You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
The key has expired.
Two new internal services NewCalls and EvalCalls were added.
If you're not using includes: - vendor/spaze/phpstan-disallowed-calls/extension.neon you'd need to manually add them to your phpstan.neon's services, check extension.neon to see what needs to be added
This alone brings some breaking changes (see #25 for discussion) so I thought I'd bump the version number. Due to some rather poor choices in the past, the version is now 0.12 and I can't stay on that because of the changes. Going to 0.13 would be confusing because PHPStan 0.12 is still supported. So let's go to 1.0. I like what this does already so why not :-)
Constructor calls (object creations) are now detected, just disallow Foo\Bar::__construct() even if there's no constructor defined in that particular class. Both new Foo and $a = 'Foo'; new $a; is detected. (#37, thanks @enumag for the test)
Disallowed calls can start with a backslash (method \Foo::bar() instead of just method Foo::bar()) (#38)
eval() is detected, did you know it's not a function but a language construct? (#36)
Extra functions added to the bundled config files (#35): disallowed-execution-calls.neon includes popen() disallowed-dangerous-calls.neon now also includes these:
