PHPackages                             joeymckenzie/nasastan - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Testing &amp; Quality](/categories/testing)
4. /
5. joeymckenzie/nasastan

ActiveLibrary[Testing &amp; Quality](/categories/testing)

joeymckenzie/nasastan
=====================

A PHPStan extension to enforce NASA's Power of Ten rules.

0.1.2(1y ago)44754↓50%[5 PRs](https://github.com/JoeyMckenzie/nasastan/pulls)MITPHPPHP ^8.4CI passing

Since Mar 12Pushed 1mo ago4 watchersCompare

[ Source](https://github.com/JoeyMckenzie/nasastan)[ Packagist](https://packagist.org/packages/joeymckenzie/nasastan)[ RSS](/packages/joeymckenzie-nasastan/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (3)Dependencies (10)Versions (8)Used By (0)

 [![logo](art/cropped.png)](art/cropped.png) [![packgist downloads](https://camo.githubusercontent.com/a56d59aeac9effb6437aa1911c544fefb28f6d856570f602cf615fc4d7c42f6f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6a6f65796d636b656e7a69652f6e6173617374616e2e7376673f7374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/a56d59aeac9effb6437aa1911c544fefb28f6d856570f602cf615fc4d7c42f6f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6a6f65796d636b656e7a69652f6e6173617374616e2e7376673f7374796c653d666c61742d737175617265) [![ci](https://camo.githubusercontent.com/3100545fff28394c23bf565ae659be32d600b63260c3a5e05f0c69d990c1252e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6a6f65796d636b656e7a69652f6e6173617374616e2f72756e2d63692e796d6c3f6272616e63683d6d61696e266c6162656c3d6369267374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/3100545fff28394c23bf565ae659be32d600b63260c3a5e05f0c69d990c1252e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6a6f65796d636b656e7a69652f6e6173617374616e2f72756e2d63692e796d6c3f6272616e63683d6d61696e266c6162656c3d6369267374796c653d666c61742d737175617265) [![packgist downloads](https://camo.githubusercontent.com/143e40e447955e7dcf5197ba25bee92e9edc65d5b4a27c7c733d7aa5efd2a0b2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6a6f65796d636b656e7a69652f6e6173617374616e2f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/143e40e447955e7dcf5197ba25bee92e9edc65d5b4a27c7c733d7aa5efd2a0b2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6a6f65796d636b656e7a69652f6e6173617374616e2f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265) [![packgist downloads](https://camo.githubusercontent.com/82462217a6efc5d7435006ea5a4250d64e3fde6147b89c07ba4f810094bebd37/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6a6f65796d636b656e7a69652f6e6173617374616e2e7376673f7374796c653d666c61742d737175617265)](https://camo.githubusercontent.com/82462217a6efc5d7435006ea5a4250d64e3fde6147b89c07ba4f810094bebd37/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6a6f65796d636b656e7a69652f6e6173617374616e2e7376673f7374796c653d666c61742d737175617265)

🚀 NASAStan
==========

[](#-nasastan)

PHPStan extension that enforces NASA's [Power of Ten](https://en.wikipedia.org/wiki/The_Power_of_10:_Rules_for_Developing_Safety-Critical_Code)rules in your PHP code.

Table of Contents
-----------------

[](#table-of-contents)

- [Motivation](#why-should-i-use-this-extension)
- [Getting started](#getting-started)
- [Usage](#usage)
- [Power of Ten Rules](#original-nasa-power-of-ten-rules)
- Rules
    - [1. Avoid complex flow constructs](#rule-1)
    - [2. All loops must have fixed bounds](#rule-2)
    - [3. Avoid heap memory allocation after initialization](#rule-3)
    - [4. Restrict functions to a single printed page](#rule-4)
    - [5. Use a minimum of two runtime assertions per function](#rule-5)
    - [6. Restrict the scope of data to the smallest possible](#rule-6)
    - [7. Check the return value of all non-void functions](#rule-7)
    - [8. Use the preprocessor only for header files and simple macros](#rule-8)
    - [9. Limit pointer use to a single dereference](#rule-9)
    - [10. Compile with all possible warnings active](#rule-10)
- [References](#references)

Why should I use this extension?
--------------------------------

[](#why-should-i-use-this-extension)

Great question. I'm still trying to figure out an answer to that myself.

Getting started
---------------

[](#getting-started)

To get started, install the package with composer:

```
composer require --dev joeymckenzie/nasastan

```

Usage
-----

[](#usage)

If you're using `phpstan/extension-installer`, you're all set!

If not, however, include the extension in your PHPStan configuration:

```
includes:
  - vendor/joeymckenzie/nasastan/extension.neon
```

**Not all rules may be applicable to PHP**. Yes, I'm aware these rules are primarily targeted at C/C++ and some may not be nonsensical for PHP's use case. The rules are **opt-in**, allowing for a "choose your own" adventure with rules you may prefer while disabling ones that you may want in your project.

Configuring NASAStan
--------------------

[](#configuring-nasastan)

To use NASAStan with its default configuration, add the extension to your `phpstan.neon` file:

```
includes:
    - vendor/nasastan/phpstan-nasastan/extension.neon
```

### Customizing rules

[](#customizing-rules)

You can customize NASAStan's behavior by overriding configuration parameters in your `phpstan.neon` file.

