Analyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.

Overview

PhpDeprecationDetector

PhpDeprecationDetector - analyzer of PHP code to search usages of deprecated functionality in newer interpreter versions - deprecations detector.

Latest Stable Version Total Downloads License

PhpDeprecationDetector finds:

  • Usage of removed objects: functions, variables, constants and ini-directives.
  • Usage of deprecated functions functionality.
  • Usage of forbidden names or tricks (e.g. reserved identifiers in newer versions).

It literally helps you find code that can fail after migration to newer PHP version.

  1. Installation
  2. Usage

Installation

Phar file

  1. Just download a phar from releases page and make executable
chmod +x phpdd-x.x.x.phar
  1. a. Local installation: use it from current folder:

    ./phpdd-x.x.x.phar -h

    b. Global installation: move it in to one of folders listed in your $PATH and run from any folder:

    sudo mv phpdd-x.x.x.phar /usr/local/bin/phpdd
    phpdd -h

Composer

Another way to install phpdd is via composer.

  1. Install composer:
curl -sS https://getcomposer.org/installer | php
  1. Install phpdd in global composer dir:
./composer.phar global require wapmorgan/php-deprecation-detector dev-master
  1. Run from any folder:
phpdd -h

Usage

Console scanner

To scan your files or folder launch phpdd and pass file or directory names.

Description:
  Analyzes PHP code and searches issues with deprecated functionality in newer interpreter versions.

Usage:
  scan [options] [--] <files>...

Arguments:
  files                                    Which files you want to analyze (separate multiple names with a space)?

Options:
  -t, --target[=TARGET]                    Sets target PHP interpreter version. [default: "7.4"]
  -a, --after[=AFTER]                      Sets initial PHP interpreter version for checks. [default: "5.3"]
  -e, --exclude[=EXCLUDE]                  Sets excluded file or directory names for scanning. If need to pass few names, join it with comma.
  -s, --max-size[=MAX-SIZE]                Sets max size of php file. If file is larger, it will be skipped. [default: "1mb"]
      --file-extensions[=FILE-EXTENSIONS]  Sets file extensions to be parsed. [default: "php, php5, phtml"]
      --skip-checks[=SKIP-CHECKS]          Skip all checks containing any of the given values. Pass a comma-separated list for multiple values.
      --output-json[=OUTPUT-JSON]          Path to store json-file with analyze results. If '-' passed, json will be printed on stdout.
  -h, --help                               Display this help message
  -q, --quiet                              Do not output any message
  -V, --version                            Display this application version
      --ansi                               Force ANSI output
      --no-ansi                            Disable ANSI output
  -n, --no-interaction                     Do not ask any interactive question
  -v|vv|vvv, --verbose                     Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
  • By providing additional option --target you can specify version of PHP to perform less checks. Available target versions: 5.3, 5.4, 5.5, 5.6, 7.0, 7.1, 7.2, 7.3, 7.4. A larger version includes rules for checking from all previous.
  • By providing --exclude option you can exclude specific folders or files from analyze. For example, --exclude vendor will prevent checking third-party libraries.
  • By providing --skip-checks option you can exclude specific checks from analyze.
  • If your files has unusual extension, you can specify all exts by --file-extensions option. By default, it uses php, phtml and php5.
  • If you need to generate machine-readable analyze result, use --output-json option to specify path to store json or --output-json=- to print json to stdout.

Example of usage

> ./bin/phpdd tests/
Max file size set to: 1.000 MiB
Folder /media/wapmorgan/Локальный диск/Документы/PhpDeprecationDetector/tests
- PHP 5.3 (3) - your version is greater or equal
+------------+---------+---------------------------------------------------------------------+
| File:Line  | Type    | Issue                                                               |
+------------+---------+---------------------------------------------------------------------+
| /5.3.php:2 | removed | Function dl() is removed.                                           |
| /5.3.php:3 | removed | Ini define_syslog_variables is removed.                             |
| /5.3.php:5 | changed | Function usage piet() (@call_with_passing_by_reference) is changed. |
|            |         | Call with passing by reference is deprecated. Problem is "&$hoho"   |
+------------+---------+---------------------------------------------------------------------+

- PHP 5.4 (2) - your version is greater or equal
+------------+---------+-----------------------------------------------+
| File:Line  | Type    | Issue                                         |
+------------+---------+-----------------------------------------------+
| /5.4.php:2 | removed | Function mcrypt_generic_end() is removed.     |
|            |         | Consider replace with mcrypt_generic_deinit() |
| /5.4.php:3 | removed | Function magic_quotes_runtime() is removed.   |
+------------+---------+-----------------------------------------------+
...
...
...

