-
Notifications
You must be signed in to change notification settings - Fork 59
Expand file tree
/
Copy pathpsalm.xml
More file actions
23 lines (22 loc) · 936 Bytes
/
psalm.xml
File metadata and controls
23 lines (22 loc) · 936 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<?xml version="1.0"?>
<psalm
runTaintAnalysis="true"
>
<projectFiles>
<directory name="fields" />
<directory name="front" />
<directory name="inc" />
<file name="hook.php" />
<file name="setup.php" />
</projectFiles>
<issueHandlers>
<!--
Too many false positives.
- many are already secured by ForbidDynamicInstantiationRule, but Psalm does not seems to consider `is_a()` checks safe enough;
- many are related dynamic call to plugin functions/classes, we need a lot of refactor to indicate to Psalm these can be ignored;
- the rest is likely to not be exploitable, due to the really low probability to have a classname
that can be abused and that implements the specific static method called on a dynamic classname.
-->
<TaintedCallable errorLevel="suppress" />
</issueHandlers>
</psalm>