Key blacklist applies to object keys too now, file permission handlin…

…g when writing Sage output, minor path bug fixed.

Makefile

@@ -9,6 +9,10 @@ sh:
 	make console
 
 
+release:
+	make build
+
+
 build:
 	$(DOCKER) up -d
 	$(DOCKER) run php composer build # see composer.json -> "scripts" section

README.md

@@ -386,8 +386,9 @@ sd( microtime(), 'final call, after sleep(2)' );
 
 ### 💬 Why does Sage look so much like Kint? A.K.A. Why does this repo have so few stars?
 
-Because it <b>is</b> Kint, and I am its author, however the project was [**forcibly taken over**](https://github.com/kint-php/kint/commit/1ea81f3add81b586756515673f8364f60feb86a3) by a malicious
-contributor!
+Because it <b>is</b> Kint, and I am its author, however the project was
+[**forcibly taken over**](https://github.com/kint-php/kint/commit/1ea81f3add81b586756515673f8364f60feb86a3) by a
+malicious contributor!
 
 Instead of fighting windmills I chose to fork and rename the last good version and continue under a new name!
 
@@ -404,6 +405,11 @@ You can use Sage as a drop-in replacement for Kint. Simple.
 
 I use xdebug almost daily, by the way. Side by side with Sage.
 
+### Known issues
+
+1. Since PHP 8.2 variable name detection for *multiline* Sage calls is broken. Simple matter of Backtrace format
+   changing the reported line, fix is comming.
+
 ---
 
 ### Contributing

Sage.php

@@ -239,7 +239,7 @@ class Sage
         // 'symfony'    => '/^Symfony/'
     );
 
-    public static $arrayKeysBlacklist = array();
+    public static $keysBlacklist = array();
 
     public static $minimumTraceStepsToShowFull = 1;
 
@@ -634,12 +634,22 @@ public static function doDump($data = null)
         // now restore all on-the-fly settings and return
 
         if (self::$outputFile) {
-            if (! isset(self::$_openedOutput[self::$outputFile])) {
-                self::$_openedOutput[self::$outputFile] = fopen(self::$outputFile, 'w');
-                $decorator->setAssetsNeeded($firstRunOldValue);
-            }
+            try {
+                if (! isset(self::$_openedOutput[self::$outputFile])) {
+                    self::$_openedOutput[self::$outputFile] = fopen(self::$outputFile, 'w');
+                    $decorator->setAssetsNeeded($firstRunOldValue);
+                }
+
+                fwrite(self::$_openedOutput[self::$outputFile], $output);
 
-            fwrite(self::$_openedOutput[self::$outputFile], $output);
+                echo 'Sage -> ' . self::$outputFile . PHP_EOL;
+            } catch (Throwable $e) {
+                self::$outputFile = null;
+                $output           .= "Error: Sage can't write file to " . self::$outputFile;
+            } catch (Exception $e) {
+                self::$outputFile = null;
+                $output           .= "Error: Sage can't write file to " . self::$outputFile;
+            }
         }
 
         self::enabled($enabledMode);
@@ -660,13 +670,8 @@ public static function doDump($data = null)
             }
 
             if (! empty($modifiers) && strpos($modifiers, 'print') !== false && isset($callee['file'])) {
-                $tmp              = self::$outputFile;
                 self::$outputFile = $outputFileOldValue;
 
-                if (strpos($modifiers, '@') === false) {
-                    echo 'Sage -> ' . $tmp . PHP_EOL;
-                }
-
                 return 5463;
             }
 
@@ -743,6 +748,8 @@ private static function _getCalleeInfo()
         if (! isset($callee['file']) || ! is_readable($callee['file'])) {
             return array(null, null, $callee, $previousCaller, $miniTrace);
         }
+
+        SageHelper::detectProjectRoot($callee['file']);
 
         // open the file and read it up to the position where the function call expression ended
         // TODO since PHP 8.2 backtrace reports the lineno of the function/method name!

inc/SageHelper.php

@@ -64,21 +64,6 @@ public static function shortenPath($file)
     {
         $file = str_replace('\\', '/', $file);
 
-        // Find common path with Sage dir
-        if (! isset(self::$projectRootDir)) {
-            self::$projectRootDir = '';
-
-            $sagePathParts = explode('/', str_replace('\\', '/', SAGE_DIR));
-            $filePathParts = explode('/', $file);
-            foreach ($filePathParts as $i => $filePart) {
-                if (! isset($sagePathParts[$i]) || $sagePathParts[$i] !== $filePart) {
-                    break;
-                }
-
-                self::$projectRootDir .= $filePart . '/';
-            }
-        }
-
         if (self::$projectRootDir && strpos($file, self::$projectRootDir) === 0) {
             return substr($file, strlen(self::$projectRootDir));
         }
@@ -108,6 +93,22 @@ public static function buildAliases()
         }
     }
 
