Static analysis of PHP code base using Phan
> Ran phan over a php codebase to try it out see what it produces.
First ran least stringent which didn't produce much (possibly my code base is a magical unicorn)
So then dialed back to
There are possibly false warnings but it does give you an idea of places that might need consideration. Here I'm operating on a the result of a function that might return False on no results or an array of results on success.
Which causes it to fuss as its thinking that $siblings is a (bool) ie True/False when it gets to $siblings = implode(',', $siblings);
Perhaps in a more functional world we wouldn't want to do something where the type of a value changes but in a php world where variables are mutable and type is flexible perhaps its not so bad.
it can produce you more straight forwardly useful things like /classes/bookingChange.php:311 PhanNoopVariable Unused variable which was a pointless line
and warning you about optional arguments that are followed by non optional arguments in function calls
Its probably useful as a way of reviewing code occasionally for smells and possible issues. I wouldn't worry about running as often as unit tests. Perhaps it would be useful as a way of viewing other peoples code or new code. Seems like its aimed athelping move a code base forward and stop it slipping back into old ‘bad’ habits.
They have a tutorial for analysing sloppy code base and installation instructions.
./phan -p --minimum-severity=10 --quick --ignore-undeclared -f files.txt -o out.txt
./phan -p --minimum-severity=0 --backward-compatibility-checks --dead-code-detection -f files.txt -o out.txt
So then dialed back to
./phan --progress-bar --minimum-severity=0 --backward-compatibility-checks --file-list files.txt --ignore-undeclared --output out.txt
There are possibly false warnings but it does give you an idea of places that might need consideration. Here I'm operating on a the result of a function that might return False on no results or an array of results on success.
$siblings = $this->getSiblingsForAssessment($siblingGroups,$problemSetId);
if($siblings){
$siblings = implode(',', $siblings);
}else{
Which causes it to fuss as its thinking that $siblings is a (bool) ie True/False when it gets to $siblings = implode(',', $siblings);
/classes/assessment.php:210 PhanParamSpecial1 Argument 2 (pieces) is bool but \implode() takes array when argument 1 is string
/classes/assessment.php:210 PhanTypeMismatchArgumentInternal Argument 2 (glue) is bool but \implode() takes string
Perhaps in a more functional world we wouldn't want to do something where the type of a value changes but in a php world where variables are mutable and type is flexible perhaps its not so bad.
it can produce you more straight forwardly useful things like /classes/bookingChange.php:311 PhanNoopVariable Unused variable which was a pointless line
$lessonStartDateTime;
and warning you about optional arguments that are followed by non optional arguments in function calls
PhanParamTooMany Call with 6 arg(s) to \className::functionName() which only takes 5 arg(s) so thats probably not intentional.Its probably useful as a way of reviewing code occasionally for smells and possible issues. I wouldn't worry about running as often as unit tests. Perhaps it would be useful as a way of viewing other peoples code or new code. Seems like its aimed athelping move a code base forward and stop it slipping back into old ‘bad’ habits.
They have a tutorial for analysing sloppy code base and installation instructions.
/ Adam