Menu
Is there a static analysis tool for PHP source files?
The binary itself can check for syntax errors, but I'm looking for something that does more, like:
860
PHPStan PHPStan is a static code analysis tool that focuses on finding errors in the source code without having to actually run it. It catches whole classes of bugs even before you write tests for the code. PHPStan might be the most commonly used tool and also one of the newest.
Static code analysis is performed early in development, before software testing begins. For organizations practicing DevOps, static code analysis takes place during the “Create” phase.
SonarQube. SonarQube is the popular static analysis tool for continuously inspecting the code quality and security of your codebases and guiding development teams during code reviews. SonarQube is used for automated code review with CI/CD Integration.
phplint.com is a PHP Code Quality tool that checks your code for good PHP practices, as listed in the clearPHP reference. It uses the exakat engine (version 0.2. 4) to run the audit analysis. For every piece of code you submit, phplint.com warns you : Incompilable files.
Run php in lint mode from the command line to validate syntax without execution:
php -l FILENAME
Higher-level static analyzers include:
Lower-level analyzers include:
Runtime analyzers, which are more useful for some things due to PHP's dynamic nature, include:
The documentation libraries phpdoc and Doxygen perform a kind of code analysis. Doxygen, for example, can be configured to render nice inheritance graphs with Graphviz.
Another option is xhprof, which is similar to Xdebug, but lighter, making it suitable for production servers. The tool includes a PHP-based interface.
170
Online PHP lint
PHPLint
Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.
I can't say I have used any of these intensively, though :)
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
