Search Results for "garnet-file"

...Phan has a good (but not comprehensive) understanding of flow control and can track values in a few use cases (e.g. arrays, integers, and strings). With Phan installed, you'll want to create a .phan/config.php file in your project to tell Phan how to analyze your source code. Phan 5 depends on PHP 7.2+ with the php-ast extension (1.0.16+ is preferred) and supports analyzing PHP version 7.0-8.1 syntax. Check that all methods, functions, classes, traits, interfaces, constants, properties and variables are defined and accessible. Check for type safety and arity issues on method/function/closure calls.

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7-specific rules. The tool also checks for CVE issues and security advisories related to the CMS/framework. This enables you to follow the versioning of components during static code analysis. The main reason for this project being an extension of PHP_CodeSniffer is to have easy integration into continuous...

RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/