search

phpstan / phpstan

PHP Static Analysis Tool - discover bugs in your code without running it!
https://phpstan.org/
MIT License
12.72k stars 861 forks source link

Conflicting documentation regarding analysis of traits #11250

Open cs278 opened 2 weeks ago

cs278 commented 2 weeks ago

Bug report

I'm experiencing a problem whereby PHPStan reports falsely that a property is never used, the property is used in methods provided by a vendor trait.

Code/output ```php

It's not possible to replicate this on phpstan.org/try, eventually I found a blog post explaining the problem: https://phpstan.org/blog/how-phpstan-analyses-traits.

So my understanding is PHPStan doesn't fully analyse any of my code that use vendor traits, so I need to include vendor traits in the analysis. However this directly conflicts with the getting started guide which states:

There’s no need to analyse the vendor directory with 3rd party dependencies because it’s not in your power to fix all the mistakes made by the developers you don’t work with directly.

Including vendor traits (by their path) into the analysis is also complicated by the fact there is no guarantee that the trait will be the only thing in the source file - forcing the user to analyse vendor code they cannot fix or even care about.

Even though the way PHPStan works with traits is surprising I expect it's not without good reason, is there anything that can be done to improve this? A few thoughts:

  • Automatically including used traits in the analysis
  • Updating the user guide to document this limitation
  • Config entry listing traits to analyse (by FQCN)
  • Tip added to the output when analysing a file with traits that are not analysed

Code snippet that reproduces the problem

N/A

Expected output

No error reported

Did PHPStan help you today? Did it make you happy in any way?

No response

mergeable[bot] commented 2 weeks ago

This bug report is missing a link to reproduction at phpstan.org/try.

It will most likely be closed after manual review.

ondrejmirtes commented 2 weeks ago

The documentation isn't conflicting. We simply shouldn't report this error when PHPStan encounters a private method/property/constant AND the class in question uses a 3rd party trait we do not analyse.

ondrejmirtes commented 2 weeks ago

For now you can ignore this error: https://phpstan.org/user-guide/ignoring-errors

ondrejmirtes commented 2 weeks ago

Or maybe even better - write an extension that silences this error for classes that use the trait in question: https://phpstan.org/developing-extensions/always-read-written-properties

cs278 commented 2 weeks ago

Yes I've worked around it using a combination of identifier (these are a brilliant improvement BTW @ondrejmirtes) and regex for anyone else with the same problem:

parameters:
    ignoreErrors:
        -
            message: '/::\$someProperty\b/'
            identifier: property.onlyWritten

The documentation isn't conflicting.

Might be question of interpretation, traits are compiler time copy and paste so vendor code gets combined with my code. But I also can't fix any problems in them so yeah, I can see why it might not be ideal to analyse them. I still think it might be worth calling out more prominently somewhere.

We simply shouldn't report this error when PHPStan encounters a private method/property/constant AND the class in question uses a 3rd party trait we do not analyse.

Could that be refined to ignore only those method/property/contstants that are also defined by a used trait? Otherwise you effectively lose "unused privates" reporting for any class that uses a vendor trait.