> On Jan 23, 2020, at 3:04 AM, Rasmus Lerdorf <ras...@lerdorf.com> wrote:
> You are getting into static analysis territory here with that. There are > already static analysis tools that do exactly this type of array type > checking during development. For example, there are three type mistakes in > this code: > <snip> > Running Phan on it produces: Understood. But in my experience a large number of PHP developers do not use Phan. At least not in the WordPress realm. For my current project we tried for two days to get Phan to work but it generated so many errors that were not actually errors we gave up. I am sure it were possible if we had had the time and expertise to configure it correctly we could have gotten it working, but I would not be surprised if we are unique in that respect. IOW, if a tool is very complex to get working, its existence is not a solution except for advanced teams and use-cases where the benefits are so overwhelming that teams managers are willing to fund the time it takes to implement. > Really expensive checks like this belong at the static analysis stage. And > yes, it would be amazing to have a static analyzer built into PHP, which is > basically what you are asking for here, Expensive checks would not be a problem if they could be run once during OpCode generation without affecting day-to-day code generation, right? > But at Etsy, at least, this code would never make it to production because > static analysis checks are run by all developers and also run automatically > during staging prior to a production push. To be fair, I would say Etsy is an extreme outlier. Few business across the economy are fully web-based, have the revenue of Etsy and thus the financial downside Esty experiences when there is a problem on their website. Etsy is exactly the type of use-case I was referring to where the benefits of using tools like Phan are so overwhelming that management understands the need. But many other companies won't see such an overwhelming benefit and thus managers often just don't appreciate the need to work on it. #justsaying > but that is a huge task and goes way beyond just this particular check. Understood. But my above comments are to point out that the existence of Phan is not a panacea. -Mike
