Improving Code Quality with PHP_CodeSniffer

Improving Code Quality with PHP_CodeSniffer

Presented on January 25 2020 at the PHPBenelux conference, Antwerp, Belgium.
Now you will probably have heard of PHP_CodeSniffer as a tool to check your code for consistent code style, but did you know it can also be used to check for common best practices ?

Out of the box, PHPCS already contains the basics to check your code against common industry metrics, however, when you add a few external standards into the mix, it can do so much more. Suddenly you can check your code for PHP cross-version compatibility, check your unit tests for using the right assertion or enforce strict typing across your application.

Join Juliette to learn about a variety of external standards available, what they can do for you and how to integrate them in the tooling you already use every day.



Find External Standards on Packagist:

DealerDirect Composer PHPCS plugin

PHPCSDevTools, PHPCSUtils, PHPCSExtra, PHPCompatibility et al:


Juliette Reinders Folmer

January 25, 2020


  1. 6.

    Pull request Merged ... typo in documentation ... ... whitespace

    ... ... please add some tests ... ... is situation x handled ... ... use early return ... ... using PHP 7.4 syntax ... ... use strict checking in your tests ...
  2. 10.

    Psalm CS- Fixer PHP Stan PHP CS Exakat PHP CPD

    PHP Insights PHP MD PHP MND Rector PHP DCD Static Analysis Tools
  3. 17.

    <?xml version="1.0"?> <ruleset name="MyProject"> <exclude-pattern>*/vendor/*</exclude-pattern> <rule ref="Stnd"/> <rule ref="Stnd.Category"/> <rule

    ref="Stnd.Category.SniffName"/> <rule ref="Stnd.Category.SniffName.ErrorCode"/> <rule ref="Stnd"/> <exclude name="Stnd.Category.SniffName"/> </rule> <rule ref="Stnd.Category.SniffName"/> <exclude-pattern>*/tests/*</exclude-pattern> </rule> </ruleset> Standard A Standard B
  4. 18.

    Customizing Sniffs <?xml version="1.0"?> <ruleset name="MyProject"> <rule ref="Stnd.Category.SniffName"> <properties> <property

    name="propertyA" value="true"/> <property name="propertyB" value="100"/> <property name="propertyC" type="array"> <element key="key1" value="value1"/> <element key="key2" value="value2"/> </property> </properties> </rule> </ruleset>
  5. 19.
  6. 22.

    Functional Standards and Sniff Collections Object Calisthenics Variable Analysis Universal

    Slevomat Cognitive Complexity PHP Compatibility Import Detection Security Audit Normalized Arrays PHPCSExtra
  7. 23.

    Badly set up Sniffs Fixer Conflicts Not Allowing For All

    Possible PHP Syntaxes Presuming Code Style About Sniff Quality
  8. 25.

    Registering External Standards [1] phpcs --config-set installed_paths /path/to/dir/above/standard phpcs --config-show

    phpcs --config-set installed_paths /path/to/dir/above/standard1,/path/to/dir/above/standard2
  9. 28.
  10. 30.
  11. 31.

    Testing With a Code Sample <?php namespace My\NS; use Vendor\Package\ClassName;

    class MyClass {} $ phpcs –s ./unused-use.php –-standard=Stnd1,Stnd2,Stnd3,Stnd4
  12. 34.
  13. 35.

    Dead Code  Commented Out Code  Code Which Cannot

    be Reached  Unused use Statements  Unused Variables  Unused Parameters  Unused Private Methods  Duplicate Array Keys
  14. 37.

    Insecure Code (Potentially)  Use of eval()  Use of

    PCRE /e Modifier  Use of Backtick Operator  Known Vulnerabilities / CVE Advisories Security / PHPCS_SecurityAudit
  15. 39.

    Complex Code  High Code Complexity Cyclomatic Complexity Cognitive Complexity

     Deep Code Nesting  Method / Property / Parameter Counts
  16. 41.

    Incompatible Code  Use of Deprecated Syntaxes  Use of

    Deprecated or Removed Functions / Classes / Extensions/ Parameters etc  Use of (too) new Syntaxes  ... and much more
  17. 45.

    Implicit Standards  Strict Comparisons  ... in array functions

    too  ... in unit test assertions  To Yoda or Not to Yoda  Class Structure  One Namespace Per File  ...etc...
  18. 47.

    Potentially Buggy Code  Undefined Variables  Jumbled Incrementors in

    Loops  Double ! Operator  Error Silencing  Assignments in Conditions  Mixing string/int Array Keys
  19. 49.

    Enforce Modern PHP  Use Short Arrays  Use Short

    Lists  Enforce Strict Types  Enforce Param/Return Type Declarations  Enforce use Statements  Require null coalesce
  20. 51.

    Links  PHP_CodeSniffer  Find External Standards on Packagist  DealerDirect Composer PHPCS plugin  PHPCSDevTools, PHPCSUtils, PHPCSExtra, PHPCompatibility et al