upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-20 00:12:30 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
85564 commits 679 branches 1186 tags 6.6 GiB
Commit graph

56 commits

Author SHA1 Message Date
Carl Schwan
11cf69d8ba
fix(psalm): Fix static analysis issues in apps/*/tests 
There are still 1200 more to fix before we can enable static analysis
for the tests.

Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-01-16 12:00:51 +01:00
Carl Schwan
a430702caa
refactor(psalm): Enable psalm for comments unit tests 
This is the first step to enable psalm for our test suite to find issues
also there.

At the moment, this already found some completely broken and unused
method in TestCase and prepare the way for making ICommentsManager work
with snowflake ids by using string instead of int for the ids
consistently.

Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-01-07 13:21:33 +01:00
Joas Schilling
967a181403
ci(psalm): Add a checker against logical operators 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-11-07 12:07:25 +01:00
Benjamin Gaussorgues
3aa0c23e40
Merge pull request #54543 from nextcloud/preview-db-rework 2025-10-08 16:39:23 +02:00
provokateurin
4b90a2c730
build(psalm): Raise PHP version to 8.2 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-10-06 18:01:51 +02:00
Carl Schwan
324b54b863 refactor(preview): Cleanup the implementation of the new preview backend 
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2025-10-06 13:37:15 +02:00
Daniel Kesselberg
28dc3e2d85
chore: move smb package to 3rdparty 
- Automated updates
- Easier maintenance
- Not having another copy of the streams packages

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-07-31 15:19:07 +02:00
Edward Ly
86533681e8
fix(psalm): suppress UndefinedClass error for OCA\ContextChat\Public\ContentManager 
Signed-off-by: Edward Ly <contact@edward.ly>
 2025-07-15 08:16:25 -07:00
Jana Peper
603522a59c test: fix tests 
Signed-off-by: Jana Peper <jana.peper@nextcloud.com>
 2025-07-03 10:25:19 +02:00
Ferdinand Thiessen
2986fead40
chore: ignore 3rdparty while psalm linting 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-15 18:38:38 +02:00
provokateurin
0f2f4aab5c
feat(psalm): Mark all usage of deprecated code as error 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-15 11:48:40 +02:00
Julius Knorr
3fc9a99521 perf: Add config options to trigger individual and sample profiling using excimer 
Signed-off-by: Julius Knorr <jus@bitgrid.net>
 2025-04-22 08:57:02 +02:00
Ferdinand Thiessen
4a64cf54ba ci: test that all apps are enabled for psalm 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-07 14:40:37 +02:00
Ferdinand Thiessen
c0212af7fa
chore: lint files_reminders using psalm 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-07 10:56:16 +02:00
provokateurin
6fd17994fb
fix(psalm): Enable findUnusedBaselineEntry 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-23 09:14:38 +02:00
Ferdinand Thiessen
2ec68b1eb9
refactor(Log): Use new in initializer instead of constructor body 
PHP 8.1 allows us to now move the `new` into the initializer,
this makes the code a bit nicer (and 3 lines shorter).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-17 18:38:28 +02:00
Robin Appelman
5490b12feb
chore: add psalm false positive to psalm.xml 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-07 19:41:44 +02:00
provokateurin
a94249d1d5
build(psalm): Enforce named attribute arguments 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-27 22:36:18 +02:00
Côme Chilliet
19bc3ed1e3 chore(webhooks): Rename webhooks application to webhook_listeners 
There is already a webhooks application in the appstore

