diff options
| author | Côme Chilliet <come.chilliet@nextcloud.com> | 2025-02-17 18:06:45 +0100 |
|---|---|---|
| committer | Côme Chilliet <come.chilliet@nextcloud.com> | 2025-02-17 18:08:23 +0100 |
| commit | e757b649b7b6415ae5f77e59b5160052896b2c21 (patch) | |
| tree | 21f63c87b66d8f316c5c2166e58dfb547db79b65 /build | |
| parent | 9edabfa21fa7e587c0ad95d2d230d215b060ade0 (diff) | |
| download | nextcloud-server-fix/fix-psalm-taint-errors-2.tar.gz nextcloud-server-fix/fix-psalm-taint-errors-2.zip | |
fix: Fix psalm taint false-positives by small refactoringsfix/fix-psalm-taint-errors-2
Mostly make it clear that we trust admin input or that we correctly
escape strings.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'build')
| -rw-r--r-- | build/psalm-baseline-security.xml | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/build/psalm-baseline-security.xml b/build/psalm-baseline-security.xml index 2777f4e7734..d9ab9c91076 100644 --- a/build/psalm-baseline-security.xml +++ b/build/psalm-baseline-security.xml @@ -1,41 +1,5 @@ <?xml version="1.0" encoding="UTF-8"?> <files psalm-version="5.26.1@d747f6500b38ac4f7dfc5edbcae6e4b637d7add0"> - <file src="apps/files_external/lib/Config/ConfigAdapter.php"> - <TaintedCallable> - <code><![CDATA[$objectClass]]></code> - </TaintedCallable> - </file> - <file src="apps/theming/lib/IconBuilder.php"> - <TaintedFile> - <code><![CDATA[$appIcon]]></code> - <code><![CDATA[$imageFile]]></code> - </TaintedFile> - </file> - <file src="lib/private/Config.php"> - <TaintedHtml> - <code><![CDATA[$this->cache]]></code> - </TaintedHtml> - </file> - <file src="lib/private/Route/Router.php"> - <TaintedCallable> - <code><![CDATA[$appNameSpace . '\\Controller\\' . basename($file->getPathname(), '.php')]]></code> - </TaintedCallable> - </file> - <file src="lib/private/Session/CryptoWrapper.php"> - <TaintedCookie> - <code><![CDATA[$this->passphrase]]></code> - </TaintedCookie> - </file> - <file src="lib/private/Setup.php"> - <TaintedFile> - <code><![CDATA[$dataDir]]></code> - </TaintedFile> - </file> - <file src="lib/private/Setup/Sqlite.php"> - <TaintedFile> - <code><![CDATA[$sqliteFile]]></code> - </TaintedFile> - </file> <file src="lib/public/DB/QueryBuilder/IQueryBuilder.php"> <TaintedSql> <code><![CDATA[$column]]></code> |