kcs / phpstan-strict-rules
A set of additional rules for PHPStan based on best practices followed at TheCodingMachine
Installs: 96
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 0
Forks: 25
Type:phpstan-extension
Requires
- php: ^7.4 || ^8.0
- phpstan/phpstan: ^2.0
Requires (Dev)
- php-coveralls/php-coveralls: ^2.1
- phpunit/phpunit: ^9.5
Provides
This package is auto-updated.
Last update: 2025-04-13 02:11:38 UTC
README
This is a fork of the popular thecodingmachine/phpstan-strict-rules
To push forward the development of this package and the adoption of phpstan v2, this package has been forked, as the original repository seems semi-abandoned. Versioning starts from 2.0 and retains all the features of the original package. Namespace has not been changed.
Once the original project restarts, it is possible that this package would be abandoned. In case the original package is left abandoned for a longer time, this will be a hard fork, with different namespaces and so on...
TheCodingMachine's additional rules for PHPStan
This package contains a set of rules to be added to the wonderful PHPStan static analyzer.
Those rules come from TheCodingMachine best practices. They are more "strict" than the default PHPStan rules and some may be controversial. We use those at TheCodingMachine, have found them to help us in our daily work, and ask anyone working with us to follow them.
Rules list
Exception related rules
- You should not throw the "Exception" base class directly but throw a sub-class instead.
- You should not have empty catch statements
- When throwing an exception inside a catch block, you should pass the catched exception as the "previous" exception
- If you catch a
Throwable, anExceptionor aRuntimeException, you must rethrow the exception.
Superglobal related rules
- The use of
$_GET,$_POST,$_FILES,$_COOKIE,$_SESSION,$_REQUESTis forbidden. You should instead use your framework's request/session object. - Superglobal usage is still tolerated at the root scope (because it is typically used once in
index.phpto initialize PSR-7 request object)
Condition related rules
- Switch statements should always check for unexpected values by implementing a default case (and throwing an exception)
Work-in-progress
// Never use public properties
// Never use globals
Installation
We assume that PHPStan is already installed in your project.
To use this extension, require it in Composer:
composer require --dev thecodingmachine/phpstan-strict-rules
If you also install phpstan/extension-installer then you're all set!
Manual installation
If you don't want to use phpstan/extension-installer, include phpstan-strict-rules.neon in your project's PHPStan config:
includes: - vendor/thecodingmachine/phpstan-strict-rules/phpstan-strict-rules.neon