Release PhpStan 1.0, static analyzer for PHP code

Altus Intel
Altus Intel
  • Date Time

After six years of development The first stable release of the static analyzer phpstan 1.0 , which allows you to find errors in the code in the PHP code without its execution and use of unit tests. The project code is written in PHP and distributed under the MIT license.

The analyzer provides 10 levels checks in which each subsequent level expands the possibilities of the previous one and provides more stringent checks:

  1. Basic checks, definition of unknown classes, functions and methods ($ THIS), indefinite variables, as well as transmission of an incorrect number of arguments.
  2. identifying probably indefinite variables unknown magic -makers and classes properties with __call and __Get.
  3. identification of unknown methods in all expressions, not limited to
    Call over $ this. Check phpdocs.
  4. Checking Return Types and Type Type Properties.
  5. basic detection of the “dead” (never called) code. Detection of InstanceOF calls Always return the value of false, never the “ELSE” blocks and code that is after RETURN.
  6. Check the types of arguments transmitted to methods and functions.
  7. Warning of absence annotations with types of types.
  8. Warning of incorrect Union types , defining collections of two or more types.
  9. warning about calling methods and access to properties with types that accept NULL.
  10. Checking the use of type “Mixed”.

Examples of the detected basic problems:

  • Existence of classes used in InstanceOF, Catch, Typehints and other language structures.
  • The existence and availability of the methods and functions, as well as the number of transmitted arguments.
  • Checking the return by the data method with the same type as defined in the expression RETURN.
  • The existence and visibility of properties to which the appeal is made, as well as checking the declared and actual data types used in the properties.
  • The correctness of the number of parameters transmitted to the Sprintf / PrintF calls in the Formatting Block.
  • The existence of variables taking into account blocks formed by branching operators and cycles.
  • Useless types of types (for example, “(string) ‘foo’) and strict checks (” === “and”! == “) data with different types and operands always returning the value false.

Key innovations PhpStan 1.0:

  • Implemented the “9” verification level, which checks the use of the “Mixed” type, designed to organize a reception function with different types of parameters. The ninth level reveals unsafe techniques for using “Mixed”, such as transmitting values ​​with the type “Mixed” to another type, calling methods with the “Mixed” type and appeal to its properties, as they may not exist.
  • Control
/Media reports.

© 2024 - Altus Intel