Tag Archives: PHP

Code quality tool PHP_CodeSniffer has a new maintainer but needs corporate support


In a recent and significant development for the PHP_CodeSniffer project, a change in maintainership has taken place, with Juliette Reinders Folmer now at the helm. This transition has not only brought fresh energy and vision to the project but also signals a call to action for companies and organizations to actively support its ongoing development. As PHP_CodeSniffer plays a crucial role in maintaining code quality and standards within the PHP community, corporate sponsorship is now more crucial than ever.

New Leadership and Repository Migration

The PHP_CodeSniffer project, originally developed by Greg Sherwood of Squiz Labs, has undergone a notable shift in leadership. Juliette Reinders Folmer was the main contributor for the last year and, with Greg having insufficient time to continue leading the project, it was decided to migrate the project to a new repository, signaling a new chapter in its development. The move is aimed at fostering a more collaborative and community-driven approach to ensure the tool’s continued evolution and adaptability to the ever-changing landscape of PHP development.

Juliette Reinders Folmer, a well-respected figure in the PHP community, brings a wealth of experience and a fresh perspective to the project. Her commitment to maintaining and enhancing PHP_CodeSniffer aligns with the community’s expectations and highlights a dedication to its continued success. Juliette is also the lead developer for other quality assurance tools like PHPCompatibility and PHPCSUtils.

The Importance of Corporate Sponsorship

With the PHP_CodeSniffer project been transitioned in the coming days, the need for financial support from the community, especially corporate entities, is paramount. Open source projects like PHP_CodeSniffer rely on contributions, both in terms of code and financial backing, to thrive and remain sustainable over the long term.
Corporate sponsorship ensures that the project can dedicate resources, including developer time, to addressing issues, implementing new features, and maintaining compatibility with the latest PHP releases. It also allows for the organization of events, workshops, and community outreach initiatives, fostering a stronger and more engaged user base.

How Companies Can Contribute

To support the ongoing development and maintenance of PHP_CodeSniffer, companies are encouraged to sign up for sponsorship through the project’s Open Collective page (https://opencollective.com/php_codesniffer). Open Collective provides a transparent and accountable platform for managing funds, and it allows sponsors to track how their contributions are utilized.

By sponsoring PHP_CodeSniffer, companies not only demonstrate their commitment to the PHP community but also ensure that the tools they rely on for code quality continue to evolve and meet the demands of modern PHP development.

A call to action for developers

If you’re a developer reading this and your project relies on PHP_CodeSniffer or any of the dependant projects (such as PHPCompatiblity or PHPCSUtils) in its quality assurance process, consider what contributions mean :

  • Receiving updates to PHP_CodeSniffer to handle new syntax that is added to PHP
  • Receiving updates to individuals sniffs in all standards to be able to handle new PHP syntax
  • Improving contributor friendliness of projects
  • Reviewing contributions and coaching contributors
  • Coaching potential candidates for joining the maintainer pool, ensuring the project survives long-term

If you value the quality of your code, push your project manager, product owner, CTO or CEO to contribute to the project, given they’re saving not just on valuable development time, but on bug-fixing, just by using the project.

PHPConsistent : a new tool to verify your calls and documentation quality

Back in 2009 and 2010 I wrote about a PHPUnit patch I wrote to automatically verify parameter types in function calls. The feature never made it into PHPUnit and honestly it didn’t really fit into the feature set either. Although I still plan on releasing it as a PHPUnit extension that you can easily load, I’ve since been using it outside of PHPUnit, not just on tests, but on any PHP code.

Introducing PHPConsistent

PHPConsistent will verify your code using both dynamic and static analysis.

The goal is to improve code quality of your code and the libraries you use by :

  • Verifying your code is making calls using the right parameters and parameter types
  • Verifying if the in-line documentation (docblock) of the called functions/methods is accurate

It will compare :

  • Parameter types specified in the docblock <-> types of parameters passed upon calling the function/method
  • Number of parameters specified in the docblock <-> number of parameters actually present in the function/method definition
  • Names of parameters specified in the docblock <-> names of parameters actually present in the function/method definition

Sample output

Invalid type calling SomeClass->GiveMeAnArray : parameter 3 ($somearray) should be of type array but got boolean instead : library/App.php (line 5)
Parameter names in function definition and docblock don't match when calling JustAnotherFunction : parameter 2 ($inputFilename) should be called $inputFile according to docblock : application/Bootstrap.php (line 214)
Parameter count in function definition and docblock don't match when calling OneMoreFunction : function has 6 but should be 5 according to docblock : application/Bootstrap.php (line 215)


Keep in mind that PHPConsistent relies on Xdebug’s trace functionality, making it quite slow. It also needs to analyze the output of that trace, making it even slower. So it’s definitely not something you want to run on a production environment !

Want to know more ?