Json report format

Also, you can store analyze result in json format for automatic check. Pass --output-json=FILENAME to write result to FILENAME file or --output-json=- to output to stdout.

Format of json - dictionary with items:

  • InfoMessage[] info_messages - list of information messages about analyzing process.
  • Issue[] problems - list of issues found in your code.
  • ReplaceSuggestion[] replace_suggestions - list of replacement suggestions based on your code.
  • Note[] notes - list of notes about new functions behaviour.

Items description:

  • InfoMessage structure:
    • string type - message type - any of (info | warning)
    • string message - message text
  • Issue structure:
    • string version - interpreter version which has current issue (like 7.2)
    • string file - relative path to file in which issue found (like src/ProblemClass.php)
    • string path - absolute path to file in which issue found (like /var/www/html/project/src/ProblemClass.php)
    • int line - line in file in which issue found
    • string category - issue category - any of (changed | removed | violation)
    • string type - concrete issue type (like "constant" or "identifier")
    • string checker - concrete issue object which may cause problem (like magic_quotes_runtime or preg_replace() (@preg_replace_e_modifier))
  • ReplaceSuggestion structure:
    • string type - replacement object type (like variable or ini)
    • string problem - replacement object (like mcrypt_generic_end() or each())
    • string replacement - suggestion to replace with (like mcrypt_generic_deinit() or foreach())
  • Note structure:
    • string type - type of note (like function_usage or deprecated_feature)
    • string problem - note object (like preg_replace() (@preg_replace_e_modifier) or parse_str() (@parse_str_without_argument))
    • string note - note text (like Usage of "e" modifier in preg_replace is deprecated: "asdasdsd~ie" or Call to parse_str() without second argument is deprecated)
Comments
  • Outputting errors in stderr instead of stdout

    Outputting errors in stderr instead of stdout

    Would be great if it could output errors on stderr instead of stdout, so phpcf can be in automated deploy pipelines/CI.

    e.g. phpcf myfile >> /dev/null 2>> error.log

    Additionally, having the output in json (or at least somewhat configurable) would be great too

    enhancement 
    opened by kkmuffme 13
  • "sh: tput: not found" and "Warning: A non-numeric value encountered"

    I use PhpCodeFixer inside a Docker container (I use the official php:fpm-alpine Docker image), and when I run vendor/bin/phpcf modules I get the following output:

    Max file size set to: 1.000 MiB
    Scanning modules ...
    sh: tput: not found
    
    Warning: A non-numeric value encountered in /app/vendor/wapmorgan/php-code-fixer/bin/phpcf on line 74
     PHP |             Type |                      File:Line | Issue
    Peak memory usage: 1.758 MB
    
    opened by EvgenyOrekhov 13
  • PHP Fatal error:  Uncaught TypeError

    PHP Fatal error: Uncaught TypeError

    My Enviroment : Ubuntu 18.04 PHP 7.1

    PHP Notice: Undefined offset: 1 in /PhpCodeFixer/data/mb_ereg_replace_e_modifier.php on line 11 PHP Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::divideByComma() must be of the type array, null given, called in /PhpCodeFixer/data/mb_ereg_replace_e_modifier.php on line 11 and defined in /PhpCodeFixer/src/PhpCodeFixer.php:463 Stack trace: #0 /PhpCodeFixer/data/mb_ereg_replace_e_modifier.php(11): wapmorgan\PhpCodeFixer\PhpCodeFixer::divideByComma(NULL) #1 /PhpCodeFixer/src/PhpCodeFixer.php(504): wapmorgan\PhpCodeFixer\mb_ereg_replace_e_modifier(Array, 'mb_ereg_replace') #2 /PhpCodeFixer/src/PhpCodeFixer.php(273): wapmorgan\PhpCodeFixer\PhpCodeFixer::callFunctionUsageChecker('wapmorgan\PhpCo...', 'mb_ereg_replace', Array) #3 /PhpCodeFixer/src/PhpCodeFixer.php(142): wapmorgan\PhpCodeFixer\PhpCodeFixer->checkFile('/home/evil85/gi...', Object(wapmorgan in /home/evil85/Development/security-tools/PhpCodeFixer/src/PhpCodeFixer.php on line 463

    bug 
    opened by Evil85 10
  • PHP Errors and Notices at various sample files

    PHP Errors and Notices at various sample files

    Hello,

    I was using PHP codefixer to scan all PHP files on my server. I found a few files which caused PHP notices and PHP errors.

