PHPackages rajmundtoth0/phpstan-forbidden - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Testing & Quality](/categories/testing) 4. / 5. rajmundtoth0/phpstan-forbidden ActivePhpstan-extension[Testing & Quality](/categories/testing) rajmundtoth0/phpstan-forbidden ============================== Ban different entities through PHPStan 1.1.0(3mo ago)615.2k↓28%1MITPHPPHP ^8.1CI passing Since Mar 6Pushed 3mo agoCompare [ Source](https://github.com/rajmundtoth0/phpstan-forbidden-nodes)[ Packagist](https://packagist.org/packages/rajmundtoth0/phpstan-forbidden)[ RSS](/packages/rajmundtoth0-phpstan-forbidden/feed)WikiDiscussions master Synced 3w ago READMEChangelog (2)Dependencies (8)Versions (6)Used By (1) [![Version](https://camo.githubusercontent.com/e5c6cab4d3f0bcaafa3ed347401a1f35c3c712929c697c36e2ffe0f6179b5102/68747470733a2f2f706f7365722e707567782e6f72672f72616a6d756e64746f7468302f7068707374616e2d666f7262696464656e2f76657273696f6e)](https://packagist.org/packages/rajmundtoth0/phpstan-forbidden)[![PHPStan](https://camo.githubusercontent.com/6e3a30e41775db9d2d50ecd44a30d4611a185a180e6147c9c5a985eeeab96874/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048505374616e2d4c6576656c5f4d41582d627269676874677265656e)](https://camo.githubusercontent.com/6e3a30e41775db9d2d50ecd44a30d4611a185a180e6147c9c5a985eeeab96874/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048505374616e2d4c6576656c5f4d41582d627269676874677265656e)[![Build](https://github.com/rajmundtoth0/phpstan-forbidden-nodes/actions/workflows/php.yml/badge.svg)](https://github.com/rajmundtoth0/phpstan-forbidden/actions/workflows/php.yml)[![PHP Version Require](https://camo.githubusercontent.com/53bfadc5104cb32b1dde2e4e6ee4ebff6f1a682460e53078afa88d128f7a2da6/68747470733a2f2f706f7365722e707567782e6f72672f72616a6d756e64746f7468302f7068707374616e2d666f7262696464656e2f726571756972652f706870)](https://packagist.org/packages/rajmundtoth0/phpstan-forbidden)[![License](https://camo.githubusercontent.com/1da42c7e9826bf9b93fee85246ee1d428c6f296f1d78b044d6a2b6352e22084c/68747470733a2f2f706f7365722e707567782e6f72672f72616a6d756e64746f7468302f7068707374616e2d666f7262696464656e2f6c6963656e7365)](https://packagist.org/packages/rajmundtoth0/phpstan-forbidden)[![Total Downloads](https://camo.githubusercontent.com/dcb403df812adce9f4032be38308467c8c8e2793b5d819e589b04e2c0297223c/68747470733a2f2f706f7365722e707567782e6f72672f72616a6d756e64746f7468302f7068707374616e2d666f7262696464656e2f646f776e6c6f616473)](https://packagist.org/packages/rajmundtoth0/phpstan-forbidden) PHPStan Forbidden Nodes ======================= [](#phpstan-forbidden-nodes) A PHPStan extension that reports forbidden PHP AST nodes and call patterns: - node types (for example `Stmt_Echo`, `Expr_Eval`, `Expr_Print`) - specific function calls - specific instance/static method calls (class + method patterns with `*` wildcard) - specific class instantiations (for example `new RuntimeException()`) - dynamic function calls (`$fn()`) when enabled - `use Tests\...` imports inside non-test files This package is based on [ekino/phpstan-banned-code](https://github.com/ekino/phpstan-banned-code) and keeps the same core goal: using PHPStan to block unwanted code patterns during analysis. Comparison with ekino/phpstan-banned-code ----------------------------------------- [](#comparison-with-ekinophpstan-banned-code) Compared with `ekino/phpstan-banned-code`, this package also supports: Feature`ekino/phpstan-banned-code``rajmundtoth0/phpstan-forbidden`Ban node types and function callsYesYesBan specific class instantiationsNoYesBan specific instance/static method callsNoYesWildcard matching for class/method patternsLimitedYesGlobal and per-rule `include_paths` / `exclude_paths`NoYesOptional detection of dynamic function calls like `$fn()`NoYesPackaged config modesBasic extension configDefaults or services-onlyInstallation ------------ [](#installation) ``` composer require --dev rajmundtoth0/phpstan-forbidden ``` If you use `phpstan/extension-installer`, `extension.neon` is loaded automatically. Otherwise add this to your `phpstan.neon`: ``` includes: - vendor/rajmundtoth0/phpstan-forbidden/extension.neon ``` Configuration ------------- [](#configuration) Default config is shipped in `neon/defaults.neon`. Override any part in your project config: ``` parameters: forbidden_node: # Optional: analyse only these paths (substring match). include_paths: - /app # Optional: skip these paths (substring match). exclude_paths: - /vendor - /storage # Detect `use Tests\...