Psalm is a static analysis tool for finding errors in PHP applications, built on top of PHP Parser. It is designed to understand that complexity, allowing it to quickly find common programmer errors like null references and misspelled variable names. It can help you :
- Prevent errors in a big refactor
- Maintain a consistent level of quality across a large team
- Guarantee that there won’t be any type-related runtime errors
There are other features that help you improve your codebase, including a fixer called Psalter that updates your code directly by leveraging Psalm’s analysis engine.
How to use Psalm PHP
Matt Brown explained how the tool is used at Vimeo as a key part of their PHP development process :
- Passing Psalm’s checks is a requirement for code to get into production.
- Psalm runs its analysis on every PHP CI build, taking about 15 seconds on average.
- It catches fatal issues in about 4 percent of our CI builds (and developers also run it locally, where it catches more).
- A full analysis of our main PHP repository takes about 90 seconds on modern hardware with no caching.
- Psalm can infer types for 85 percent of Vimeo’s codebase.
It is able to find a very large number of issues, but it can also be configured to only care about a small subset of those. To get started you can install it in your project using :
composer require --dev vimeo/psalm
Add a config :
./vendor/bin/psalm --init
Then you can have the first run of the library :
./vendor/bin/psalm
The config created above will show you all issues in your code, but will emit INFO
issues (as opposed to ERROR
) for certain common trivial code problems. If you want a more lenient config, you can specify the level with :
./vendor/bin/psalm --init [source_dir] [level]
You can configure the reporting level for each issue for a given project. If you want to understand how the tool works, you can find here basic rundown of some internals.
Psalm is an open source software released under an MIT license. More information at https://psalm.dev/