Plugin for PHP_CodeSniffer static analysis tool that adds analysis of problematic variable use.
- Warns if variables are used without being defined. (Sniff code:
VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable
) - Warns if variables are used inside
unset()
without being defined. (Sniff code:VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedUnsetVariable
) - Warns if variables are set or declared but never used. (Sniff code:
VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
) - Warns if
$this
,self::$static_member
,static::$static_member
is used outside class scope. (Sniff codes:VariableAnalysis.CodeAnalysis.VariableAnalysis.SelfOutsideClass
orVariableAnalysis.CodeAnalysis.VariableAnalysis.StaticOutsideClass
)
VariableAnalysis requires PHP 5.4 or higher and PHP CodeSniffer version 3.5.6 or higher.
This is the easiest method.
First, install phpcodesniffer-composer-installer for your project if you have not already. This will also install PHPCS.
composer config allow-plugins.dealerdirect/phpcodesniffer-composer-installer true
composer require --dev dealerdirect/phpcodesniffer-composer-installer
Then install these standards.
composer require --dev sirbrillig/phpcs-variable-analysis
You can then include the sniffs by adding a line like the following to your phpcs.xml file.
<rule ref="VariableAnalysis"/>
It should just work after that!
-
Install PHP_CodeSniffer (PHPCS) by following its installation instructions (via Composer, Phar file, PEAR, or Git checkout).
Do ensure that PHP_CodeSniffer's version matches our requirements.
-
Install VariableAnalysis. Download either the zip or tar.gz file from the VariableAnalysis latest release page. Expand the file and rename the resulting directory to
phpcs-variable-analysis
. Move the directory to a place where you'd like to keep all your PHPCS standards. -
Add the paths of the newly installed standards to the PHP_CodeSniffer installed_paths configuration. The following command should append the new standards to your existing standards (be sure to supply the actual paths to the directories you created above).
phpcs --config-set installed_paths "$(phpcs --config-show|grep installed_paths|awk '{ print $2 }'),/path/to/phpcs-variable-analysis"
If you do not have any other standards installed, you can do this more easily (again, be sure to supply the actual paths):
phpcs --config-set installed_paths /path/to/phpcs-variable-analysis
There's a variety of options to customize the behaviour of VariableAnalysis, take a look at the included ruleset.xml.example for commented examples of a configuration.
The available options are as follows:
allowUnusedFunctionParameters
(bool, defaultfalse
): if set to true, function arguments will never be marked as unused.allowUnusedCaughtExceptions
(bool, defaulttrue
): if set to true, caught Exception variables will never be marked as unused.allowUnusedParametersBeforeUsed
(bool, defaulttrue
): if set to true, unused function arguments will be ignored if they are followed by used function arguments.allowUnusedVariablesBeforeRequire
(bool, defaultfalse
): if set to true, variables defined before arequire
,require_once
,include
, orinclude_once
will not be marked as unused. They may be intended for the required file.allowUndefinedVariablesInFileScope
(bool, defaultfalse
): if set to true, undefined variables in the file's top-level scope will never be marked as undefined. This can be useful for template files which use many global variables defined elsewhere.allowUnusedVariablesInFileScope
(bool, defaultfalse
): if set to true, unused variables in the file's top-level scope will never be marked as unused. This can be helpful when defining a lot of global variables to be used elsewhere.validUnusedVariableNames
(string, defaultnull
): a space-separated list of names of placeholder variables that you want to ignore from unused variable warnings. For example, to ignore the variables$junk
and$unused
, this could be set to'junk unused'
.ignoreUnusedRegexp
(string, defaultnull
): a PHP regexp string (note that this requires explicit delimiters) for variables that you want to ignore from unused variable warnings. For example, to ignore the variables$_junk
and$_unused
, this could be set to'/^_/'
.validUndefinedVariableNames
(string, defaultnull
): a space-separated list of names of placeholder variables that you want to ignore from undefined variable warnings. For example, to ignore the variables$post
and$undefined
, this could be set to'post undefined'
. This can be used in combination withvalidUndefinedVariableRegexp
.validUndefinedVariableRegexp
(string, defaultnull
): a PHP regexp string (note that this requires explicit delimiters) for variables that you want to ignore from undefined variable warnings. For example, to ignore the variables$post
and$undefined
, this could be set to'/^(post|undefined)$/'
. This can be used in combination withvalidUndefinedVariableNames
.allowUnusedForeachVariables
(bool, defaulttrue
): if set to true, unused values from thekey => value
syntax in aforeach
loop will never be marked as unused.sitePassByRefFunctions
(string, defaultnull
): a list of custom functions which pass in variables to be initialized by reference (egpreg_match()
) and therefore should not require those variables to be defined ahead of time. The list is space separated and each entry is of the formfunctionName:1,2
. The function name comes first followed by a colon and a comma-separated list of argument numbers (starting from 1) which should be considered variable definitions. The special value...
in the arguments list will cause all arguments after the last number to be considered variable definitions.allowWordPressPassByRefFunctions
(bool, defaultfalse
): if set to true, a list of common WordPress pass-by-reference functions will be added to the list of PHP ones so that passing undefined variables to these functions (to be initialized by reference) will be allowed.
To set these these options, you must use XML in your ruleset. For details, see the phpcs customizable sniff properties page. Here is an example that ignores all variables that start with an underscore:
<rule ref="VariableAnalysis.CodeAnalysis.VariableAnalysis">
<properties>
<property name="ignoreUnusedRegexp" value="/^_/"/>
</properties>
</rule>
- ImportDetection: A set of phpcs sniffs to look for unused or unimported symbols.
- phpcs-changed: Run phpcs on files, but only report warnings/errors from lines which were changed.
This was forked from the excellent work in https://github.com/illusori/PHP_Codesniffer-VariableAnalysis
Please open issues or PRs on this repository.
Any changes should be accompanied by tests and should pass linting and static analysis. Please use phpdoc (rather than actual types) for declaring types since this must run in PHP 5.4.
To run tests, make sure composer is installed, then run:
composer install # you only need to do this once
composer test
To run linting, use:
composer lint
To run static analysis, use:
composer phpstan