Asked  7 Months ago    Answers:  5   Viewed   50 times

Is there a static analysis tool for PHP source files?

The binary itself can check for syntax errors, but I'm looking for something that does more, like:

  • unused variable assignments
  • arrays that are assigned into without being initialized first
  • and possibly code style warnings
  • ...



Run php in lint mode from the command line to validate syntax without execution:


Higher-level static analyzers include:

  • php-sat - Requires
  • PHP_Depend
  • PHP_CodeSniffer
  • PHP Mess Detector
  • PHPStan
  • PHP-CS-Fixer
  • phan

Lower-level analyzers include:

  • PHP_Parser
  • token_get_all (primitive function)

Runtime analyzers, which are more useful for some things due to PHP's dynamic nature, include:

  • Xdebug has code coverage and function traces.
  • My PHP Tracer Tool uses a combined static/dynamic approach, building on Xdebug's function traces.

The documentation libraries phpdoc and Doxygen perform a kind of code analysis. Doxygen, for example, can be configured to render nice inheritance graphs with Graphviz.

Another option is xhprof, which is similar to Xdebug, but lighter, making it suitable for production servers. The tool includes a PHP-based interface.

Wednesday, March 31, 2021
answered 7 Months ago

You need to reference the data provider using the fully-qualified classname:

namespace AppBundleTestsController;

use SymfonyBundleFrameworkBundleTestWebTestCase;

class DefaultControllerTest extends WebTestCase
     * @dataProvider AppBundleTestsDataProviderXmlDataProvider::xmlProvider
     * @covers ReceiveController::receiveAction()
     * @param string $xml
    public function testReceive($xml)
        // ...


Also, make sure to adjust your autoload configuration in composer.json, so the data provider can be autoloaded (might need adjustment depending on which directory the ’AppBundleTest` namespace maps to):

    "autoload-dev": {
        "psr-4": {
            "AppBundle\Tests\": "tests/"

Alternatively, since you suggest your autoloading configuration looks like this:

    "autoload-dev": {
        "psr-4": {
            "Tests\": "tests/"

you need to adjust your namespace for the presented tests from AppBundleTests to TestsAppBundle.

Note Unrelated to your question, but personally, I can't see a need for the data provider to extend WebTestCase.

For examples, see:

Wednesday, March 31, 2021
answered 7 Months ago

So, you mean to highlight all pieces of code that will not work with the PHP version you are writing it in, right? That can be done here:

Preferences -> Languages & Frameworks > PHP

and the same on Mac:

PhpStorm -> Preferences (?,) -> Languages & Frameworks > PHP

Or with newer versions of PhpStorm in Windows:

File -> Settings -> Languages & Frameworks > PHP

Sample dialogbox for mentioned prefrences

then select your PHP version, for example, 7.0

This is very useful when your local system runs PHP 7.0, for example, but production is running PHP 5.5.

That way PhpStorm will warn you which parts will not work in production, show proper hints during writing code according to the selected version, etc.

Saturday, May 29, 2021
answered 5 Months ago

Source Monitor is a good free tool tool for code metrics such as LoC and complexity and also produces kiviat graphs. But it does not have any depedency or coupling metrics.

Sunday, August 15, 2021
Scott Chantry
answered 3 Months ago

Have a look Simian, you can use it for Java, C#, C, C++, COBOL, Ruby, JSP, ASP, HTML, XML, Visual Basic, Groovy source code and even plain text files.

Also, a similar question here.

Thursday, September 9, 2021
Adam Rodger
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :