Hey everyone. I am Nuno, the creator of PHP Insights
First, thanks @MindGods for sharing PHP Insights on Hacker News!
To answer some question on the comments:
The goal of PHP Insights is not to perform type checking, for that we already have PHPStan and Psalm. And both already work great by default.
PHP Insights wraps tools like PHP CS, or PHP CS Fixer, putting each check/sniff within a specific category: A missing blank space is related to coding style. On the other end, having mutable objects can be considered a code quality problem.
So, once we have those checks performed, we show a well-designed console interface that shows developers the results per category in a human-readable form: with a score, percentages, etc.
Besides, it's designed to work out-of-the-box with Laravel, Symfony, and others. In other words, we have prepared a set of presets, that represent the conventions per framework, so when people launch PHP Insights within a Magento2 project, their project will be analyzed following the Magento conventions.
I look forward to the April 1st version of this tool.
PHP is truly a defining technology of our age. For all the tongue-in-cheekiness of my comment, it’s a matter of fact that several giant web properties were built with PHP and have had irrefutable global impact.
I can also think of nichimen mirai which was also 10 years ahead of the competition in terms of ergonomics and features and was based on symbolics S-graphics system (and I kinda believe most of the value in mirai was due to the lisp broader paradigm, you could clearly see how limited most programs were at the time, exception being maybe prisms/houdini [which was probably C based though:)])
some people also quote apl or prolog to be an extensive reason on why their product exists or has an edge
Yahoo moved from an internal C-style template tool to PHP for a lot of front-end pages back in the day.
Wordpress is PHP, which is over 20% of the web.
I'd say most web sites (millions) in the period between Web 1.0 and early 2.0 were PHP.
The historical reason for the transition from Perl to PHP was that PHP had a standard library with 3,000 functions and was fast enough, while Perl users needed to install CPAN modules, a problem in shared hosting, and mod_perl is very fast but is not intended for shared hosting.
I use both this and Psalm. I find PHP Insights very helpful in ensuring I’m meeting the standards I’ve set out because — as Matt notes in his comment — it is essentially a nice interface to various existing code quality tools.
Psalm on the other hand helps keep my code bug free through excellent static analysis.
Psalm is essential, insights is beneficial. I eagerly choose to use both, together, but in a world where you can use just one: Psalm.
Thanks for sharing. I have some open source PHP projects (with Yii2), that I maintain on my free time, and I was wondering if there were any static analysis tools for PHP, and this just popped at the right time.
You might also look into exakat and phpstan. I can speak to the quality of exakat (my preferred static analyzer), where phpstan comes in as a close second.
This one also looks decent, and will be evaluating it for use in my day job.
> src/Grouchy/MessageStream.php:17: Class has too many methods: 12. Can be up to 10 methods.
> src/Grouchy/MessageStream.php:66: Your function is too long. Currently using 40 lines. Can be up to 20 lines.
sigh.
One of the annoyances of modern PHP practices is the tendency to write one class, per file, which extends or implements one other class, and adds one or two functions to it. Every single logical abstraction in a PHP project can have somewhere between one to thirty different classes associated with it, and larger PHP projects end up with a thousand or more files. All of this is enabled by composer's PSR-4 autoloading support, so as long as you give your classes the right kind of names and put the files in the right places, you don't have to think about what it means to hit the disk that many times on a page load. Consequently, there are more and more harebrained caching schemes showing up to kind of paper over this architectural problem. And tracking some unexpected behavior through that many different pieces just suuuuuuucks.
I fully get that god objects are bad. But metrics like these are making complex PHP projects worse, not better. PHP is not, and should not be, Java. Java has already shown us what the end result of these practices looks like. Let's not do that.
I desperately want a good code analysis tool for PHP: something that can look behind whether there's exactly one space before a '*' in a comment block and into deeper things like, "hey, on this line over here you tried to call a function that doesn't exist in the class the variable is supposed to be referencing".
(There were a few other minor misbehaviors in this tool's output, but I'm less disappointed by those.)
edit: Sometimes I forget to mention the things I like about a project. The output this produces is super clean and easy to navigate, I liked it a lot. The dashboard presentation at the beginning of the output is super cool. It's a great idea to have a single thing you can drop in that sets up phpcs and similar tools with reasonable defaults. The developer for PHP Insights probably didn't make any of the decisions that resulted in line counts or function counts being part of the output. My disappointment was only that I got my hopes up that it was something different from what it was.
> I desperately want a good code analysis tool for PHP: something that can look behind whether there's exactly one space before a '*' in a comment block and into deeper things like, "hey, on this line over here you tried to call a function that doesn't exist in the class the variable is supposed to be referencing".
Then you want phpstan or psalm. They do actual type checking and static analysis rather than style linting, and do it quite well.
If you do want an alternative for linting, Slevomat Coding Standard adds a huge number of highly-configurable and useful extra rules to PHPCS. I'm a big fan.
Inheritance is slowly fading away in favor of composition.
Drupal is an absolute abomination when it comes to extending classes, as in 5-6 in the chain is not uncommon. However, Drupal was never called for its high modern code quality either.
Projects like Symfony favor Interface model (the I in SOLID), and recent versions address some of the pain points you mentioned.
In terms of analyzers, I rely on PHP Inspections EA plugin for PHPStorm (commercial IDE). PHPStan, Phan, and Psalm are the three most popular PHP static analyzers and they are getting so good!
PHP has opcode caching. Not that it invalidates your other points, but you're not hitting the disk once per file per request. Just once per file per deploy.
First, thanks @MindGods for sharing PHP Insights on Hacker News!
To answer some question on the comments:
The goal of PHP Insights is not to perform type checking, for that we already have PHPStan and Psalm. And both already work great by default.
PHP Insights wraps tools like PHP CS, or PHP CS Fixer, putting each check/sniff within a specific category: A missing blank space is related to coding style. On the other end, having mutable objects can be considered a code quality problem.
So, once we have those checks performed, we show a well-designed console interface that shows developers the results per category in a human-readable form: with a score, percentages, etc.
Besides, it's designed to work out-of-the-box with Laravel, Symfony, and others. In other words, we have prepared a set of presets, that represent the conventions per framework, so when people launch PHP Insights within a Magento2 project, their project will be analyzed following the Magento conventions.
Long live PHP!