Llibreries i eines per a PHP

23-01-2023

• Llibreries
• Llibreries per a test
• Eines
• Eines de Composer
• Seguretat
• Comprovacions de CI
• Fonts

PHP és un llenguatge amplament utilitzat. Té una comunitat i ecosistema enormes. A continuació llistem algunes llibreries, eines i comprovacions a fer en integració contínua, algunes específiques per a Symfony.

Llibreries

• brick/date-time: Date and time library for PHP
• thecodingmachine/safe: All PHP functions, rewritten to throw exceptions instead of returning false
• azjezz/psl: PHP Standard Library - a modern, consistent, centralized, well-typed, non-blocking set of APIs for PHP programmers
• cuyz/valinor: PHP library that helps to map any input into a strongly-typed value object structure.
• particle/validator: Particle\Validator is a validation library with an extremely clean API which makes validation fun!
• league/tactician: A small, flexible command bus.
• league/flysystem: Abstraction for local and remote filesystems
• golem-ai/messenger-kit: This command simulates consumer failures and prints a timeline of the events. It lets you check whether your retry strategy configuration does what you expect it to.
• swarrot/swarrot: A lib to consume message from any Broker
• ronanguilloux/isocodes: PHP library - Validators for standards from ISO, International Finance, Public Administrations, GS1, Manufacturing Industry, Phone numbers & Zipcodes for many countries
• php-units-of-measure/php-units-of-measure: A library for handling physical quantities and the units of measure in which they’re represented.
• rawr/t-regx: PHP regular expression brought up to modern standards.
• mpratt/embera: A Oembed consumer library, that gives you information about urls. It helps you replace urls to youtube or vimeo for example, with their html embed code. It has advanced features like offline support, responsive embeds and caching support.
• spatie/geocoder: Geocode addresses to coordinates
• flack/ranger: Formatter for date and time ranges with i18n support
• Money:
  • brick/money: A money and currency library for PHP
  • moneyphp: PHP implementation of Fowler’s Money pattern

Llibreries per a test

• Infection: PHP Mutation Testing library. Plugins:
  • roave/infection-static-analysis-plugin: Static analysis on top of mutation testing - prevents escaped mutants from being invalid according to static analysis
  • bitexpert/captainhook-infection: Captain Hook Plugin to run InfectionPHP only against the changed files of a commit
• roave/no-leaks: PHPUnit Plugin for detecting Memory Leaks in code and tests
• lulco/populator: Allows populate fake data to your database.
• league/openapi-psr7-validator: It validates PSR-7 messages (HTTP request/response) against OpenAPI specifications.
• brianium/paratest: Parallel testing for PHPUnit
• johnkary/phpunit-speedtrap: Reports on slow-running tests in your PHPUnit test suite.

Eines

• Deptrac: Keep your architecture clean.
• PHP Architecture Tester: Easy to use architectural testing tool for PHP
• PHPArkitect: Put your architectural rules under test!
• PHP Insights: Instant PHP quality checks from your console
• GrumPHP: A PHP code-quality tool.
• churn-php: Discover files in need of refactoring.
• scheb/tombstone: Dead code detection with tombstones for PHP
• PHP Magic Number Detector: a tool that aims to help you to detect magic numbers in your PHP code.
• Robo: Modern Task Runner for PHP
• CaptainHook: Very flexible git hook manager for php developers
• Psalm: A static analysis tool for finding errors in PHP applications. Plugins:
  • boesing/psalm-plugin-stringf: Psalm plugin to provide more details for sprintf, printf, sscanf and fscanf functions.
  • hectorj/safe-php-psalm-plugin: vimeo/psalm plugin for thecodingmachine/safe.
  • marartner/psalm-no-empty: Psalm plugin to detect usage of empty().
  • marartner/psalm-strict-equality: Psalm plugin to enforce strict equality.
  • psalm/plugin-phpunit: A PHPUnit plugin for Psalm.
  • psalm/plugin-symfony: Psalm Plugin for Symfony.
  • weirdan/doctrine-psalm-plugin: Stubs to let Psalm understand Doctrine better.
• PHPStan: PHP Static Analysis Tool - discover bugs in your code without running it! Plugins:
  • ergebnis/phpstan-rules: Provides additional rules for phpstan/phpstan.
  • spaze/phpstan-disallowed-calls: PHPStan rules to detect disallowed calls and constant & namespace usages
  • roave/no-floaters: static analysis rules to prevent IEEE-754 floating point errors.
  • More extensions

Eines de Composer

• ComposerRequireChecker: A CLI tool to check whether a specific composer package uses imported symbols that aren’t part of its direct composer dependencies
• composer-unused: Show unused composer dependencies by scanning your code
• composer-normalize: Provides a composer plugin for normalizing composer.json.

Seguretat

• roave/security-advisories: Security advisories as a simple composer exclusion list, updated daily
• roave/backward-compatibility-check: Tool to compare two revisions of a class API to check for BC breaks
• Local PHP Security Checker: PHP security vulnerabilities checker

Comprovacions de CI

• Lints (per a Symfony):
  • PHP: find src public bin -name "*.php" -print0 | xargs -0 -n1 php -l
  • Container: bin/console lint:container
  • YAML: bin/console lint:yaml config src
  • Twig: bin/console lint:twig src
• Symfony + Doctrine:
  • Deprecations: bin/console debug:container --deprecations (si falla, no retorna un exit code diferent de 0)
  • Doctrine schema: bin/console doctrine:schema:validate --skip-sync
• Composer
  • Audit (The audit command checks for security vulnerability advisories for installed packages.): composer audit
  • Outdated (The outdated command shows a list of installed packages that have updates available, including their current and latest versions): composer outdated --minor-only --direct --strict
  • Validate (It will check if your composer.json is valid): composer validate --strict

Fonts

Aquesta llista està basada en gran manera en:

• https://twitter.com/ramsey/status/1396592906102722561
• https://twitter.com/lulco/status/1397813303037079553
• https://twitter.com/ArkadiuszKondas/status/1338485275002068993
• https://twitter.com/ArkadiuszKondas/status/1596232242627366912
• Aggressive PHP Quality Assurance in 2019 | Marco Pivetta