SWPD#002: Improve Your Code Quality With Static Analysis

In this week’s issue, I’m going to explain why you should be using static analysis in your development process.

Static Analysis is a process of evaluating code without actually running it. It scans code for bugs that could easily be missed by peer code reviews or other manual checks.

With static analysis, you can catch simple mistakes that cause difficult bugs.

Unfortunately, most WordPress developers don’t actively use static analysis in their development process.

WordPress Developers Spend Too Much Time Fixing Preventable Issues

Without Static Analysis in your process:

  • You push out more hotfixes and patches
  • You keep finding new symptoms of old bugs
  • You can’t fully trust in the quality of your code
  • You spend more time debugging issues from annoyed users

But this doesn’t have to be your experience!

Here’s how:

Step 1: Require PHPStan In Your Project

PHPStan is a static analysis library with great documentation and community around it.

You can add it to your project with composer:

Once it’s installed in your project, you can use it to scan your code by using the analyse command and pointing it to the directories you want to check.

For example, if you want to check your src directory, you would run:

When PHPStan finishes analyzing your code, you might get a response back that it found errors.

If this is the first time your running static analysis, the errors can be overwhelming, but it’s okay.

You can start small at first.

Here’s what an error response looks like:

It gives you the error, what file it’s in, and what line it’s on so it’s quick to find in your project.

Step 2: Start Small With A Baseline

Don’t get overwhelmed by all the errors you see the first time you run PHPStan. This is totally normal and I’m going to walk you through it.

PHPStan has a feature to generate what’s called a “baseline”.

It takes all the errors it currently finds in your code and creates a configuration file so PHPStan ignores all existing errors. You can generate that baseline file with:

PHPStan will generate a new file for you named phpstan-baseline.neon that you can use to “ignore” all current errors. Then you can focus on the errors as you add or change code.

Include this baseline file within your PHPStan config file named phpstan.neon in the root of your project:

Now when you run the analyse command anywhere in your project, PHPStan will automatically use the configuration file and ignore the errors from the baseline.

Step 3: Continue Working Through The Issues As You Encounter Them

Now that you have PHPStan set up, periodically run it to check the code your currently working on.

You can even configure Github to run these checks within an action on every pull request.

Adding static analysis to your development process will:

  • Reduce the amount of issues your users experience
  • Help you deploy more stable versions
  • Give you confidence in your code
  • Improve your code quality
  • Save you time

Take a few minutes today, get PHPStan set up, and experience better quality code.

That’s all for now.