Skip to content

Security/Twig: sniff improvements#841

Merged
GaryJones merged 2 commits into
developfrom
feature/security-twig-sniff-improvements
Jul 17, 2025
Merged

Security/Twig: sniff improvements#841
GaryJones merged 2 commits into
developfrom
feature/security-twig-sniff-improvements

Conversation

@jrfnl

@jrfnl jrfnl commented Jul 16, 2025

Copy link
Copy Markdown
Collaborator

Security/Twig: sniff for all text string tokens

As things were, double quoted strings with interpolation and PHP 5.3+ nowdocs were not examined.

Includes ensuring that all tokens which should be examined have tests associated with them.

Security/Twig: bug fix - prevent false positives on interpolated expressions

Double quoted strings and heredocs may contain interpolated expressions, which could lead to false positives.

Fixed now.

Includes unit tests proving the bug.

Closes #545

jrfnl added 2 commits July 17, 2025 00:54
As things were, double quoted strings with interpolation and PHP 5.3+ nowdocs were not examined.

Includes ensuring that all tokens which should be examined have tests associated with them.
…essions

Double quoted strings and heredocs may contain interpolated expressions, which could lead to false positives.

Fixed now.

Includes unit tests proving the bug.
@jrfnl jrfnl added this to the 3.1.0 milestone Jul 16, 2025
@jrfnl jrfnl requested a review from a team as a code owner July 16, 2025 23:02
@GaryJones GaryJones merged commit af10c81 into develop Jul 17, 2025
42 checks passed
@GaryJones GaryJones deleted the feature/security-twig-sniff-improvements branch July 17, 2025 06:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Review the WordPressVIPMinimum.Security.Twig sniff

2 participants