    Here you can find all samples and their respective error messages: https://misc.daniel-marschall.de/bugreports/php_codefixer/

    Sample 1: A file from the nextgen-gallery plugin of Wordpress. Bug 1.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/define_case_insensitive.php on line 13 Bug 1.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::divideByComma() must be of the type array, null given, called in phar:///.../phpcf.phar/data/define_case_insensitive.php on line 13 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:462

    Sample 2: dotclear.php file of an old Wordpress admin area. Bug 2.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 11 Bug 2.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::divideByComma() must be of the type array, null given, called in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 11 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:462

    Sample 3: A stringparser class, version A Bug 3.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 Bug 3.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::trimSpaces() must be of the type array, null given, called in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:477

    Sample 4: A bbcode class, version A Bug 4.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 Bug 4.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::trimSpaces() must be of the type array, null given, called in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:477

    Sample 5: A stringparser class, version B Bug 5.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 Bug 5.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::trimSpaces() must be of the type array, null given, called in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:477

    Sample 6: A bbcode class, version B Bug 6.1: Notice: Undefined offset: 0 in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 Bug 6.2: Fatal error: Uncaught TypeError: Argument 1 passed to wapmorgan\PhpCodeFixer\PhpCodeFixer::trimSpaces() must be of the type array, null given, called in phar:///.../phpcf.phar/data/preg_replace_e_modifier.php on line 12 and defined in phar:///.../phpcf.phar/src/PhpCodeFixer.php:477

    Version used: 2.0.17

    bug 
    opened by danielmarschall 9
  • PHP Fatal error:  Allowed memory size of XXX bytes exhausted

    PHP Fatal error: Allowed memory size of XXX bytes exhausted

    Hello.

    When i scan some source at my host i get 2 times PHP Fatal error at 128MB memory limit: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 72 bytes) in /xxx/PhpCodeFixer.php on line 63

    at 256MB memory limit: PHP Fatal error: Allowed memory size of 268435456 bytes exhausted (tried to allocate 524288 bytes) in /xxx/PhpCodeFixer.php on line 40

    after i set memory limit for php to 512MB i not get this errors.

    opened by infectormp 9
  • Support for PHP 7.4

    Support for PHP 7.4

    PHP7.4 will be released in 3 weeks and it would be great if phpcf could support it already now.

    The list of (breaking) changes can be found here: https://www.php.net/manual/en/doc.changelog.php https://www.php.net/manual/en/migration74.php

    Thanks a lot!

    opened by kkmuffme 8
  • PHP4 constructors, preg_replace, method naming for subclasses

    PHP4 constructors, preg_replace, method naming for subclasses

    I've fixed issue #28 with the second commit. The first one fixes another preg_replace delimiter issue, it's also allowed to use single-/double-quotes as delimiters. Also the method naming check didn't work for subclasses (eg. class SubClass extends ParentClass) as there were more tokens than just 5 to get after the first opening brace.

    opened by fwolfsjaeger 7
  • PHP Notice:  Uninitialized string offset: 1

    PHP Notice: Uninitialized string offset: 1

    Version is 2.0.13-1-g0dd0ff3 (phar downloaded from releases page)

    $ php phpcf.phar test.php
    Max file size set to: 1.000 MiB
    PHP Notice:  Undefined offset: 1 in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/TerminalInfo.php on line 108
    
    Notice: Undefined offset: 1 in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/TerminalInfo.php on line 108
    PHP Notice:  Undefined offset: 1 in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/TerminalInfo.php on line 108
    
    Notice: Undefined offset: 1 in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/TerminalInfo.php on line 108
    PHP Warning:  A non-numeric value encountered in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/Application.php on line 125
    
    Warning: A non-numeric value encountered in phar://C:/dev/skyeng/skyeng/phpcf.phar/src/Application.php on line 125
    
    File test.php
    
    Analyzer has not detected any problems in your code.
    Peak memory usage: 2.466 MB
    
    opened by samdark 7
  • False positive on php4 constructors

    False positive on php4 constructors

    Hi,

    I tried running PhpCodeFixer on the Elastica library (https://github.com/ruflin/Elastica). There are a lot of false positive related to usage of php4 constructors.

