Release Notes - 1.1
1.1.0-alpha2
Note
Update psalm (master branch, commit e72fb5a2b31e606abd525f867696c5ba5bf7451b)
Other Updates
Details |
Psalm standard error is now redirected to cast.analysers.log with a [psalm stderr] prefix. |
Rules
Rule Id |
New Rule |
Details |
1034054 |
TRUE |
Avoid parsing XML data without restriction of XML External Entity Reference (XXE) (PHP) |
1034056 |
TRUE |
Avoid using hard-coded HMAC keys (PHP) |
1034058 |
TRUE |
Avoid uncontrolled sleep calls (PHP) |
1.1.0-alpha1
Other Updates
Details |
Switch to Psalm master branch (commit 96d83947615641734a5baa181d44da7f10ee0246) which will be the future version 6.x. |
Rules
Rule Id |
New Rule |
Details |
1034024 |
TRUE |
Avoid second order SQL injection (PHP) |
1034026 |
TRUE |
Avoid second order code injection (PHP) |
1034028 |
TRUE |
Avoid second order LDAP injection (PHP) |
1034030 |
TRUE |
Avoid second order OS command injection (PHP) |
1034032 |
TRUE |
Avoid second order PHP Remote File Inclusion |
1034034 |
TRUE |
Avoid second order cookie injection (PHP) |
1034036 |
TRUE |
Avoid second order file path manipulation (PHP) |
1034038 |
TRUE |
Avoid cross-site scripting (persistent) (PHP) |
1034040 |
TRUE |
Avoid second order deserialization injection (PHP) |
1034042 |
TRUE |
Avoid second order HTTP header injection (PHP) |
1034044 |
TRUE |
Avoid second order server-side request forgery (PHP) |
1034046 |
TRUE |
Avoid second order reflection injection (PHP) |
1034048 |
TRUE |
Avoid using insufficient random generator (PHP) |
1034050 |
TRUE |
Avoid XPath injection (PHP) |
1034052 |
TRUE |
Avoid second order XPath injection (PHP) |