Minor I recently came across a rather interesting tool for PHP7 called phan:
It uses PHP7's new abstract syntax tree to do static analysis, allowing you to detect some types of coding error that PHP lint and code sniffer would struggle to spot.
Here are the results of a run against moodle/master (full results attached):
594 PhanUndeclaredClassMethod
51 PhanNonClassMethodCall
44 PhanAccessPropertyProtected
38 PhanUndeclaredFunction
12 PhanUndeclaredClassCatch
6 PhanUndeclaredClassConstant
4 PhanAccessPropertyPrivate
1 PhanUndeclaredExtendedClass
1 PhanUndeclaredClassInstanceof
Many of the results are false-positives due to incorrect PHPDocs (phan uses PHPDoc comments for type-hinting). However there are definitely some real bugs in there (see results for PhanUndeclaredFunction for example).
Fixing all the issues is obviously quite a large undertaking but given its ability to automatically detect a range of errors it might be worth considering adding phan to your CI process. Setting it up is quite straightforward, I followed the instructions here:
https://github.com/etsy/phan/wiki/Tutorial-for-Analyzing-a-Large-Sloppy-Code-Base
All you need to do is:
- Install PHP7 plus the AST extension
- Apply the attached patch
- Update composer
- Run: ./.phan/bin/mkfilelist > moodle.in to generate a file list
- Run: ./vendor/bin/phan -f moodle.in -p -j 6 -o moodle.out
(-j 6 will use 6 processes, pick whatever suits you but it takes a while with just 1)
- has a non-specific relationship to
-
MDLSITE-2338 Advanced php syntax checker
-
- Open
-