Question 1

How does Phan compare to PHPStan for PHP static analysis?

Accepted Answer

Phan prioritizes minimizing false positives and incremental adoption on large codebases, while PHPStan offers more aggressive type inference. Phan requires the php-ast extension, whereas PHPStan does not, making Phan better for teams wary of false alarms.

Question 2

How to suppress false positives in Phan?

Accepted Answer

Use the @suppress annotation in PHPDoc comments to ignore specific issue types, or configure Phan to exclude directories or adjust severity levels in the config.php file. This allows targeted control over analysis output.

Question 3

Does Phan work well with Laravel or Symfony frameworks?

Accepted Answer

Yes, but it requires proper configuration to handle framework-specific autoloading and magic methods. You may need to add framework directories to the analysis list and use PHPDoc annotations for dynamic properties to avoid missed issues.

Question 4

How to integrate Phan with GitHub Actions?

Accepted Answer

Install Phan via Composer in your workflow, set up the config.php file, and run it with output formats like JSON or checkstyle. Use the action's cache to speed up runs and fail the build on critical errors for CI enforcement.

Question 5

What PHP versions does Phan support for analysis?

Accepted Answer

Phan 6 supports analyzing PHP version 8.1 to 8.5 syntax, checking for backward incompatibilities and unsupported features. It requires PHP 8.1+ to run, as noted in the getting started section.

Question 6

How to configure Phan for a legacy codebase?

Accepted Answer

Start with a basic config using phan --init, then incrementally strengthen analysis by enabling plugins and adjusting strictness settings. Exclude third-party code from analysis to focus on your source, as recommended in the wiki.

phan

What is phan?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions