danog/psalm
1
0
Fork 0
mirror of https://github.com/danog/psalm.git synced 2024-11-27 04:45:20 +01:00
Code Issues Projects Releases Wiki Activity
f93bd10c61
psalm/docs
History
Oliver Hader 62a0ece035
!!! Allow plugins to modify Config::$fileExtensions early 
ProjectAnalyzer consumed Config::$fileExtensions early in its
constructor - without having processed plugins' modifications,
registering their custom scanners or analyzer implementations.

This change
* adds new specific interface \Psalm\Plugin\FileExtensionsInterface
  to be used by plugin implementations
* extracts file extension handling from \Psalm\PluginRegistrationSocket
  and interface \Psalm\Plugin\RegistrationInterface to a new dedicated
  \Psalm\PluginFileExtensionsSocket and new interface
  \Psalm\Plugin\FileExtensionsInterface
  !!! this is a breaking change in PluginRegistrationSocket !!!
* adds runtime in-memory cache for Config::$plugins
* calls new method Config::processPluginFileExtensions(), providing
  modifications to file extension only early in ProjectAnalyzer
* adjusts documentation
2022-01-30 13:06:00 +01:00
..
annotating_code improve support for enum_exists 2022-01-22 18:27:24 +01:00
contributing Replace all-tests with tests 2021-11-30 22:43:54 +01:00
manipulating_code Add more accurate description of functionality 2020-09-30 16:12:18 -04:00
running_psalm !!! Allow plugins to modify Config::$fileExtensions early 2022-01-30 13:06:00 +01:00
security_analysis Add section on limitations 2021-09-04 12:46:15 +01:00
README.md Improve feature list 2020-12-19 18:09:05 +00:00

README.md

About Psalm

Psalm is a static analysis tool that attempts to dig into your program and find as many type-related bugs as possible.

It has a few features that go further than other similar tools:

  • Mixed type warnings
    If Psalm cannot infer a type for an expression then it uses a mixed placeholder type. mixed types can sometimes mask bugs, so keeping track of them helps you avoid a number of common pitfalls.

  • Intelligent logic checks
    Psalm keeps track of logical assertions made about your code, so if ($a && $a) {} and if ($a && !$a) {} are both treated as issues. Psalm also keeps track of logical assertions made in prior code paths, preventing issues like if ($a) {} elseif ($a) {}.

  • Property initialisation checks
    Psalm checks that all properties of a given object have values after the constructor is called.

  • Taint analysis
    Psalm can detect security vulnerabilities in your code.

  • Language Server
    Psalm has a Language Server thats compatible with a range of different IDEs.

  • Automatic fixes
    Psalm can fix many of the issues it finds automatically.

  • Automatic refactoring
    Psalm can also perform simple refactors from the command line.

Example output

Given a file implode_strings.php:

<?php
$a = ['foo', 'bar'];
echo implode($a, ' ');

> ./vendor/bin/psalm implode_strings.php
ERROR: InvalidArgument - somefile.php:3:14 - Argument 1 of implode expects `string`, `array` provided (see https://psalm.dev/004)

Inspirations

There are two main inspirations for Psalm:

  • Etsy's Phan, which uses nikic's php-ast extension to create an abstract syntax tree
  • Facebook's Hack, a PHP-like language that supports many advanced typing features natively, so docblocks aren't necessary.

Index