` in non-test files. use_from_tests: true # Ban dynamic function calls like `$fn()`. forbid_dynamic_function_calls: false # Emit non-ignorable errors. non_ignorable: true nodes: # Ban all echo statements. - type: Stmt_Echo # Ban selected function calls. - type: Expr_FuncCall functions: - dd - var_dump # Ban selected instance method calls. - type: Expr_MethodCall methods: - class: App\Service\Mailer method: send - class: App\* method: save* # Ban selected class instantiations. - type: Expr_New classes: - RuntimeException - App\Exceptions\* # Ban selected static method calls. - type: Expr_StaticCall methods: - class: Illuminate\Support\Facades\DB method: raw # Node-level path filters (optional per node entry). - type: Expr_Print include_paths: - /app/legacy exclude_paths: - /app/legacy/safe ``` Notes ----- [](#notes) - `functions: null` on `Expr_FuncCall` bans all function calls. - `classes: null` on `Expr_New` bans all class instantiations. - `methods: null` on `Expr_MethodCall` or `Expr_StaticCall` bans all calls of that node type. - `classes` on `Expr_New` supports `*` wildcards and normalizes leading `\`. - `methods` supports both `class/method` and `class_pattern/method_pattern` keys. - For backward compatibility, `functions` on `Expr_MethodCall` and `Expr_StaticCall` is treated as `methods` with class `*`. No Defaults Mode ---------------- [](#no-defaults-mode) If you want full control and no packaged defaults, include only services: ``` includes: - vendor/rajmundtoth0/phpstan-forbidden/neon/services.neon ``` Then define `parameters.forbidden_node` yourself. ### Health Score 46 — FairBetter than 92% of packages Maintenance82 Actively maintained with recent releases Popularity33 Limited adoption so far Community8 Small or concentrated contributor base Maturity47 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~17 days Total 2 Last Release 92d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/d5e554067d29bb565ced3d192bcfd536c8d84beb11b5286a227c5142361b3d99?d=identicon)[RajmundT](/maintainers/RajmundT) --- Top Contributors [![rajmundtoth0](https://avatars.githubusercontent.com/u/115630432?v=4)](https://github.com/rajmundtoth0 "rajmundtoth0 (10 commits)") --- Tags astcode-qualitydeveloper-toolsforbidden-codelaravelphpphpstanstatic-analysis ### Code Quality TestsPest Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/rajmundtoth0-phpstan-forbidden/health.svg) ``` [![Health](https://phpackages.com/badges/rajmundtoth0-phpstan-forbidden/health.svg)](https://phpackages.com/packages/rajmundtoth0-phpstan-forbidden) ``` ### Alternatives [larastan/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 6.4k51.0M7.6k](/packages/larastan-larastan)[behat/behat Scenario-oriented BDD framework for PHP 4.0k100.2M2.1k](/packages/behat-behat)[phpstan/phpstan-symfony Symfony Framework extensions and rules for PHPStan 79173.3M2.0k](/packages/phpstan-phpstan-symfony)[phpstan/phpstan-doctrine Doctrine extensions for PHPStan 67070.7M1.3k](/packages/phpstan-phpstan-doctrine)[phparkitect/phparkitect Enforce architectural constraints in your PHP applications 9184.1M24](/packages/phparkitect-phparkitect)[shipmonk/dead-code-detector Dead code detector to find unused PHP code via PHPStan extension. Can automatically remove dead PHP code. Supports libraries like Symfony, Doctrine, PHPUnit etc. Detects dead cycles. Can detect dead code that is tested. 4813.1M82](/packages/shipmonk-dead-code-detector) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)