LinuxCommandLibrary

phan

Analyze PHP code for errors

TLDR

Generate a .phan/config.php in the current directory

$ phan --init
copy

Generate a Phan configuration file using a specific level (1 being strictest to 5 being the least strict)
$ phan --init --init-level [level]
copy

Analyze the current directory
$ phan
copy

Analyze one or more directories
$ phan --directory [path/to/directory] --directory [path/to/another_directory]
copy

Specify a configuration file (defaults to .phan/config.php)
$ phan --config-file [path/to/config.php]
copy

Specify the output mode
$ phan --output-mode [text|verbose|json|csv|codeclimate|checkstyle|pylint|html]
copy

Specify the number of parallel processes
$ phan --processes [number_of_processes]
copy

SYNOPSIS

phan [options] [files or directories]

PARAMETERS

--help
    Display help information.

--version
    Show Phan version.

-d
    Adds a directory to the list of directories to be scanned.

-f
    Adds a file to the list of files to be scanned.

-l
    Defines a directory in which to find classes/functions to inherit information from (a library).

-p
    The project directory. If not set, uses the current working directory.

-c
    Specifies the configuration file to use.

-o
    Outputs the analysis results to a file (default: stdout).

--progress-bar
    Show a progress bar during analysis.

--allow-polyfill-parser
    Allow parsing polyfill code with potential syntax issues (use with caution).

--no-diff
    Don't generate diff output.

--minimum-severity
    Minimum severity level to report (e.g., 0, 1, 2, 3). Defaults to 0.

DESCRIPTION

Phan is a static analysis tool for PHP.
It analyzes code to identify potential bugs, inconsistencies, and type errors without executing the code.
Phan aims to improve code quality and maintainability by proactively detecting issues that may not be immediately apparent during development or testing. It supports a wide range of checks, including type checking, dead code detection, unused variable identification, and more.
It can be configured to enforce coding standards and best practices, enabling teams to maintain a consistent codebase. Phan can be integrated into CI/CD pipelines to automatically analyze code changes before deployment, preventing bugs from reaching production.
Using abstract interpretation, it can infer types and detect issues that other tools may miss, reducing false positives and highlighting potentially serious problems.

CAVEATS

Phan's analysis is based on the provided code and configuration. It may produce false positives or miss certain issues depending on the complexity of the code and the configuration settings.

CONFIGURATION

Phan's behavior is primarily controlled via a configuration file (usually `phan.config.php`).
This file allows you to specify the directories and files to be analyzed, the set of checks to be performed, and other settings such as excluded files or directories.

ERROR SUPPRESSION

Phan allows you to suppress specific errors or warnings using `@suppress Phan` annotations in the code.
This can be useful for code that is known to have certain issues that cannot be easily fixed or for code that relies on dynamic features that Phan cannot fully analyze.

HISTORY

Phan was developed to provide a more accurate and efficient static analysis solution for PHP projects, building upon previous tools and incorporating modern analysis techniques.
It's actively maintained and receives regular updates to improve its accuracy and support for new PHP features.

SEE ALSO

php(1), phpcs(1), psalm(1)

Copied to clipboard