+    public static function detectProjectRoot($calledFromFile)
+    {
+        // Find common path with Sage dir
+        self::$projectRootDir = '';
+
+        $sagePathParts = explode('/', str_replace('\\', '/', SAGE_DIR));
+        $filePathParts = explode('/', $calledFromFile);
+        foreach ($filePathParts as $i => $filePart) {
+            if (! isset($sagePathParts[$i]) || $sagePathParts[$i] !== $filePart) {
+                break;
+            }
+
+            self::$projectRootDir .= $filePart . '/';
+        }
+    }
+
     /**
      * returns whether current trace step belongs to Sage or its wrappers
      *
@@ -130,6 +131,11 @@ public static function stepIsInternal($step)
         return in_array(strtolower($step['function']), self::$aliasesRaw['functions'], true);
     }
 
+    public static function isKeyBlacklisted($key)
+    {
+        return in_array(preg_replace('/\W/', '', $key), Sage::$keysBlacklist, true);
+    }
+
     public static function substr($string, $start, $end, $encoding = null)
     {
         if (! isset($string)) {

inc/SageParser.php

@@ -253,7 +253,7 @@ private static function _parse_array(&$variable, SageVariableData $variableData)
                         $extendedValue .= '<th>' . SageHelper::esc($key) . '</th>';
                     }
 
-                    if (in_array($key, Sage::$arrayKeysBlacklist, true)) {
+                    if (SageHelper::isKeyBlacklisted($key)) {
                         $output .= '<td class="_sage-empty"><u>*REDACTED*</u></td>';
                         continue;
                     }
@@ -360,13 +360,13 @@ private static function _parse_object(&$variable, SageVariableData $variableData
         }
 
         self::$_objects[$hash] = true;
-        $reflector             = new ReflectionObject($variable);
+        $variableReflection    = new ReflectionObject($variable);
 
         // add link to definition of userland objects
-        if (SageHelper::isHtmlMode() && $reflector->isUserDefined()) {
+        if (SageHelper::isHtmlMode() && $variableReflection->isUserDefined()) {
             $variableData->type = SageHelper::ideLink(
-                $reflector->getFileName(),
-                $reflector->getStartLine(),
+                $variableReflection->getFileName(),
+                $variableReflection->getStartLine(),
                 $variableData->type
             );
         }
@@ -383,8 +383,6 @@ private static function _parse_object(&$variable, SageVariableData $variableData
 
         // copy the object as an array as it provides more info than Reflection (depends)
         foreach ($castedArray as $key => $value) {
-            $output = self::process($value);
-
             /* casting object to array:
              * integer properties are inaccessible;
              * private variables have the class name prepended to the variable name;
@@ -405,6 +403,11 @@ private static function _parse_object(&$variable, SageVariableData $variableData
                 }
             }
 
+            if (SageHelper::isKeyBlacklisted($key)) {
+                $value = '*REDACTED*';
+            }
+
+            $output           = self::process($value);
             $output->name     = SageHelper::esc($key);
             $output->access   = $access;
             $output->operator = '->';
@@ -420,7 +423,7 @@ private static function _parse_object(&$variable, SageVariableData $variableData
             return $castedArray;
         }
 
-        foreach ($reflector->getProperties() as $property) {
+        foreach ($variableReflection->getProperties() as $property) {
             if ($property->isStatic()) {
                 continue;
             }
@@ -464,7 +467,7 @@ private static function _parse_object(&$variable, SageVariableData $variableData
             $variable->setFlags($arrayObjectFlags);
         }
 
-        if (method_exists($reflector, 'isEnum') && $reflector->isEnum()) {
+        if (method_exists($variableReflection, 'isEnum') && $variableReflection->isEnum()) {
             $variableData->size  = 'enum';
             $variableData->value = '"' . $variable->name . '"';
         }

inc/SageTraceStep.php

@@ -179,7 +179,11 @@ private function getArguments($step, $argumentNames)
     {
         $result = array();
         foreach ($this->getRawArguments($step) as $k => $variable) {
-            $name             = isset($argumentNames[$k]) ? $argumentNames[$k] : '';
+            $name = isset($argumentNames[$k]) ? $argumentNames[$k] : '';
+            if (SageHelper::isKeyBlacklisted($name)) {
+                $variable = '*REDACTED*';
+            }
+
             $parsed           = SageParser::process($variable, $argumentNames[$k]);
             $parsed->operator = substr($name, 0, 1) === '$' ? '=' : ':';
             $result[]         = $parsed;