Skip to content
#

static-analysis

Here are 844 public repositories matching this topic...

Jemi
Jemi commented Feb 29, 2020

For bugs

  • Rule Id (if any, e.g. SC1000):
    SC2012
  • My shellcheck version (shellcheck --version or "online"):
    Any
  • [*] The rule's wiki page does not already cover this (e.g. https://shellcheck.net/wiki/SC2012)

Specifically, SC2012 wiki should cover the case where ls is being used just to get the number of files matching a certain literal or glob pattern, rather than propagating th

joachim-n
joachim-n commented Nov 16, 2017
<?php\n
\n
/**\n
 * @file\n
 * TODO: Enter file description here.\n
 */\n
\n
/**\n
 * Implements hook_hook_info().\n
 */\n
function testmodule8b_hook_info() {\n

Gets me this:

array:1 [
  0 => PhpParser\Node\Stmt\Function_ {#219
    // SNIP
    #attributes: array:3 [
      "startLine" => 11
      "comments" => array:2 [
        0 => PhpParser\Comment\Doc {#212
Yivan
Yivan commented Feb 13, 2020

Feature request

Hello,

I known we must go one level per level on existing project, but for new project there is the question "Which level I want to enforce without being too hard and assuring minimum clean code".

I think level 2 is great for minmum clean code, level 5 is more great and > 5 needs typehint, from what i gather on searching on internet.

It would be nice that in the docum

simivar
simivar commented Feb 26, 2020

One thing that's super useful for new users is code examples. Right now, the biggest problem for someone to start using PHP_CodeSniffer is lack of a list of available Sniffers with their options and examples. From what I know to get a list of all sniffs right now, you have to go through source code in src/Standards, and it's exhausting. Something like [mlocati/phpPHP-cs-fixer-configurator](htt

brakeman
avit
avit commented Feb 6, 2020

Is your feature request related to a problem? Please describe.

The sanitize_sql method signature is designed to receive an array with ["sql template", *values] that it uses for quoting and replacing placeholders.

When a string is passed instead of an array, sanitize_sql is a no-op, and the original string is returned unchanged.

Describe the solution you'd like

Queries lik

Mobile-Security-Framework-MobSF
rajuraju14
rajuraju14 commented Feb 20, 2020

If you're requesting a new feature/enhancement, explain why you'd like it to be added and it's importance.

Is your feature request related to a problem? Please describe.
isCleartextTrafficPermitted returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with a specific hostname for this process.

**Describe th

sushi2k
sushi2k commented Aug 11, 2019

Describe the issue
Needle doesn't seem to be maintained anymore. The last update was > 1 year and no issues have been answered this year. It also doesnt' seem to work on iOS JB devices with Chimera. FSecureLABS/needle#273

We should review where we use Needle and if other tools are a better alternative (e.g. objection, passionfruit).

checkstyle
oxdef
oxdef commented Dec 17, 2018

Summary

For more readability it will be great to add more lines in the rule code section (like in Bandit)

Steps to reproduce the behavior

  1. Scan some code and get report

Expected behavior

{
		"severity": "HIGH",
		"confidence": "HIGH",
		"rule_id": "G402",
		"details": "TLS InsecureSkipVerify set true.",
		"file": "request.go"
muglug
muglug commented Mar 1, 2020

These three should not have any errors:

/**
 * @template T
 * @template U
 * @param callable(T): U $predicate
 * @return Closure(iterable<T>): iterable<U>
 */
function map(callable $predicate): callable {
    return function($iter) use ($predicate): iterable {
        foreach ($iter as $key => $value) {
            yield $key => $predicate($value);
        }
    };
}
allanlewis
allanlewis commented Feb 20, 2020

The pylint docs are currently hosted at pylint.pycqa.org. This doesn't support HTTPS as the certificate used is for *.readthedocs.io:

➜ curl -LIsv https://pylint.pycqa.org/                              
*   Trying 104.208.221.96:443...
* TCP_NODELAY set
* Connected to pylint.pycqa.org (104.208.221.96) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certif

Improve this page

Add a description, image, and links to the static-analysis topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the static-analysis topic, visit your repo's landing page and select "manage topics."

Learn more

You can’t perform that action at this time.