$30 off During Our Annual Pro Sale. View Details »

PHPStan: finding bugs in your code without running it

Gabriel Caruso
June 08, 2019
Programming
0
120

PHPStan: finding bugs in your code without running it

PHPStan is a static analysis tool for our code, which can find common errors like erroneous written functions and methods, more complex errors like verifications that always return true or false, and even returns that do not match the scope of the function. It will be shown all its configuration, customization, extension and how this tool has changed many applications throughout the PHP ecosystem.

Gabriel Caruso

June 08, 2019
Tweet

More Decks by Gabriel Caruso

See All by Gabriel Caruso
Contributing to PHP's Core
carusogabriel
0
150
Getting the most of PHPUnit assertions
carusogabriel
0
190
What are Coding Standards in PHP
carusogabriel
1
120
Strict programming in PHP
carusogabriel
2
250
Contributing to PHP's Core
carusogabriel
0
98
PHP Internals: coding for the Core
carusogabriel
0
120
O que não fazer ao atualizar para o PHP 7
carusogabriel
0
35
Are you testing the right things?
carusogabriel
1
87
Collections, uma solução?!
carusogabriel
3
310

Other Decks in Programming

See All in Programming
ユーザー登録とログインフォームにautocomplete属性を使いましょう
ivanova1991
2
1.7k
The Secret Ingredient: How to Understand and Resolve Just about Any Flaky Test
aridlehoover
PRO
1
250
集団意思決定の落とし穴と誰も望まない技術的負債
h0r15h0
0
2.7k
DMMプラットフォームにおけるコード品質を改善する取り組みの理想と現実
pospome
3
1.9k
ニジエチューニング2023-12
nijieinfra
0
190
個人開発がおすすめな理由
texmeijin
3
630
車両情報のリアルタイム特徴量基盤の構築
mot_techtalk
0
120
Modern Java for the Masses! Is Java Still Relevant?
deepu105
1
470
未定義動作でFizz Buzz / Undefined Fizz Buzz
kaityo256
PRO
1
390
フロントエンドエンジニアも知っておきたい HTTP/3 で変わること
yahiru
17
9.8k
JavaScript なしで動作するモダンなコードの書き方
azukiazusa1
15
9.7k
カスタマーサポートの信頼性向上 〜社内ツールにおけるSRE活動〜 - NIFTY Tech Day 2023
niftycorp
0
120

Featured

See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4k
Designing the Hi-DPI Web
ddemaree
274
33k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.7k
GraphQLの誤解/rethinking-graphql
sonatard
45
8.7k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
2.7k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
24
2k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
271
12k
GraphQLとの向き合い方2022年版
quramy
26
12k
The MySQL Ecosystem @ GitHub 2015
samlambert
241
11k
Building a Scalable Design System with Sketch
lauravandoore
453
32k
How GitHub (no longer) Works
holman
299
140k

Transcript

  1. PHPStan: finding bugs in your
    code without even running it
    by Gabriel Caruso
    Darkmira Tour PHP 2019

    View Slide

  2. Thank You!

    View Slide

  3. View Slide

  4. Compiled
    Languages

    View Slide

  5. Do you Monitor your
    PHP application?

    View Slide

  6. View Slide

  7. New Relic Errors Analytics

    View Slide

  8. Who am I?
    ● Backend Engineer at Usabilla
    ● PHP enthusiastic
    ● PHPSP member
    ● OSS contributor
    ● Stickers/ELEPHANTS lover

    View Slide

  9. Compiled X
    Interpreted
    Languages

    View Slide

  10. Interpreted
    language
    PHP, JavaScript, Ruby...
    “An interpreted language
    is a type of programming
    language for which most of
    its implementations
    execute instructions
    directly and freely,
    without previously
    compiling a program into
    machine-language
    instructions.”

    View Slide

  11. Compiled Language
    Java, C, Swift...
    “A compiled language is a
    programming language whose
    implementations are
    typically compilers
    (translators that generate
    machine code from source
    code), and not
    interpreters”

    View Slide

  12. View Slide

  13. View Slide

  14. New Relic Errors Analytics

    View Slide

  15. What does a Static Analyzer do?

    View Slide

  16. Static Analyzer “Static Analyzer Tool is
    the analysis of computer
    software that is performed
    without actually executing
    programs.”

    View Slide

  17. What is PHPStan?

    View Slide

  18. PHPStan
    “PHPStan focuses on
    finding errors in your
    code without actually
    running it. It catches
    whole classes of bugs even
    before you write tests for
    the code. It moves PHP
    closer to compiled
    languages in the sense
    that the correctness of
    each line of the code can
    be checked before you run
    the actual line”

    View Slide

  19. Why should I use PHPStan if I
    already write tests for my Code?

    View Slide

  20. View Slide

  21. - Do you have 100%
    coverage of your
    code?
    - Do your tests
    run under a
    minute?

    View Slide

  22. PHPStan can analyze your entire
    codebase in almost
    a minute.

    View Slide

  23. The four essential tools for modern PHP development
    PHP Lint: checks if your
    code is right
    PHPUnit: checks if your
    business logic is right
    PHP Code Sniffer: checks
    if your code is readable
    PHPStan: checks if your
    code does not have bugs

    View Slide

  24. Questions? Something that you didn’t
    understand? Do you want to add
    something?

    View Slide

  25. Let’s use PHPStan!

    View Slide

  26. Installation with Composer
    composer require
    --dev
    phpstan/phpstan
    "require-dev": {
    “phpstan/phpstan”: “^0.11”
    }

    View Slide

  27. Usage
    ./vendor/bin/phpstan analyse src/ tests/
    Executable
    Command
    Folders

    View Slide

  28. View Slide

  29. What does happen
    in the first run?
    - Parse/Fatal Errors
    - Misconfigured PSR-4
    Autoloading
    - Extra arguments passed
    to functions
    - Magic behaviour that
    needs to be defined
    (We'll talk more about
    this point in specific
    in a second)
    What happens after I solve
    all first-run errors?

    View Slide

  30. PHPStan is based on levels
    (Yes, like the Games!)
    0 (first run) -> 7 (max level)

    View Slide

  31. Defining a level
    ./vendor/bin/phpstan analyse -l 3 src/
    Level

    View Slide

  32. Questions about how to use PHPStan?

    View Slide

  33. Let’s get the most of PHPStan

    View Slide

  34. Using phpstan.neon
    parameters:
    level: 3
    paths:
    - src
    - tests
    ./vendor/bin/phpstan analyze

    View Slide

  35. Ignoring errors (using phpstan.neon)
    parameters:
    ignoreErrors: “- '~^Call to an undefined method
    Foo\\Bar\\::baz\(\)\.\z~'”

    View Slide

  36. Using PHPStan
    extensions - Doctrine
    - PHPUnit
    - Symfony
    - Mockery
    Some magic functions of ORMs
    and Frameworks need some
    extra work

    View Slide

  37. For further studies, visit
    PHPStan’s GitHub repository
    https://github.com/phpstan/phpstan

    View Slide

  38. - Tweet me @carusogabriel
    - Give a feedback to this talk
    Questionings?
    Thank you ♡

    View Slide