PHP Stan, a static analysis tool for PHP code

Time:2021-6-7

Recently, I found that the running results of PHP code I wrote are always different from what I expected. When checking, I found that most of them are syntax errors, and the errors have been planted before running. Maybe it’s my own carelessness, orphp -lDetection is too simple, but there are some syntax errors buried too deep (after all, PHP is a dynamic language). Is there any way to find out all the syntax errors before the code is officially run?

Here is a static analysis tool for PHP codePHPStanIt doesn’t need to run the code, and it can also conduct strict syntax detection on the code to minimize the error rate of the code.

PHPStan

install

Currently, phpstanV0.10.2The PHP version of the system environment is required to be no less than 7.1. Global installation with Composer:

$ composer global require phpstan/phpstan

use

The use of phpstan static analysis is very simple

$ phpstan analyse [-c|--configuration CONFIGURATION] [-l|--level LEVEL] [--no-progress] [--debug] [-a|--autoload-file AUTOLOAD-FILE] [--errorFormat ERRORFORMAT] [--memory-limit MEMORY-LIMIT] [--] [<paths>]...
  • Configuration: the path to run the configuration file;
  • Level: strict level, 0-7, the bigger the more strict;
  • No progress: no progress is displayed;
  • Debug: debug mode;
  • Autoload file: the path of the auto load file;
  • Errorformat: wrong format;
  • Memory limit: memory limit;
  • Paths: the path of the file to be analyzed.

For example, analyze a PHP file:

$ phpstan analyse --level=7 --autoload-file=/PATH/TO/vendor/autoload.php /PATH/TO/someone.php

PHPStan in VSCode

Of course, syntax analysis should be done by the editor. After writing the code, you have to switch to the command terminal for executionphpstanIt’s too cumbersome. So here is a vscode extension:PHP Static Analysis

PHP Stan, a static analysis tool for PHP code

First, use composer to install phpstan globally; Then, search in the extended management of vscodePHP Static Analysis, install the first matching extension; After reloading the vscode window, the extension will automatically analyze the PHP file opened under vscode.

Operation effect:
PHP Stan, a static analysis tool for PHP code

For example, declaring a variable not called, calling an undeclared variable, calling an undefined method, and so on, so that errors will be detected.

However, to be more relaxed, in fact$this->array()Methods exist, only by magic__call()It’s possible.

PHPStan with Laravel

When phpstan, which has a high level of strictness, detects a call to an undeclared class method, it will report an error that the method in the class does not exist, even if the class is defined__call()or__callStatic()

Many application frameworks use magic methods for elegance, such asLaravel
Using phpstan to detect laravel projects will naturally report many errors in calling undeclared class methods. For this problem, you can use thelaravel-ide-helperTo reduce false positives.

Installing laravel ide helper

$ cd /PATH/TO/LARAVEL_PROJECT
$ composer require barryvdh/laravel-ide-helper

Injection of laraveleidehelper

editapp/Providers/AppServiceProvider.phpRegistration method in

<?php
    ...
    public function register()
    {
        if ($this->app->environment() !== 'production') {
            $this->app->register(\Barryvdh\LaravelIdeHelper\IdeHelperServiceProvider::class);
        }
        // ...
    }

Generation_ ide_ helper.php

$ cd /PATH/TO/LARAVEL_PROJECT
$ php artisan ide-helper:generate

At this time, the facade class in the laravel framework originally uses the__callStatic()Get the static method, all in the_ ide_ Helper. PHP declares that the_ide_helper.phpFile, you can reduce false positives.

Phpstan configuration

In the root directory of the laravel project, create a newphpstan.neonFile:

parameters:
    autoload_files:
        - %currentWorkingDirectory%/_ide_helper.php

In the root directory of the laravel project, executephpstanCommand is automatically usedphpstan.neonThis configuration.

last

Syntax errors of code should be found in time to minimize formal runtime errors.

Recommended Today

Lua language novice simple tutorial

1、 Foreword Lua is a lightweight and compact scripting language, which is written in standard C language and open in the form of source code. Its design purpose is to be embedded in the application, so as to provide flexible expansion and customization functions for the application. Lua can be applied in game development, independent […]