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-06-11 14:10:29 +02:00
Andy Scherzinger
1df96b0417
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-10 11:07:50 +02:00
Côme Chilliet
9092dcfd41 chore: Fix psalm to use correct php version depending on branch 
Needs to be adapted on each branch to reflect the used PHP version and
 help with baseline updating.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-22 10:46:02 +02:00
Julius Härtl
c7813bfdaf
feat: Implement team provider api 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-05 08:13:58 +01:00
Côme Chilliet
05de5e27eb
chore(psalm): Include cron.php into psalm checked files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-08 13:58:49 +01:00
Joas Schilling
00acf1bae1
feat(CI): Add a stub for SensitiveParameter, so Psalm is not failing on Doctrine/DBAL 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-06 15:29:24 +02:00
Maxence Lange
8b9e7e235d ocm controller 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-09-20 08:23:45 -01:00
Alexander Piskun
01a11641f4 new name of AppEcosystem is AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-09-06 16:53:53 +03:00
Andrey Borysenko
d3583d3f30
Fix psalm ci (stub). Wrap server container with try-catch 
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2023-08-02 17:40:58 +03:00
jld3103
cd91b77193
psalm: Enable more/less specific errors 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-03 18:09:27 +02:00
Maxence Lange
d2efd0e03c displayname on federated shares 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-06-28 09:28:03 -01:00
jld3103
9fddbeaa54
Use psalm 5 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-05-02 13:24:30 +02:00
Joas Schilling
8e529df6ae
Merge pull request #37505 from nextcloud/fix/recommended-psalm-options 
Set recommended psalm options
 2023-04-03 09:54:13 +02:00
jld3103
fa53c7c5a7
Set recommended psalm options 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-31 09:15:03 +02:00
jld3103
4d390b5f54
Add stubs for Psr\Container to allow running psalm with multiple threads 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-31 08:27:50 +02:00
Julius Härtl
cb30c81010
chore(psalm): Make psalm aware of sabre/uri 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-08 14:00:04 +01:00
John Molakvoæ
1dee36c761
Remove accessibility 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2022-04-21 19:00:28 +02:00
Côme Chilliet
139da41bd4
Add stubs for ZipArchive 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-04-12 11:10:04 +02:00
Carl Schwan
aeecb72e96
Fix a few psalm issues and moved back to psalm/phar 4.18 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-01-12 20:03:06 +01:00
Côme Chilliet
24e9a29b3c
Add PHP 8.1 LDAP classes to ignored missing classes in psalm for docblocks 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2021-12-16 09:43:30 +01:00
Côme Chilliet
3631789651
Fix resource usages in OC_Image 
This makes sure using resource or GdImage (PHP>=8) behaves the same.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2021-10-28 17:48:43 +02:00
Joas Schilling
3710eca104
Allow "TwoFactor Nextcloud Notifications" to pull the state of the 2FA again 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-10-04 11:26:08 +02:00
Richard Steinmetz
8bd8e97181
Do not cache file ids in FileSystemTags inside group folders 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2021-09-14 15:10:44 +02:00
Julius Härtl
2d932b6b86
Add whitelist for apps inside of the server repo 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2020-12-28 11:26:50 +01:00
Julius Härtl
8286f46ab9
Suppress psalm warnings about app classes 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2020-12-09 13:20:25 +01:00
Lukas Reschke
47ac8e0028
Add Psalm Taint Flow Analysis 
This adds the Psalm Security Analysis, as described at
https://psalm.dev/docs/security_analysis/

It also adds a plugin for adding input into AppFramework.

The results can be viewed in the GitHub Security tab at
https://github.com/nextcloud/server/security/code-scanning

**Q&A:**

Q: Why do you not use the shipped Psalm version?
A: I do a lot of changes to the Psalm Taint behaviour. Using released
versions is not gonna get us the results we want.

Q: How do I improve false positives?
A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/

Q: How do I add custom sources?
A: https://psalm.dev/docs/security_analysis/custom_taint_sources/

Q: We should run this on apps!
A: Yes.

Q: What will change in Psalm?
A: Quite some of the PHP core functions are not yet marked to propagate
the taint. This leads to results where the taint flow is lost. That's
something that I am currently working on.

Q: Why is the plugin MIT licensed?
A: Because its the first of its kind (based on GitHub Code Search) and
I want other people to copy it if they want to. Security is for all :)

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2020-11-20 23:12:00 +01:00
Arthur Schiwon
86e5e7d927
LDAP simplify User_Proxy and Group_Proxy signatures 
- make User_Proxy and Group_Proxy easy to instantiate
- simplify dependent code
- move commands to info.xml
- make UpdateGroups job class non-static

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2020-10-23 12:25:31 +02:00
Morris Jobke
b70792aa6a
Add stubs for gd, intl, IntlChar, ldap, redis_cluster and xsl 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-18 13:01:10 +02:00
Morris Jobke
4efca69f8d
Add psalm baseline 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-18 12:59:17 +02:00
Daniel Kesselberg
8d18f0a7d7
Suppress warning for template functions. 
6e8e34fef9/lib/private/legacy/template/functions.php
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-08-18 08:58:20 +02:00
Daniel Kesselberg
90aa451447
Fix variable name for referenced variable. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-08-18 08:58:20 +02:00
Daniel Kesselberg
fe3a628470
Supress UndefinedGlobalVariable for register_command.php 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-08-18 08:58:20 +02:00