mfn / php-analyzer
Framework for performaing static PHP code analysis
Requires
- php: >=5.4.0
- mfn/util-simpleorderedmap: 0.0.2
- nikic/php-parser: ~1.0
- psr/log: ~1.0
- symfony/console: ~2.5
Requires (Dev)
- mfn/php-reflection-gen: 0.0.4
- phing/phing: ~2.8
- phpunit/phpunit: ~4.2
This package is auto-updated.
Last update: 2025-01-16 18:12:04 UTC
README
Homepage: https://github.com/mfn/php-analyzer
Blurb
A framework for performing static PHP source analysis. The modular concept hands analysis over to Analyzers which report back any possible warnings/errors.
Install
Via composer:
composer require mfn/php-analyzer 0.0.1
Usage
A command line tool is provided: php_analyzer.php analyze <files or dirs>
See the --help
switch for more details.
What analysis is performed?
All files are run through the nikic/PHP-Parser and after that an internal graph of the classes/interfaces is built.
All analyzers available are run against the sources reports are generated.
The following analysis is currently performed:
- detection of missing method implementations of abstract classes
- detecting of missing method implementations of interfaces
- incompatibility of methods declared in interfaces
- methods defined abstract on an interface
Probably a bit pointless because the php linter detects this. - warns when using dynamic class instantiation, i.e.
new $foo
- warns when encountering empty exception catch blocks
Learn more:
- The architecture of the Framework itself
- Documentations of all Analyzers
- Default Analyzer configuration
Graphviz
The internal ObjectGraph lends
itself to generate a class relationship diagram for which a graphviz generator
exists. This will produce a .dot
file which can be further used with the
Graphviz package to generate graphics from it:
php_analyzer.php graphviz yoursource/ > myproject.dot
See --help
for more options.
To convert this to e.g. png the aforementioned graphviz package has to be
installed on your system. This includes the dot
command which can be used to
generate a PNG file:
dot -Tpng myproject.dot > myproject.png
Configuration
If you want to use a differnet set of analyzers or you've written your own and
want to use them, you can use the --config <file>
option.
The file is a plain PHP file simply returning an array of analyzers you want to run. See res/defaultAnalyzerConfiguration.php for an example.
TODOs / Ideas
- the analyzers depending on the graph have no logic whether they've visited a node already or not; thus visiting the same nodes/methods multiple times
- Use
namespacedName
property generated by\PhpParser\NodeVisitor\NameResolver
- Add support for traits
Contribution
- one feature per branch/PR
- coding standard is PSR-2
© Markus Fischer markus@fischer.name