Open main menu

Static analysis

Revision as of 10:57, 26 February 2024 by Admin (talk | contribs) (replace negative commentary with paraphrased quote from Dijkstra)

Part of Testing is the static analysis that your IDE can perform, or that standalone analysis tools can perform.

Static analysis tools allow you to maintain a healthy codebase because every time you make a code change, you can check the entire codebase for quality without having to run the code. What does static analysis do for you? It gives you

  • easier code review
  • better code quality
  • better product quality

Static analysis tools detect 'technical debt', 'smelly code' and 'bad practices'. These might be OK in the short-term, but over time will slow down your development cycle and wreck your product [1].

Static analysis tools are not "magic". To paraphrase the famous Edsger Dijkstra, there is not a tool that can prove a program to be defect free. Still, one must recognize the benefits and utility of static analysis tools in producing better quality software with less time and effort.

Brent Roose of PHP Annotated discusses Static Analysis in this video about Generics in PHP

Static Analysis tools for PHP

Phan

see Phan

PHPStan

This is my favorite tool. See PHPStan

Psalm

https://psalm.dev/

References

  1. or worse: Software errors have famously caused rockets to miss targets; cars to kill people, trains to crash