Static analysis tools checks PHP code without running them. Fully automated, they bring expertise to review the code, enforce good practices when programming, keep code ready for the next PHP version. PHP 7 has developed tremendously our capacity to audit code : thanks to AST and return types, it is possible to go deeper and prevent more bugs. During this session, we'll review the current state of static analysis tools, learn what they can find for us, and how to integrate it in the development cycle : security bugs, migration incompatibilities, directives recommendations. Simply said, better PHP coding.


Comments are closed.

Thorough overview of static code analyzers covering different aspects of a code base, whether run from the command line or as SAAS.

Not entirely sure if I missed it, or because it's just that there are too many SAAS for that, but there are also

- Code Climate
- Scrutinizer CI

Really enjoyed you went to a really low level explanation of what's "under the hood" and showed how it's done.
I would suggest adding some more good deduction we can take for each type of static analysis and maybe a some real business cases where static analysis made the difference on a project and how.

Paul West at 16:54 on 20 Feb 2017

Great talk, I hadn't come across code analysis before so learnt so much from this talk. I would have loved to have seen a demo of one in action.