PHPStan v1.7.15 releases: PHP Static Analysis Tool
PHPStan – PHP Static Analysis Tool
PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line.
What it currently checks for?
- Existence of classes used in instanceof, catch, typehints and other language constructs. PHP does not check this and just stays instead, rendering the surrounded code unused.
- Existence and accessibility of called methods and functions. It also checks the number of passed arguments.
- Whether a method returns the same type it declares to return.
- Existence and visibility of accessed properties. It will also point out if a different type from the declared one is assigned to the property.
- The correct number of parameters passed to sprintf/printf calls based on format strings.
- Existence of variables while respecting scopes of branches and loops.
- Useless casting like (string) ‘foo’ and strict comparisons (=== and !==) with different types as operands which always result in false.
PHPStan is fast…
It manages to check the whole codebase in a single pass. It doesn’t need to go through the code multiple times. And it only needs to go through the code you wish to analyze, e.g. the code you have written. It doesn’t need to parse and analyze 3rd party dependencies. Instead, it uses reflection to find out useful information about somebody else’s code your codebase uses.
PHPStan is able to check our codebase (6000 files, 600k LOCs) in around a minute. And it checks itself under a second.
Changelog v1.7.15
Improvements 🔧
- Support for relative paths in
editorUrl
for Docker environment (#1414), #7043, thanks @Wirone! - Support positional arguments in
sprintf()
constant format inference (#1437, #1440, #1441), thanks @staabm! - Dynamic return type extension for
sscanf()
andfscanf()
(#1434), thanks @staabm! - Virtual nodes (InClassMethodNode, InFunctionNode, InClosureNode) – pass and provide getters for specific reflection so that
Scope::getFunction()
does not need to be used (phpstan/phpstan-src@f18bd86)
Bleeding edge 🔪
- Check code in custom PHPStan extensions for runtime reflection concepts like
is_a()
orclass_parents()
(phpstan/phpstan-src@c4a662a) - Check code in custom PHPStan extensions for runtime reflection concepts like
new ReflectionMethod()
(phpstan/phpstan-src@5363066) - ApiInstanceofRule
- Report
instanceof
of classes not covered by backward compatibility promise (phpstan/phpstan-src@ff4d02d) - Report
instanceof
of classes covered by backward compatibility promise but where the assumption might change (phpstan/phpstan-src@996bc69)
- Report
If you want to see the shape of things to come and adopt bleeding edge features early, you can include this config file in your project’s phpstan.neon
:
includes:
- vendor/phpstan/phpstan/conf/bleedingEdge.neon
Of course, there are no backwards compatibility guarantees when you include this file. The behaviour and reported errors can change in minor versions with this file included. Learn more
Bugfixes 🐛
- Fix return type for arrow function generators (#1422), #7031, thanks @rvanvelzen!
- Improve intersecting constant array with general array (#1429), thanks @rvanvelzen!
- Allow
numeric-string
being returned fornon-empty-string
(#1428), #7265, thanks @staabm! - Specify array type via
in_array
(#1430), #7153, #7275, thanks @rvanvelzen! - Specify
non-empty-array after
afterin_array()
(#1108), #6167, thanks @staabm! - Array after
array_push
/array_unshift
call can still be empty (#1431), #7424, thanks @herndlm! - Fix
TemplateTypeArgumentStrategy::accepts()
(phpstan/phpstan-src@85ab8cf), #7460 - Improve parenthesization for union types (#1433), #7484, thanks @rvanvelzen!
- Result cache is invalidated for files where PHP 8 attributes changed (#1427), #6797, #7413, thanks @olsavmic!
- Fix
TypeCombinator::union()
for intersection of array and template type (#1444), #4117, thanks @rvanvelzen!
Function signature fixes 🤖
- Be more specific about the XHProf sampling type (
xhprof_sample_disable()
) (#1436), thanks @johnbillion!
Download & Use
Copyright (c) 2016 Ondřej Mirtes