Static analysis tools allow you to maintain a healthy codebase because every time you make a code change, you can check the entire codebase for quality without having to run the code. What does static analysis do for you? It gives you
* easier code review* better code quality* better product quality
Static analysis tools detect 'technical debt', 'smelly code' and 'bad practices'. These might be OK in the short-term, but over time will slow down your development cycle and wreck your product <ref>or worse: Software errors have famously caused rockets to miss targets; cars to kill people, trains to crash</ref>.
Some people don't like static Static analysis. Frankly, that might just be because you're OK producing software that has bugs. Or else I think it's either because those people tools are short-sighted in ways that extra process means not "slow deliverymagic" for them. Or, they don't know computer <nowiki>'''</nowiki>science<nowiki>'''</nowiki> and so if you mention topics like [[wp:Reification (computer science)]], they get uncomfortable and defensive. No matter To paraphrase the real reasonfamous Edsger Dijkstra, I don't believe you there is not a tool that can prove a program to be a professional software developer and disclaim defect free. Still, one must recognize the benefits and utility of static analysis tools in producing better quality software with less time and effort.
[https://github.com/brendt Brent Roose] of PHP Annotated discusses Static Analysis in this video about Generics in PHP
{{#ev:youtube|https://www.youtube.com/watch?v=JtmRG5lCENA|right}}<br /> == Multi-language static analysis ==[[SonarQube]], SonarLint and SonarCloud are tools for muti-language static analysis and general code health.
==Static Analysis tools for PHP==
===PHPStan===
This is my favorite tool. See I prefer [[PHPStan]]over phan.
===Psalm===