Integrate static code analysis to PHP projects

Stefan Pöltl
5 min readDec 21, 2021

Repository for the article:

What is static code analysis?

With static code analysis, you can check whether your code fits the defined requirements in terms of form and syntax. The check is performed without executing the program. As a result you will find code smells/infections that will lead to problems when you run the code.

Are you already using an static code analyzer?

If you’re using an IDE(not vim!) you do! PHPStorm for example helps you by providing code completion and inspections.

Improve yourself with PHPStan

PHPStan is a static code analyzer that will level up your coding. It uses different rule sets to fix code issues. You can progress step by step when you introduce it to a existing code base. Here are the rule levels with simple examples:

  • Level 0: Basic checks e.g. unknown classes/functions or always undefined variables
Level 0
  • Level 1: Possibly undefined variables
Level 1
  • Level 2: Unknown methods / validating PHPDoc Blocks
Level 2
  • Level 3: Return types and property types
Level 3
  • Level 4: Dead code detection
Level 4
  • Level 5: Argument types passed to a function/method