This library is based on PHPStan to detect calls to specific functions you don't want in your project. For instance, you can add it in your CI process to make sure there is no debug/non standard code (like var_dump, exit, ...).
To use this extension, require it using Composer:
composer require --dev ekino/phpstan-banned-code
When you use https://github.com/phpstan/extension-installer you are done.
If not, include extension.neon
in your project's PHPStan config:
includes:
- vendor/ekino/phpstan-banned-code/extension.neon
You can configure this library with parameters:
parameters:
banned_code:
nodes:
# enable detection of echo
-
type: Stmt_Echo
functions: null
# enable detection of eval
-
type: Expr_Eval
functions: null
# enable detection of die/exit
-
type: Expr_Exit
functions: null
# enable detection of a set of functions
-
type: Expr_FuncCall
functions:
- dd
- debug_backtrace
- dump
- exec
- passthru
- phpinfo
- print_r
- proc_open
- shell_exec
- system
- var_dump
# enable detection of print statements
-
type: Expr_Print
functions: null
# enable detection of shell execution by backticks
-
type: Expr_ShellExec
functions: null
# enable detection of `use Tests\Foo\Bar` in a non-test file
use_from_tests: true
# errors emitted by the extension are non-ignorable by default, so they cannot accidentally be put into the baseline.
non_ignorable: false # default is true
type
is the returned value of a node, see the method getType()
.