Skip to content

sync: Monthly version update#123

Merged
Arielwyy merged 5 commits into
mainfrom
sync/master-20260506
May 7, 2026
Merged

sync: Monthly version update#123
Arielwyy merged 5 commits into
mainfrom
sync/master-20260506

Conversation

@AntJiuFo
Copy link
Copy Markdown
Collaborator

@AntJiuFo AntJiuFo commented May 6, 2026

Full sync of latest engine code:

  • Add PHP analyzer, parser patch, checkers and benchmark tests
  • Extend Python support with httpserver entrypoints and Django/Tornado/eval coverage
  • Refine taint propagation, sanitizer, sink/source utilities and rules-basic-handler
  • Improve callchain checkers (JS/Python/PHP) and full-callgraph file-entrypoint logic
  • Update analyzer/initializer/exception handler and shared utilities (precondition, memorial, call-info-util)
  • Refresh checker/tag-propagation/example rule configs and build scripts
  • Sync benchmark expectations and add new tests (rules-basic-handler, trace-accuracy)

@AntJiuFo
sync: update core engine codebase
5fedd25 
Full sync of latest engine code:
- Add PHP analyzer, parser patch, checkers and benchmark tests
- Extend Python support with httpserver entrypoints and Django/Tornado/eval coverage
- Refine taint propagation, sanitizer, sink/source utilities and rules-basic-handler
- Improve callchain checkers (JS/Python/PHP) and full-callgraph file-entrypoint logic
- Update analyzer/initializer/exception handler and shared utilities (precondition, memorial, call-info-util)
- Refresh checker/tag-propagation/example rule configs and build scripts
- Sync benchmark expectations and add new tests (rules-basic-handler, trace-accuracy)
@AntJiuFo AntJiuFo changed the title sync: update core engine codebase sync: Monthly version update May 6, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for PHP analysis, including the addition of a PHP parser (using tree-sitter-php), a new PHP taint checker, and necessary build-time patching to handle WASM loading. It also includes enhancements to the callchain checker, improvements to the analyzer's handling of tuple assignments and object properties, and updates to the test infrastructure to support accuracy tracking for trace analysis.

AntJiuFo added 4 commits May 6, 2026 18:20
@AntJiuFo
sync: update core engine codebase
cde9a33 
Incremental sync of latest engine code:
- Rename PHP analyzer entrypoint collectors to generic naming
- Adjust PHP default taint checker accordingly
- Update package.json
@AntJiuFo
sync: update core engine codebase
5522903
@AntJiuFo
sync: drop internal egg/chair benchmark artifacts
d36dbef 
- Remove test/javascript/test-egg-benchmark.ts
- Remove test/javascript/expect/chairbenchmark-expect.result
- Drop test-egg script and its reference from test-all
@AntJiuFo
sync: drop internal benchmark URLs and absolute path in test harness
4efab02 
- Restore prepare-js-benchmark.ts (remove two internal benchmark repo URLs)
- Restore test-java-real-project.ts (remove hardcoded absolute path and experimental accuracy hook)
@Arielwyy Arielwyy merged commit d4f31f6 into main May 7, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Arielwyy Arielwyy Arielwyy approved these changes

@alipaydeshui alipaydeshui Awaiting requested review from alipaydeshui alipaydeshui is a code owner

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AntJiuFo @Arielwyy