How do I install and enable these rules in a Laravel project?

Run `composer require --dev shipmonk/phpstan-rules` and add `includes: - vendor/shipmonk/phpstan-rules/rules.neon` to your `phpstan.neon` file. For Laravel projects using the `phpstan/extension-installer` package, it will auto-detect and include these rules.

Will these rules break my existing Laravel codebase?

Some rules may flag legitimate Laravel patterns (e.g., dynamic property access in Eloquent). Start with `enableAllRules: false` in your `phpstan.neon` and selectively enable rules. Test against your Laravel test suite before enforcing globally.

Can I disable specific rules without affecting others?

Yes. Use `parameters.shipmonkRules. .enabled: false` in your `phpstan.neon` to disable individual rules. For example, `forbidCast.enabled: false` disables unsafe cast checks while keeping other rules active.

Which Laravel version does this package support?

This package is framework-agnostic and works with any Laravel version (8.x, 9.x, 10.x). However, some rules (e.g., `enforceNativeReturnTypehint`) may require PHP 8.0+ for full functionality. Test with your PHP version.

How do I configure blacklists or whitelists for rules like `forbidCast`?

Use the `!` operator in your `phpstan.neon` to override defaults. For example, `forbidCast.blacklist!: ['(array)', '(unset)']` forces the blacklist to only include those casts, ignoring other defaults.

Are these rules compatible with PHPStan’s parallel analysis?

Yes, the rules work seamlessly with PHPStan’s `--parallel` flag. For large Laravel projects, combine this with `--memory-limit` to optimize performance during CI/CD runs.

What’s the best way to introduce these rules incrementally?

Start with `enableAllRules: false` and enable rules by category. For example, enforce safety rules (`forbidCheckedExceptionInCallable`) first, then modern PHP rules (`enforceNativeReturnTypehint`), and finally opinionated ones (`enforceEnumMatch`).

Do these rules work with Laravel’s Eloquent ORM?

Yes, but some rules may need adjustment. For example, `forbidCast` might flag `(array) $model->toArray()`, which is safe. Use `forbidCast.blacklist: ['(array)']` to exclude it. Test with your Eloquent models first.

How do I exclude vendor or test directories from analysis?

Use PHPStan’s `excludeFiles` or `excludeDirectories` in your `phpstan.neon`. For example, `excludeDirectories: ['vendor/', 'tests/']` skips Laravel’s core and test files while analyzing only your app logic.

What if a rule flags a false positive in my Laravel code?

Disable the rule temporarily with `parameters.shipmonkRules. .enabled: false` or adjust its configuration (e.g., `forbidUnsafeArrayKey.reportMixed: false`). Submit feedback to the [GitHub repo](https://github.com/shipmonk-rnd/phpstan-rules) if it’s a recurring issue.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Phpstan Rules Laravel Package

shipmonk/phpstan-rules

40 super-strict PHPStan rules from ShipMonk to plug gaps in extra-strict setups. Install via Composer, include rules.neon, then enable/disable or tune rules per-project. Targets tricky PHP edge cases like unsafe comparisons, casts, arrays, enums and more.

View on GitHub

Deep Wiki

Context7

Various extra strict PHPStan rules we found useful in ShipMonk.

