danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2025-01-22 13:51:54 +01:00
Code Issues Projects Releases Wiki Activity
psalm/docs
History
Barney Laurance cd18cdc554 Re-order list of errors in docs 
I think it makes more sense to have the errors that almost always appear
(level 7 errors) next to the errors that always appear, instead of
the level 1, least likely to appear errors being next to the ones that
always appear.

This also makes the order more similar to that output by the new
--by-issue-level format report.

Some time it might be nice to see if there's a way to auto generate most
of this docs page from the actual issue class definitions, or have
a test that checks the list of issues for each level is accurate and
complete.
2022-12-02 00:04:43 +00:00
..
annotating_code
Remove unfinished sentence
2022-11-29 23:52:27 +01:00
contributing
Fix typos
2022-08-20 23:29:03 +02:00
manipulating_code
Fix typos
2022-08-20 23:29:03 +02:00
running_psalm
Re-order list of errors in docs
2022-12-02 00:04:43 +00:00
security_analysis
Add section on limitations
2021-09-04 12:46:15 +01:00
README.md

README.md

About Psalm

Psalm is a static analysis tool that attempts to dig into your program and find as many type-related bugs as possible.

It has a few features that go further than other similar tools:

  • Mixed type warnings
    If Psalm cannot infer a type for an expression then it uses a mixed placeholder type. mixed types can sometimes mask bugs, so keeping track of them helps you avoid a number of common pitfalls.

  • Intelligent logic checks
    Psalm keeps track of logical assertions made about your code, so if ($a && $a) {} and if ($a && !$a) {} are both treated as issues. Psalm also keeps track of logical assertions made in prior code paths, preventing issues like if ($a) {} elseif ($a) {}.

  • Property initialisation checks
    Psalm checks that all properties of a given object have values after the constructor is called.

  • Taint analysis
    Psalm can detect security vulnerabilities in your code.

  • Language Server
    Psalm has a Language Server thats compatible with a range of different IDEs.

  • Automatic fixes
    Psalm can fix many of the issues it finds automatically.

  • Automatic refactoring
    Psalm can also perform simple refactors from the command line.

Example output

Given a file implode_strings.php:

<?php
$a = ['foo', 'bar'];
echo implode($a, ' ');

> ./vendor/bin/psalm implode_strings.php
ERROR: InvalidArgument - somefile.php:3:14 - Argument 1 of implode expects `string`, `array` provided (see https://psalm.dev/004)

Inspirations

There are two main inspirations for Psalm:

  • Etsy's Phan, which uses nikic's php-ast extension to create an abstract syntax tree
  • Facebook's Hack, a PHP-like language that supports many advanced typing features natively, so docblocks aren't necessary.

Index