slamdunk / phpstan-extensions Goto Github PK

View Code? Open in Web Editor NEW

66.0 5.0 12.0 155 KB

Extensions for PHPStan

License: MIT License

PHP 98.24% Makefile 1.22% Dockerfile 0.54%

static-analysis phpstan php yii2

phpstan-extensions's Introduction

Slam PHPStan extensions

Extensions for PHPStan

Installation

To use this extension, require it in Composer:

composer require --dev slam/phpstan-extensions

Usage

When you are using phpstan/extension-installer, conf/slam-rules.neon will be automatically included.

Otherwise you need to include conf/slam-rules.neon in your phpstan.neon:

includes:
    - vendor/slam/phpstan-extensions/conf/slam-rules.neon

Rules

SlamPhpStan\UnusedVariableRule: check for variable inside functions never used after initial assignment
SlamPhpStan\MissingClosureParameterTypehintRule: requires parameter typehints for closures; WARNING: no PhpDoc allowed, see phpstan/phpstan-strict-rules#87
SlamPhpStan\StringToClassRule: requires strings that refer to classes to be expressed with ::class notation
SlamPhpStan\GotoRule: no goto allowed
SlamPhpStan\ClassNotationRule:
1. Interfaces must end with "Interface"
2. Traits must end with "Trait"
3. Abstract classes must start with "Abstract"
4. Exceptions must end with "Exception"
SlamPhpStan\PhpUnitFqcnAnnotationRule: classes found in following PHPUnit annotations must exist:
1. @expectedException
2. @covers
3. @coversDefaultClass
4. @uses
SlamPhpStan\AccessGlobalVariableWithinContextRule: inhibit the access to globals within classes that extend or implement a certain class/interface
SlamPhpStan\AccessStaticPropertyWithinModelContextRule: inhibit the access to static attributes of a class within classes that extend or implement a certain class/interface, useful to prohibit usage of singletons in models

Not-NOW config

A not-now-rules.neon config is present for forbidding raw date system calls:

includes:
    - vendor/slam/phpstan-extensions/conf/not-now-rules.neon

These rules forbid:

new DateTimeImmutable()
new DateTime('yesterday')
date('Y-m-d')
time()
strtotime('noon')

You should instead rely on a clock abstraction like lcobucci/clock.

WARNING: the rules are not perfect, a user can tricks them easily; they are meant only to help the transition to a proper clock abstraction.

Symfony-specific config

A symfony-rules.neon config is present for Symfony projects:

includes:
    - vendor/slam/phpstan-extensions/conf/symfony-rules.neon

With the following configurations:

SlamPhpStan\SymfonyFilesystemRule: forbid calls to raw filesystem functions well wrapped by symfony/filesystem component
SlamPhpStan\SymfonyProcessRule: forbid calls to raw system functions well wrapped by symfony/process component

Yii-specific config

A yii-rules.neon config is present for Yii projects:

includes:
    - vendor/slam/phpstan-extensions/conf/yii-rules.neon

With the following configurations:

SlamPhpStan\AccessGlobalVariableWithinContextRule to deny the usage of $_GET, $_POST and other global variables in models implementing yii\db\ActiveRecordInterface: accessing to singletons in models is considered an anti-pattern
SlamPhpStan\AccessStaticPropertyWithinModelContextRule to deny the usage of yii\BaseYii static variables like $app in models implementing yii\db\ActiveRecordInterface: accessing to singletons in models is considered an anti-pattern

phpstan-extensions's People

Contributors

Stargazers

Watchers

Forkers

mattdeeg duxthefux beejhuff halidovz marcingy temp ondrejmirtes tomasvotruba nclundsten sasezaki dieterholvoet mfn

phpstan-extensions's Issues

False-positive unused variable: variable properties

<?php

namespace AllenJB;

class Test
{

    function foo(array $numVals)
    {
        $arr = [
            "1" => "propOne",
            "2" => "propTwo",
        ];

        foreach ($numVals as $num => $v) {
            $key = $arr[$num];
            $this->{$key} = $v;
        }
    }
}

 ------ --------------------------------------------------------
  Line   Test.php
 ------ --------------------------------------------------------
  8      [Line  16] Function foo() has an unused variable $key.
 ------ --------------------------------------------------------

Naming

Please consider having a repo and package name like others do: phpstan-slam

All the best!

Remove symfony-rules from slam-rules.neon and put them in a symfony-rules.neon

Since yii is already separated, it would be nice to have the symfony-rules separated as well.

False-positive 'variable is unused' for variables used in compact

------ ----------------------------------------------------------------------------------------
  Line   someClassFile.php
 ------ ----------------------------------------------------------------------------------------
  45     [Line  47] Function makeNotificationFromFixture() has an unused variable $createdAt.

private static function makeNotificationFromFixture($fixtureData): array
{
    $createdAt = 'some value';
    // …
    return array_merge(
        ['foo'],
        compact('createdAt')
    );
}

Make phpstan-extensions work with phpstan 0.11.x

A new version of phpstan has been released, when do you think this project will support it?

False Positive StringToClassRule

StringToClassRule reports fails positive for a string containing "Error" in my application.

Maybe this rule is not that important anymore because phpstan can report using string where class-string is expected.

A good compromise to reduce chance of fail positives would be to check only for full qualified class names in strings.

Variables in anonymous functions are reporting as unused when they are used.

We will have a PR with a fix for it soon for you.

Extension for an unused `use` keyword?

Just a suggestion: An extension which would check for unused use statements. If this were to be implemented, you'd need to watch for the new use \Name\Space\{Class1, Class2} syntax as well.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

WARN: Use matchDepNames instead of matchPackageNames

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

Lock file maintenance

Detected dependencies

composer

composer.json

php ~8.2.0 || ~8.3.0

nikic/php-parser ^4.19.1 || ^5.0.2

phpstan/phpstan ^1.11.5

nette/di ^3.2.2

nette/neon ^3.4.2

phpstan/phpstan-phpunit ^1.4.0

phpunit/phpunit ^11.2.5

slam/php-cs-fixer-extensions ^3.11.1

docker-compose

docker-compose.yml

dockerfile

Dockerfile

php 8.3

github-actions

.github/workflows/ci.yml

actions/checkout v4

shivammathur/setup-php v2

actions/checkout v4

shivammathur/setup-php v2

codecov/codecov-action v4

actions/checkout v4

shivammathur/setup-php v2

actions/checkout v4

shivammathur/setup-php v2

Check this box to trigger a request for Renovate to run again on this repository

How doable is to be PHP 7.0 compatible?

Support phpstan 1

Hi. I request update to phpstan:^1.

It would be need to change like
rectorphp/rector#6744