SADM/pest
1
0
Fork 0
mirror of https://github.com/pestphp/pest.git synced 2026-03-06 07:47:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat(presets): update Security.php to restrict additional dangerous functions

Browse Source
This commit is contained in:
Punyapal Shah
2024-06-11 21:02:19 +05:30
parent e4550c8d51
commit 4396ee2e03
2 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/ArchPresets/Security.php
View File

@ -23,7 +23,15 @@ final class Security extends AbstractPreset
'tempnam',
'str_shuffle',
'shuffle',
'array_rand'
'array_rand',
'eval',
'exec',
'shell_exec',
'system',
'passthru',
'create_function',
'unserialize',
'extract',
])->not->toBeUsed();
}
}

5
tests/Arch.php
View File

@ -4,14 +4,15 @@ use Pest\Expectation;
arch()->preset()->base()->ignoring([
Expectation::class,
'eval',
'debug_backtrace',
'usleep',
]);
arch()->preset()->strict();
arch()->preset()->security();
arch()->preset()->security()->ignoring([
'eval',
]);
arch('globals')
->expect(['dd', 'dump', 'ray', 'die', 'var_dump', 'sleep'])