PHP static analysis tool lists

versionscan

Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis). In most cases, the analysis is performed on some version of the source code, and in the other cases, some form of the object code.

The term is usually applied to the analysis performed by an automated tool, with human analysis being called program understanding, program comprehension, or code review. Software inspections and software walkthroughs are also used in the latter case. __Wiki

Below is the PHP static analysis tool lists:

  • DesignPatternDetector detection of design patterns in PHP code.
  • deptrac Keep your architecture clean.
  • exakat The Exakat Engine: smart static analysis for PHP.
  • GrumPHP A PHP code-quality tool.
  • phan a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
  • php7cc PHP 7 Compatibility Checker
  • php7mar PHP 7 Migration Assistant Report (MAR)
  • phpcpd Copy/Paste Detector (CPD) for PHP code.
  • PHP_CodeSniffer PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.
  • phpdcd Dead Code Detector (DCD) for PHP code.
  • PhpDependencyAnalysis Static code analysis to find violations in a dependency graph.
  • Php Inspections (EA Extended) A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
  • phpsa Smart/Static Analyzer(sis) for PHP
  • PhpMetrics Static analysis tool for PHP.
  • PHPQA Analyze PHP code with one command.
  • PHP Refactoring Browser A command line refactoring tool for PHP
  • PHP-Token-Reflection Library emulating the PHP internal reflection using just the tokenized source code
  • PHP-Parser A PHP parser written in PHP
  • RIPS A static source code analyzer for vulnerabilities in PHP scripts
  • Tuli A static analysis engine