PHPStan (PHP STatic ANalyzer) is a static analyzer designed to discover bugs without the need to run tests. PHP compiles at runtime so compiler errors and bugs appear when called directly, or indirectly via tests.
Home: https://phpstan.org/ VScode: SanderRonde.phpstan-vscode
PHPStan uses a system of 10 "levels" (0-9). 0 is the default level.
Each level includes all previous level checks.
Level overview:
- Basic checks, unknown classes, unknown functions, unknown methods called on
$this, wrong number of arguments passed to those methods and functions, always undefined variables - Possibly undefined variables, unknown magic methods and properties on classes with
__calland__get - Unknown methods checked on all expressions (not just
$this), validating PHPDocs - Return types, types assigned to properties
- Basic dead code checking - always false
instanceofand other type checks, dead else branches, unreachable code after return; etc. - Checking types of arguments passed to methods and functions
- Report missing
typehints - Report partially wrong union types - if you call a method that only exists on some types in a union type, level 7 starts to 8.report that; other possibly incorrect situations
- Report calling methods and accessing properties on nullable types
- Be strict about the mixed type - the only allowed operation you can do with it is to pass it to another mixed
-
Add via composer
composer require --dev phpstan/phpstan
-
Run via CLI. For Example:
phpstan analyse [path]phpstan analyse modules/custom
-
(optional ) Add configuration file in the project root:
phpstan.neon# phpstan.neon parameters: level: 4 paths: - app/ excludes_analyse: - *Test.php
@see https://phpstan.org/user-guide/ignoring-errors#ignoring-in-code-using-phpdocs
-
Use PHP comments styles (
//,/* */,/** */)echo $foo; /** @phpstan-ignore-line */ /** @phpstan-ignore-next-line */ echo $foo;
-
Update the
phpstan.neonfile to target a specific error message.parameters: ignoreErrors: - '#Call to an undefined method [a-zA-Z0-9\\_]+::doFoo\(\)#' - '#Call to an undefined method [a-zA-Z0-9\\_]+::doBar\(\)#'
-
Can also include
countand/orpathto target specific files.parameters: ignoreErrors: message: '#Call to an undefined method [a-zA-Z0-9\\_]+::doFoo\(\)#' path: other/dir/DifferentFile.php count: 2 # optional
PHPStan provides an online generator to create valid entries:
-
Configure PHPStan to report ignored errors that do not occur.
parameters: reportUnmatchedIgnoredErrors: false
-
Configure PHPStan to ignore specific files or directories.
parameters: excludePaths: - tests/*/data/*
A baseline marks current errors as "acceptable". Use the baseline feature when:
- You want to upgrade to a higher version of PHPStan.
- Correct errors at your own pace by remove them.
$ phpstan --generate-baseline
[OK] Baseline generated with 2 errors.It generates a phpstan-baseline.neon file that contains all the current errors.
Use includes in phpstan.neon file to allow
# phpstan.neon
includes:
- phpstan-baseline.neon
parameters:
# your usual configuration optionsHomepage: SanderRonde.phpstan-vscode
{
"phpstan.enabled": true,
"phpstan.enableStatusBar": false,
"phpstan.suppressTimeoutMessage": true,
}PHPStan targets generic projects out of the box. PHPStan community contains official and unofficial extensions that target popular frameworks including:
- Symfony Framework (official)
- PHPUnit (official)
- Mockery (official)
- Larastan (unofficial)
- Drupal (unofficial)
- CakePHP (unofficial)
- Prophecy (unofficial)
Use third-party extensions to extend PHPStan's capabilities.