴 [security] [CKV2_AWS_12] Ensure the default security group of every VPC restricts all traffic view
🔴 [security] [CKV2_AWS_11] Ensure VPC flow logging is enabled in all VPCs view
..s/iac/terraform/vpc-3-layer-example/nat_gateway.tf 🔴 [security] [CKV2_AWS_19] Ensure that all EIP addresses allocated to a VPC are attached to EC2 instances view
image/Dockerfile 🔴 [security] [CKV_DOCKER_3] Ensure that a user for the container has been created view
🔴 [security] [CKV_DOCKER_2] Ensure that HEALTHCHECK instructions have been added to container images view
..-examples/iac/terraform/vpc-3-layer-example/rds.tf 🔴 [security] [CKV_SECRET_6] Base64 High Entropy String view
.github/workflows/codety.yml 🔴 [security] [CKV2_GHA_1] Ensure top-level permissions are not set to write-all view

Golang

File Issue
..ode-issue-examples/go/module-with-mod/cgo-issue.go 🟡 [generic] [typecheck] : found packages mymodule (cgo-issue.go) and hello (hello.go) in view
..examples/go/module-with-mod/mymodule/unused-var.go 🟡 [generic] [typecheck] : # hello/mymodule mymodule/unused-var.go:7:10: u1 declared and not used mymodule/unused-var.go:8:10: u2 declared and not used view

scala

File Issue
..scanner/code-issue-examples/scala/emptyclass.scala 🟡 [generic] [EmptyClassChecker] Redundant braces after class definition view
🟡 [generic] [HeaderMatchesChecker] Header does not match expected text view
🟡 [generic] [EmptyClassChecker] Redundant braces after class definition view
..odety-scanner/code-issue-examples/scala/test.scala 🟡 [generic] [HeaderMatchesChecker] Header does not match expected text view
🟡 [generic] [NewLineAtEofChecker] File must end with newline character view

Ruby

File Issue
code-issue-examples/ruby/bad-ruby-code-examples.rb ⚪ [style] [redundant-exception] Redundant RuntimeError argument can be removed. view
⚪ [layout] [space-after-comma] Space missing after comma. view
⚪ [layout] [trailing-empty-lines] Final newline missing. view
⚪ [layout] [empty-lines] Extra blank line detected. view
🟡 [lint] [useless-assignment] Useless assignment to variable - заплата. view
⚪ [naming] [ascii-identifiers] Use only ascii symbols in identifiers. view
🟡 [lint] [useless-assignment] Useless assignment to variable - a. Use _ or _a as a variable name to indicate that it won't be used. view
⚪ [style] [parallel-assignment] Do not use parallel assignment. view
🟡 [lint] [useless-assignment] Useless assignment to variable - b. Use _ or _b as a variable name to indicate that it won't be used. view
🟡 [lint] [useless-assignment] Useless assignment to variable - c. Use _ or _c as a variable name to indicate that it won't be used. view
🟡 [lint] [useless-assignment] Useless assignment to variable - d. Use _ or _d as a variable name to indicate that it won't be used. view
⚪ [layout] [extra-spacing] Unnecessary spacing detected. view
🟡 [lint] [useless-assignment] Useless assignment to variable - unused_var. Use _ or _unused_var as a variable name to indicate that it won't be used. view
🟡 [lint] [useless-assignment] Useless assignment to variable - used_var. Use _ or _used_var as a variable name to indicate that it won't be used. view
⚪ [layout] [extra-spacing] Unnecessary spacing detected. view
⚪ [naming] [method-parameter-name] Method parameter must be at least 3 characters long. view
🟡 [lint] [useless-assignment] Useless assignment to variable - result. view
⚪ [layout] [space-around-operators] Operator = should be surrounded by a single space. view
⚪ [layout] [extra-spacing] Unnecessary spacing detected. view
🟡 [lint] [unused-block-argument] Unused block argument - k. If it's necessary, use _ or _k as an argument name to indicate that it won't be used. view
⚪ [naming] [file-name] The name of this source file (bad-ruby-code-examples.rb) should use snake_case. view
⚪ [style] [frozen-string-literal-comment] Missing frozen string literal comment. view

Css

File Issue
code-issue-examples/css/bad-css.css 🔴 [styling] [comment-no-empty] Unexpected empty comment (comment-no-empty) view
🔴 [styling] [block-no-empty] Unexpected empty block (block-no-empty) view
🔴 [styling] [selector-type-no-unknown] Unexpected unknown type selector "hello" (selector-type-no-unknown) view

Shell

File Issue
..c/terraform/vpc-3-layer-example/ec2-init-script.sh 🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
code-issue-examples/shell/bad-shell.sh 🟡 [styling] [2038] Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames. view
🟡 [styling] [2089] Quotes/backslashes will be treated literally. Use an array. view
🟡 [styling] [2090] Quotes/backslashes in this variable will not be respected. view
🟡 [styling] [2088] Tilde does not expand in quotes. Use $HOME. view
🟡 [styling] [2061] Quote the parameter to -name so the shell won't interpret it. view
🟡 [styling] [2035] Use ./glob or -- glob so names with dashes won't become options. view
🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
🟡 [styling] [2086] Double quote to prevent globbing and word splitting. view
code-issue-examples/shell/bad-shell-2.sh 🟡 [styling] [2038] Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames. view
🟡 [styling] [2184] Quote arguments to unset so they're not glob expanded. view
🟡 [styling] [2064] Use single quotes, otherwise this expands now rather than when signalled. view
🟡 [styling] [2016] Expressions don't expand in single quotes, use double quotes for that. view
🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
image/publish_image.sh 🟡 [styling] [2181] Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?. view
🟡 [styling] [2086] Double quote to prevent globbing and word splitting. view
🟡 [styling] [2181] Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?. view
🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
image/debug_local_image.sh 🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
image/build_local_test_image.sh 🟡 [styling] [2181] Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?. view
🟡 [styling] [2046] Quote this to prevent word splitting. view
🟡 [styling] [2181] Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?. view
🟡 [styling] [2034] DOCKER_BUILD_VERSION appears unused. Verify use (or export if used externally). view
🔴 [styling] [2148] Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive. view
scanner/codety.sh 🟡 [styling] [2046] Quote this to prevent word splitting. view
scanner/test_app_local.sh 🟡 [styling] [2046] Quote this to prevent word splitting. view
🔴 [styling] [2287] This is interpreted as a command name ending with '/'. Double check syntax. view
🟡 [styling] [2125] Brace expansions and globs are literal in assignments. Quote it or use an array. view

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants