Hello everyone! Today, I would like to share an example of setting up a static analysis tool for PHP - PHPStan.

The tool itself probably needs no introduction. I have used it in one of my projects and was satisfied with it. PHPStan helps maintain the code in good condition, and it is particularly good at finding typing errors. Sometimes it can be a bit pedantic, but ultimately, it's all for the best.

Setup

Installation is described in the documentation. It's quite straightforward. You install it via composer with the dev flag.

composer require --dev phpstan/phpstan

Then, you need to create a configuration file named phpstan.dist.neon. In this file, you specify the directories containing the code and the analysis level.

parameters:
    level: 6
    paths:
        - bin/
        - config/
        - public/
        - src/
        - tests/

For a Symfony project, it was automatically created using symfony/flex.

More about analysis levels

Run

To run the static analysis, use the following command:

vendor/bin/phpstan analyse

You will see the console output and, most likely, some errors.

You can try to fix the errors and run PHPStan again. However, for a real project, you might not want to do this immediately. It can be a labor-intensive and time-consuming task. Therefore...

Baseline

Baseline will record the existing errors in a special file. This way, we can set the current state of the project and start using PHPStan.

Let's generate the baseline with the following command:

vendor/bin/phpstan analyse --generate-baseline

The will be such phpstan-baseline.neon file created:

parameters:
    ignoreErrors:
        -
            message: "#^Access to undefined constant Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:HEADER_X_FORWARDED_ALL\\.$#"
            count: 1
            path: public/index.php

        -
            message: "#^Method App\\\\Tests\\\\Controller\\\\MainControllerTest\\:\\:imageDataProvider\\(\\) return type has no value type specified in iterable type array\\.$#"
            count: 1
            path: tests/Controller/MainControllerTest.php

In this file, all errors are listed, grouped by files and their count. In this way, existing errors will be ignored, and messages will be displayed for new errors.

Specify the baseline file in the configuration file phpstan.dist.neon.

includes:
    - phpstan-baseline.neon
parameters:
    level: 6
    paths:
        - bin/
        - config/
        - public/
        - src/
        - tests/

Now run the static analysis again:

vendor/bin/phpstan analyse

Now there are no more errors.

Over time, you can fix existing errors and remove entries from the baseline. It is advisable not to add new entries to the baseline, but only to remove existing ones. This way, the state of the project will gradually improve.

There are more details about the baseline.

CI/CD (Github Actions)

I recommend adding the execution of PHPStan to your CI/CD pipeline. This way, static analysis will be performed for any changes in the code.

- name: Run phpstan
  run: vendor/bin/phpstan analyse

Пример

For example, I configured PHPStan for the project placeholder-service. The code is available on GitHub: https://github.com/antonshell/placeholder-service/pull/33

That's all for now. Thank you for your attention!