parse
parse copied to clipboard
psecio
Parse: A Static Security Scanner
Hello, I'm discovering psecio-parse and I've just ran it on my codebase. I've opened this issue to report errors when running it against a PHP 7.1 codebase: ~~~php private const...
```bash $ composer install Loading composer repositories with package information Updating dependencies (including require-dev) Package operations: 24 installs, 0 updates, 0 removals - Installing akamon/mockery-callable-mock (v1.0.0): Downloading (failed) Failed to...
Can't install this extension to my project since it's too new for it, I use nikic/php-parser 4.* in my code, but this package uses 2.0 version I think it'd be...
Hey, installation is failing for me due to the composer constraint ` "symfony/console": "2.5 - 3.2",` ``` "require":{ "php": ">=5.4", "nikic/php-parser": "^2.0", "symfony/console": "2.5 - 3.2", "symfony/event-dispatcher": "2.4 - 3.4"...
Calling `create_function` is effectively an `eval` call and thus should be avoided :) https://secure.php.net/manual/en/function.create-function.php
Similar to preferring strict comparisons (`===` vs. `==`), it'd be great to include a check for non-strict calls to `in_array`. I.e. ensure `in_array($needle, $haystack, true)`.
The `openssl_verify` function has the unfortunate interface of returning `1` if the signature is correct, `0` if it is incorrect, and `-1` on error. This means if you do a...
I'm getting error: ``` 2) core/units/related_searches/related_searches_config.php on line 15 Avoid the use of `exit` or `die` with strings as it could lead to injection issues (direct output) > defined('FULL_PATH') or...
The common way of dealing with accessing PHP files directly from web browser (when codebase is located within DocumentRoot, like in WordPress) is placing following code on top of PHP...