boesing / psalm-plugin-stringf
Psalm plugin to work with `sprintf`, `printf`, `sscanf` and `fscanf`.
Installs: 169 815
Dependents: 28
Suggesters: 0
Security: 0
Stars: 12
Watchers: 1
Forks: 1
Open Issues: 16
Type:psalm-plugin
Requires
- php: ^7.4 || ~8.0.0 || ~8.1.0 || ~8.2.0
- ext-simplexml: *
- vimeo/psalm: ^4.30 || ^5.0
- webmozart/assert: ^1.11
Requires (Dev)
- codeception/codeception: ^4.1
- codeception/module-asserts: ^2.0
- codeception/module-phpbrowser: ^2.0
- doctrine/coding-standard: ^10.0
- symfony/console: ^5.4
- symfony/finder: ^5.4
- symfony/yaml: ^5.4
- weirdan/codeception-psalm-module: ^0.14.0
- 1.5.x-dev
- 1.4.x-dev
- 1.4.0
- 1.3.x-dev
- 1.3.0
- 1.2.x-dev
- 1.2.0
- 1.1.x-dev
- 1.1.0
- 1.0.x-dev
- 1.0.0
- dev-feature/php-8.3
- dev-dependabot/github_actions/ridedott/merge-me-action-2.10.51
- dev-dependabot/composer/vimeo/psalm-5.14.1
- dev-dependabot/composer/symfony/finder-5.4.27
- dev-dependabot/composer/symfony/yaml-5.4.23
- dev-dependabot/composer/doctrine/coding-standard-12.0.0
- dev-dependabot/composer/guzzlehttp/psr7-2.5.0
- dev-bugfix/union-literal-string-template-argument
- dev-qa/maintenance-20230306
- dev-bugfix/concatenated-string-sprintf
- dev-bugfix/constants-exceeding-maximum-string-length
This package is auto-updated.
Last update: 2024-12-11 00:38:32 UTC
README
This plugin provides additional checks to the built-in sprintf
, printf
, sscanf
and fscanf
function usage.
Installation
Require composer dev-dependency
composer require --dev boesing/psalm-plugin-stringf
Run Psalm-Plugin Binary
vendor/bin/psalm-plugin enable boesing/psalm-plugin-stringf
Features
- Parses
sprintf
andprintf
arguments to verify if the number of passed arguments matches the amount of specifiers - Verifies if the return value of
sprintf
might be anon-empty-string
- Verifies possibly invalid argument of
sprintf
andprintf
(experimental) - Verifies unnecessary function calls of
sprintf
andprintf
(experimental)
Experimental
This plugin also provides experimental features.
Experimental features can be enabled by extending the plugin configuration as follows:
<?xml version="1.0"?> <psalm> <plugins> <pluginClass class="Boesing\PsalmPluginStringf\Plugin"> <experimental> <NameOfExperimentalFeature/> </experimental> </pluginClass> </plugins> </psalm>
Report Possibly Invalid Argument for Specifier
<pluginClass class="Boesing\PsalmPluginStringf\Plugin"> <experimental> <ReportPossiblyInvalidArgumentForSpecifier allowIntegerForString="yes" /> </experimental> </pluginClass>
The ReportPossiblyInvalidArgumentForSpecifier
experimental feature will report PossiblyInvalidArgument
errors for
arguments used with sprintf
or printf
. Here are some examples:
printf('%s', 1);
PossiblyInvalidArgument: Argument 1 inferred as "int" does not match (any of) the suggested type(s) "string"
printf('%d', 'foo');
PossiblyInvalidArgument: Argument 1 inferred as "string" does not match (any of) the suggested type(s) "float\|int\|numeric-string"
Report Unnecessary Function Calls
<pluginClass class="Boesing\PsalmPluginStringf\Plugin"> <experimental> <ReportUnnecessaryFunctionCalls/> </experimental> </pluginClass>
The ReportUnnecessaryFunctionCalls
experimental feature will report UnnecessaryFunctionCall
errors for
function calls to sprintf
or printf
which can be omitted. Here are some examples:
printf('Some text without any placeholder'); sprintf('Some text without any placeholder');
UnnecessaryFunctionCall: Function call is unnecessary as there is no placeholder within the template.
Release Versioning Disclaimer
This plugin won't follow semantic versioning even tho the version numbers state to be semantic versioning compliant. The source code of this plugin is not meant to used like library code and therefore MUST be treated as internal code.
- This package will raise dependency requirements whenever necessary.
- If there is a new major version of psalm, this plugin MAY migrate to that version but won't be early adopter.
- If there is a new PHP minor/major version which is not supported by this library, this library MAY migrate to that version but won't be early adopter.
So to summarize: If your project depends on the latest shiny versions of either Psalm or PHP, this plugin is not for you. If you can live with that, feel free to install. Demands in any way will be either ignored or handled whenever I feel I want to spend time on it.