TheCodingMachine's additional rules for PHPStan

This package contains a set of rules to be added to the wonderful PHPStan static analyzer.

Those rules come from TheCodingMachine best practices. They are more "strict" than the default PHPStan rules and some may be controversial. We use those at TheCodingMachine, have found them to help us in our daily work, and ask anyone working with us to follow them.

Rules list

Exception related rules

• You should not throw the "Exception" base class directly but throw a sub-class instead.
• You should not have empty catch statements
• When throwing an exception inside a catch block, you should pass the catched exception as the "previous" exception
• If you catch a Throwable, an Exception or a RuntimeException, you must rethrow the exception.

Superglobal related rules

• The use of $_GET, $_POST, $_FILES, $_COOKIE, $_SESSION, $_REQUEST is forbidden. You should instead use your framework's request/session object.
• Superglobal usage is still tolerated at the root scope (because it is typically used once in index.php to initialize PSR-7 request object)

Condition related rules

• Switch statements should always check for unexpected values by implementing a default case (and throwing an exception)

Work-in-progress

// Never use public properties
// Never use globals

Installation

We assume that PHPStan is already installed in your project.

To use this extension, require it in Composer:

composer require --dev thecodingmachine/phpstan-strict-rules

If you also install phpstan/extension-installer then you're all set!

If you don't want to use phpstan/extension-installer, include phpstan-strict-rules.neon in your project's PHPStan config:

includes:
    - vendor/thecodingmachine/phpstan-strict-rules/phpstan-strict-rules.neon