    This library already uses php5 constructors but, in addition, some classes also have a method having the same name.

    I think the detection of php4 could be improved by using the same rules written in the RFC that deprecated php4 constructors:

    PHP 7 will emit E_DEPRECATED whenever a PHP 4 constructor is defined. When the method name matches the class name, the class is not in a namespace, and a PHP 5 constructor (__construct) is not present then an E_DEPRECATED will be emitted. PHP 8 will stop emitting E_DEPRECATED and the methods will not be recognized as constructors.

    PHP 7 will also stop emitting E_STRICT when a method with the same name as the class is present as well as __construct.

    Source: https://wiki.php.net/rfc/remove_php4_constructors

    enhancement Requires rewriting 
    opened by pylebecq 5
  • Version flag

    Version flag

    This is a feature request: could you add a --version flag, to check which version one is currently running? Or is there a better way to check the version?

    opened by MetalArend 5
  • Notice

    Notice

    While running your code against mine Notice: Uninitialized string offset: 1 in C:\data\QualityReport\vendor\wapmorgan\php-code-fixer\src\PhpCodeFixer.php on line 177

    opened by marcelloh 5
  • Missing PHP 8.0 detection for parameter with a default value that is followed by a required parameter

    Missing PHP 8.0 detection for parameter with a default value that is followed by a required parameter

    The following code is deprecated in PHP 8.0 because the parameter with a default value is followed by a required parameter (see the Deprecated Features for PHP Core):

    <?php
    function test($a = [], $b) {}
    

    This is not reported by the phpdd tool:

    $ phpdd  -t 8.0 test.php
    Max file size set to: 1.000 MiB
    
    File test.php
    
    Analyzer has not detected any issues in your code.
    Peak memory usage: 2.430 MB
    

    BTW The php executable does report on this deprecation:

    $ php test.php
    PHP Deprecated:  Optional parameter $a declared before required parameter $b is implicitly treated as a required parameter in /path/to/test.php on line 2
    
    Deprecated: Optional parameter $a declared before required parameter $b is implicitly treated as a required parameter in /path/to/test.php on line 2
    
    opened by aadmathijssen 1
  • Adds PHP 8.1 and Junit Support

    Adds PHP 8.1 and Junit Support

    Added support for PHP 8.1 by adding rules in a fork to help add availability to this repo

    Added support for junit as an output format

    Added column numbers to allow easier identification of where errors appear

    Amended output options:

    • --output added - possible values: stdout (default), json, and junit
    • --output-file added - will generate a file saved at given location for json and junit
    • --output-json removed as above options will improve and slimplify this
    opened by jamessampford 0
  • FP: mb_ereg_replace

    FP: mb_ereg_replace

    Hi, I see errors like this:

    | /thirdparty/composer/voku/portable-utf8/src/voku/helper/UTF8.php:5804                              | removed   | Function mb_ereg_replace() is removed.                                           |
    |                                                                                                    |           | Consider replace with @mb_ereg_replace_e_modifier()                              |
    |
    

    ... but mb_ereg_replace is not removed and mb_ereg_replace_e_modifier does not exist. I think you will check the "e" modifier usage somehow here, but the error message seems not correct here.

    opened by voku 1
  • PHP 8.1 support

    PHP 8.1 support

    PHP 8.1 has been released

    https://wiki.php.net/rfc/deprecations_php_8_1 https://www.php.net/manual/en/migration81.deprecated.php

    Also:

    • default for --target needs to be increased to 8.1
    • documentation needs to be updated to include the 8.1 too
    opened by kkmuffme 3
Releases(2.0.29)
YCOM Impersonate. Login as selected YCOM user 🧙‍♂️in frontend.

