[SONAR-14425] Improve PHP analysis - 9 security rules, PHPDoc, Type Hints - SonarSource

XML

Word

Printable

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 8.7
Component/s: None
Labels:
- analyzer-upgrade

Edition:
Community
Production Notes:
None

Description

The PHP analysis now:

detects 9 additional security problems related to XXE, CORS, Session Management, CSRF: https://community.sonarsource.com/t/the-php-security-engine-detects-9-additional-security-problems-related-to-xxe-cors-session-management-csrf-and-more/37986
read PHPDoc and Type Hints metadata and uses them in the Security Engine:
- https://community.sonarsource.com/t/the-php-security-engine-uses-phpdoc-to-find-more-vulnerabilities/37247
- https://community.sonarsource.com/t/the-php-security-engine-uses-type-hints-to-find-more-vulnerabilities/33993

Attachments

Issue Links

links to

Activity

People

Assignee:: Christophe Levis

Reporter:: SonarQube Technical user

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29/Jan/21 2:34 PM

Updated:: 15/Feb/21 1:46 PM

Resolved:: 15/Feb/21 10:55 AM