Merge pull request #1178 from MrPunyapal/feat/some-functions-to-avoid

Feat: some functions to avoid
2026-03-07 08:17:22 +01:00 · 2024-06-11 22:03:29 +01:00
parent 3ad788dddb ed3ec79aab
commit 3ba2b68afc
4 changed files with 46 additions and 8 deletions
--- a/src/ArchPresets/Base.php
+++ b/src/ArchPresets/Base.php
@ -23,10 +23,27 @@ final class Base extends AbstractPreset
            'dump',
            'ray',
            'die',
-            'goto',  
+            'goto',
+            'global',
            'var_dump',
            'phpinfo',
            'echo',
+            'ereg',
+            'eregi',
+            'mysql_connect',
+            'mysql_pconnect',
+            'mysql_query',
+            'mysql_select_db',
+            'mysql_fetch_array',
+            'mysql_fetch_assoc',
+            'mysql_fetch_object',
+            'mysql_fetch_row',
+            'mysql_num_rows',
+            'mysql_affected_rows',
+            'mysql_free_result',
+            'mysql_insert_id',
+            'mysql_error',
+            'mysql_real_escape_string',
            'print',
            'print_r',
            'var_export',
@ -71,7 +88,7 @@ final class Base extends AbstractPreset
            'xdebug_stop_trace',
            'xdebug_time_index',
            'xdebug_var_dump',
-            'trap',                               
+            'trap',
        ])->not->toBeUsed();
    }
 }
--- a/src/ArchPresets/Security.php
+++ b/src/ArchPresets/Security.php
@ -23,7 +23,19 @@ final class Security extends AbstractPreset
            'tempnam',
            'str_shuffle',
            'shuffle',
-            'array_rand'
+            'array_rand',
+            'eval',
+            'exec',
+            'shell_exec',
+            'system',
+            'passthru',
+            'create_function',
+            'unserialize',
+            'extract',
+            'parse_str',
+            'mb_parse_str',
+            'dl',
+            'assert',
        ])->not->toBeUsed();
    }
 }
--- a/src/Preset.php
+++ b/src/Preset.php
@ -8,8 +8,8 @@ use Pest\Arch\Support\Composer;
 use Pest\ArchPresets\AbstractPreset;
 use Pest\ArchPresets\Base;
 use Pest\ArchPresets\Laravel;
-use Pest\ArchPresets\Strict;
 use Pest\ArchPresets\Security;
+use Pest\ArchPresets\Strict;
 use Pest\PendingCalls\TestCall;
 use stdClass;

--- a/tests/Arch.php
+++ b/tests/Arch.php
@ -4,14 +4,23 @@ use Pest\Expectation;

 arch()->preset()->base()->ignoring([
    Expectation::class,
-    'eval',
    'debug_backtrace',
+    'var_export',
+    'xdebug_info',
+]);
+
+arch()->preset()->strict()->ignoring([
    'usleep',
 ]);

-arch()->preset()->strict();
-
-arch()->preset()->security();
+arch()->preset()->security()->ignoring([
+    'eval',
+    'str_shuffle',
+    'exec',
+    'unserialize',
+    'extract',
+    'assert',
+]);

 arch('globals')
    ->expect(['dd', 'dump', 'ray', 'die', 'var_dump', 'sleep'])