PHP is great, but its loosely-typed goodness is a double-edged sword. On the one hand, it gives PHP the legendary low barrier to entry, but on the other, magical type juggling inevitably means bugs.

Because PHP is an interpreted rather than compiled language, catching these type problems is tricky, and often they'll go unnoticed for a long time before they catch up with us somewhere down the road. Problems sit and fester in our code base waiting to strike. Unused code can clutter our application, and there is a myriad of other ways in which we write PHP that won't produce errors but are bugs.

There are some excellent tools to help us catch errors and find bugs before we even run our code. IDEs like PhpStorm can inspect our code and give us information on potential problems before a script is ever executed.

Catching problems with our code before we run it is delightful. Bugs not making it out of our editor is a productive state to be in, but what if we're not using an expensive IDE, or we ignore the warnings and commit the code regardless? In an ideal world, we want to add the code inspection step into our continuous integration system so that we can reject buggy code before it makes it to production.

On this week's stream, we looked at Psalm, a PHP static analysis tool from the fine video hosting company Vimeo, that can find bugs in your code from the command line. It's handy in a couple of situations, bringing an unwieldy code base into line, and keeping it clean.

Finding Problems

We're going to look at the open-source smoke testing tool Cigar. It's a cool project to investigate as it's not too large, which makes dipping our toes into static analysis much more manageable. Once we've cloned the project from GitHub and installed the dependencies with Composer, we can run the test suite to make sure everything is passing as a baseline. Cigar uses the atypical Kahlan test runner, so to run the tests we call: