psalm-github-bot[bot]
commented
3 years ago Hey @jarstelfox, can you reproduce the issue on https://psalm.dev ?
Open jarstelfox opened 3 years ago
psalm-github-bot[bot]
commented
3 years ago Hey @jarstelfox, can you reproduce the issue on https://psalm.dev ?
ArtemGoutsoul
commented
3 years ago Suggestion: a new psalm config option taintBaseline ?
This way all the other config options esp. directory includes / excludes can be shared between both analyses.
ArtemGoutsoul
commented
3 years ago I have psalm_baseline.xml for static code analysis in psalm.xml and I have psalm_taint_baseline.xml for taint analysis.
When I run:
psalm --use-baseline=psalm_taint_baseline.xml --update-baseline --taint-analysisthe baseline from psalm.xml (psalm_baseline.xml) is going to be updated, instead of psalm_taint_baseline.xml.
So not only config is overwritten when using --set-baseline, but also the actual wrong baseline file is overwritten when using --update-baseline.
leighman
commented
3 years ago We've also had issues getting two baselines to co-exist in the project.
It also seems that maybe cli flags --taint-analysis --use-baseline=./taint-baseline.xml get ignored in favour of the baseline in the psalm.xml with the result that all taint errors are reported.
Steps:
psalm.xmlwithpsalm-baseline.xmlpsalm.xmlhaserrorBaseline="psalm-baseline.xml"psalm-taint-baseline.xml:psalm --taint-analysis --set-baseline=psalm-taint-baseline.xmlActual:
psalm.xmlnow haserrorBaseline="psalm-taint-baseline.xml"Expected:
psalm.xmlnow stays the same. i.e.errorBaseline="psalm-baseline.xml"Note:
--use-baseline=psalm-taint-baseline.xml --update-baselineas well as--use-baseline=psalm-taint-baseline.xml --set-baseline=psalm-taint-baseline.xmlwhich both cause the same issue as above.Psalm Version: 4.3.1