#### Enabling or disabling rules

[](#enabling-or-disabling-rules)

By default, all NASAStan rules are enabled. To select only specific rules:

```
parameters:
    nasastan:
        enabledRules:
            - rule_3  # No heap allocation after init
            - rule_4  # Restrict function length
            - rule_10 # Compile with all warnings active
```

To exclude specific rules while keeping others enabled:

```
parameters:
    nasastan:
        exceptRules:
            - rule_5  # Minimum number of assertions
```

### Rule-specific configuration

[](#rule-specific-configuration)

Each rule has its own customizable parameters. Here are examples for each rule:

#### Rule 2: Fixed upper bounds on loops

[](#rule-2-fixed-upper-bounds-on-loops)

```
parameters:
    nasastan:
        maxAllowedIterations: 500  # Lower the maximum allowed iterations
```

#### Rule 3: No heap allocation after initialization

[](#rule-3-no-heap-allocation-after-initialization)

```
parameters:
    nasastan:
        allowedInitMethods:
            - __construct
            - initialize
            - setUp  # Add custom initialization methods
        resourceAllocationFunctions:
            - fopen
            - custom_resource_function  # Add your own resource allocation functions
```

#### Rule 4: Restrict function length

[](#rule-4-restrict-function-length)

```
parameters:
    nasastan:
        maxLinesPerFunction: 30  # Reduce maximum lines per function
        includeComments: false   # Don't count comments toward the line limit
```

#### Rule 5: Minimum assertions per function

[](#rule-5-minimum-assertions-per-function)

```
parameters:
    nasastan:
        minimumAssertionsRequired: 1  # Reduce required assertions
        assertionFunctions:
            - assert
            - custom_assertion  # Add your own assertion functions
```

#### Rule 6: Restrict data scope

[](#rule-6-restrict-data-scope)

```
parameters:
    nasastan:
        maxClassProperties: 15  # Increase allowed class properties
        allowedPublicProperties:
            - id
            - custom_public_property  # Add custom allowed public properties
```

#### Rule 7: Check return values

[](#rule-7-check-return-values)

```
parameters:
    nasastan:
        ignoreReturnValueForFunctions:
            - custom_void_function  # Add functions where return values can be ignored
```

#### Rule 9: Limit dereferences

[](#rule-9-limit-dereferences)

```
parameters:
    nasastan:
        maxAllowedDereferences: 2  # Allow more levels of dereferencing
```

#### Rule 10: Compile with all warnings active

[](#rule-10-compile-with-all-warnings-active)

```
parameters:
    nasastan:
        disallowedErrorSuppressingFunctions:
            - custom_error_suppression  # Add custom error suppression functions
        requiredDeclareDirectives:
            strict_types: 1  # Keep strict types required
```

Complete configuration example
------------------------------

[](#complete-configuration-example)

Here's an example of a complete configuration with customized values:

```
parameters:
    nasastan:
        # Rule enablement
        enabledRules:
            - rule_1
            - rule_2
            - rule_3
            - rule_4
            - rule_10
        exceptRules:
            - rule_5
            - rule_6

        # Rule 2: Fixed upper bounds on loops
        maxAllowedIterations: 500

        # Rule 3: No heap allocation after init
        allowedInitMethods:
            - __construct
            - initialize
            - bootstrap

        # Rule 4: Restrict function length
        maxLinesPerFunction: 40
        includeComments: false
        includeBlankLines: false

        # Rule 10: Compile with all warnings active
        requiredDeclareDirectives:
            strict_types: 1
```

Default Values
--------------

[](#default-values)

If you don't override a configuration parameter, NASAStan will use the following default values:

ParameterDefault ValueenabledRulesAll rules (1-7, 9-10)exceptRules\[\] (empty array)maxAllowedIterations1000maxLinesPerFunction60includeCommentstrueincludeBlankLinestrueminimumAssertionsRequired2maxClassProperties10maxAllowedDereferences1For complete details on all available configuration options, refer to the [`NASAStanConfiguration.php`](src/NASAStanConfiguration.php) class or the default [`extension.neon`](extension.neon) file.

Original NASA Power of Ten Rules
--------------------------------

[](#original-nasa-power-of-ten-rules)

1. Avoid complex flow constructs, such as goto and recursion.
2. All loops must have fixed bounds. This prevents runaway code.
3. Avoid heap memory allocation after initialization.
4. Restrict functions to a single printed page.
5. Use a minimum of two runtime assertions per function.
6. Restrict the scope of data to the smallest possible.
7. Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
8. Use the preprocessor only for header files and simple macros.
9. Limit pointer use to a single dereference, and do not use function pointers.
10. Compile with all possible warnings active; all warnings should then be addressed before release of the software.

Rules
-----

[](#rules)

### Rule #1

[](#rule-1)

#### Avoid complex flow constructs, such as goto and recursion

[](#avoid-complex-flow-constructs-such-as-goto-and-recursion)

Disallows the use of `goto` statements and recursive functions. The following code would be in direct violation of this rule and reported on by NASAStan:

```
function baz(): void
{
    start:
    $foo = 'bar';

    goto start;  // ❌ phpstan: NASA Power of Ten Rule #1: Goto statements are not allowed.
}

function factorial(int $n): int
{
    if ($n