ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Tso Tawm Ntawv Nkauj 3.12, tus ntsuas zoo li qub rau PHP lus. Alpha tso tawm PHP 8.0

Tso Tawm Ntawv Nkauj 3.12, tus ntsuas zoo li qub rau PHP lus. Alpha tso tawm PHP 8.0

Vimeo Company luam tawm tshiab tso tawm ntawm static analyzer Ntawv Nkauj 3.12, uas tso cai rau koj txheeb xyuas ob qho tib si pom tseeb thiab hloov maj mam yuam kev hauv PHP code, nrog rau kev kho qee hom kev ua yuam kev. Lub kaw lus tsim nyog rau kev txheeb xyuas cov teeb meem ob qho tib si hauv txoj cai qub thiab hauv cov cai uas siv cov yam ntxwv niaj hnub qhia hauv cov ceg tshiab ntawm PHP. Qhov project code yog sau nyob rau hauv PHP thiab faib los ntawm nyob rau hauv MIT daim ntawv tso cai.

Psalm qhia txog feem ntau ntawm cov teeb meem cuam tshuam nrog kev siv hom tsis raug, nrog rau ntau yam ib txwm yuam kev. Piv txwv li, nws txhawb cov lus ceeb toom txog kev sib xyaw ntawm cov sib txawv ntawm ntau hom hauv ib qho kev qhia, tsis raug cov kev sim siab (xws li "yog ($a && $a) {}", "yog ($a && !$a) {}" thiab " yog ($a) {} elseif ($a) {}"), ua tsis tiav pib ntawm cov khoom khoom. Lub analyzer khiav hauv multi-threaded hom. Nws yog ua tau los ua incremental scans, uas tsom xam tsuas yog cov ntaub ntawv uas tau hloov txij li thaum lub xeem scan.

Tsis tas li ntawd, cov cuab yeej programming ruaj ntseg tau muab los tso cai siv annotations nyob rau hauv hom ntawv Docblock (β€œ/** @var Type */”) los muab cov ntaub ntawv hais txog hom sib txawv, xa rov qab qhov tseem ceeb, kev ua haujlwm tsis zoo, khoom vaj khoom tsev. Txhais hom kev siv cov qauv thiab siv cov lus lees paub kuj tau txais kev txhawb nqa. Piv txwv li:

/** @var string|null */
$a = foo();

/** @var kab $a */
ncha strpos($a, 'nyob zoo');

/** @psalm-assert-yog-true B $a */
muaj nuj nqi isValidB(A $a): bool {
rov $a piv txwv ntawm B && $a->isValid();
}

Txhawm rau ua kom tshem tawm cov teeb meem pom, Psalter utility yog muab, uas txhawb nqa plugins thiab nws tso cai rau daws teeb meem cov teeb meem kab lis kev cai, ntxiv hom annotations, thiab ua cov kev hloov pauv xws li hloov cov chav kawm ntawm ib lub npe mus rau lwm qhov, hloov txoj hauv kev ntawm cov chav kawm, thiab hloov npe cov chav kawm thiab txoj hauv kev.

Nyob rau hauv qhov tshiab qhov teeb meem ntawm Psalm ua raws qhov kev xaiv "--taint-analysis" tso cai rau koj taug qab qhov kev sib raug zoo ntawm cov tswv yim tsis tau txais los ntawm tus neeg siv (piv txwv li, $_GET ['name']) thiab lawv siv nyob rau hauv qhov chaw uas yuav tsum tau ua tus cwj pwm khiav tawm (piv txwv li, ncha " $npe "), suav nrog los ntawm kev taug qab cov chains ntawm cov haujlwm nruab nrab thiab kev hu xov tooj ua haujlwm. Kev siv cov associative arrays $_GET, $_POST thiab $_COOKIE yog suav tias yog qhov chaw ntawm cov ntaub ntawv txaus ntshai, tab sis nws kuj tseem ua tau. txhais tau tus kheej qhov chaw. Cov kev ua uas yuav tsum tau khiav mus txog qhovtwg suav nrog cov haujlwm tso tawm uas tsim cov ntsiab lus HTML, ntxiv HTTP headers, lossis ua tiav cov lus nug SQL.

