search

azjezz / psl

πŸ“š PHP Standard Library - a modern, consistent, centralized, well-typed, non-blocking set of APIs for PHP programmers
MIT License
1.21k stars 71 forks source link

Quality Assurance tools integration. #30

Open azjezz opened 4 years ago

azjezz commented 4 years ago

This is a meta issue to keep track of which QA tools are being used in PSL, the end goal is to have all these tools ( and more hopefully ) integrated with PSL and as part of our CI. ( PRs welcome! )

Coding Standards

Tool Description Integrated
php-cs-fixer PHP Coding Standards Fixer βœ…
php_codesniffer βœ”οΈ

There's a lot of rules we have that are currently not enforced by CI:

Static Analysis

Tool Description Integrated Coverage
PSalm Static Analysis tool. βœ… 100%
PHPStan Static Analysis tool. ❌ 0%
SymfonyInsight PHP project quality, done right. βœ… n/a
php-assumptions Tool to detect assumptions ❌ n/a?
phpmd ❌ n/a?

Testing

Tool Description Integrated Coverage
PHPUnit Unit Testing framework. βœ… 100%

Security

Tool Description Integrated
RoaveSecurityAdvisories Security advisories as a simple composer exclusion list. βœ…
SymfonoySecurity PHP security vulnerabilities monitoring. ❌
Psalm ( taint analysis ) Static Analysis tool. βœ…
azjezz commented 4 years ago

cc @fmasa :)

azjezz commented 4 years ago

related #31

fmasa commented 4 years ago

@azjezz I have looked into PHPStan here. There is sadly nothing similar to type coverage as it is reported by Psalm (closest thing is probably https://github.com/phpstan/phpstan/issues/845). What I can do is adding relevant @phpstan- annotations and add PHPStan to CI (for code itself and maybe for tests?).

If that makes sense to you, then I'll try to do some groundwork this weekend :slightly_smiling_face:)

azjezz commented 4 years ago

Sure! That would be a great addition

BackEndTea commented 3 years ago

Infection may be able to mutate functions in the future: https://github.com/infection/infection/pull/1483 It may be a nice addition to the toolchain, once that is possible