PHP Static Analysis story

Coding CEO
1 min readJun 24, 2021

--

I don’t like non-strict typed languages, supported says that is not needed if you have good tests, that adding typed variables makes you lose time.

But… I like PHP, so I use tools like PHPStan or Psalm to prevent problems.

PHPStan has several levels, I use the highest (8), and I want to talk about a story on why you need it because maybe you are losing money and you don’t know.

A custom eCommerce software was working properly (in theory), but sometimes the money paid by the customer didn’t match the order total. The devs said that was a race condition where the customer changes the shopping cart while paying. And everyone believed that.

After applying PHPstan we found that the call to

function addLine(string $sku,int $qty)

was wrong, there parameters were wrong:

$order->addLine($sku, $sku);

How the hell was working until now?

It’s simple, the SKUs were something like ‘01A…….’, so PHP converted to 1.

Some SKUs have ‘02A…’ and when added to the order, PHP converted to 2.

I have hundreds of examples where PHPstan discovered errors that tests didn’t spot. Because is not possible to test everything.

--

--

Coding CEO
Coding CEO

Written by Coding CEO

I fix things. I was CEO twice, and I missed too much coding. Back to CTO again.