HPB-4006 check for chained allowed methods

Signed-off-by: Tonko Mulder <tonko@tonkomulder.nl>

Author: Treggats

src/Rules/ScopeRequestValidateMethods.php

@@ -5,6 +5,7 @@
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Http\Request as IlluminateRequest;
 use Illuminate\Support\Collection;
+use Illuminate\Support\Stringable;
 use PhpParser\Node;
 use PhpParser\Node\Expr\MethodCall;
 use PHPStan\Analyser\Scope;
@@ -41,6 +42,10 @@ public function processNode(Node $node, Scope $scope): array
             return [];
         }
 
+        if ($this->usesValidatedMethod($node) && $this->isBlacklistedMethod($node->name->toString())) {
+            return [];
+        }
+
         if (! $this->isBlacklistedMethod($node->name->toString())) {
             return [];
         }
@@ -85,6 +90,24 @@ private function hasFormRequestClass(Scope $scope): bool
             ->isNotEmpty();
     }
 
+    /**
+     * @phpstan-param MethodCall $node
+     */
+    private function usesValidatedMethod(Node $node): bool
+    {
+        /** @var Node\Expr\Variable $var */
+        $var = $node->var;
+        if ($var->name instanceof Stringable) {
+            return $var->name->toString() === 'safe';
+        }
+
+        if ($var->name instanceof Node\Identifier) {
+            return $var->name->toString() === 'safe';
+        }
+
+        return $var->name === 'safe';
+    }
+
     /**
      * @phpstan-return ReflectionMethod[]
      * @throws ReflectionException