Skip to content

PHPStan Converter

phpstan/phpstan - GitHub

Note

Available since version 1.0.0

Table Of Contents

  1. Requirements
  2. Installation
  3. Usage
  4. How to customize your converter
  5. Learn more
  6. IDE Integration
  7. Web SARIF viewer

phpstan converter

Requirements

  • PHPStan requires PHP version 8.1.0 or greater
  • This SARIF converter requires at least PHPStan version 1.11.0

Installation

composer require --dev phpstan/phpstan bartlett/sarif-php-converters

Then update your phpstan.neon.dist configuration file:

services:
    errorFormatter.sarif:
        class: Bartlett\Sarif\Converter\Reporter\PhpStanFormatter

Usage

vendor/bin/phpstan analyse --error-format sarif --configuration phpstan.neon.dist --autoload-file bootstrap.php

How to customize your converter

There are many ways to customize render of your converter.

Make the SARIF report output human-readable

By default, all converters use the default \Bartlett\Sarif\Factory\PhpSerializerFactory to return the SARIF JSON representation of your report.

But this serializer factory component, as native PHP json_encode function, does not use whitespace in returned data to format it.

To make your report human-readable, you have to specify the \JSON_PRETTY_PRINT constant, as encoder option.

Here is the way to do it !

Step 1: Create your formatter specialized class :

<?php

use Bartlett\Sarif\Converter\PhpStanConverter;
use Bartlett\Sarif\Converter\Reporter\PhpStanFormatter;

class MySarifFormatter extends PhpStanFormatter
{
    public function __construct(bool $prettyPrint)
    {
        parent::__construct(new PhpStanConverter(['format_output' => $prettyPrint]));
    }
}

Step 2: Create your own class loader to register custom serializer and converter (if any)

<?php
require_once dirname(__DIR__, 2) . '/vendor/autoload.php';
require_once __DIR__ . '/MySarifFormatter.php';

Step 3: Then update your phpstan.neon configuration file:

services:
    errorFormatter.sarif:
        class: MySarifFormatter
        arguments:
            prettyPrint: true

Step 4: And finally, print the SARIF report

vendor/bin/phpstan analyse --error-format sarif --configuration phpstan.neon --autoload-file bootstrap.php

Learn more

IDE Integration

The SARIF report file [*].sarif.json is automagically recognized and interpreted by PhpStorm (2024).

PHPStorm integration

Web SARIF viewer

With the React based component, you are able to explore a sarif report file previously generated.

For example:

sarif-web-phpstan