Php Inspections (EA Extended)

Compatible with: IntelliJ IDEA PhpStorm
200 597
For support and donations please visit Github | Issues | PayPal | Patreon.

Please follow me at twitter for status updates.

This plugin is a Static Code Analysis tool for PHP (aka inspections in JetBrains products).

It covers:
- architecture related issues
- weak types control and possible code construct simplifications
- performance issues
- non-optimal, duplicate and suspicious "if" conditions
- validation of magic methods usage
- regular expressions
- validation of exception handling workflow
- compatibility issues
- variety of time-consuming bugs
- PhpUnit API usage
- security issues

Some of inspections are expecting conditional statements (e.g. "if") to use group statement for wrapping body expressions. If this requirement is met then additional inspections are applied to the source code.

For Mac shortcuts, see this reference card. Windows/Linux ones are:
Alt + Shift + I to inspect current file with current profile
Ctrl + Alt + Shift + I to run inspection by name
Ctrl + Shift + F4 to close results of inspection.

On some projects CPU and therefore battery usage could be intensive, so it should be taken into account when traveling with a laptop.

Download plugin

Recent change notes

Like the plugin? Become a patron! Bug-fixes:

- Badly organized exception handling: fixed "Empty PSI element" exception
- Cascading 'str_replace(...)' calls: resolved false-positives (used/stored expressions are not matching)
- Empty class: resolved false-positives (multiple cases)
- Empty/isset results correctness: resolved false-positives (multiple cases)
- Exceptions handling and annotating: prevent SOE exception when processing PhpDoc
- General '\Exception' is thrown: resolved false-positives (respect overridden constructors)
- General '\Exception' is thrown: fix message grammar (thank you Kevin Laude)
- Nested ternary operator: resolved false-positives ('$x ?: $y ?: $z ...' constructs)
- Non-optimal regular expression: resolved false-positives (suggesting str_replace)
- Return type hint can be used: resolved false positives (abstract methods with PhpDoc without return tag)
- Security advisories for Composer packages: resolved false-positives (implementation bug)
- Suspicious ternary operator: resolved false-positives (incorrect suggestions in some cases)
- Unnecessary parentheses: resolved false-positives (member reference on assignment)
- Usage of the silence operator: resolved false-positives (boolean comparisons)
- ::class constant usage correctness: resolved false-positives (parent reference)

- A constant can be used: new patterns
- Binary-unsafe 'fopen(...)' usage: new patterns (misplaced b-modifier)
- Forgotten debug statements: new patterns (thank you David Rodrigues)
- Non-optimal regular expression: QFes implemented (plain API usage)
- Suspicious binary operations: new patterns (priority issues, own QF available)
- Suspicious ternary operator: QF implemented
- 'strtr(...)' could be replaced with 'str_replace(...)': QF implemented
- 'substr(...)' could be replaced with 'strpos(...)': QF implemented

- Infinity loop detection: implemented (infinite recursion)
- Hostname substitution: implemented (experimental, feedback is welcome)
- Parameter passed by reference has default value: dropped
- Self class referencing: implemented (thank you David Rodrigues)
- Strings N-character comparison flaws: implemented
- Unnecessary type casting: implemented (implicit type hints based)