danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-26 20:34:47 +01:00
Code Issues Projects Releases Wiki Activity
5ff933f2a5
psalm/docs
History
Daniel Beardsley 5ff933f2a5
@property annotations: allow *not* implying @psalm-seal-properties 
Add a setting that allows usage of `@property` to *augment* classes that
use __get() and __set(). Previously, using `@property` once would force
you to exhaustively list all possible properties. This didn't use to be
the case, but was changed in df33405635

This was really unexpected for our team and for a while we thought it
was a psalm bug until I found the above commit.

We are using `__get()` for ORM objects and we want to use `@property` to
explicitly document some of columns without being forced to document
every column.
2023-03-24 23:35:41 -07:00
..
annotating_code Added to documentation and tests that api can be used instead of psalm-api 2023-03-20 13:34:44 +01:00
contributing Added a page explaining how to add a new issue type 2023-02-15 23:12:14 -04:00
manipulating_code Fix typos 2022-08-20 23:29:03 +02:00
running_psalm @property annotations: allow *not* implying @psalm-seal-properties 2023-03-24 23:35:41 -07:00
security_analysis Add section on limitations 2021-09-04 12:46:15 +01:00
README.md Improve feature list 2020-12-19 18:09:05 +00:00

README.md

About Psalm

Psalm is a static analysis tool that attempts to dig into your program and find as many type-related bugs as possible.

It has a few features that go further than other similar tools:

  • Mixed type warnings
    If Psalm cannot infer a type for an expression then it uses a mixed placeholder type. mixed types can sometimes mask bugs, so keeping track of them helps you avoid a number of common pitfalls.

  • Intelligent logic checks
    Psalm keeps track of logical assertions made about your code, so if ($a && $a) {} and if ($a && !$a) {} are both treated as issues. Psalm also keeps track of logical assertions made in prior code paths, preventing issues like if ($a) {} elseif ($a) {}.

  • Property initialisation checks
    Psalm checks that all properties of a given object have values after the constructor is called.

  • Taint analysis
    Psalm can detect security vulnerabilities in your code.

  • Language Server
    Psalm has a Language Server thats compatible with a range of different IDEs.

  • Automatic fixes
    Psalm can fix many of the issues it finds automatically.

  • Automatic refactoring
    Psalm can also perform simple refactors from the command line.

Example output

Given a file implode_strings.php:

<?php
$a = ['foo', 'bar'];
echo implode($a, ' ');

> ./vendor/bin/psalm implode_strings.php
ERROR: InvalidArgument - somefile.php:3:14 - Argument 1 of implode expects `string`, `array` provided (see https://psalm.dev/004)

Inspirations

There are two main inspirations for Psalm:

  • Etsy's Phan, which uses nikic's php-ast extension to create an abstract syntax tree
  • Facebook's Hack, a PHP-like language that supports many advanced typing features natively, so docblocks aren't necessary.

Index