Kev lees paub yog siv thaum siv cov haujlwm xws li ncha, exec, suav nrog thiab header. Thaum txheeb xyuas qhov xav tau ntawm kev khiav tawm, cov ntaub ntawv hom xws li cov ntawv nyeem, cov hlua nrog SQL, HTML thiab Plhaub code, cov hlua nrog cov ntawv pov thawj tsis raug suav nrog. Cov kev thov hom tso cai rau koj txheeb xyuas qhov tsis zoo hauv cov cai uas ua rau kev sau ntawv hla chaw (XSS) lossis SQL hloov pauv.

Tsis tas li ntawd, nws tuaj yeem raug sau tseg pib alpha xeem ntawm tus tshiab PHP 8.0 ceg. Qhov kev tso tawm yog teem rau lub Kaum Ib Hlis 26th. Cov hauv qab no xav tau nyob rau hauv ceg tshiab: kev tsim kho tshiabnyiam:

  • Tig los TSI compiler, siv cov uas yuav txhim kho productivity.
  • kev pab txhawb nqa union hom, txhais cov kev sau ntawm ob lossis ntau hom (piv txwv li, "public function foo(Foo|Bar $input): int|float;").
  • kev pab txhawb nqa yam ntxwv (annotations) uas tso cai rau koj khi metadata (xws li cov ntaub ntawv hom) rau cov chav kawm yam tsis siv Docblock syntax.
  • Shortened syntax chav kawm txhais, tso cai rau koj los ua ke cov ntsiab lus ntawm tus tsim thiab cov khoom.
  • Tshiab hom rov qab - zoo li qub.
  • Hom tshiab - tov, uas tuaj yeem siv los txiav txim siab seb lub luag haujlwm puas lees txais cov kev txwv ntawm ntau hom.
  • Qhia muab pov los lis kev zam.
  • WeakMap los tsim cov khoom uas tuaj yeem muab txi rau thaum khaws cov khib nyiab (piv txwv li, khaws cov caches tsis tsim nyog).
  • Sijhawm siv cov lus "::class" rau cov khoom (analogous rau hu get_class()).
  • Sijhawm cov ntsiab lus nyob rau hauv lub ntes thaiv ntawm kev zam uas tsis yog khi rau cov hloov pauv.
  • Sijhawm tawm hauv ib qho comma tom qab lub caij kawg hauv cov npe ntawm cov haujlwm tsis ua haujlwm.
  • Tshiab interface Stringable txhawm rau txheeb xyuas cov hlua hom lossis cov ntaub ntawv uas tuaj yeem hloov mus rau ib txoj hlua (rau qhov uas __toString() txoj kev muaj).
  • Tshiab feature str_contains(), ib qho yooj yim analogue ntawm strpos rau kev txiav txim qhov tshwm sim ntawm ib tug substring, raws li zoo raws li lub functions str_starts_with() thiab str_ends_with() rau kev ntsuam xyuas qhov sib tw thaum pib thiab xaus ntawm ib txoj hlua.
  • Ntxiv muaj nuj nqi fdiv(), uas ua rau kev faib ua haujlwm yam tsis muaj qhov yuam kev thaum faib los ntawm xoom.
  • Hloov txoj hlua txuas logic. Piv txwv li, cov lus qhia 'echo "sum:". $a + $b' yav dhau los txhais li 'echo ("sum: " . $a) + $ b', thiab hauv PHP 8 yuav raug kho raws li 'echo "sum:" . ($a + $b)'.
  • Tightened xyuas cov lej lej thiab kev ua haujlwm me ntsis, piv txwv li, cov kab lus "[] % [42]" thiab "$object + 4" yuav ua rau muaj qhov yuam kev.
  • Ua tiav ruaj khov sorting algorithm nyob rau hauv uas qhov kev txiav txim ntawm zoo tib yam muaj nuj nqis yog khaws cia nyob rau hauv sib txawv khiav.

Tau qhov twg los: opennet.ru

Ntxiv ib saib