Check out the PHPConsistent Github page

PHPCompatibility update

Update (Nov 3, 2013) : changed the parameters to reflect the new changes in PHP_CodeSniffer

Just a quick post about the updates made to PHPCompatibility.

I did a talk on PHP 5.4/5.5 at Zendcon, not just about what’s new and why you should upgrade, but also about the way PHPCompatibility can ease the pain. I received very good feedback, as well as very interesting questions. As a result, I added a feature I’ve wanted to add for a long time : the option to specify which PHP version to check for.

Here’s the caveat : it requires a change to PHP_CodeSniffer. I’m hoping that change will be accepted soon. From that point onwards, if you have the latest PHP_CodeSniffer (you might want to get it from Github).

So then you will be able to do :

phpcs --standard=PHPCompatibility --runtime-set testVersion 5.4 <path-of-your-php-files>

You can also test for backwards compatibility of your code by specifying versions like 5.2, which causes it to check whether you’re using functions or keywords not known to this older version. Quite nice if you’re coding on PHP 5.5, but your system engineer tells you half way through the project the project will have to be deployed on 5.2.

Important note : if you want to test backwards compatibility, it’s best to run on the latest PHP version available (5.5 right now), for the simple reason that if you have, for example, the keyword ‘yield’ in your code, PHP_CodeSniffer can only recognize it when you’re running PHP 5.5. It can only tell you it’s not available in previous versions if it actually knows what it is.

Expect more compatibility tools soon, as I have some more ideas, such as how to automatically figure out whether and where you’re still relying on register_globals and magic quotes 😉

Conferences, development, ideas, …

I just returned from PHPCon Poland, a very nice conference taking place in the middle of beautiful scenery. Although there were only 5 talks in English (3 of which were given by Belgians – Thijs Feryn, Michelangelo Van Dam and myself), the conference was definitely interesting and fun.
I gave a relatively new talk, that I first presented as a 20-min ‘lightning talk’ at ZendCon Uncon 2011. It’s evolved into a 45-min talk (ok, it was only 38-min so I can add some content next time) titled ‘Remove PHP calls and scale your site like crazy’ in which I explain more about the Nginx extension we’re building to improve the performance and scalability of sites with user-specific content. I received some pretty good feedback on Joind.in and lots of people approached me afterwards, wanting to learn even more about it.

I also submitted 6 talks for Confoo, which is supposed to be one of the best web development conferences out there. Not sure if I’ll make it, but if you want to help out, feel free to vote for me. Registration is required to vote, but takes only a minute.

Lots of ideas buzzing in my head, but sadly not enough time to work on them. The Nginx thing is cool, but it’s what I call ‘phase 1’… which means there’s a ‘phase 2’ (in fact, there’s even a ‘phase 3’). But since that requires even more time, it’ll probably be for when phase 1 has been completed.

In the meantime, we’re on the hunt for people looking for a new challenge. If you’re looking to be seriously challenged, check out our jobs page and feel free to tweet/mail/call me 😉

PHP 5.4 compatibility checks using PHP_CodeSniffer

Update (27 Nov) : Support for PHP 5.5alpha is included.

For those of you who are new to this concept, check my blog post from a while ago. It will explain the basic concept of using PHP_CodeSniffer to automate compatibility checks. But don’t use the download links, because they point to the old (PHP 5.3) version !

What’s new ?

Quite a few things have changed in this new release :

  • There’s no version specific release anymore. The previous codesniffer standard was called PHP53Compatibility, but it seemed quite stupid to make a new standard for every PHP version out there, especially since that would keep certain people from upgrading to the latest major PHP version. So the new PHPCompatibility standard works for 5.0 – 5.4
  • But since some people simply can’t upgrade to the latest version, I added version information to all the checks. For example : the deprecated  function checker will now tell you that session_register() is deprecated since PHP 5.3 and removed since PHP 5.4 – if you’re running 5.2 and want to move to 5.3, at least you know right away that you’ll have to fix that problem, because otherwise you can’t ever upgrade to 5.4. This version check is available on deprecated/removed function, deprecated/removed php.ini directives and deprecated/removed extensions.
  • Default timezone check has been added : since PHP 5.4, you need to have a default timezone set or PHP will complain. This is ofcourse only useful if you run the tests on a system with identical settings as your production environment.
  • A check for the removed functionality on break and continue was added. (Using a variable or function call as a parameter on break and continue is no longer allowed.)
  • 2 algorithms were removed in the hash extension, so there’s a check for that as well

Where to get it

2 options :

  • Using git : run this in your PHP_CodeSniffer/Standards directory :
    ~ > git clone git://github.com/wimg/PHPCompat_CodeSniffer.git PHPCompatibility
  • Downloading a zip : download here and unzip the file in PHP_CodeSniffer/Standards/PHPCompatibility

How to run it

Start PHP_CodeSniffer like this :
phpcs --standard=PHPCompatibility

Enjoy !

As always, any feedback (or patches on Github) welcome !