Frequently asked questions about Phpstan Rules

How do I install and enable these rules in a Laravel project?: Run `composer require --dev shipmonk/phpstan-rules` and add `includes: - vendor/shipmonk/phpstan-rules/rules.neon` to your `phpstan.neon` file. For Laravel projects using the `phpstan/extension-installer` package, it will auto-detect and include these rules.
Will these rules break my existing Laravel codebase?: Some rules may flag legitimate Laravel patterns (e.g., dynamic property access in Eloquent). Start with `enableAllRules: false` in your `phpstan.neon` and selectively enable rules. Test against your Laravel test suite before enforcing globally.
Can I disable specific rules without affecting others?: Yes. Use `parameters.shipmonkRules.<ruleName>.enabled: false` in your `phpstan.neon` to disable individual rules. For example, `forbidCast.enabled: false` disables unsafe cast checks while keeping other rules active.
Which Laravel version does this package support?: This package is framework-agnostic and works with any Laravel version (8.x, 9.x, 10.x). However, some rules (e.g., `enforceNativeReturnTypehint`) may require PHP 8.0+ for full functionality. Test with your PHP version.
How do I configure blacklists or whitelists for rules like `forbidCast`?: Use the `!` operator in your `phpstan.neon` to override defaults. For example, `forbidCast.blacklist!: ['(array)', '(unset)']` forces the blacklist to only include those casts, ignoring other defaults.
Are these rules compatible with PHPStan’s parallel analysis?: Yes, the rules work seamlessly with PHPStan’s `--parallel` flag. For large Laravel projects, combine this with `--memory-limit` to optimize performance during CI/CD runs.
What’s the best way to introduce these rules incrementally?: Start with `enableAllRules: false` and enable rules by category. For example, enforce safety rules (`forbidCheckedExceptionInCallable`) first, then modern PHP rules (`enforceNativeReturnTypehint`), and finally opinionated ones (`enforceEnumMatch`).
Do these rules work with Laravel’s Eloquent ORM?: Yes, but some rules may need adjustment. For example, `forbidCast` might flag `(array) $model->toArray()`, which is safe. Use `forbidCast.blacklist: ['(array)']` to exclude it. Test with your Eloquent models first.
How do I exclude vendor or test directories from analysis?: Use PHPStan’s `excludeFiles` or `excludeDirectories` in your `phpstan.neon`. For example, `excludeDirectories: ['vendor/', 'tests/']` skips Laravel’s core and test files while analyzing only your app logic.
What if a rule flags a false positive in my Laravel code?: Disable the rule temporarily with `parameters.shipmonkRules.<ruleName>.enabled: false` or adjust its configuration (e.g., `forbidUnsafeArrayKey.reportMixed: false`). Submit feedback to the [GitHub repo](https://github.com/shipmonk-rnd/phpstan-rules) if it’s a recurring issue.

Popularity trends

Recorded values over time (once-a-day snapshots). May 8, 2026 – Jun 6, 2026

GitHub · stars

GitHub · forks

GitHub · watchers

Packagist · monthly downloads

View on GitHub

Stars

152

Favorites

154

Forks

Score

31.1

Score breakdown

Sum of components, capped 0–100. Halved if archived.

Stars

input: 152

+0.8
Forks

input: 24

+0.7
Open issues + PRs

input: 5

+0.5
Releases

input: 32

+9.6
Recency

input: 17

+19.1
Issue opportunity

input: 1

+0.0
Laravel News mentions

input: 0

+0.0
Dependents

input: 0

+0.0

Total 30.6

Opportunity

49.3

Opportunity score breakdown

Hidden gem signal × 0.65 + contribution need × 0.35, scaled by health factor.

Hidden gem

log(monthly_downloads / (stars + 1)) × 25

74.0
Contribution need

open_issues + open_prs: 5

3.8
Health factor

archived + recency + open issues

×0.99

Total 49.0

License

—

Last release

May 19, 2026

Watchers

Downloads

139K/mo

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

hexters/coinpayment

rjcodes/rjcms

act-training/laravel-permissions-manager

alimarchal/laravel-chart-of-accounts

babenkoivan/elastic-scout-driver

mkwebdesign/filament-watchdog-v5

renatomarinho/laravel-page-speed

zedmagdy/filament-business-hours

renatovdemoura/blade-elements-ui

devgeek/beacon-admin

benjamin-rqt/data-watcher-bundle

atriumphp/atrium

sandermuller/package-boost-laravel

sandermuller/boost-skills

redaxo/core

yusufgenc/filament-api-forge

l3aro/rating-star-for-filament

leek/filament-subtenant-scope

anil/file-picker

broqit/fields-ai