YCOM Impersonate Login as selected YCOM user in frontend. Features: Backend users with admin rights or YCOM[] rights, can be automatically logged in v

Friends Of REDAXO 17 Sep 12, 2022
The SensioLabs DeprecationDetector runs a static code analysis against your project's source code to find usages of deprecated methods, classes and interfaces

SensioLabs DeprecationDetector CAUTION: This package is abandoned and will no longer receive any updates. The SensioLabs DeprecationDetector runs a st

QOSSMIC GmbH 389 Nov 24, 2022
Algolia Search integration for Magento 1 - compatible with versions from 1.6.x to 1.9.x

Algolia Search for Magento 1.6+ End of Support ?? The Algolia Magento 1 extension has reached End of Life regarding support and maintenance. We do not

Algolia 163 Dec 20, 2022
Algolia Search integration for Magento 2 - compatible with versions from 2.3.x to 2.4.x

Algolia Search for Magento 2 ?? Need help? Check out our Technical Troubleshooting Guide. For feedback, bug reporting, or unresolved issues with the e

Algolia 147 Dec 20, 2022
Lambda calculus interpreter in PHP.

lambda-php Lambda calculus interpreter in PHP. Lambda calculus Lambda calculus is a very minimal programming language that was invented in 1936 by Alo

Igor 22 Feb 28, 2022
The PHP Interpreter

The PHP Interpreter PHP is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PH

php.net 34.8k Dec 28, 2022
Sey is a powerful math interpreter with infinite-precision.

Sey, pronounce say, is a powerful math interpreter with infinite-precision.

Félix Dorn 13 Oct 1, 2022
PHPQA all-in-one Analyzer CLI tool

PHPQA PHPQA Analyzer CLI tool Overview Available Analyzers Install Usage Override configuration Nice to have features Overview This project aims to se

Jesus Manuel Olivas 333 Dec 19, 2022
search non profitable charity or organization through api search

Non Profile Charity Search Search non profitable organization or get the details of an organization Installation Require the package using composer: c

Touhidur Rahman 5 Jan 20, 2022
Nova Search is an open source search engine developed by the Artado Project.

Loli Search Loli Search açık kaynak kodlu bir arama motorudur ve yalnızca kendi sonuçlarını değil, diğer arama motorlarının sonuçlarını da göstermekte

Artado Project 10 Jul 22, 2022
Doogle is a search engine and web crawler which can search indexed websites and images

Doogle Doogle is a search engine and web crawler which can search indexed websites and images, and then use keywords to be searched later. Written pri

Zepher Ashe 9 Jan 1, 2023
The Hoa\String library (deprecated by Hoa\Ustring).

Hoa is a modular, extensible and structured set of PHP libraries. Moreover, Hoa aims at being a bridge between industrial and research worlds. Hoa\Str

Hoa 6 Mar 27, 2018
A WordPress package to nudge users to upgrade their software versions (starting with PHP)

whip A WordPress package to nudge users to upgrade their software versions (starting with PHP) Requirements The following versions of PHP are supporte

Yoast 71 Oct 18, 2022
A tool that can be used to verify BC breaks between two versions of a PHP library.

Roave Backward Compatibility Check A tool that can be used to verify BC breaks between two versions of a PHP library. Pre-requisites/assumptions Your

Roave, LLC 530 Dec 27, 2022
This project backports features found in the latest PHP versions and provides compatibility layers for some extensions and functions

This project backports features found in the latest PHP versions and provides compatibility layers for some extensions and functions. It is intended to be used when portability across PHP versions and extensions is desired.

Symfony 2.2k Dec 29, 2022
Checks prefer-lowest installation for actually defined min versions in composer.json

Composer Prefer Lowest Validator This validator will strictly compare the specified minimum versions of your composer.json with the ones actually used

Mark Scherer 17 Aug 7, 2022
Automatically delete old SiteTree page versions from Silverstripe

Version truncator for Silverstripe An extension for Silverstripe to automatically delete old versioned DataObject records from your database when a re

Ralph Slooten 35 Dec 7, 2022
A MCPE server software that backporting new Minecraft: Bedrock Edition to older PocketMine versions with better stability and performance.

CoarseMC is a server software that backports new Minecraft: Bedrock Edition versions to older PocketMine versions with better stability and performance, while retaining as many features from the new PocketMine-MP versions as possible.

null 5 May 21, 2022
A high-performance license server system service for creating and managing products, major versions, and software licenses for the purpose of selling installable software products.

A high-performance license server system service for creating and managing products, major versions, and software licenses for the purpose of selling installable software products. Comes with a SDK and command-line tool. Works anywhere that PHP runs.

CubicleSoft 32 Dec 5, 2022