Install PHPStan and configure for Laravel application
Unlike compiled languages, in PHP if you make a mistake, the program will crash when the line of code with the mistake is executed. When testing a PHP application, whether manually or automatically, developers spend a lot of their time discovering mistakes that wouldn’t even compile in other languages, leaving less time for testing actual business logic.
PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line.
PHPStan is installed as a package using Composer. Take a look on how to install Composer on your computer if you don't have it yet.
Optionally you can setup a new Laravel project and analyse it with PHPStan, checkout on how to create your first Laravel project.
Installation & First run
To start performing analysis on your code, require PHPStan in Composer:
composer require --dev phpstan/phpstan
PHPStan is only needed during development and testing stages. That why we use the --dev option and include the package only in require-dev.
After a successful download, to let PHPStan analyse your code base, you have to use the analyse command and point it to the right directory, e.g., app:
vendor/bin/phpstan analyse app
PHPStan will probably find and print some errors.
PHPStan executable allows different options to be passed directly from the command line. But it's always a good idea to have a separate configuration file rather than overcomplicating a command.
A config file can be passed to the executable using the -c|--configuration option. Otherwise, it will look for files named phpstan.neon or phpstan.neon.dist in current directory. The structure of the file looks like the following:
- '#Access to an undefined property App\Http\Requests\(.*)::$.*#'
- '#(.*)should return Illuminate\Http\RedirectResponse but returns Illuminate\Http\RedirectResponse|Illuminate\Routing\Redirector#'
- '#Access to an undefined property App\Models(.*)::$.*#'
- '#Call to an undefined method App\Models(.*)::.*#'
- '#Call to an undefined static method App\Models(.*)::.*#'
- '#Call to an undefined method Illuminate\(.*)::.*#'
- '#Call to an undefined static method Illuminate\(.*)::.*#'
This configuration file is adapted for Laravel application. We are going to analyse app and tests paths with level 7 (0 is the loosest and 9 is the strictest) excluding Providers directory from the scan. Ignored errors include common use cases for Laravel as facades, form requests, magic methods usage, type declaration issues, etc...
More options and detailed descriptions are available in the official config reference.
Executing application analysis
There is an easy way to execute PHPStan analysis and avoid writing the full command every time. Composer scripts feature will help us with that. A script can be defined in composer.json file as a shortcut to the executable:
"vendor/bin/phpstan analyse -c phpstan.neon"
It will allow us to run the analysis using our configuration file with just two words:
Besides, we will be able to add more steps and actions (if needed) to the analyse command.